Everyone wants to be connected to the internet at every second of their lives. Due to the ease and speed of access, Wi-Fi networks are the main internet connection point of users. The amount and coverage of Wi-Fi networks multiplies each passing day, as all the countries are now trying to give free Wi-Fi at public places. If we search for available networks anywhere with our phone, there will be very few places where there are not at least one or two networks available. In this paper we will do a systematic review of papers and literature indexed in Google Scholar; Research Gate or IEEE and on reliable webpages like Cisco, that analyze the risk to which Wi-Fi networks are exposed and why these networks are insecure. We will specially investigate the most used wireless security protocols like WEP; WPA; WPA2 or WPA3.
{"title":"(In)Security in Wi-Fi networks: a systematic review","authors":"Diogo Faíscas","doi":"10.56394/aris2.v2i2.18","DOIUrl":"https://doi.org/10.56394/aris2.v2i2.18","url":null,"abstract":"Everyone wants to be connected to the internet at every second of their lives. Due to the ease and speed of access, Wi-Fi networks are the main internet connection point of users. The amount and coverage of Wi-Fi networks multiplies each passing day, as all the countries are now trying to give free Wi-Fi at public places. If we search for available networks anywhere with our phone, there will be very few places where there are not at least one or two networks available. In this paper we will do a systematic review of papers and literature indexed in Google Scholar; Research Gate or IEEE and on reliable webpages like Cisco, that analyze the risk to which Wi-Fi networks are exposed and why these networks are insecure. We will specially investigate the most used wireless security protocols like WEP; WPA; WPA2 or WPA3.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130509173","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-30DOI: 10.1007/978-3-540-88702-7
Jose Pinto
{"title":"Post-Quantum Cryptography","authors":"Jose Pinto","doi":"10.1007/978-3-540-88702-7","DOIUrl":"https://doi.org/10.1007/978-3-540-88702-7","url":null,"abstract":"","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"242 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132549608","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Defining an appropriate cybersecurity incident response model is a critical challenge that all companies face on a daily basis.However, there is not always an adequate answer. This is due to the lack of predictive models based on data (evidence). There is a significant investment in research to identify the main factors that can cause such incidents, always trying to have the most appropriate response and, consequently, enhancing response capacity and success. At the same time, several different methodologies assess the risk management and maturity level of organizations.There is, however, a gap in determining an organization's degree of proactive responsiveness to successfully adopt cybersecurity and an even more significant gap in assessing it from a risk management perspective. This paper proposes a model to evaluate this capacity, a model that intends to evaluate the methodological aspects of an organization and indicates the apparent gaps that can negatively impact the future of the organization in the management of cybersecurity incidents and presents a model that intends to be proactive.
{"title":"Predicting Cybersecurity Risk - A Methodology for Assessments","authors":"Daniel Jorge Ferreira, Henrique São Mamede","doi":"10.56394/aris2.v2i2.23","DOIUrl":"https://doi.org/10.56394/aris2.v2i2.23","url":null,"abstract":"Defining an appropriate cybersecurity incident response model is a critical challenge that all companies face on a daily basis.However, there is not always an adequate answer. This is due to the lack of predictive models based on data (evidence). There is a significant investment in research to identify the main factors that can cause such incidents, always trying to have the most appropriate response and, consequently, enhancing response capacity and success. At the same time, several different methodologies assess the risk management and maturity level of organizations.There is, however, a gap in determining an organization's degree of proactive responsiveness to successfully adopt cybersecurity and an even more significant gap in assessing it from a risk management perspective. This paper proposes a model to evaluate this capacity, a model that intends to evaluate the methodological aspects of an organization and indicates the apparent gaps that can negatively impact the future of the organization in the management of cybersecurity incidents and presents a model that intends to be proactive.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129795833","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper focuses on the study of steganoprahy as an anti-forensic method. The purpose of steganography techniques is to hide information from individuals unrelated to its content. Through a systematic review, the objectives of this article are: (I) explore and investigate the importance of steganography in computer forensics; (II) understand and analyze the methodology used to hide information in a file and (III) understand and analyze the methodology used to extract the information. The results summarize the previous research on this topics and we conclude the article with a warning to develpop more studies regarding this thematic as well as and make the security forces aware of this type of digital evidence and, in the same way that the methodology is being developed, the stegananalysis must also seek, at least, to reach the same technological level
{"title":"Steganography and Computer Forensics - the art of hiding information: a systematic review","authors":"Claudia Sofia Fernandes","doi":"10.56394/aris2.v2i2.20","DOIUrl":"https://doi.org/10.56394/aris2.v2i2.20","url":null,"abstract":"This paper focuses on the study of steganoprahy as an anti-forensic method. The purpose of steganography techniques is to hide information from individuals unrelated to its content. Through a systematic review, the objectives of this article are: (I) explore and investigate the importance of steganography in computer forensics; (II) understand and analyze the methodology used to hide information in a file and (III) understand and analyze the methodology used to extract the information. The results summarize the previous research on this topics and we conclude the article with a warning to develpop more studies regarding this thematic as well as and make the security forces aware of this type of digital evidence and, in the same way that the methodology is being developed, the stegananalysis must also seek, at least, to reach the same technological level","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123411586","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The globe continues to support an abnormal occurrence that has a severe influence on cyber security, which is the conflict between Russia and Ukraine that persists in establishing the first cyber war. This assistance comes as the year 2022 reaches its last range. Since the beginning of this fight, two enormous organizations have been formed in order to investigate potential weaknesses in the security measures used by either side. They exploit weaknesses and resort to force or engage in social engineering in order to achieve their goals.
{"title":"Editorial - ARIS - Advanced Research on Information Security","authors":"N. Mateus-Coelho","doi":"10.56394/aris2.v2i2.25","DOIUrl":"https://doi.org/10.56394/aris2.v2i2.25","url":null,"abstract":"The globe continues to support an abnormal occurrence that has a severe influence on cyber security, which is the conflict between Russia and Ukraine that persists in establishing the first cyber war. This assistance comes as the year 2022 reaches its last range. Since the beginning of this fight, two enormous organizations have been formed in order to investigate potential weaknesses in the security measures used by either side. They exploit weaknesses and resort to force or engage in social engineering in order to achieve their goals.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131808329","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
As the year 2022 enters its middle range, the world is assisting an abnormal event with a heavy impact on cyber security, the Russian-Ukraine conflict. Since the beginning of this conflict that two immense groups have been created and explore security flaws within each side and to do so with success, they resort to vulnerabilities, coercion, or social engineering techniques. Protecting information, actors, and their frameworks has emerged as a critical struggle and science has an immense role in performing and maintaining security actors one step forward in this scenario.
{"title":"Editorial of ARIS2 - Advanced Research on Information Systems Security, an International Journal","authors":"N. Mateus-Coelho","doi":"10.56394/aris2.v2i1.16","DOIUrl":"https://doi.org/10.56394/aris2.v2i1.16","url":null,"abstract":"As the year 2022 enters its middle range, the world is assisting an abnormal event with a heavy impact on cyber security, the Russian-Ukraine conflict. Since the beginning of this conflict that two immense groups have been created and explore security flaws within each side and to do so with success, they resort to vulnerabilities, coercion, or social engineering techniques. Protecting information, actors, and their frameworks has emerged as a critical struggle and science has an immense role in performing and maintaining security actors one step forward in this scenario.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"91 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134215550","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Abstract �This study makes an analysis of infrastructural challenges and the cashless policy in Kaduna state, Nigeria. A survey was conducted to collect the primary data through a structured questionnaire and interviews with bank customers, bank officials, and security personnel to obtain information on infrastructural challenges since the introduction of the Cashless policy by the Central Bank of Nigeria in 2012. Frequency distribution and simple percentage methods are used to analyze the data. Findings show that infrastructural challenges include network failure and infrastructural deficiency, debiting by Automated Teller Machine (ATM) without disbursing cash to beneficiaries, problems not rectified quickly by the banks, and charging by banks for using electronic banking methods. This leads to fraud, cybercrimes, and reduced confidence in the banking system. It is recommended that banks should be made to provide the minimum infrastructure required for cashless policy to succeed. In addition, there should be adequate cyber security measures implemented by banks and the government.
{"title":"Analysis of Infrastructural Challenges, Cybercrime, and the Cashless Policy in Nigeria","authors":"Ibrahim Musa, S. Magaji, Abul Hassan","doi":"10.56394/aris2.v2i1.15","DOIUrl":"https://doi.org/10.56394/aris2.v2i1.15","url":null,"abstract":"Abstract \u0000This study makes an analysis of infrastructural challenges and the cashless policy in Kaduna state, Nigeria. A survey was conducted to collect the primary data through a structured questionnaire and interviews with bank customers, bank officials, and security personnel to obtain information on infrastructural challenges since the introduction of the Cashless policy by the Central Bank of Nigeria in 2012. Frequency distribution and simple percentage methods are used to analyze the data. Findings show that infrastructural challenges include network failure and infrastructural deficiency, debiting by Automated Teller Machine (ATM) without disbursing cash to beneficiaries, problems not rectified quickly by the banks, and charging by banks for using electronic banking methods. This leads to fraud, cybercrimes, and reduced confidence in the banking system. It is recommended that banks should be made to provide the minimum infrastructure required for cashless policy to succeed. In addition, there should be adequate cyber security measures implemented by banks and the government.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"111 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-08-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117161927","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: