Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356393
Omego Obinna, E. Pfluegel, Charles A. Clarke, M. Tunnicliffe
The advancement in mobile technologies and wireless communications has led to a rapidly growing number of users benefiting from mobile banking services. SMS banking offers a convenient mobile banking solution which is easy to implement and frequently used in many parts of the world. However, it is only viable under the assumption of secure SMS services. In this paper, a novel secure SMS banking protocol is proposed. The approach is based on a multi-channel security protocol combining low and high entropy steganography. One of the distinct advantages of this protocol is its confidentiality property against the mobile phone operator which, to our knowledge, is a novel feature. Furthermore, the required architecture is simple and only involves GSM services and one additional internet connection which can be insecure. As such it offers security, low deployment costs and would be suitable for example in rural areas or countries without individual secure home internet connections.
{"title":"A multi-channel steganographic protocol for secure SMS mobile banking","authors":"Omego Obinna, E. Pfluegel, Charles A. Clarke, M. Tunnicliffe","doi":"10.23919/ICITST.2017.8356393","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356393","url":null,"abstract":"The advancement in mobile technologies and wireless communications has led to a rapidly growing number of users benefiting from mobile banking services. SMS banking offers a convenient mobile banking solution which is easy to implement and frequently used in many parts of the world. However, it is only viable under the assumption of secure SMS services. In this paper, a novel secure SMS banking protocol is proposed. The approach is based on a multi-channel security protocol combining low and high entropy steganography. One of the distinct advantages of this protocol is its confidentiality property against the mobile phone operator which, to our knowledge, is a novel feature. Furthermore, the required architecture is simple and only involves GSM services and one additional internet connection which can be insecure. As such it offers security, low deployment costs and would be suitable for example in rural areas or countries without individual secure home internet connections.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115666903","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356457
Casey Wilson, Anna V. Sandifer, Aspen Olmsted
Many methods for learning software development neglect computer science concepts for real-world application based education. We combine one computer science concept, hardware-software interaction, and apply it in a software development context using MIT App Inventor. Through App Inventor we have created a virtual computer, implemented with its own binary machine language and assembly language. We hope that students using App Inventor to learn software development by creating apps, use our implementation to learn assembly language concepts by adjusting our languages and virtual hardware for their own purposes and interests. This serves both to help them understand a core computer science concept and to present the concept in a way that encourages practical software development skill improvement.
{"title":"Designing an assembly language using MIT App inventor","authors":"Casey Wilson, Anna V. Sandifer, Aspen Olmsted","doi":"10.23919/ICITST.2017.8356457","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356457","url":null,"abstract":"Many methods for learning software development neglect computer science concepts for real-world application based education. We combine one computer science concept, hardware-software interaction, and apply it in a software development context using MIT App Inventor. Through App Inventor we have created a virtual computer, implemented with its own binary machine language and assembly language. We hope that students using App Inventor to learn software development by creating apps, use our implementation to learn assembly language concepts by adjusting our languages and virtual hardware for their own purposes and interests. This serves both to help them understand a core computer science concept and to present the concept in a way that encourages practical software development skill improvement.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115449099","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356421
Cameron Hamilton, Aspen Olmsted
Authentication schemes containing single factors are becoming increasingly inadequate for many applications. This paper describes the use of Pluggable Authentication Modules as a means of creating a multi-factor authentication scheme for a MySQL database. The resulting scheme is one with a significantly higher degree of security.
{"title":"Database multi-factor authentication via pluggable authentication modules","authors":"Cameron Hamilton, Aspen Olmsted","doi":"10.23919/ICITST.2017.8356421","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356421","url":null,"abstract":"Authentication schemes containing single factors are becoming increasingly inadequate for many applications. This paper describes the use of Pluggable Authentication Modules as a means of creating a multi-factor authentication scheme for a MySQL database. The resulting scheme is one with a significantly higher degree of security.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132027136","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356381
Elizabeth Healy, Husna Siddiqui, Aspen Olmsted
This paper uses twitter streaming and filtering techniques to determine which cities the flu is most prevalent in real time. The Twitter streaming API was used to collect data and filter using keywords and location. Our results show that more heavily populated cities have more cases of the flu.
{"title":"Classifying influenza outbreaks by analyzing and filtering Twitter data","authors":"Elizabeth Healy, Husna Siddiqui, Aspen Olmsted","doi":"10.23919/ICITST.2017.8356381","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356381","url":null,"abstract":"This paper uses twitter streaming and filtering techniques to determine which cities the flu is most prevalent in real time. The Twitter streaming API was used to collect data and filter using keywords and location. Our results show that more heavily populated cities have more cases of the flu.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"21 ","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114097461","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356366
A. Alotaibi, M. Angelides
This paper presents a hybrid technique for mitigating co-tier interference between Femtocell Access Points (FAPs). This technique combines indoor deployment and cluster-based resource allocation. This requires estimation of the number of femtocell access points and their deployment locations to achieve the optimum coverage and distributing the spectrum fairly across the resulting cluster in relation to the number of users. The cluster head is selected in relation to the number of neighbouring FAPs and the distance between FAPs. Our simulation results show that both the coverage and capacity are significantly increased, the outage probability is significantly reduced, and most importantly co-tier interference is mitigated.
{"title":"A hybrid approach for femtocell co-tier interference mitigation","authors":"A. Alotaibi, M. Angelides","doi":"10.23919/ICITST.2017.8356366","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356366","url":null,"abstract":"This paper presents a hybrid technique for mitigating co-tier interference between Femtocell Access Points (FAPs). This technique combines indoor deployment and cluster-based resource allocation. This requires estimation of the number of femtocell access points and their deployment locations to achieve the optimum coverage and distributing the spectrum fairly across the resulting cluster in relation to the number of users. The cluster head is selected in relation to the number of neighbouring FAPs and the distance between FAPs. Our simulation results show that both the coverage and capacity are significantly increased, the outage probability is significantly reduced, and most importantly co-tier interference is mitigated.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115872047","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356439
D. Fischer, B. Markscheffel, K. Scherr
E-mail is one of the most frequently used means of communication. Confidentiality, integrity and authenticity are often indispensable in e-mail communication, especially in business use. However, these security objectives can only be guaranteed with the help of additional encryption solutions. Today, there are a variety of client, gateway and software-as-a-service solutions for e-mail encryption. Companies are faced with the challenge of finding the most suitable solution for them. Our research work presents findings from a utility value analysis which provides a comprehensive process for selecting an appropriate solution for securing e-mail traffic. We present the basic principles behind the utility value analysis and how it is used for the evaluation and selection process of e-mail encryption solutions. In addition, we document how our methodology was applied in a practice-based project to make a selection decision between six existing encryption solutions.
{"title":"Secure e-mail communication — Comparison and selection of encryption solutions using an utility value analysis approach","authors":"D. Fischer, B. Markscheffel, K. Scherr","doi":"10.23919/ICITST.2017.8356439","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356439","url":null,"abstract":"E-mail is one of the most frequently used means of communication. Confidentiality, integrity and authenticity are often indispensable in e-mail communication, especially in business use. However, these security objectives can only be guaranteed with the help of additional encryption solutions. Today, there are a variety of client, gateway and software-as-a-service solutions for e-mail encryption. Companies are faced with the challenge of finding the most suitable solution for them. Our research work presents findings from a utility value analysis which provides a comprehensive process for selecting an appropriate solution for securing e-mail traffic. We present the basic principles behind the utility value analysis and how it is used for the evaluation and selection process of e-mail encryption solutions. In addition, we document how our methodology was applied in a practice-based project to make a selection decision between six existing encryption solutions.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114709566","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356369
Ashik Mostafa Alvi, Md. Faqrul Islam Shaon, Prithvi Das, M. Mustafa, M. R. Bari
Recent developments in computer networks and communications have brought a great change in the E-learning and course management systems. This change has brought the teachers and the learners closer than they were ever before. The traditional teaching methods have been getting replaced by the new technologies and methods. In E-learning, in particular, the course management system plays an important role. As the availability of internet has increased, people have become even more dependent on it. In that context of development, the course management system should be designed in such a way so that the users experience less complexity while using the same. In our work, a hassle-free technique to design a course management system where all the facilities and services needed by the stakeholders are accessible at one place, has been proposed. Stating from the classroom creation to manage and maintain the classroom have been made even more easier and secured.
{"title":"Automated course management system","authors":"Ashik Mostafa Alvi, Md. Faqrul Islam Shaon, Prithvi Das, M. Mustafa, M. R. Bari","doi":"10.23919/ICITST.2017.8356369","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356369","url":null,"abstract":"Recent developments in computer networks and communications have brought a great change in the E-learning and course management systems. This change has brought the teachers and the learners closer than they were ever before. The traditional teaching methods have been getting replaced by the new technologies and methods. In E-learning, in particular, the course management system plays an important role. As the availability of internet has increased, people have become even more dependent on it. In that context of development, the course management system should be designed in such a way so that the users experience less complexity while using the same. In our work, a hassle-free technique to design a course management system where all the facilities and services needed by the stakeholders are accessible at one place, has been proposed. Stating from the classroom creation to manage and maintain the classroom have been made even more easier and secured.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123495667","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356397
Abidullah Zarghoon, I. Awan, Jules Pagna Disso, Richard Dennis
Countering the proliferation of malware has been for recent years one of the top priorities for governments, businesses, critical infrastructure, and end users. Despite the apparent evolvement of anti-virus (AV) systems, malicious authors have managed to create a sense of insecurity amongst computer users. Security controls do not appear to be sufficiently strong to stop malware proliferating. There seems to be a disconnect between public reports on AV tests and what people are experiencing on the daily basis. In this research, we are testing the efficiency of AV products and their ability to detect malicious files commonly known as malware. We manually generated payloads from five malware frameworks freely available to download and use. We use two modes of tests during our experiments. We manually installed a selection of AV systems in one first instance. We also use an online framework for testing malicious files. The findings in this study show that many antivirus systems were not able to achieve a higher score than 80% detection rate. Certain attack frameworks were much more successful in generating payloads that were not detectable by AV systems. We conclude that AV systems have their roles to play as they are the most common first line of defense, but more work is needed to successfully detect most malware the first day of their release.
{"title":"Evaluation of AV systems against modern malware","authors":"Abidullah Zarghoon, I. Awan, Jules Pagna Disso, Richard Dennis","doi":"10.23919/ICITST.2017.8356397","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356397","url":null,"abstract":"Countering the proliferation of malware has been for recent years one of the top priorities for governments, businesses, critical infrastructure, and end users. Despite the apparent evolvement of anti-virus (AV) systems, malicious authors have managed to create a sense of insecurity amongst computer users. Security controls do not appear to be sufficiently strong to stop malware proliferating. There seems to be a disconnect between public reports on AV tests and what people are experiencing on the daily basis. In this research, we are testing the efficiency of AV products and their ability to detect malicious files commonly known as malware. We manually generated payloads from five malware frameworks freely available to download and use. We use two modes of tests during our experiments. We manually installed a selection of AV systems in one first instance. We also use an online framework for testing malicious files. The findings in this study show that many antivirus systems were not able to achieve a higher score than 80% detection rate. Certain attack frameworks were much more successful in generating payloads that were not detectable by AV systems. We conclude that AV systems have their roles to play as they are the most common first line of defense, but more work is needed to successfully detect most malware the first day of their release.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123737993","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356384
W. Kennedy, Aspen Olmsted
Authentication, security, and confidentiality are some of the most important topics of cyber security. There have been many solutions presented to users for strengthening the security of login password-based authentication methods. Primarily this has been through the use of two-factor authentication methods. Two-factor authentication is the combination of single factor authentication mechanisms. The growing popularity and acceptance of two-factor methods are driven by the increasing need for privacy and security in this technological age. The success and popularity of adapted security measures are largely dependent on their ease of implementation and convenience to the user. The focus of this research is to address and analyze the implications of using a three-factor authentication model for added security in websites and mobile apps. This paper will present an app we created which could provide a potential method for three-factor authentication that could potentially ensure added authentication assurances without loss of convenience.
{"title":"Three factor authentication","authors":"W. Kennedy, Aspen Olmsted","doi":"10.23919/ICITST.2017.8356384","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356384","url":null,"abstract":"Authentication, security, and confidentiality are some of the most important topics of cyber security. There have been many solutions presented to users for strengthening the security of login password-based authentication methods. Primarily this has been through the use of two-factor authentication methods. Two-factor authentication is the combination of single factor authentication mechanisms. The growing popularity and acceptance of two-factor methods are driven by the increasing need for privacy and security in this technological age. The success and popularity of adapted security measures are largely dependent on their ease of implementation and convenience to the user. The focus of this research is to address and analyze the implications of using a three-factor authentication model for added security in websites and mobile apps. This paper will present an app we created which could provide a potential method for three-factor authentication that could potentially ensure added authentication assurances without loss of convenience.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122400684","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356405
A. Alkhwaldi, M. Kamala, R. Qahwaji
On the inception of the third millennium, there is much evidence that cloud technologies have become the strategic trend for many governments, not only for developed countries (e.g. the UK, Japan and the USA), but also developing countries (e.g. Malaysia and countries in the Middle East region). These countries have launched cloud computing movements for enhanced standardization of IT resources, cost reduction and more efficient public services. Cloud-based e-government services are considered to be one of the high priorities for government agencies in Jordan. Although experiencing phenomenal evolution, government cloud-services are still suffering from the adoption challenges of e-government initiatives (e.g. technological, human, social and financial aspects) which need to be considered carefully by governments contemplating their implementation. While e-government adoption from the citizens' perspective has been extensively investigated using different theoretical models, these models have not paid adequate attention to security issues. This paper presents a pilot study to investigate citizens' perceptions of the extent to which these challenges inhibit the acceptance and use of cloud computing in the Jordanian public sector and examine the effect of these challenges on the security perceptions of citizens. Based on the analysis of data collected from online surveys, some important challenges were identified. The results can help to guide successful acceptance of cloud-based e-government services in Jordan.
{"title":"From e-govemment to cloud-government: Challenges of Jordanian citizens' acceptance for public services","authors":"A. Alkhwaldi, M. Kamala, R. Qahwaji","doi":"10.23919/ICITST.2017.8356405","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356405","url":null,"abstract":"On the inception of the third millennium, there is much evidence that cloud technologies have become the strategic trend for many governments, not only for developed countries (e.g. the UK, Japan and the USA), but also developing countries (e.g. Malaysia and countries in the Middle East region). These countries have launched cloud computing movements for enhanced standardization of IT resources, cost reduction and more efficient public services. Cloud-based e-government services are considered to be one of the high priorities for government agencies in Jordan. Although experiencing phenomenal evolution, government cloud-services are still suffering from the adoption challenges of e-government initiatives (e.g. technological, human, social and financial aspects) which need to be considered carefully by governments contemplating their implementation. While e-government adoption from the citizens' perspective has been extensively investigated using different theoretical models, these models have not paid adequate attention to security issues. This paper presents a pilot study to investigate citizens' perceptions of the extent to which these challenges inhibit the acceptance and use of cloud computing in the Jordanian public sector and examine the effect of these challenges on the security perceptions of citizens. Based on the analysis of data collected from online surveys, some important challenges were identified. The results can help to guide successful acceptance of cloud-based e-government services in Jordan.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127911025","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: