Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356370
O. Abatan, M. Maharaj
The aim of this article is to examine change management awareness (CMA) by evaluating the perceptions of academics regarding information technology integration in higher education in Africa. Data were collected from 592 academics at three prominent higher education institutions in Africa. These included two direct contact (or on-site) institutions, namely Lagos State University in Nigeria and the University of KwaZulu-Natal in South Africa, and an open distance learning (ODL) institution, the University of South Africa. Data were analysed using descriptive statistics. The requirements of effective integration of information technology and change management awareness in higher education were identified using a change management model. The findings indicated that academics are self-aware of the need for change in order to enhance technology integration in higher education. The study identified that universities should take responsibility in providing the strategies needed to implement change in the use of information technology.
{"title":"Change management and the integration of information technology: Research notes from selected African universities","authors":"O. Abatan, M. Maharaj","doi":"10.23919/ICITST.2017.8356370","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356370","url":null,"abstract":"The aim of this article is to examine change management awareness (CMA) by evaluating the perceptions of academics regarding information technology integration in higher education in Africa. Data were collected from 592 academics at three prominent higher education institutions in Africa. These included two direct contact (or on-site) institutions, namely Lagos State University in Nigeria and the University of KwaZulu-Natal in South Africa, and an open distance learning (ODL) institution, the University of South Africa. Data were analysed using descriptive statistics. The requirements of effective integration of information technology and change management awareness in higher education were identified using a change management model. The findings indicated that academics are self-aware of the need for change in order to enhance technology integration in higher education. The study identified that universities should take responsibility in providing the strategies needed to implement change in the use of information technology.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114564591","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356425
Stephen Goeddel, P. Sadeghian, Aspen Olmsted
An IOT smart fridge containing scales can increase the utility of the product. By adding scales to regular image sensing technologies, a fridge can be created that makes fewer mistakes when creating a shopping list. This, combined with the fact that having a shopping list when heading to the grocery store can improve health and save money, makes for a useful smart fridge.
{"title":"Weighing the shopping benefits of a smarter refrigerator","authors":"Stephen Goeddel, P. Sadeghian, Aspen Olmsted","doi":"10.23919/ICITST.2017.8356425","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356425","url":null,"abstract":"An IOT smart fridge containing scales can increase the utility of the product. By adding scales to regular image sensing technologies, a fridge can be created that makes fewer mistakes when creating a shopping list. This, combined with the fact that having a shopping list when heading to the grocery store can improve health and save money, makes for a useful smart fridge.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"123 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127412623","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356355
Fredrik Blix, Salah Addin Elshekeil, Saran Laoyookhong
Data protection by design is a principle to systems development meaning that the protection of personal data is built into the systems design from the start. For many jurisdictions, this principle is becoming a legal requirement. Using a research approach based on design science, a framework is constructed helping systems developers achieve privacy by design in a systematic manner. The framework articulate how the business requirements can be captured, assessed, and implemented in the systems development. Examples of how the data protection principles can be concretely implemented is also presented.
{"title":"Data protection by design in systems development: From legal requirements to technical solutions","authors":"Fredrik Blix, Salah Addin Elshekeil, Saran Laoyookhong","doi":"10.23919/ICITST.2017.8356355","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356355","url":null,"abstract":"Data protection by design is a principle to systems development meaning that the protection of personal data is built into the systems design from the start. For many jurisdictions, this principle is becoming a legal requirement. Using a research approach based on design science, a framework is constructed helping systems developers achieve privacy by design in a systematic manner. The framework articulate how the business requirements can be captured, assessed, and implemented in the systems development. Examples of how the data protection principles can be concretely implemented is also presented.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126292914","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356406
Alaa Altorbaq, Fredrik Blix, Stina Sorman
The new European General Data Protection Regulation GDPR requires that organisations placing personal data on cloud services can protect certain rights of data subjects, such as their right to access, demand erasure and rectification of their data. Due to the technical complexity and shared environment of cloud services, the flow of personal data in the cloud must be secured and controlled from its initial collection, via processing, to final erasure. This has proved to be both organisationally and technically challenging. This study identifies the related challenges and outlines potential solutions for organisations who need to be able to adequately demonstrate compliance with the regulation as well as to respond to rights requests from data subjects. The study is based on interviews with ten data protection experts. The semi-structured interviews were qualitatively analysed, using an approach informed by Grounded Theory. The contribution of this study is a refined model depicting stages of a personal information life-cycle. Additionally, twelve challenges and fourteen recommendations were identified and presented to the various stages of the model. Both clients and providers of cloud services are expected to benefit from these results, as well as the data subjects, whose rights are protected.
{"title":"Data subject rights in the cloud: A grounded study on data protection assurance in the light of GDPR","authors":"Alaa Altorbaq, Fredrik Blix, Stina Sorman","doi":"10.23919/ICITST.2017.8356406","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356406","url":null,"abstract":"The new European General Data Protection Regulation GDPR requires that organisations placing personal data on cloud services can protect certain rights of data subjects, such as their right to access, demand erasure and rectification of their data. Due to the technical complexity and shared environment of cloud services, the flow of personal data in the cloud must be secured and controlled from its initial collection, via processing, to final erasure. This has proved to be both organisationally and technically challenging. This study identifies the related challenges and outlines potential solutions for organisations who need to be able to adequately demonstrate compliance with the regulation as well as to respond to rights requests from data subjects. The study is based on interviews with ten data protection experts. The semi-structured interviews were qualitatively analysed, using an approach informed by Grounded Theory. The contribution of this study is a refined model depicting stages of a personal information life-cycle. Additionally, twelve challenges and fourteen recommendations were identified and presented to the various stages of the model. Both clients and providers of cloud services are expected to benefit from these results, as well as the data subjects, whose rights are protected.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128326013","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356396
Sanjay Kumar, A. Viinikainen, T. Hämäläinen
The rapid growing trend of mobile devices continues to soar causing massive increase in cyber security threats. Most pervasive threats include ransom-ware, banking malware, premium SMS fraud. The solitary hackers use tailored techniques to avoid detection by the traditional antivirus. The emerging need is to detect these threats by any flow-based network solution. Therefore, we propose and evaluate a network based model which uses ensemble Machine Learning (ML) methods in order to identify the mobile threats, by analyzing the network flows of the malware communication. The ensemble ML methods not only protect over-fitting of the model but also cope with the issues related to the changing behavior of the attackers. The focus of this study is on android based mobile malwares due to its popularity among users. We have used ensemble methods to combine output of 5 supervised ML algorithms such as RF, PART, JRIP, J.48 and Ridor. Based on the evaluation results, the proposed model was found efficient at detecting known and unknown threats with the accuracy of 98.2%.
{"title":"Evaluation of ensemble machine learning methods in mobile threat detection","authors":"Sanjay Kumar, A. Viinikainen, T. Hämäläinen","doi":"10.23919/ICITST.2017.8356396","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356396","url":null,"abstract":"The rapid growing trend of mobile devices continues to soar causing massive increase in cyber security threats. Most pervasive threats include ransom-ware, banking malware, premium SMS fraud. The solitary hackers use tailored techniques to avoid detection by the traditional antivirus. The emerging need is to detect these threats by any flow-based network solution. Therefore, we propose and evaluate a network based model which uses ensemble Machine Learning (ML) methods in order to identify the mobile threats, by analyzing the network flows of the malware communication. The ensemble ML methods not only protect over-fitting of the model but also cope with the issues related to the changing behavior of the attackers. The focus of this study is on android based mobile malwares due to its popularity among users. We have used ensemble methods to combine output of 5 supervised ML algorithms such as RF, PART, JRIP, J.48 and Ridor. Based on the evaluation results, the proposed model was found efficient at detecting known and unknown threats with the accuracy of 98.2%.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132037973","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356375
P. Sadeghian, Casey Wilson, Stephen Goeddel, Aspen Olmsted
This work utilizes high-level musical features extracted from a large music database of Sonata pieces composed by Beethoven, Corelli, and Mozart, and assesses the accuracy of Fuzzy Min-Max (FMM) Neural Network and Enhanced Fuzzy Min-Max (EFMM) Neural Network classifiers in classifying the classical pieces by composer. Results of the assessment are provided and show different accuracies depending on the parameters used in the FMM and EFMM models. This study presents a novel approach to the classification of music by composer by presenting two classifiers, namely FMM and EFMM Neural Networks, capable of classifying classical music by composer.
{"title":"Classification of music by composer using fuzzy min-max neural networks","authors":"P. Sadeghian, Casey Wilson, Stephen Goeddel, Aspen Olmsted","doi":"10.23919/ICITST.2017.8356375","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356375","url":null,"abstract":"This work utilizes high-level musical features extracted from a large music database of Sonata pieces composed by Beethoven, Corelli, and Mozart, and assesses the accuracy of Fuzzy Min-Max (FMM) Neural Network and Enhanced Fuzzy Min-Max (EFMM) Neural Network classifiers in classifying the classical pieces by composer. Results of the assessment are provided and show different accuracies depending on the parameters used in the FMM and EFMM models. This study presents a novel approach to the classification of music by composer by presenting two classifiers, namely FMM and EFMM Neural Networks, capable of classifying classical music by composer.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132590122","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356358
Basil Alothman, Prapa Rattadilok
Android is one of the most popular smartphone operating systems. This makes it one of the default targets for malicious cyber-attacks. Android's Play Store is not very restrictive which makes installing malicious apps easy. Botnets are amongst the most dangerous hacking approaches that are used nowadays on the internet. It is common for botnet developers to target smartphone users to install their malicious tools and target a larger number of devices. This is often done to gain access to sensitive data such as credit card details, or to cause damage to individual hosts or organisation resources by executing denial of service attacks. In this paper, we propose an approach to identify botnet Android mobile apps by means of source code mining. We analyse the source code via reverse engineering and data mining techniques for several examples of malicious and non-malicious apps. We use two approaches to build datasets. In the first, we perform text mining on the source code and construct several datasets and in the second we build one dataset by extracting source code metrics using an open-source tool. After building the datasets, we run several classification algorithms and assess their performance. Initial results show a high level of accuracy.
{"title":"Android botnet detection: An integrated source code mining approach","authors":"Basil Alothman, Prapa Rattadilok","doi":"10.23919/ICITST.2017.8356358","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356358","url":null,"abstract":"Android is one of the most popular smartphone operating systems. This makes it one of the default targets for malicious cyber-attacks. Android's Play Store is not very restrictive which makes installing malicious apps easy. Botnets are amongst the most dangerous hacking approaches that are used nowadays on the internet. It is common for botnet developers to target smartphone users to install their malicious tools and target a larger number of devices. This is often done to gain access to sensitive data such as credit card details, or to cause damage to individual hosts or organisation resources by executing denial of service attacks. In this paper, we propose an approach to identify botnet Android mobile apps by means of source code mining. We analyse the source code via reverse engineering and data mining techniques for several examples of malicious and non-malicious apps. We use two approaches to build datasets. In the first, we perform text mining on the source code and construct several datasets and in the second we build one dataset by extracting source code metrics using an open-source tool. After building the datasets, we run several classification algorithms and assess their performance. Initial results show a high level of accuracy.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130128375","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356444
Thomas Nash, Aspen Olmsted
The focus of this research work is to address the difficulties involved in creating visualizations for species distribution modeling. We focus on two aspects of this problem: running models for predicting the likelihood of outbreak locations and testing the significance of the models generated. To improve this process, this work develops a web application which allows researchers to upload their data, create informative and interactive visualizations, and run desired models in addition to testing their significance. Such an application empowers researchers without any programming experience to both generate complex models and interpret results quickly and effectively. This paper will focus on maximum entropy modeling as the example modeling technique by providing an example run using data on vaccine-preventable diseases.
{"title":"shinySDM: Point and click species distribution modeling","authors":"Thomas Nash, Aspen Olmsted","doi":"10.23919/ICITST.2017.8356444","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356444","url":null,"abstract":"The focus of this research work is to address the difficulties involved in creating visualizations for species distribution modeling. We focus on two aspects of this problem: running models for predicting the likelihood of outbreak locations and testing the significance of the models generated. To improve this process, this work develops a web application which allows researchers to upload their data, create informative and interactive visualizations, and run desired models in addition to testing their significance. Such an application empowers researchers without any programming experience to both generate complex models and interpret results quickly and effectively. This paper will focus on maximum entropy modeling as the example modeling technique by providing an example run using data on vaccine-preventable diseases.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130015525","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356380
R. Lile, Aspen Olmsted
In Salesforce sandboxes, there is a need for meaningful data to test new functionalities. In the production environment, there is already good data, but that data does not move over automatically to a new sandbox. Salesforce will move some data over for you if you are willing to pay. There are other very time-consuming alternatives. We propose a new method of data migration where running one program will move over all over any data you may need.
{"title":"Meaningful sandbox data","authors":"R. Lile, Aspen Olmsted","doi":"10.23919/ICITST.2017.8356380","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356380","url":null,"abstract":"In Salesforce sandboxes, there is a need for meaningful data to test new functionalities. In the production environment, there is already good data, but that data does not move over automatically to a new sandbox. Salesforce will move some data over for you if you are willing to pay. There are other very time-consuming alternatives. We propose a new method of data migration where running one program will move over all over any data you may need.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127771760","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356416
Seamus Dowling, M. Schukat, H. Melvin
Honeypots are deployed to capture cyber attack data for analysis of attacker behavior. This paper analyses a honeypot dataset to establish attack types and corresponding temporal patterns. It calculates the probability of each attack type occurring at a particular time of day and tests these probabilities with a random sample from the honeypot dataset. Attacks can take many forms and can come from different geographical sources. Temporal patterns in attacks are often observed due to the diurnal nature of computer usage and thus attack types captured on a honeypot will also reflect these patterns. We propose that it is possible to determine the probability of differing attack types occurring at certain times of the day. Understanding attack behavior informs the implementation of more robust security measures. The paper also proposes automating this process to create dynamic and adaptive honeypots. An adaptive honeypot that can modify its security levels, can increase the attack vector at different times of the day. This will improve data collection for analysis that ultimately will lead to better cyber defenses.
{"title":"Using analysis of temporal variances within a honeypot dataset to better predict attack type probability","authors":"Seamus Dowling, M. Schukat, H. Melvin","doi":"10.23919/ICITST.2017.8356416","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356416","url":null,"abstract":"Honeypots are deployed to capture cyber attack data for analysis of attacker behavior. This paper analyses a honeypot dataset to establish attack types and corresponding temporal patterns. It calculates the probability of each attack type occurring at a particular time of day and tests these probabilities with a random sample from the honeypot dataset. Attacks can take many forms and can come from different geographical sources. Temporal patterns in attacks are often observed due to the diurnal nature of computer usage and thus attack types captured on a honeypot will also reflect these patterns. We propose that it is possible to determine the probability of differing attack types occurring at certain times of the day. Understanding attack behavior informs the implementation of more robust security measures. The paper also proposes automating this process to create dynamic and adaptive honeypots. An adaptive honeypot that can modify its security levels, can increase the attack vector at different times of the day. This will improve data collection for analysis that ultimately will lead to better cyber defenses.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126309209","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: