Abstract The ever expanding digital space and government initiatives like Digital India have increased connectivity, digitization, remote employment which empowered us with technology and made our lifestyle easy and fast but as digitization is enhancing, cyberattacks are proportionally growing. In the initial stage of this study, it was observed from the data analysis and it was evident that women are particularly a soft target of many cybercriminals and cyber fraudsters. Women feel insecure in cyberspace, hence there is a need to dive deeper into our understanding and statistics of cybercrimes against women in India. It becomes necessary to determine the factors that have led to the clear surge of such crimes in recent years. In recent studies no such analysis is done focusing on geographical factors and top most cybercrime types committed against women. Therefore, in this article, prediction for cybercrime trends against women was performed using statistical tools and techniques to provide a better insight into the current scenario revolving around cybercrimes and women. A regressive statistical analysis of cybercrime data of all states of India to understand the current trend of cybercrimes, identification of the most vulnerable states of India and specific cybercrime with their percentage in whole, also where cybercrime afflicted women stand in those numbers. Further, for preventive measures a robust guidelines is proposed to combat cybercrimes for a better future.
{"title":"Cybercrime in India: An analysis of crime against women in ever expanding digital space","authors":"Shweta Sankhwar, Rupali Ahuja, Tanya Choubey, Priyanshi Jain, Tanusha Jain, Muskan Verma","doi":"10.1002/spy2.340","DOIUrl":"https://doi.org/10.1002/spy2.340","url":null,"abstract":"Abstract The ever expanding digital space and government initiatives like Digital India have increased connectivity, digitization, remote employment which empowered us with technology and made our lifestyle easy and fast but as digitization is enhancing, cyberattacks are proportionally growing. In the initial stage of this study, it was observed from the data analysis and it was evident that women are particularly a soft target of many cybercriminals and cyber fraudsters. Women feel insecure in cyberspace, hence there is a need to dive deeper into our understanding and statistics of cybercrimes against women in India. It becomes necessary to determine the factors that have led to the clear surge of such crimes in recent years. In recent studies no such analysis is done focusing on geographical factors and top most cybercrime types committed against women. Therefore, in this article, prediction for cybercrime trends against women was performed using statistical tools and techniques to provide a better insight into the current scenario revolving around cybercrimes and women. A regressive statistical analysis of cybercrime data of all states of India to understand the current trend of cybercrimes, identification of the most vulnerable states of India and specific cybercrime with their percentage in whole, also where cybercrime afflicted women stand in those numbers. Further, for preventive measures a robust guidelines is proposed to combat cybercrimes for a better future.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135689733","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Scrum is an important and essential technique for developing software. Scrum framework is a project management technique that can emphasize software development teamwork. If you are starting, consider scrum as a method for accomplishing tasks as a team in manageable chunks simultaneously, with ongoing experimentation and feedback loops to learn and improve as you go. Scrum enables individuals and groups to collaboratively and gradually generate value. Being an agile framework, scrum gives people and teams the perfect structure to fit into their workflows while still including the best practices to cater to their requirements. There are some important considerations for security in the agile software development process such as threat modeling, secure coding practices, continuous security testing, authentication, and authorization. In this work, we reviewed various scrum developing techniques to find out the research gaps. This article consider the scrum technique with blockchain technologies for review because it is preferred by most of the software industries.
{"title":"A survey on secure metadata of agile software development process using blockchain technology","authors":"Parikshith Nayaka Sheetakallu Krishnaiah, Dayanand Lal Narayan, Kartick Sutradhar","doi":"10.1002/spy2.342","DOIUrl":"https://doi.org/10.1002/spy2.342","url":null,"abstract":"Scrum is an important and essential technique for developing software. Scrum framework is a project management technique that can emphasize software development teamwork. If you are starting, consider scrum as a method for accomplishing tasks as a team in manageable chunks simultaneously, with ongoing experimentation and feedback loops to learn and improve as you go. Scrum enables individuals and groups to collaboratively and gradually generate value. Being an agile framework, scrum gives people and teams the perfect structure to fit into their workflows while still including the best practices to cater to their requirements. There are some important considerations for security in the agile software development process such as threat modeling, secure coding practices, continuous security testing, authentication, and authorization. In this work, we reviewed various scrum developing techniques to find out the research gaps. This article consider the scrum technique with blockchain technologies for review because it is preferred by most of the software industries.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42783899","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Integration of biometric data with cryptography is gaining importance to develop a secure distributed communication system. The main issue with this strategy is updating a biometric template and other credentials (like a cryptographic key) and sharing the same in a secure manner. This paper proposes a novel approach to protect a credential under the security of biometric data using fuzzy commitment so that it can be securely stored on a remote server. Furthermore, a protocol has been proposed to update the cryptographic key and biometric data online and share the same among communicating parties through a network channel. A rigorous security analysis of the scheme establishes the robustness of the scheme against many known attacks. In addition to this, to substantiate that the protocol is provably secure, it has been critically verified with two protocol verification tools, namely, the RO (Random Oracle) Model and the AVISPA (automated validation of Internet Security Protocols and Applications) tool. The proposed protocol is useful to design a multiparty system having a multi‐user and multi‐server environment.
{"title":"Toward design a secure protocol for updating remotely stored credentials of a crypto‐biometric framework for multi‐server environment","authors":"Subhas Barman, Samiran Chattopadhyay, D. Samanta","doi":"10.1002/spy2.339","DOIUrl":"https://doi.org/10.1002/spy2.339","url":null,"abstract":"Integration of biometric data with cryptography is gaining importance to develop a secure distributed communication system. The main issue with this strategy is updating a biometric template and other credentials (like a cryptographic key) and sharing the same in a secure manner. This paper proposes a novel approach to protect a credential under the security of biometric data using fuzzy commitment so that it can be securely stored on a remote server. Furthermore, a protocol has been proposed to update the cryptographic key and biometric data online and share the same among communicating parties through a network channel. A rigorous security analysis of the scheme establishes the robustness of the scheme against many known attacks. In addition to this, to substantiate that the protocol is provably secure, it has been critically verified with two protocol verification tools, namely, the RO (Random Oracle) Model and the AVISPA (automated validation of Internet Security Protocols and Applications) tool. The proposed protocol is useful to design a multiparty system having a multi‐user and multi‐server environment.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43108709","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yassine Mekdad, Ahmet Aris, Abbas Acar, M. Conti, R. Lazzeretti, A. E. Fergougui, Selcuk Uluagac
In the past few years, unmanned aerial vehicles (UAVs) have significantly gained attention and popularity from industry, government, and academia. With their rapid development and deployment into the civilian airspace, UAVs play an important role in different applications, including goods delivery, search‐and‐rescue, and traffic monitoring. Therefore, providing secure communication through authentication models for UAVs is necessary for a successful and reliable flight mission. To satisfy such requirements, numerous authentication mechanisms have been proposed in the literature. However, the literature lacks a comprehensive study evaluating the security and performance of these solutions. In this article, we analyze the security and performance of 27 recent UAV authentication works by considering ten different key metrics. First, in the performance analysis, we show that the majority of UAV authentication schemes are lightweight in their communication cost. However, the storage overhead or the energy consumption is not reported by many authentication studies. Then, we reveal in the security analysis the widely employed formal models (i.e., abstract description of an authentication protocol through a mathematical model), while most of the studies lack coverage of many attacks that can target UAV systems. Afterwards, we highlight the challenges that need to be addressed in order to design and implement secure and reliable UAV authentication schemes. Finally, we summarize the lessons learned on the authentication strategies for UAVs to motivate promising direction for further research.
{"title":"A comprehensive security and performance assessment of UAV authentication schemes","authors":"Yassine Mekdad, Ahmet Aris, Abbas Acar, M. Conti, R. Lazzeretti, A. E. Fergougui, Selcuk Uluagac","doi":"10.1002/spy2.338","DOIUrl":"https://doi.org/10.1002/spy2.338","url":null,"abstract":"In the past few years, unmanned aerial vehicles (UAVs) have significantly gained attention and popularity from industry, government, and academia. With their rapid development and deployment into the civilian airspace, UAVs play an important role in different applications, including goods delivery, search‐and‐rescue, and traffic monitoring. Therefore, providing secure communication through authentication models for UAVs is necessary for a successful and reliable flight mission. To satisfy such requirements, numerous authentication mechanisms have been proposed in the literature. However, the literature lacks a comprehensive study evaluating the security and performance of these solutions. In this article, we analyze the security and performance of 27 recent UAV authentication works by considering ten different key metrics. First, in the performance analysis, we show that the majority of UAV authentication schemes are lightweight in their communication cost. However, the storage overhead or the energy consumption is not reported by many authentication studies. Then, we reveal in the security analysis the widely employed formal models (i.e., abstract description of an authentication protocol through a mathematical model), while most of the studies lack coverage of many attacks that can target UAV systems. Afterwards, we highlight the challenges that need to be addressed in order to design and implement secure and reliable UAV authentication schemes. Finally, we summarize the lessons learned on the authentication strategies for UAVs to motivate promising direction for further research.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48708424","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Archan Dhadhania, Jitendra Bhatia, Rachana Mehta, S. Tanwar, Ravi Sharma, Amit Verma
{"title":"Unleashing the power of SDN and GNN for network anomaly detection: State‐of‐the‐art, challenges, and future directions","authors":"Archan Dhadhania, Jitendra Bhatia, Rachana Mehta, S. Tanwar, Ravi Sharma, Amit Verma","doi":"10.1002/spy2.337","DOIUrl":"https://doi.org/10.1002/spy2.337","url":null,"abstract":"","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-07-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41493150","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Attribute‐based encryption scheme for secure data sharing in cloud with fine‐grained revocation","authors":"Md. Azharul Islam, S. Madria","doi":"10.1002/spy2.336","DOIUrl":"https://doi.org/10.1002/spy2.336","url":null,"abstract":"","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42690533","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ravi Kumar, Samayveer Singh, Deepti Singh, Mohit Kumar, S. S. Gill
{"title":"A robust and secure user authentication scheme based on multifactor and multi‐gateway in IoT enabled sensor networks","authors":"Ravi Kumar, Samayveer Singh, Deepti Singh, Mohit Kumar, S. S. Gill","doi":"10.1002/spy2.335","DOIUrl":"https://doi.org/10.1002/spy2.335","url":null,"abstract":"","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48091623","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Optimal key pre‐distribution schemes from affine resolvable and partially affine resolvable designs","authors":"Shyam Saurabh, K. Sinha","doi":"10.1002/spy2.334","DOIUrl":"https://doi.org/10.1002/spy2.334","url":null,"abstract":"","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-07-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44578636","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Issue Information","authors":"","doi":"10.1002/spy2.244","DOIUrl":"https://doi.org/10.1002/spy2.244","url":null,"abstract":"","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44306315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Privacy preserving vaccinating‐ and testing‐pass for the European Union","authors":"Dominik Schrahe, Thomas Städter","doi":"10.1002/spy2.332","DOIUrl":"https://doi.org/10.1002/spy2.332","url":null,"abstract":"","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2023-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41734211","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: