Crypto-ransomware remains a significant threat to governments and companies alike, with high-profile cyber security incidents regularly making head-lines. Many different detection systems have been proposed as solutions to the ever-changing dynamic landscape of ransomware detection. In the majority of cases, these described systems propose a method based on the result of a single test performed on either the executable code, the process under investigation, its behaviour, or its output. In a small subset of ransomware detection systems, the concept of a scorecard is employed where multiple tests are performed on various aspects of a process under investigation and their re-sults are then analysed using machine learning. The purpose of this paper is to propose a new majority voting approach to ransomware detection by developing a method that uses a cumulative score derived from discrete tests based on calculations using algorithmic rather than heuristic techniques. The paper describes 23 candidate tests, as well as 9 Windows API tests which are validated to determine both their accuracy and viability for use within a ran-somware detection system. Using a cumulative score calculation approach to ransomware detection has several benefits, such as the immunity to the occasional inaccuracy of individual tests when making its final classification. The system can also leverage multiple tests that can be both comprehensive and complimentary in an attempt to achieve a broader, deeper, and more robust analysis of the program under investigation. Additionally, the use of multiple collaborative tests also significantly hinders ransomware from masking or modifying its behaviour in an attempt to bypass detection. The results achieved by this research demonstrate that many of the proposed tests achieved a high degree of accuracy in differentiating between benign and malicious targets and suggestions are offered as to how these tests, and combinations of tests, could be adapted to further improve the detection accuracy.
{"title":"Majority Voting Ransomware Detection System","authors":"Simon R. Davies, Richard Macfarlane, W. Buchanan","doi":"10.4236/jis.2023.144016","DOIUrl":"https://doi.org/10.4236/jis.2023.144016","url":null,"abstract":"Crypto-ransomware remains a significant threat to governments and companies alike, with high-profile cyber security incidents regularly making head-lines. Many different detection systems have been proposed as solutions to the ever-changing dynamic landscape of ransomware detection. In the majority of cases, these described systems propose a method based on the result of a single test performed on either the executable code, the process under investigation, its behaviour, or its output. In a small subset of ransomware detection systems, the concept of a scorecard is employed where multiple tests are performed on various aspects of a process under investigation and their re-sults are then analysed using machine learning. The purpose of this paper is to propose a new majority voting approach to ransomware detection by developing a method that uses a cumulative score derived from discrete tests based on calculations using algorithmic rather than heuristic techniques. The paper describes 23 candidate tests, as well as 9 Windows API tests which are validated to determine both their accuracy and viability for use within a ran-somware detection system. Using a cumulative score calculation approach to ransomware detection has several benefits, such as the immunity to the occasional inaccuracy of individual tests when making its final classification. The system can also leverage multiple tests that can be both comprehensive and complimentary in an attempt to achieve a broader, deeper, and more robust analysis of the program under investigation. Additionally, the use of multiple collaborative tests also significantly hinders ransomware from masking or modifying its behaviour in an attempt to bypass detection. The results achieved by this research demonstrate that many of the proposed tests achieved a high degree of accuracy in differentiating between benign and malicious targets and suggestions are offered as to how these tests, and combinations of tests, could be adapted to further improve the detection accuracy.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"70335408","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
G. Siampondo, Professor Mbuyu Sumbwanyambe, Bwalya Chansa
{"title":"A Study on the Existing Cybersecurity Policies and Strategies in Combating Increased Cybercrime in Zambia","authors":"G. Siampondo, Professor Mbuyu Sumbwanyambe, Bwalya Chansa","doi":"10.4236/jis.2023.144017","DOIUrl":"https://doi.org/10.4236/jis.2023.144017","url":null,"abstract":"","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"70335440","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Construction and Implementation of a Privacy-Preserving Identity-Based Encryption Architecture","authors":"David Bissessar, C. Adams","doi":"10.4236/jis.2023.144018","DOIUrl":"https://doi.org/10.4236/jis.2023.144018","url":null,"abstract":"","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"70335451","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We analyze the risks associated with teenagers’ online activities and the potential migration of cyber threats originating from teenagers to their parents’ work-from-home (WFH) devices, even when defensive measures such as VPN are employed. Furthermore, we examine the serious implications these risks have on corporate security. Of particular concern, parents who work with confidential corporate information, such as financial projections or product roadmaps, might find that their kids are targeted by hackers who seek an easier entry-point to home networks and eventually WFH devices. This paper is timely since there is a rising trend of hybrid work in white-collar professions, mixing traditional in-office work with WFH. The latter is increasingly done in split shifts, including work performed before breakfast or after dinner. While this shift offers numerous workforce advantages and helps teen-parent bonding, it also introduces a plethora of cybersecurity risks, especially when these devices and networks are shared with teenagers on home networks. We did a structured survey of 62 teens which confirms that risky online activity abounds, so the threat of risk migration onto corporate networks should not be ignored. We perform a migration risk assessment and identify which teen-origin risks are most likely to contaminate parents’ WFH devices. We evaluate 20 attack vectors and generate 60 risk ratings. We classify 29 as high risk, 8 as medium risk, 13 as low risk, and 10 as not relevant. We offer recommendations to mitigate this new set of cyber risks.
{"title":"A New Cyber Risk: How Teens Expose Corporations in WFH Era","authors":"Zahm Siyed","doi":"10.4236/jis.2023.144022","DOIUrl":"https://doi.org/10.4236/jis.2023.144022","url":null,"abstract":"We analyze the risks associated with teenagers’ online activities and the potential migration of cyber threats originating from teenagers to their parents’ work-from-home (WFH) devices, even when defensive measures such as VPN are employed. Furthermore, we examine the serious implications these risks have on corporate security. Of particular concern, parents who work with confidential corporate information, such as financial projections or product roadmaps, might find that their kids are targeted by hackers who seek an easier entry-point to home networks and eventually WFH devices. This paper is timely since there is a rising trend of hybrid work in white-collar professions, mixing traditional in-office work with WFH. The latter is increasingly done in split shifts, including work performed before breakfast or after dinner. While this shift offers numerous workforce advantages and helps teen-parent bonding, it also introduces a plethora of cybersecurity risks, especially when these devices and networks are shared with teenagers on home networks. We did a structured survey of 62 teens which confirms that risky online activity abounds, so the threat of risk migration onto corporate networks should not be ignored. We perform a migration risk assessment and identify which teen-origin risks are most likely to contaminate parents’ WFH devices. We evaluate 20 attack vectors and generate 60 risk ratings. We classify 29 as high risk, 8 as medium risk, 13 as low risk, and 10 as not relevant. We offer recommendations to mitigate this new set of cyber risks.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136305026","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Peter Awonnatemi Agbedemnab, Mohammed Akolgo, Moses Apambila Agebure
Transmission of data over the internet has become a critical issue as a result of the advancement in technology, since it is possible for pirates to steal the intellectual property of content owners. This paper presents a new digital watermarking scheme that combines some operators of the Genetic Algorithm (GA) and the Residue Number (RN) System (RNS) to perform encryption on an image, which is embedded into a cover image for the purposes of watermarking. Thus, an image watermarking scheme uses an encrypted image. The secret image is embedded in decomposed frames of the cover image achieved by applying a three-level Discrete Wavelet Transform (DWT). This is to ensure that the secret information is not exposed even when there is a successful attack on the cover information. Content creators can prove ownership of the multimedia content by unveiling the secret information in a court of law. The proposed scheme was tested with sample data using MATLAB2022 and the results of the simulation show a great deal of imperceptibility and robustness as compared to similar existing schemes.
{"title":"A New Image Watermarking Scheme Using Genetic Algorithm and Residual Numbers with Discrete Wavelet Transform","authors":"Peter Awonnatemi Agbedemnab, Mohammed Akolgo, Moses Apambila Agebure","doi":"10.4236/jis.2023.144023","DOIUrl":"https://doi.org/10.4236/jis.2023.144023","url":null,"abstract":"Transmission of data over the internet has become a critical issue as a result of the advancement in technology, since it is possible for pirates to steal the intellectual property of content owners. This paper presents a new digital watermarking scheme that combines some operators of the Genetic Algorithm (GA) and the Residue Number (RN) System (RNS) to perform encryption on an image, which is embedded into a cover image for the purposes of watermarking. Thus, an image watermarking scheme uses an encrypted image. The secret image is embedded in decomposed frames of the cover image achieved by applying a three-level Discrete Wavelet Transform (DWT). This is to ensure that the secret information is not exposed even when there is a successful attack on the cover information. Content creators can prove ownership of the multimedia content by unveiling the secret information in a court of law. The proposed scheme was tested with sample data using MATLAB2022 and the results of the simulation show a great deal of imperceptibility and robustness as compared to similar existing schemes.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135008158","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Towards Development of a Security Risk Assessment Model for Saudi Arabian Business Environment Based on the ISO/IEC 27005 ISRM Standard","authors":"W. Alheadary","doi":"10.4236/jis.2023.143012","DOIUrl":"https://doi.org/10.4236/jis.2023.143012","url":null,"abstract":"","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"70335346","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Atsopmene Tango Vanette Eleonore, Gamom Ngounou Ewo Roland Christian, Kom Charles Hubert
Supermarkets and large-scale retail stores are usually subject to huge monetary transactions for certain customers’ purchases. The computerization of these systems is common in supermarkets but the security of these transactions remains a mystery. This article presents an algorithm as an API based on symmetric cryptography that can enable end-to-end encryption of a monetary transaction in a supermarket. This algorithm is the first part of the complete supermarket management system which will be presented in the following article. The Python language and the Flask framework allow us to develop the algorithm as an independent component. Tests have been performed and our algorithm uses 98.49% less memory and 10.18% time saving than the AES algorithm.
{"title":"Design of a Cryptographic Algorithm in the Form of an API in Order to Secure Monetary Transactions in a Supermarket","authors":"Atsopmene Tango Vanette Eleonore, Gamom Ngounou Ewo Roland Christian, Kom Charles Hubert","doi":"10.4236/jis.2023.144024","DOIUrl":"https://doi.org/10.4236/jis.2023.144024","url":null,"abstract":"Supermarkets and large-scale retail stores are usually subject to huge monetary transactions for certain customers’ purchases. The computerization of these systems is common in supermarkets but the security of these transactions remains a mystery. This article presents an algorithm as an API based on symmetric cryptography that can enable end-to-end encryption of a monetary transaction in a supermarket. This algorithm is the first part of the complete supermarket management system which will be presented in the following article. The Python language and the Flask framework allow us to develop the algorithm as an independent component. Tests have been performed and our algorithm uses 98.49% less memory and 10.18% time saving than the AES algorithm.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135156690","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Secure Web Application Technologies Implementation through Hardening Security Headers Using Automated Threat Modelling Techniques","authors":"Maduhu Mshangi Mlyatu, C. Sanga","doi":"10.4236/jis.2023.141001","DOIUrl":"https://doi.org/10.4236/jis.2023.141001","url":null,"abstract":"","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"70334526","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Research and Practice on High Availability Scheme of Unified Identity Authentication System Based on CAS in Colleges and Universities","authors":"Man Liu, Lei Yu","doi":"10.4236/jis.2023.141002","DOIUrl":"https://doi.org/10.4236/jis.2023.141002","url":null,"abstract":"","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"70334534","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: