Pub Date : 2022-08-11DOI: 10.1080/19361610.2022.2103364
M. H. Noorallahzadeh, R. Alimoradi, A. Gholami
Abstract Cloud service providers allow businesses to drastically reduce their costs. However, it is good to know that most outsourced data is sensitive data. Therefore, to protect this data set from potential attacks on cloud servers, it is strongly recommended that you encrypt it before outsourcing. But cloud servers cannot search encrypted data by default. Many researchers have published work proposing efficient and secure schemes to overcome this problem. So far, many searchable encryption schemes have been published. Searchable Encryption has two main branches. 1-Symmetric searchable encryption (SSE) 2-Asymmetric searchable encryption (ASE). In this article, SE schemes are investigated in a new way. We provide a complete classification of searchable encryption schemes in terms of search type, index type, results type, security models, type of implementation, Multiplicity of users, Cryptographic Primitives, and Technique used. For each classification, the available schemes are compared. We provide an available searchable encryption solutions overview.
{"title":"Searchable Encryption Taxonomy: Survey","authors":"M. H. Noorallahzadeh, R. Alimoradi, A. Gholami","doi":"10.1080/19361610.2022.2103364","DOIUrl":"https://doi.org/10.1080/19361610.2022.2103364","url":null,"abstract":"Abstract Cloud service providers allow businesses to drastically reduce their costs. However, it is good to know that most outsourced data is sensitive data. Therefore, to protect this data set from potential attacks on cloud servers, it is strongly recommended that you encrypt it before outsourcing. But cloud servers cannot search encrypted data by default. Many researchers have published work proposing efficient and secure schemes to overcome this problem. So far, many searchable encryption schemes have been published. Searchable Encryption has two main branches. 1-Symmetric searchable encryption (SSE) 2-Asymmetric searchable encryption (ASE). In this article, SE schemes are investigated in a new way. We provide a complete classification of searchable encryption schemes in terms of search type, index type, results type, security models, type of implementation, Multiplicity of users, Cryptographic Primitives, and Technique used. For each classification, the available schemes are compared. We provide an available searchable encryption solutions overview.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"880 - 924"},"PeriodicalIF":1.3,"publicationDate":"2022-08-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45885567","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-08-02DOI: 10.1080/19361610.2022.2104104
Rodrigo Ruiz, Rogério Winter, Ferrucio de Franco Rosa, Pancham Shukla, H. Kazemian
Abstract Cyber risk profoundly affects all. In the context of cyber threats, malware is trending in various productive sectors. Nowadays, anti-malware is essential to combat cyber threats; however, their efficiency is often questioned, because malware is different for different regions in the world. Choosing an efficient anti-malware software solution is crucial to protect information from different institutions. The method confirmed the reality of evaluating the different known methodologies, showing another scenario of the efficiency of the different testers. The method allowed visualizing an interesting panorama because 50% of malware collected on the Brazilian Internet was detected by anti-malware commercially available in Brazil.
{"title":"Brazil Method of Anti-Malware Evaluation and Cyber Defense Impacts","authors":"Rodrigo Ruiz, Rogério Winter, Ferrucio de Franco Rosa, Pancham Shukla, H. Kazemian","doi":"10.1080/19361610.2022.2104104","DOIUrl":"https://doi.org/10.1080/19361610.2022.2104104","url":null,"abstract":"Abstract Cyber risk profoundly affects all. In the context of cyber threats, malware is trending in various productive sectors. Nowadays, anti-malware is essential to combat cyber threats; however, their efficiency is often questioned, because malware is different for different regions in the world. Choosing an efficient anti-malware software solution is crucial to protect information from different institutions. The method confirmed the reality of evaluating the different known methodologies, showing another scenario of the efficiency of the different testers. The method allowed visualizing an interesting panorama because 50% of malware collected on the Brazilian Internet was detected by anti-malware commercially available in Brazil.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"925 - 941"},"PeriodicalIF":1.3,"publicationDate":"2022-08-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41806767","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-08-01DOI: 10.1080/19361610.2022.2105283
Ishmael Mugari, A. Olutola
Abstract On numerous occasions, the Zimbabwean police have had to contend with allegations of police abuse of power, with various sectors of the society calling for sound mechanisms for holding the police to account. This study gathered data from purposefully sampled representatives of police oversight institutions to find out their perspectives on the best police oversight mechanism for Zimbabwe. Findings revealed that an independent board consisting of non-police officers is the most effective mechanism for handling police misconduct. Findings also revealed that the independent board should be manned by retired judicial officers, retired senior police officers and representatives from the civic society.
{"title":"In Search for the Best Police Oversight Mechanism for Zimbabwe: The Imperative for an Independent Police Complaints Board","authors":"Ishmael Mugari, A. Olutola","doi":"10.1080/19361610.2022.2105283","DOIUrl":"https://doi.org/10.1080/19361610.2022.2105283","url":null,"abstract":"Abstract On numerous occasions, the Zimbabwean police have had to contend with allegations of police abuse of power, with various sectors of the society calling for sound mechanisms for holding the police to account. This study gathered data from purposefully sampled representatives of police oversight institutions to find out their perspectives on the best police oversight mechanism for Zimbabwe. Findings revealed that an independent board consisting of non-police officers is the most effective mechanism for handling police misconduct. Findings also revealed that the independent board should be manned by retired judicial officers, retired senior police officers and representatives from the civic society.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"961 - 978"},"PeriodicalIF":1.3,"publicationDate":"2022-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43555720","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-07-28DOI: 10.1080/19361610.2022.2103363
T. Sobh
Abstract Nowadays, everybody needs to secure his/her activities. Existing levels of cyber-criminals need technology for detecting malicious activity. This work proposes a real-time Hardware IDS implemented on FPGA and an algorithm for classifying features from network traffic through the network interface card (NIC). It minimizes search time for extracting statistical features from connection records stored in connection queues to memory references. Therefore, it can detect most internal and external network attacks. A decision tree classifier is used as an inference engine and gives a high detection rate of 99.93%.
{"title":"A Real-Time Hardware Intrusion Detection System and a Classifying Features Algorithm","authors":"T. Sobh","doi":"10.1080/19361610.2022.2103363","DOIUrl":"https://doi.org/10.1080/19361610.2022.2103363","url":null,"abstract":"Abstract Nowadays, everybody needs to secure his/her activities. Existing levels of cyber-criminals need technology for detecting malicious activity. This work proposes a real-time Hardware IDS implemented on FPGA and an algorithm for classifying features from network traffic through the network interface card (NIC). It minimizes search time for extracting statistical features from connection records stored in connection queues to memory references. Therefore, it can detect most internal and external network attacks. A decision tree classifier is used as an inference engine and gives a high detection rate of 99.93%.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"845 - 879"},"PeriodicalIF":1.3,"publicationDate":"2022-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47512014","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-07-27DOI: 10.1080/19361610.2022.2099688
A. Boumedine, Samia Bentaieb, A. Ouamri
Abstract In this article, we propose a three-dimensional (3D) face recognition approach for depth data captured by Kinect based on a combination of speeded up robust features (SURF) and k-nearest neighbor (KNN) algorithms. First, the shape index maps of the preprocessed 3D faces of the training gallery are computed, then the SURF feature vectors are extracted and used to form the dictionary. In the recognition process, we propose an improved KNN classifier to find the best match. The evaluation was performed using CurtinFaces and KinectFaceDB data sets, achieving rank-1 recognition rates of 96.78% and 94.23%, respectively, when using two samples per person for training.
{"title":"An Improved KNN Classifier for 3D Face Recognition Based on SURF Descriptors","authors":"A. Boumedine, Samia Bentaieb, A. Ouamri","doi":"10.1080/19361610.2022.2099688","DOIUrl":"https://doi.org/10.1080/19361610.2022.2099688","url":null,"abstract":"Abstract In this article, we propose a three-dimensional (3D) face recognition approach for depth data captured by Kinect based on a combination of speeded up robust features (SURF) and k-nearest neighbor (KNN) algorithms. First, the shape index maps of the preprocessed 3D faces of the training gallery are computed, then the SURF feature vectors are extracted and used to form the dictionary. In the recognition process, we propose an improved KNN classifier to find the best match. The evaluation was performed using CurtinFaces and KinectFaceDB data sets, achieving rank-1 recognition rates of 96.78% and 94.23%, respectively, when using two samples per person for training.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"808 - 826"},"PeriodicalIF":1.3,"publicationDate":"2022-07-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42929214","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-07-26DOI: 10.1080/19361610.2022.2104106
R. Veresha, Alexander Dzhuzha, D. Tychyna, Anastasiya Dzhuzha
Abstract The study examines current challenges faced by Ukrainian legal system in matters of criminological and victimological security of society during quarantine measures related to COVID-19. Using methods of system analysis and scientific design, current legal framework of Ukraine in regulation of public relations was analyzed. The study draws attention to the fact that, Ukraine has improved its legislation on the control of medical purchases and the provision of necessary materials to medical institutions. At the same time, the authorities will have to further improve the framework for patient monitoring and the epidemiological surveillance system in the medical sector.
{"title":"Criminological and Victimological Support of World and National Security during Quarantine Measures Related to the Spread of Acute Respiratory Disease COVID-19 Caused by Coronavirus Sars-Cov-2","authors":"R. Veresha, Alexander Dzhuzha, D. Tychyna, Anastasiya Dzhuzha","doi":"10.1080/19361610.2022.2104106","DOIUrl":"https://doi.org/10.1080/19361610.2022.2104106","url":null,"abstract":"Abstract The study examines current challenges faced by Ukrainian legal system in matters of criminological and victimological security of society during quarantine measures related to COVID-19. Using methods of system analysis and scientific design, current legal framework of Ukraine in regulation of public relations was analyzed. The study draws attention to the fact that, Ukraine has improved its legislation on the control of medical purchases and the provision of necessary materials to medical institutions. At the same time, the authorities will have to further improve the framework for patient monitoring and the epidemiological surveillance system in the medical sector.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"942 - 960"},"PeriodicalIF":1.3,"publicationDate":"2022-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44698487","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-07-13DOI: 10.1080/19361610.2022.2086784
M. Mhatre, Harshvivek Kashid, Tanisha Jain, P. Chavan
Abstract A key aspect of sustainable business development involves protecting a company’s products from counterfeiting. Since this can impact brand’s image and often, product counterfeits are of a minor quality which can be dangerous and even pose health hazards. Counterfeiters gain profits by manufacturing products using lesser quality materials and production methods. Many counterfeit products in the market are difficult to identify for a normal customer and require to be examined by a trained professional which is time-consuming and costly. In this paper, we propose a method for identifying counterfeit by a simple scan of the quick response code on the product. Since these codes are unique and are implemented by unique algorithms, it is almost impossible to forge them. Also, implementing an encrypted peer-to-peer system for the database makes it impossible for attackers to tamper with the database. The proposed method collectively not only helps laypersons to identify the authenticity of products but also an ownership tracking system where products are linked to the owners’ account which will allow them to produce proof of purchase and authenticity when reselling products and when claiming the warranty of the product. This will help in reducing manufacturing and materials costs used from traditional methods against counterfeiting such as Radio-Frequency Identification and the Hologram technique.
{"title":"BCPIS: Blockchain-based Counterfeit Product Identification System","authors":"M. Mhatre, Harshvivek Kashid, Tanisha Jain, P. Chavan","doi":"10.1080/19361610.2022.2086784","DOIUrl":"https://doi.org/10.1080/19361610.2022.2086784","url":null,"abstract":"Abstract A key aspect of sustainable business development involves protecting a company’s products from counterfeiting. Since this can impact brand’s image and often, product counterfeits are of a minor quality which can be dangerous and even pose health hazards. Counterfeiters gain profits by manufacturing products using lesser quality materials and production methods. Many counterfeit products in the market are difficult to identify for a normal customer and require to be examined by a trained professional which is time-consuming and costly. In this paper, we propose a method for identifying counterfeit by a simple scan of the quick response code on the product. Since these codes are unique and are implemented by unique algorithms, it is almost impossible to forge them. Also, implementing an encrypted peer-to-peer system for the database makes it impossible for attackers to tamper with the database. The proposed method collectively not only helps laypersons to identify the authenticity of products but also an ownership tracking system where products are linked to the owners’ account which will allow them to produce proof of purchase and authenticity when reselling products and when claiming the warranty of the product. This will help in reducing manufacturing and materials costs used from traditional methods against counterfeiting such as Radio-Frequency Identification and the Hologram technique.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"740 - 765"},"PeriodicalIF":1.3,"publicationDate":"2022-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49290719","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-07-10DOI: 10.1080/19361610.2022.2096387
Rrezearta Thaqi, Kamer Vishi, Blerim Rexha
Abstract Today’s web represents the most extensive engineered system ever created by humankind. Web security is critical to web application providers and end-users. Burp Suite is established as a state-of-the-art and fully featured set of tools for web vulnerability scanners. This paper presents a novel approach using state of the art Machine Learning algorithms applied to the Burp Suite extension. These algorithms were used to scan for: SQL injection, Cross-Site Request Forgery, and XML External Entity vulnerabilities in university web applications. The results show that the best algorithm is Long Short-Term Memory and that the targeted website is safe to use.
{"title":"Enhancing Burp Suite with Machine Learning Extension for Vulnerability Assessment of Web Applications","authors":"Rrezearta Thaqi, Kamer Vishi, Blerim Rexha","doi":"10.1080/19361610.2022.2096387","DOIUrl":"https://doi.org/10.1080/19361610.2022.2096387","url":null,"abstract":"Abstract Today’s web represents the most extensive engineered system ever created by humankind. Web security is critical to web application providers and end-users. Burp Suite is established as a state-of-the-art and fully featured set of tools for web vulnerability scanners. This paper presents a novel approach using state of the art Machine Learning algorithms applied to the Burp Suite extension. These algorithms were used to scan for: SQL injection, Cross-Site Request Forgery, and XML External Entity vulnerabilities in university web applications. The results show that the best algorithm is Long Short-Term Memory and that the targeted website is safe to use.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"789 - 807"},"PeriodicalIF":1.3,"publicationDate":"2022-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42328192","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-07-07DOI: 10.1080/19361610.2022.2094209
Olusegun I. Olaniyan, U. Ojedokun, A. Aderinto
Abstract One-chance transit crime is a prevalent yet under-researched form of transit crime in Nigeria. Thus, this study investigated the crime and the victimization experiences of commuters in Ibadan city. Routine activity theory was employed as theoretical framework. Data were generated from victims of the crime, police personnel and motor-park officials through in-depth interviews and focus group discussion methods. Findings revealed that one-chance transit crime is commonly perpetrated by criminals making use of taxis for commercial transportation. Money and mobile phones of commuters were the major targets of this category of criminals. One-chance transit criminals are luring their victims through different strategies.
{"title":"One-Chance Transit Crime and Commuters’ Victimization Experiences in Ibadan City, Nigeria","authors":"Olusegun I. Olaniyan, U. Ojedokun, A. Aderinto","doi":"10.1080/19361610.2022.2094209","DOIUrl":"https://doi.org/10.1080/19361610.2022.2094209","url":null,"abstract":"Abstract One-chance transit crime is a prevalent yet under-researched form of transit crime in Nigeria. Thus, this study investigated the crime and the victimization experiences of commuters in Ibadan city. Routine activity theory was employed as theoretical framework. Data were generated from victims of the crime, police personnel and motor-park officials through in-depth interviews and focus group discussion methods. Findings revealed that one-chance transit crime is commonly perpetrated by criminals making use of taxis for commercial transportation. Money and mobile phones of commuters were the major targets of this category of criminals. One-chance transit criminals are luring their victims through different strategies.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"774 - 788"},"PeriodicalIF":1.3,"publicationDate":"2022-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44865231","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-06-21DOI: 10.1080/19361610.2022.2084497
Hyeyoung Lim
{"title":"Where One Door Shuts, Another Opens: Honesty Is the Best Virtue","authors":"Hyeyoung Lim","doi":"10.1080/19361610.2022.2084497","DOIUrl":"https://doi.org/10.1080/19361610.2022.2084497","url":null,"abstract":"","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"17 1","pages":"275 - 281"},"PeriodicalIF":1.3,"publicationDate":"2022-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43374798","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: