In view of the different dangers to which users of contactless biometric systems are exposed, we have developed a contactless secure revocable model based on random projection and DFT (Discret Fourier Tansformation) to enhance contactless fingerprint authentication. Two matrices emerge, namely that corresponding to the terminations and that corresponding to the bifurcations. These matrices are then transformed in a first time thanks to the random projection. In a second time we apply to them the Discret Fourier Transformation called the DFT.This proposed non-contact revocable fingerprint model meets the requirements of revocability, diversity, security and non-reversibility. The evaluation of our model through its results gives the most promising results compared to those existing. The equal error rate (EER) obtained are respectively equal to 0.19% for FVC2002 DB1, 1% for FVC2002 DB2, 4.29% for FVC2002 DB3 and 9.01% for FVC2004 DB2.
{"title":"Non-Contact Fingerprint Template Protection Using DFT Combined Random Projection","authors":"Boris Jerson Zannou, Tahirou Djara, A. Vianou","doi":"10.4018/ijsppc.302007","DOIUrl":"https://doi.org/10.4018/ijsppc.302007","url":null,"abstract":"In view of the different dangers to which users of contactless biometric systems are exposed, we have developed a contactless secure revocable model based on random projection and DFT (Discret Fourier Tansformation) to enhance contactless fingerprint authentication. Two matrices emerge, namely that corresponding to the terminations and that corresponding to the bifurcations. These matrices are then transformed in a first time thanks to the random projection. In a second time we apply to them the Discret Fourier Transformation called the DFT.This proposed non-contact revocable fingerprint model meets the requirements of revocability, diversity, security and non-reversibility. The evaluation of our model through its results gives the most promising results compared to those existing. The equal error rate (EER) obtained are respectively equal to 0.19% for FVC2002 DB1, 1% for FVC2002 DB2, 4.29% for FVC2002 DB3 and 9.01% for FVC2004 DB2.","PeriodicalId":344690,"journal":{"name":"Int. J. Secur. Priv. Pervasive Comput.","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131263797","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
There is a prevailing prejudice that technology can solve all problems in many fields, including cybercrime. Still, recent reports of increasing data breaches have shown that this belief is not always true. This paper investigated social engineering scenarios, particularly phishing attacks, to analyze the psychological deception schemes used by attackers alongside the heuristics that affect users' vulnerability. Indeed, the authors explain how hackers use various technical tools besides certain psychological factors to design clever and successful attacks against businesses or individuals. This research provides a decision-making framework for e-mail processing; it consists of several verification stages covering cognitive and technical factors that help users identify inconsistencies and different classes of phishing. Furthermore, it supports the security awareness field with a reliable framework that has demonstrated promising results and low false positives. The solution aims to reduce phishing threats and help organizations establish security-conscious behavior among their employees.
{"title":"Individual Processing of Phishing Emails: Towards a Phishing Detection Framework","authors":"Aymen Hamoud, E. Aimeur, M. Benmohammed","doi":"10.4018/ijsppc.311060","DOIUrl":"https://doi.org/10.4018/ijsppc.311060","url":null,"abstract":"There is a prevailing prejudice that technology can solve all problems in many fields, including cybercrime. Still, recent reports of increasing data breaches have shown that this belief is not always true. This paper investigated social engineering scenarios, particularly phishing attacks, to analyze the psychological deception schemes used by attackers alongside the heuristics that affect users' vulnerability. Indeed, the authors explain how hackers use various technical tools besides certain psychological factors to design clever and successful attacks against businesses or individuals. This research provides a decision-making framework for e-mail processing; it consists of several verification stages covering cognitive and technical factors that help users identify inconsistencies and different classes of phishing. Furthermore, it supports the security awareness field with a reliable framework that has demonstrated promising results and low false positives. The solution aims to reduce phishing threats and help organizations establish security-conscious behavior among their employees.","PeriodicalId":344690,"journal":{"name":"Int. J. Secur. Priv. Pervasive Comput.","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117243089","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Metaverse, also known as the successor of mobile internet, has become immensely popular given the increased focus of technology companies on Web 3.0 and virtual reality. Though its popularity has grown at least within the tech industry, there has not been a survey conducted to measure the awareness and perception of metaverse among regular technology users. Further, there have been studies conducted to apply the technology acceptance model to metaverse users. However, such studies have not been conducted from a cybersecurity risk perspective. This study fills this gap by understanding the awareness, perception, and concerns about metaverse adoption. Further, based on the technology acceptance model, the authors propose techniques that could improve perception and reduce concerns about this technology, enabling faster acceptance and use.
{"title":"A Study on Metaverse Awareness, Cyber Risks, and Steps for Increased Adoption","authors":"Glorin Sebastian","doi":"10.4018/ijsppc.308785","DOIUrl":"https://doi.org/10.4018/ijsppc.308785","url":null,"abstract":"Metaverse, also known as the successor of mobile internet, has become immensely popular given the increased focus of technology companies on Web 3.0 and virtual reality. Though its popularity has grown at least within the tech industry, there has not been a survey conducted to measure the awareness and perception of metaverse among regular technology users. Further, there have been studies conducted to apply the technology acceptance model to metaverse users. However, such studies have not been conducted from a cybersecurity risk perspective. This study fills this gap by understanding the awareness, perception, and concerns about metaverse adoption. Further, based on the technology acceptance model, the authors propose techniques that could improve perception and reduce concerns about this technology, enabling faster acceptance and use.","PeriodicalId":344690,"journal":{"name":"Int. J. Secur. Priv. Pervasive Comput.","volume":"117 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132922453","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The banking sector is an integral part of an economy as it helps in capital formation. One of the most critical issues of banks is the risk involved in loan applications. Employing machine learning to automate the loan approval process is a significant advancement. For this topic, all classification algorithms have been tested and assessed in previous researches; however, it is still unclear which methodology is best for a particular type of dataset. It is still difficult to identify which model is the most effective. Since each model is dependent on a certain dataset or classification approach, it is critical to create a versatile model appropriate for any dataset or attribute collection. The aim of the study is to provide detailed analysis of previous studies and to propose a predictive model for automatic loan prediction using four classification algorithms. Exploratory data analysis is performed to obtain correlation between various features and to get insights of banking datasets.
{"title":"A Systematic Survey of Automatic Loan Approval System Based on Machine Learning","authors":"Vandana Sharma, Rewa Sharma","doi":"10.4018/ijsppc.304893","DOIUrl":"https://doi.org/10.4018/ijsppc.304893","url":null,"abstract":"The banking sector is an integral part of an economy as it helps in capital formation. One of the most critical issues of banks is the risk involved in loan applications. Employing machine learning to automate the loan approval process is a significant advancement. For this topic, all classification algorithms have been tested and assessed in previous researches; however, it is still unclear which methodology is best for a particular type of dataset. It is still difficult to identify which model is the most effective. Since each model is dependent on a certain dataset or classification approach, it is critical to create a versatile model appropriate for any dataset or attribute collection. The aim of the study is to provide detailed analysis of previous studies and to propose a predictive model for automatic loan prediction using four classification algorithms. Exploratory data analysis is performed to obtain correlation between various features and to get insights of banking datasets.","PeriodicalId":344690,"journal":{"name":"Int. J. Secur. Priv. Pervasive Comput.","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133327904","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The research has contributed to the development of the cryptographic control on the proposed RTS that aims to determine the high-performance computing at optimal cost and time to be invested into dynamic cryptographic control that decides on the major components of real-time operating system resources. Furthermore, the mechanism optimizes the cost, and resources are supposed to optimize the operating system risks. We have to optimize the technology and resource cost and maximizes the productivity and business (throughput) while improving the high performance of the operating system as per business requirement for the multiple locations. This proposed cryptographic control on the real-time system provides high computational services around the clock. The objective should be defined in such a way that the processor, memory, and encryption key are always utilized at minimal cost with high availability of data and services as per business and resource management.
{"title":"Impact of Cryptographic Key on Scalable Computing","authors":"P. Pradhan","doi":"10.4018/ijsppc.313046","DOIUrl":"https://doi.org/10.4018/ijsppc.313046","url":null,"abstract":"The research has contributed to the development of the cryptographic control on the proposed RTS that aims to determine the high-performance computing at optimal cost and time to be invested into dynamic cryptographic control that decides on the major components of real-time operating system resources. Furthermore, the mechanism optimizes the cost, and resources are supposed to optimize the operating system risks. We have to optimize the technology and resource cost and maximizes the productivity and business (throughput) while improving the high performance of the operating system as per business requirement for the multiple locations. This proposed cryptographic control on the real-time system provides high computational services around the clock. The objective should be defined in such a way that the processor, memory, and encryption key are always utilized at minimal cost with high availability of data and services as per business and resource management.","PeriodicalId":344690,"journal":{"name":"Int. J. Secur. Priv. Pervasive Comput.","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130917322","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In reality, the most appropriate cloud standards are significant ideas for application administrations. OSCCS technique calculation gives a spot-like market in virtual space to the end clients. The OSCCS gives an on-spot showcasing framework in the virtual universe of processing. As fluffy hypothesis is giving the specific outcomes and close to correct outcomes that is the reason that authors have taken the idea of fluffy unpleasant set hypothesis in their OSCCS approach. This sort of approach depends on the determination of the best ideal cost and season of asset allotment to an end client by the suppliers in virtual advertising. The allotments of assets depend on powerful on-request demand upkeep so the end-client gets the cloud administration on a business premise like in continuous shopping advertising on events. By the OSCCS deals approach framework, an end client can get the assistance at the ideal expense. The OSCCS calculation is mimicked in cloud test systems.
{"title":"A Optimized Taxonomy on Spot Sale Services Using Mathematical Methodology","authors":"Ashish Tiwari, R. Garg","doi":"10.4018/ijsppc.313048","DOIUrl":"https://doi.org/10.4018/ijsppc.313048","url":null,"abstract":"In reality, the most appropriate cloud standards are significant ideas for application administrations. OSCCS technique calculation gives a spot-like market in virtual space to the end clients. The OSCCS gives an on-spot showcasing framework in the virtual universe of processing. As fluffy hypothesis is giving the specific outcomes and close to correct outcomes that is the reason that authors have taken the idea of fluffy unpleasant set hypothesis in their OSCCS approach. This sort of approach depends on the determination of the best ideal cost and season of asset allotment to an end client by the suppliers in virtual advertising. The allotments of assets depend on powerful on-request demand upkeep so the end-client gets the cloud administration on a business premise like in continuous shopping advertising on events. By the OSCCS deals approach framework, an end client can get the assistance at the ideal expense. The OSCCS calculation is mimicked in cloud test systems.","PeriodicalId":344690,"journal":{"name":"Int. J. Secur. Priv. Pervasive Comput.","volume":"337 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115605585","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hadj Ahmed Bouarara, Bentadj Cheimaa, Mohamed Elhadi Rahmani
Sign language is a kind of communication rich of expressions, and it has the same properties as spoken languages. In this paper, the authors discuss the use of transfer learning techniques to develop an intelligent system that recognizes American Sign Language. The idea behind was that rather than creating a new model of deep convolutional neural network and spend a lot of time in experimentations, the authors used already pre-trained models to benefit from their advantages. In this study, they used four different models (YOLOv3, real-time model, VGG16, and AlexNet). The obtained results were very encouraging. All of them could recognize more than 90% of images.
{"title":"Deep Convolutional Real Time Model (DCRTM) for American Sign Language (ASL) Recognition","authors":"Hadj Ahmed Bouarara, Bentadj Cheimaa, Mohamed Elhadi Rahmani","doi":"10.4018/ijsppc.309079","DOIUrl":"https://doi.org/10.4018/ijsppc.309079","url":null,"abstract":"Sign language is a kind of communication rich of expressions, and it has the same properties as spoken languages. In this paper, the authors discuss the use of transfer learning techniques to develop an intelligent system that recognizes American Sign Language. The idea behind was that rather than creating a new model of deep convolutional neural network and spend a lot of time in experimentations, the authors used already pre-trained models to benefit from their advantages. In this study, they used four different models (YOLOv3, real-time model, VGG16, and AlexNet). The obtained results were very encouraging. All of them could recognize more than 90% of images.","PeriodicalId":344690,"journal":{"name":"Int. J. Secur. Priv. Pervasive Comput.","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127652662","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-01DOI: 10.4018/ijsppc.2021100103
A. Asthana, P. Pradhan
This proposed UFS ACM is the best preventive control around the world for heterogeneous applications on multiple hardware and software. The subject and object can be able to map, integrate, synchronize, and communicate through reading, writing, and executing over a UFS on the complex web infrastructure. We have to investigate the basic concepts behind access control design and enforcement and point out different security requirements that may need to be taken into consideration as per business, resources, and technology available to us. This paper has to formulate and implement several access control mechanisms, methods, and models on normalizing them step by step, which has been highlighted in the proposed model for present and future requirements. This research paper contributes to the development of an optimization model that aims to determine the optimal cost, time, and maximize the quality of services to be invested into security model and mechanisms deciding on the measure components of UFS.
{"title":"Proposed Abelian ACM Method Optimizing: The Risk on a Real-Time Unix Operating System","authors":"A. Asthana, P. Pradhan","doi":"10.4018/ijsppc.2021100103","DOIUrl":"https://doi.org/10.4018/ijsppc.2021100103","url":null,"abstract":"This proposed UFS ACM is the best preventive control around the world for heterogeneous applications on multiple hardware and software. The subject and object can be able to map, integrate, synchronize, and communicate through reading, writing, and executing over a UFS on the complex web infrastructure. We have to investigate the basic concepts behind access control design and enforcement and point out different security requirements that may need to be taken into consideration as per business, resources, and technology available to us. This paper has to formulate and implement several access control mechanisms, methods, and models on normalizing them step by step, which has been highlighted in the proposed model for present and future requirements. This research paper contributes to the development of an optimization model that aims to determine the optimal cost, time, and maximize the quality of services to be invested into security model and mechanisms deciding on the measure components of UFS.","PeriodicalId":344690,"journal":{"name":"Int. J. Secur. Priv. Pervasive Comput.","volume":"384 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133716194","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-01DOI: 10.4018/ijsppc.2021100102
P. S. Raju, Pallipamu Venkateswara Rao
Throughout today's economic and social life, the use of web-based services (such as e-commerce, online banking, and web-based communications, to name a few) has become a common habit. Countless applications operate worldwide on millions of servers, and their numbers are steadily increasing. It has become a focus of attackers and hackers for the attacks because of the huge growth of internet usage. It is necessary for all companies to develop and protect their applications in order to maintain their credibility and keep their products relevant for users. Web applications have brought in new classes of computer security vulnerabilities, such as SQL injection (SQLIA), and it has exceeded previously prominent vulnerability classes in recent years. SQL injection is the instance of the broader class of vulnerabilities that are based on input validation. The primary purpose of this research is to study the vulnerabilities of SQL injection and to propose an optimistic security model for secure data transmission. In this work, the authors proposed an adaptive algorithm to prevent SQL injections.
{"title":"An Optimistic Security Model for Improving Cyber Security Using Adaptive Algorithms to Prevent SQL Injection Attacks","authors":"P. S. Raju, Pallipamu Venkateswara Rao","doi":"10.4018/ijsppc.2021100102","DOIUrl":"https://doi.org/10.4018/ijsppc.2021100102","url":null,"abstract":"Throughout today's economic and social life, the use of web-based services (such as e-commerce, online banking, and web-based communications, to name a few) has become a common habit. Countless applications operate worldwide on millions of servers, and their numbers are steadily increasing. It has become a focus of attackers and hackers for the attacks because of the huge growth of internet usage. It is necessary for all companies to develop and protect their applications in order to maintain their credibility and keep their products relevant for users. Web applications have brought in new classes of computer security vulnerabilities, such as SQL injection (SQLIA), and it has exceeded previously prominent vulnerability classes in recent years. SQL injection is the instance of the broader class of vulnerabilities that are based on input validation. The primary purpose of this research is to study the vulnerabilities of SQL injection and to propose an optimistic security model for secure data transmission. In this work, the authors proposed an adaptive algorithm to prevent SQL injections.","PeriodicalId":344690,"journal":{"name":"Int. J. Secur. Priv. Pervasive Comput.","volume":"148 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128445612","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-07-01DOI: 10.4018/IJSPPC.2021070102
Samuel Selassie Yakohene, Winfred Yaokumah, Ernest B. B. Gyebi
Personal identification number (PIN) is a common user authentication method widely used especially for automated teller machines and point-of-sales devices. The user's PIN entry is susceptible to shoulder-surfing and inference attacks, where the attacker can obtain the PIN by looking over the user's shoulder. The conventional keypad with a fixed layout makes it easy for the attacker to infer the PIN entered by casual observation. This paper proposes a method of authentication to address these challenges. The paper develops a prototype numeric keypad with a layout akin to the conventional keypad, with the keys randomized for each PIN entry. The shuffle algorithm, Durstenfeld shuffle algorithm, is implemented in an application developed using JavaScript, which is a prototype-based object-oriented programming application that conforms to the ECMAScript specification. The prototype is implemented on three computing platforms for evaluation. The test proves the effectiveness of the system to mitigate shoulder-surfing and inference attacks.
{"title":"Scrambling Keypad for Secure Pin Entry to Defeat Shoulder Surfing and Inference Attacks","authors":"Samuel Selassie Yakohene, Winfred Yaokumah, Ernest B. B. Gyebi","doi":"10.4018/IJSPPC.2021070102","DOIUrl":"https://doi.org/10.4018/IJSPPC.2021070102","url":null,"abstract":"Personal identification number (PIN) is a common user authentication method widely used especially for automated teller machines and point-of-sales devices. The user's PIN entry is susceptible to shoulder-surfing and inference attacks, where the attacker can obtain the PIN by looking over the user's shoulder. The conventional keypad with a fixed layout makes it easy for the attacker to infer the PIN entered by casual observation. This paper proposes a method of authentication to address these challenges. The paper develops a prototype numeric keypad with a layout akin to the conventional keypad, with the keys randomized for each PIN entry. The shuffle algorithm, Durstenfeld shuffle algorithm, is implemented in an application developed using JavaScript, which is a prototype-based object-oriented programming application that conforms to the ECMAScript specification. The prototype is implemented on three computing platforms for evaluation. The test proves the effectiveness of the system to mitigate shoulder-surfing and inference attacks.","PeriodicalId":344690,"journal":{"name":"Int. J. Secur. Priv. Pervasive Comput.","volume":"108 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117302321","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}