ABSTRACT
The COVID-19 pandemic has impacted everyday life, the global economy, travel, and commerce. In many cases, the tight measures put in place to stop COVID-19 have caused depression and other diseases. As many medical systems over the world are unable to hospitalize all the patients, some of them may get home healthcare assistance, while the government and healthcare organizations have access to substantial sickness management data. It allows patients to routinely update their health status and have it sent to distant hospitals. In certain cases, the medical authorities may designate quarantine stations and provide supervision equipment and platforms (such as Internet of Medical Things (IoMT) devices) for performing an infection-free treatment, whereas IoMT devices often lack enough protection, making them vulnerable to many threats. In this paper, we present an intrusion detection system (IDS) for IoMTs based on the following gradient boosting machines approaches: XGBoost, LightGBM, and CatBoost. With more than 99% in many evaluation measures, these approaches had a high detection rate and could be an effective solution in preventing attacks on IoMT devices. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
ABSTRACT
Covid-19 eruption and lockdown situation have increased the usages of online platforms which have impacted the users. Cyberbullying is one of the negative outcomes of using social media platforms which leads to mental and physical distress. This study proposes a machine learning-based approach for the detection of cyberbullying in Hinglish text. We use the Hinglish Code-Mixed Corpus, which consists of over 6,000 tweets, for our experiments. We use various machine learning algorithms, including Logistic regression (LR), Multinomial Naive Bayes (MNB), Support vector machine (SVM), Random Forest (RF), to train our models. We evaluate the performance of the models using standard evaluation metrics such as precision, recall, and F1-score. Our experiments show that the LR with Term Frequency-Inverse Document Frequency (TFIDF) outperforms the other models, achieving 92% accuracy. Our study demonstrates that machine learning models can be effective for cyberbullying detection in Hinglish text, and the proposed approach can help identify and prevent cyberbullying on social media platforms. © 2023 Bharati Vidyapeeth, New Delhi.
ABSTRACT
During COVID-19 pandemic, there has been unprecedented increase in the number of employees working outside an organisations IT infrastructure due to the use of personal devices. The scale and sophistication of cyberattacks also continue to increase post-COVID-19 and it has become critical for SMEs (Small and Medium Sized Enterprises) to safeguard their information and IT assets. COVID19 proved to be a major catalyst for the adoption of digital approaches to remote working that many organisations did not previously believe to be feasible. The systems are becoming increasingly exposed to cyber-attacks as a result of remote access technology and cloud networks. The literature points to a gap in the existing knowledge to address the cybersecurity requirements for SMEs in India working in a virtual setup. The purpose of this paper is to develop a cybersecurity evaluation model (CSEM) that can be leveraged by SMEs which will eventually help them assess their cyber-risk portfolio. Based on the research project and the methodology used in the past for similar research, a quantitative approach will be chosen for this research. This research requires the researcher to roll out an online survey, which will enable the participants to evaluate cybersecurity risks by responding to the survey questionnaire. Analysing and implementing a CSEM will not only assist SMEs in identifying their strengths and weaknesses but will also include simple best practice guidelines for effectively plugging their cybersecurity flaws while working remotely. © 2022 IEEE.
ABSTRACT
The proliferation of the internet and computing devices has drawn much attention during the Covid-19 pandemic stay home and work, and this has led the organization to adapt to staying home. Also, to let the organization work due to the infrastructure for working on proxy during the pandemic. The alarming rate of cyber-attacks, which through this study infer that phishing is one of the most effective and efficient ways for cyber-attack success. In this light, this study aims to study phishing attacks and mitigation methods in play, notwithstanding analysing performance metrics of the current mitigation performance metrics. Results indicate that business enterprises and educational institutions are the most hit using email (social engineering) and web app phishing attacks. The most effective mitigation methods are training/awareness campaigns on social engineering and using artificial intelligence/machine learning (AI/ML). To gain zero or 100% phishing mitigation, AI/ML need to be applied in large scale to measure its efficiency in phishing mitigation. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
ABSTRACT
The medical system has been targeted by the cyber attackers, who aim to bring down the health security critical infrastructure. This research is motivated by the recent cyber-attacks happened during COVID 19 pandemics which resulted in the compromise of the diagnosis results. This study was carried to demonstrate how the medical systems can be penetrated using AI-based Directory Discovery Attack and present security solutions to counteract such attacks. We then followed the NIST (National Institute of Standards and Technology) ethical hacking methodology to launch the AI-based Directory Discovery Attack. We were able to successfully penetrate the system and gain access to the core of the medical directories. We then proposed a series of security solutions to prevent such cyber-attacks. © 2022 Creative Commons.
ABSTRACT
The recent pandemic fosters an increasing dependency on various forms of digital communications that support social distancing. To mitigate widespread exposure to COVID, the Louisiana Department of Health's COVID Defense contact tracing application helps users learn about potential exposures to infected individuals. This research investigates the viability of using the Louisiana Department of Health's COVID Defense application symptoms share feature as an attack vector. The primary contribution of this research is an initial assessment of the effective modification and distribution of a packaged JSON file that contains a malicious link. Secondly, it highlights the effectiveness of this attack through email, WIFI direct, and nearby share. © 2023 IEEE Computer Society. All rights reserved.
ABSTRACT
The increase in Social Engineering (SE) attacks during COVID-19 pandemic has made it imperative to educate people about SE techniques and methods. For the last many years, we have worked on games, which disseminate awareness among the participants about Social Engineering concepts. The aim of this study is to share our newly designed card-based game, which is simple to understand, and can be conducted in classroom environment. © 2022 IEEE.
ABSTRACT
As society grows increasingly more online with each passing year, the problem of cyberbullying becomes more and more prominent, with such incidents having the capacity to negatively impact mental health in a major way, especially among children and teenagers. The proposed approach builds on our previous work that established multi-modal detection of cyberbullying on Twitter, and restructures the multi-modal approach by incorporating social media features such as time-related features and social network information. As a result, the new models reach a classification accuracy between 94.4% and 94.6%, from the previous accuracy of 93%. The proposed new approach affirms the use of context-based data in addition to more directly-related features when analyzing cyberbullying and other interactions with promising improvements. We believe that this work contributes significantly to the study of cyberbullying detection, which is an imminent problem with growing importance in the post-COVID society. © 2022 IEEE.
ABSTRACT
The rapid growth in technology and several IoT devices make cyberspace unsecure and eventually lead to Significant Cyber Incidents (SCI). Cyber Security is a technique that protects systems over the internet from SCI. Data Mining and Machine Learning (DM-ML) play an important role in Cyber Security in the prediction, prevention, and detection of SCI. This study sheds light on the importance of Cyber Security as well as the impact of COVID-19 on cyber security. The dataset (SCI as per the report of the Center for Strategic and International Studies (CSIS)) is divided into two subsets (pre-pandemic SCI and post-pandemic SCI). Data Mining (DM) techniques are used for feature extraction and well know ML classifiers such as Naïve Bayes (NB), Support Vector Machine (SVM), Logistic Regression (LR) and Random Forest (RF) for classification. A centralized classifier approach is used to maintain a single centralized dataset by taking inputs from six continents of the world. The results of the pre-pandemic and post-pandemic datasets are compared and finally conclude this paper with better accuracy and the prediction of which type of SCI can occur in which part of the world. It is concluded that SVM and RF are much better classifiers than others and Asia is predicted to be the most affected continent by SCI. Author
ABSTRACT
COVID-19 epidemic has changed many people's life. There has been an increase in cybercrime and cyber-attacks on infrastructure systems throughout the world. To reduce the impact of social alienation, a significant rise has been observed in the utilization and dependence on computers, handheld devices, and web to perform day-to-day activities like communication, work, online transactions for shopping, and medical diagnostics throughout the pandemic. Criminals were able to take advantage of new weaknesses generated because of movement of the work place to home for their own individual advantage. In a postpandemic world, ab roader and diverse cyber security approach is required to assure the well-being and continuation of crucial systems on which our mankind depends. This research work shows the preliminary design of the proposed solution, which is built based on the concept of Artificial Intelligence (AI) enabled self-replication system. © 2023 IEEE.
ABSTRACT
Events that attract worldwide attention, such as the Olympic and Paralympic Games and international exhibitions, have become easy targets for cyber attacks, and it is no longer rare to hear of reports of damage from such attacks. The Olympic and Paralympic Games Tokyo 2020 was held in 2021 after a oneyear delay due to the novel coronavirus (COVID-19), and NTT, as a Gold Partner (Telecommunications Services), had the responsibility of managing the network infrastructure supporting the Tokyo 2020 Games, thus dealing with the threat of cyber attacks. This article describes how NTT-CERT (NTT Computer Security Incident Response and Readiness Coordination Team) of NTT Social Informatics Laboratories faced cyber attacks as the representative computer security incident response team of the NTT Group. © 2022 Nippon Telegraph and Telephone Corp.. All rights reserved.
ABSTRACT
As a result of quick transformation to digitalization for providing the employees teleworking/home office services with the capabilities to access company resources from outside the company over Internet using remote desktop and virtual private network (VPN) applications and the increase in digital activity during COVID-19 such as the usage of audio/video conferencing applications, many businesses have been victims of cyber attacks. This paper investigates whether there was an increase in the frequency of cyber attacks during COVID-19. It also identifies the motivations for such attacks in light of software/hardware/system vulnerabilities. Following this research, we also categorize vulnerabilities and develop a taxonomy. Such a taxonomy helped to identify the type of attacks on their frequency and their impact. To do that, we developed a research methodology to collect attack and vulnerability information from the selected databases. Using relevant key words, we developed the taxonomy that led us to create insightful information to answer the research questions that are thoroughly analyzed and presented accordingly. This work also recommended a list of mitigation measures that can be considered in the future to prepare the industry for a similar pandemic including establishing and maintaining a Information Security Management System (ISMS) by following relevant standards (ISO/SAE 2700x, BSI-Standards 200-x, SMEs: CISIS12®). © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
ABSTRACT
Cybercrime is an online crime committing fraud, stealing identities, violating privacy or hacking the personal information. A high level of information security in banking can be attained through striving to achieve an integrity, confidentiality, availability, assurance, and accountability. This Pandemic situation (COVID-19) paved the way for the customers to avoid traditional ways of banking and adapt to digital transactions. This banking digitalization increases in the utilization of cashless transactions like digital money (Cryptocurrency). Cyber security is imperative to preserve sensitive information, therefore, Blockchain technology has been adapted to provide security. Transactions done via Blockchain are tested through every block, which makes transactions secure and helps the banking system to work faster. The proposed algorithm WFB is used to estimate the average queue rate and avoid unwanted block generation. Then the trapezoidal fuzzy technique optimizes the allocation of blocks. An objective of this investigation is to enhance the security in banking systems from Cybercrimes by verifying Rain Drop Service (RDS) and Fingerprint Biometric without the need of any central authority. Once the service is completed, the service is a dropout and the following new service will be provided (Hence the name RDS). For the strong authentication scheme to fight against bank fraud, RSA encryption technique has been implemented successfully. Therefore, Blockchain technology increases the need for cyber security as a part of design architecture which intends to detect the stemming attacks in real time instead of repairing the damage. [ FROM AUTHOR] Copyright of Cybernetics & Systems is the property of Taylor & Francis Ltd and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full . (Copyright applies to all s.)
ABSTRACT
Over recent years, the outbreak of Covid-19 has infected more than a billion people. Due to this crisis, the healthcare industry is revolutionizing using the Internet of Health Things (IoHT). As a result, the increasing number of distributed connected objects, their heterogeneity, and mobility have led to a dramatic expansion in the volume of medical data, consequently, a considerable increase in cybercrime. However, the security of the healthcare system must be considered a top priority. According to the policy principles of cybersecurity intrusion detection systems (IDS) are effective and indispensable security tools. We propose in this paper a collaborative distributed fog-based intrusion detection system reinforced by using blockchain to ensure trust and reliability between Fog nodes, and machine learning (ML) approaches with the effective open-source Catboost benefiting from the GPU library to get a record detection and computation time. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
ABSTRACT
Purpose: This paper aims to discuss the experiences designing and conducting an experiential learning virtual incident response tabletop exercise (VIRTTX) to review a business's security posture as it adapts to remote working because of the Coronavirus 2019 (COVID-19). The pandemic forced businesses to move operations from offices to remote working. Given that this happened quickly for many, some firms had little time to factor in appropriate cyber-hygiene and incident prevention measures, thereby exposing themselves to vulnerabilities such as phishing and other scams. Design/methodology/approach: The exercise was designed and facilitated through Microsoft Teams. The approach used included a literature review and an experiential learning method that used scenario-based, active pedagogical strategies such as case studies, simulations, role-playing and discussion-focused techniques to develop and evaluate processes and procedures used in preventing, detecting, mitigating, responding and recovering from cyber incidents. Findings: The exercise highlighted the value of using scenario-based exercises in cyber security training. It elaborated that scenario-based incident response (IR) exercises are beneficial because well-crafted and well-executed exercises raise cyber security awareness among managers and IT professionals. Such activities with integrated operational and decision-making components enable businesses to evaluate IR and disaster recovery (DR) procedures, including communication flows, to improve decision-making at strategic levels and enhance the technical skills of cyber security personnel. Practical implications: It maintained that the primary implication for practice is that they enhance security awareness through practical experiential, hands-on exercises such as this VIRTTX. These exercises bring together staff from across a business to evaluate existing IR/DR processes to determine if they are fit for purpose, establish existing gaps and identify strategies to prevent future threats, including during challenging circumstances such as the COVID-19 outbreak. Furthermore, the use of TTXs or TTEs for scenario-based incident response exercises was extremely useful for cyber security practice because well-crafted and well-executed exercises have been found to serve as valuable and effective tools for raising cyber security awareness among senior leadership, managers and IT professionals (Ulmanová, 2020). Originality/value: This paper underlines the importance of practical, scenario-based cyber-IR training and reports on the experience of conducting a virtual IR/DR tabletop exercise within a large organisation. © 2023, Emerald Publishing Limited.
ABSTRACT
Cybercrime is a growing concern, particularly in this COVID-19 era. The COVID-19 outbreak has shown the significant impact potential of such crises on our daily lives worldwide. Phishing is a social engineering crime that can cause financial and reputational damages such as data loss, personal identity theft, money loss, financial account credential theft, etc., to people and organizations. In the recent outbreak of the COVID-19 pandemic, many companies and organizations have changed their working conditions, moved to an online environment workspace, and implemented the Work From Home (WFH) business model that increases the phishing attacks vectors and risk of breaching internal data. In this paper, we have extracted nine efficient features from the URLs and applied seven different Machine Learning algorithms to recognize phishing URLs. Machine learning algorithms are often used to detect phishing attacks more accurately before affecting users. The obtained result concludes that the Random Forest model provides the best and highest accuracy of 95.2%. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
ABSTRACT
In today's world, it is very common among children to use a smartphone or a handheld digital device such as a tablet to entertain themselves and as a medium of socializing with people easily. The COVID-19 pandemic forced many people to stay in their homes and rely on these digital devices to do their day-to-day work and communication. The latter caused the increase in reliance on digital devices to acquire information about the outside world and as a source of entertainment. This new tendency increased the likelihood of children being exposed to pornography, cyberbullying, cyberstalking, excessive gaming, sexting, and behavioral traits related to narcissism. These habits caused many children to develop psychological and physiological illnesses, which affected them in the short term and, for some, which affected them and their families in the long run, such as suicide. Our research proposes to constantly monitor behavioral patterns such as this, notify the relevant individuals, and prevent the children from being prone to such ill fates. According to the findings, using machine learning and natural language processing, sexting, phonographic words, and cyberbullying can all be recognized with pinpoint accuracy. Also, by using two machine learning models, depression and anxiety are detected with an accuracy of 0.84 and 0.86. To prevent and analyze computer vision syndrome caused by improper face-screen distance. An image processing-based algorithm is used to measure the distance from face to screen, and results are narrowed down to an accuracy of 1 inch. © 2022 IEEE.
ABSTRACT
Phishing email attack is a dominant cyber-criminal strategy for decades. Despite its longevity, it has evolved during the COVID-19 pandemic, indicating that adversaries exploit critical situations to lure victims. Plenty of detectors have been proposed over the years, which mainly focus on the contents or the textual information of emails;however, to cope with the evolution of phishing emails more sophisticated approaches should be introduced that will exploit all the emails' traits to enhance the detection capability of Machine Learning/Deep Learning classifiers. To tackle the limitations of existing works, this paper proposes a phishing email detection methodology, named HELPHED that focuses on the detection of phishing emails by combining Ensemble Learning methods with hybrid features. The hybrid features provide an accurate representation of emails by fusing their content and textual traits. We propose two methods of HELPHED, the first one employs the Stacking Ensemble Learning method, while the second method utilizes the Soft Voting Ensemble Learning. Both methods deploy two different Machine Learning algorithms to handle the hybrid features separately, yet in parallel, minimizing the features' complexity and improving the model's performance. A thorough evaluation analysis is carried out considering innovative guidelines that aim to prevent partial and misleading results. Experimental tests verified that the combination of hybrid features with Ensemble Learning, overall, accomplishes better detection performance than when employing only content-based or text-based features. Numerical results on a rich imbalanced dataset (i.e., 32,051 benign and 3,460 phishing email samples) that considers the evolution of phishing emails show that Soft Voting Ensemble Learning outperforms other prominent Machine Learning/Deep Learning algorithms and existing works yielding F1-score equal to 0.9942. © 2022 Elsevier Ltd
ABSTRACT
This study was motivated by the challenges experienced by parents and guardians in ensuring the safety of children in cyberspace. In the last two or three years, online education has become very popular all over the world due to the Covid 19 pandemic. Therefore parents, guardians and teachers must ensure the safety of children in cyber space. Children are more likely to go astray and there are plenty of online programs waiting to get them on wrong track and also children who are engaging in the online education can be distracted at any moment. Therefore, parents should keep a close check on their children's online activity. Apart from that due to the unawareness of children, they tempt to share their sensitive information, chance of being a victim of phishing attacks from outsiders. These problems can be overcome through the proposed web-based system. We use feature extraction, web tracking and analysis mechanisms, image processing and name entity recognition to implement this web-based system. © 2022 IEEE.
ABSTRACT
Pendekar Siber is in the Malay language which means a cyber warrior. A cyber warrior is a computer expert engaged in the defense of information systems against cyber-attacks. It refers to an educational program to groom young people to empower themselves and their peers capable to combat cyber threats. This is because cyber threats are on the rise especially during the COVID-19 pandemic and movement control orders (MCO). Cyber threats to children are becoming more significant since they were dependent on electronic gadgets and computer devices to do online learning activities at home. Although MCO had been lifted and schools were reopened, children are still reliant on these gadgets to play online games, watching content on social media and interact with their online friends. Some of them cannot be separated from these online activities until they neglect their studies and affect their physical and mental health. Despite the responsibilities of parents to monitor their children's use of gadgets, this paper posits the role of young people to address these threats. Thus, Pendekar Siber program was introduced, community engagement programs were conducted, and surveys were carried out at a bottom 40% (B40) urban poor community in Selangor, Malaysia. The surveys were done to understand the children's Internet use and their cybersecurity awareness. Based on our findings, this paper recommends ways that can be implemented by empowering young people to address cyber threats faced by themselves and their peers. © 2022 IEEE.