ABSTRACT
Health care is always a top priority, and that has not changed no matter how far we have come in terms of technology. Since the coronavirus epidemic broke out, almost every country has made health care a top priority. Therefore, the best way to deal with the coronavirus pandemic and other urgent health problems is through the use of IoHT. The tremendous growth of IoT devices and networks especially in the healthcare domain generates massive amounts of data, necessitating careful authentication and security. Other domains include agriculture, smart homes, industry, etc. These massive data streams can be evaluated to determine undesirable patterns. It has the potential to reduce functional risks, avoid problems that are not visible, and eliminate system downtime. Past systematic and comprehensive reviews have significantly aided the field of cybersecurity. However, this research focuses on IoT issues relating to the medical or healthcare domain, using the systematic literature review method. The current literature in health care is not enough to analyze the anomaly of IoHT. This research has revealed that fact. In our subsequent work, we will discuss the architecture of IoHT and use AI techniques such as CNN and SVM to detect intrusions in IoHT. In the interest of advancing scientific knowledge, this study identifies and suggests potential new lines of inquiry that may be pursued in this area of study. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
ABSTRACT
This COVID-19 study uses a new way of looking at data to shed light on important topics and societal problems. After digesting specific interpretations, experts' points of view are looked at: We'll study and categorize these subfields based on their importance and influence in the academic world. Web-based education, cutting-edge technologies, AI, dashboards, social networking, network security, industry titans (including blockchain), safety, and inventions will be discussed. By combining chest X-ray images with machine learning, the article views provide element breadth, ideal understanding, critical issue detection, and hypothesis and practice concepts. We've used machine learning techniques in COVID-19 to help manage the pandemic flow and stop infections. Statistics show that the hybrid strategy is better than traditional ones. © 2022 IEEE.
ABSTRACT
Since the first half of 2020, the COVID-19 epidemic has continued to spread across the country. Based on this background, with the continuous promotion of a new round of technological innovation and industrial transformation, and the combined impact of the epidemic factors, the digital economy has become a new pillar of the steady development of China's macro economy. Emerging industries have provided good opportunities for the digital economy. Cyber security has risen to the height of national sovereignty, which is the direct embodiment of national competitiveness and the foundation for the healthy development of the digital economy. However, with the concentration of massive data and the progress of information technology, the data is easily and conveniently used, personal privacy security, corporate business secrets and even national security suffered serious damage, and network security protection has also become the bottleneck of the digital economy to a new level. It is particularly important to strengthen the network security governance capacity, improve the network security laws and regulations, and implement the hierarchical protection system. © 2023 SPIE.
ABSTRACT
The COVID-19 pandemic has impacted everyday life, the global economy, travel, and commerce. In many cases, the tight measures put in place to stop COVID-19 have caused depression and other diseases. As many medical systems over the world are unable to hospitalize all the patients, some of them may get home healthcare assistance, while the government and healthcare organizations have access to substantial sickness management data. It allows patients to routinely update their health status and have it sent to distant hospitals. In certain cases, the medical authorities may designate quarantine stations and provide supervision equipment and platforms (such as Internet of Medical Things (IoMT) devices) for performing an infection-free treatment, whereas IoMT devices often lack enough protection, making them vulnerable to many threats. In this paper, we present an intrusion detection system (IDS) for IoMTs based on the following gradient boosting machines approaches: XGBoost, LightGBM, and CatBoost. With more than 99% in many evaluation measures, these approaches had a high detection rate and could be an effective solution in preventing attacks on IoMT devices. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
ABSTRACT
The Internet of Medical Things (IoMT) has been applied to provide health care facilities for elders and parents. Remote health care is essential for providing scarce resources and facilities to coronavirus patients. Ongoing IoMT communication is susceptible to potential security attacks. In this research, an artificial intelligence-driven security model of the IoMT is also proposed to simulate and analyses the results. Under the proposed plan, only authorized users will be able to access private and sensitive patient information, and unauthorized users will be unable to access a secure healthcare network. The various phases for implementing artificial intelligence (AI) techniques in the IoMT system have been discussed. AI-driven IoMT is implemented using decision trees, logistic regression, support vector machines (SVM), and k-nearest neighbours (KNN) techniques. The KNN learning models are recommended for IoMT applications due to their low consumption time with high accuracy and effective prediction. © 2023 IEEE.
ABSTRACT
E-commerce sites are flourishing nowadays in lockdown. A lot of entrepreneurs are making their own sites and selling them online. In 2020, one of INTERPOL's private sector partners detected 907,000 spam messages, 737 malware incidents, and 48,000 malware URLs connected to COVID-19 during the period from January to April. 'Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19.' states Jürgen Stock, INTERPOL Secretary General. The main threats during this pandemic are Malware/Ransomware(36%), Phishing/Scam(59%), Fake News(14%) and Malicious Domains(22%). Cybercriminals are active in these pandemic times and the developers designing stunning user interfaces without basic cybersecurity knowledge is a great attraction for these criminals. Our goal is to explain how easily hackers gain access by selecting 10 top vulnerabilities from OWASP and exploiting them. © 2023 IEEE.
ABSTRACT
The COVID-19 pandemic has led to the creation of vaccination passports as a means of verifying an individual's vaccination status for travel and access to certain services. The validity of immunization records and supply chain procedures, however, are significant issues. The supply chain for vaccination passports has been called for to be made more secure and transparent using blockchain technology. To ensure safe and effective supply chain management, this article suggests a blockchain-based authentication mechanism for vaccination passports. The issuer, the prover, and the verifier will be the system's three key actors. The issuer will be in charge of producing inventory tokens and providing immunization certificates. The prover will verify the authenticity of the vaccination supply chain, and the verifier will ensure that the inventory token is legitimate. The proposed system will enhance transparency, security, and efficiency in the supply chain for vaccination passports, thereby improving the trustworthiness of vaccination records and facilitating safe travel during the pandemic. © 2023 IEEE.
ABSTRACT
During COVID-19 pandemic, there has been unprecedented increase in the number of employees working outside an organisations IT infrastructure due to the use of personal devices. The scale and sophistication of cyberattacks also continue to increase post-COVID-19 and it has become critical for SMEs (Small and Medium Sized Enterprises) to safeguard their information and IT assets. COVID19 proved to be a major catalyst for the adoption of digital approaches to remote working that many organisations did not previously believe to be feasible. The systems are becoming increasingly exposed to cyber-attacks as a result of remote access technology and cloud networks. The literature points to a gap in the existing knowledge to address the cybersecurity requirements for SMEs in India working in a virtual setup. The purpose of this paper is to develop a cybersecurity evaluation model (CSEM) that can be leveraged by SMEs which will eventually help them assess their cyber-risk portfolio. Based on the research project and the methodology used in the past for similar research, a quantitative approach will be chosen for this research. This research requires the researcher to roll out an online survey, which will enable the participants to evaluate cybersecurity risks by responding to the survey questionnaire. Analysing and implementing a CSEM will not only assist SMEs in identifying their strengths and weaknesses but will also include simple best practice guidelines for effectively plugging their cybersecurity flaws while working remotely. © 2022 IEEE.
ABSTRACT
Wireless sensor networks (WSN) playa significant role in the collection and transmission of data. The principal data collectors and broadcasters are small wireless sensor nodes. As a result of their disorganized layout, the nodes in this network are vulnerable to intrusion. Every aspect of human life includes some form of technological interaction. While the Covid-19 pandemic has been ongoing, the whole corporate and academic world has gone digital. As a direct result of digitization, there has been a rise in the frequency with which Internet-based systems are attacked and breached. The Distributed Denial of Service (DDoS) and Distributed Reflective Denial of Service (DRDoS) assaults are new and dangerous type of cyberattacks that can quickly bring down any service or application that relies on the Internet's infrastructure. Cybercriminals are always refining their methods of attack and evading detection by using techniques that are out of date. Traditional detection systems are not suited to identify novel DDoS attacks since the volume of data created and stored has expanded exponentially in recent years. This research provides a comprehensive overview of the relevant literature, focusing on deep learning for DDoS and DRDoS detection. Due to the expanding number of loT gadgets, distributed DDoS and DRDoS attacks are becoming more likely and more damaging. Due to their lack of generalizability, current attack detection methods cannot be used for early detection of DDoS and DRDoS, resulting in significant load or service degradation when implemented at the endpoint. In this research, a brief review is performed on the models that are used for identification of DDoS and DRDoS attacks. The working of the existing models and the limitations of the models are briefly analyzed in this research. © 2023 IEEE.
ABSTRACT
Internet usage has grown exponentially, with individuals and companies performing multiple daily transactions in cyberspace rather than in the real world. The coronavirus (COVID-19) pandemic has accelerated this process. As a result of the widespread usage of the digital environment, traditional crimes have also shifted to the digital space. Emerging technologies such as cloud computing, the Internet of Things (IoT), social media, wireless communication, and cryptocurrencies are raising security concerns in cyberspace. Recently, cyber criminals have started to use cyber attacks as a service to automate attacks and leverage their impact. Attackers exploit vulnerabilities that exist in hardware, software, and communication layers. Various types of cyber attacks include distributed denial of service (DDoS), phishing, man-in-the-middle, password, remote, privilege escalation, and malware. Due to new-generation attacks and evasion techniques, traditional protection systems such as firewalls, intrusion detection systems, antivirus software, access control lists, etc., are no longer effective in detecting these sophisticated attacks. Therefore, there is an urgent need to find innovative and more feasible solutions to prevent cyber attacks. The paper first extensively explains the main reasons for cyber attacks. Then, it reviews the most recent attacks, attack patterns, and detection techniques. Thirdly, the article discusses contemporary technical and nontechnical solutions for recognizing attacks in advance. Using trending technologies such as machine learning, deep learning, cloud platforms, big data, and blockchain can be a promising solution for current and future cyber attacks. These technological solutions may assist in detecting malware, intrusion detection, spam identification, DNS attack classification, fraud detection, recognizing hidden channels, and distinguishing advanced persistent threats. However, some promising solutions, especially machine learning and deep learning, are not resistant to evasion techniques, which must be considered when proposing solutions against intelligent cyber attacks. © 2023 by the authors.
ABSTRACT
The proliferation of the internet and computing devices has drawn much attention during the Covid-19 pandemic stay home and work, and this has led the organization to adapt to staying home. Also, to let the organization work due to the infrastructure for working on proxy during the pandemic. The alarming rate of cyber-attacks, which through this study infer that phishing is one of the most effective and efficient ways for cyber-attack success. In this light, this study aims to study phishing attacks and mitigation methods in play, notwithstanding analysing performance metrics of the current mitigation performance metrics. Results indicate that business enterprises and educational institutions are the most hit using email (social engineering) and web app phishing attacks. The most effective mitigation methods are training/awareness campaigns on social engineering and using artificial intelligence/machine learning (AI/ML). To gain zero or 100% phishing mitigation, AI/ML need to be applied in large scale to measure its efficiency in phishing mitigation. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
ABSTRACT
In this study, we analyse the impact of the Universal Adversarial Perturbation Attack on the Inception-ResNet-v1 model using the lung CT scan dataset for COVID-19 classification and the retinal OCT scan dataset for Diabetic Macular Edema (DME) classification. The effectiveness of adversarial retraining as a suitable defense mechanism against this attack is examined. This study is categorised into three sections-The implementation of the Inception-ResNet-v1 model, the effect of the attack and the adversarial retraining. © 2023 IEEE.
ABSTRACT
Maintaining the purported Social Separating is one of the essential and greatest ways to stop the new popular episode. Legislators are enacting restrictions on the standard of private distance between people in order to concur with this restriction. In light of this real-life occurrence, it is crucial to evaluate how consistent with realistic imperatives in our lives this is, in order to ascertain the causes of any prospective cracks in such distance obstacles and determine whether this portends an anticipated risk. In order to do this, we offer the Visual Social Removing (VSD) problem, which is defined as the automatic evaluation of the difference between the depiction of connected person aggregations and the private separation from an image.When this requirement is violated, it is vital for VSD to conduct painless research to determine whether people agree to the social distance restriction and to provide assessments of the degree of wellbeing of particular places. We first draw attention to the fact that measuring VSD involves more than simply math;it also suggests a deeper comprehension of the social behavior in the setting. The goal is to genuinely identify potentially dangerous circumstances while avoiding false alerts (such as a family with children or other family members, an elderly person with their guardians), all while adhering to current security protocols. Then, at that point, we discuss how VSD links to earlier research in social sign handling and demonstrate how to investigate fresh PC vision techniques that might be able to address this issue. Future issues about the viability of VSD systems, ethical repercussions, and potential application scenarios are the result. © 2023 IEEE.
ABSTRACT
In the recent trends, block chain technology plays a vital role due to its secured methodology. Since many parts of the world severely affected by COVID pandemic situation, people used to perform more of digital transactions day by day. To provide more security for all online transactions, Block chain Technology is one of the solutions that many countries have started to utilize. Every block in a block chain should be validated and verified by the secured hash algorithms and digital signatures. Since Hacking is difficult in Block Chain Technology, due to its secure hash process, many people started using it for various applications. This article discusses about the working of Digital Signatures especially about Elliptic Curve Digital Signature Algorithm - ECDSA. Digital signatures are signatures done digitally for the purpose of security. ECDSA works on the mechanism of Elliptic Curve and Cryptography algorithms of Elliptic curve. The proposed research work has selected the private key as a random point, which is of type integer ranging between 1 and n-1 in Elliptic curve to sign documents. Then Public key is calculated by multiplying a point from elliptic curve with the Private key. Using this Public key, our digital signature is verified. This is much secured because no one can crack/hack private key. This process is used to verify digital transactions in the block chain technology. Our study helps researcher in block chain technologies to proceed ahead. © 2023 IEEE.
ABSTRACT
With the increase of remote working during and after the COVID-19 pandemic, the use of Virtual Private Networks (VPNs) around the world has nearly doubled. Therefore, measuring the traffic and security aspects of the VPN ecosystem is more important now than ever. VPN users rely on the security of VPN solutions, to protect private and corporate communication. Thus a good understanding of the security state of VPN servers is crucial. Moreover, properly detecting and characterizing VPN traffic remains challenging, since some VPN protocols use the same port number as web traffic and port-based traffic classification will not help. In this paper, we aim at detecting and characterizing VPN servers in the wild, which facilitates detecting the VPN traffic. To this end, we perform Internet-wide active measurements to find VPN servers in the wild, and analyze their cryptographic certificates, vulnerabilities, locations, and fingerprints. We find 9.8M VPN servers distributed around the world using OpenVPN, SSTP, PPTP, and IPsec, and analyze their vulnerability. We find SSTP to be the most vulnerable protocol with more than 90% of detected servers being vulnerable to TLS downgrade attacks. Out of all the servers that respond to our VPN probes, 2% also respond to HTTP probes and therefore are classified as Web servers. Finally, we use our list of VPN servers to identify VPN traffic in a large European ISP and observe that 2.6% of all traffic is related to these VPN servers. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
ABSTRACT
COVID-19 is one of the deadliest pandemics of this century's that affected the whole world. As the COVID-19 spread the government had to impose lockdown that pushed the people to follow some new lifestyle like social distancing, work from home, hand washing, and the country have to shut down industries, businesses and public transport. At the same time, doctors were occupied in saving life's and on other side cyber criminals were busy taking this situation as advantage, which creates an another silent pandemic i.e. cyber-security pandemic. During this pandemic with overloaded ICT infrastructure, cyber space was gaining attention of more cyber attacker and number of attacks/threats increased exponentially. This is one of the rapidly growing global challenges for industry as well as for human life. In this paper a systematic surveys and review is done on recent trends of cyber security attacks during and post COVID-19 pandemic and their countermeasures. The relevant information has been collected from different trusted sources and impact landscape discussed with importance of cyber security education and future research challenges highlights. © 2023 IEEE.
ABSTRACT
Convolutional neural networks (CNNs) have gained popularity for Internet-of-Healthcare (IoH) applications such as medical diagnostics. However, new research shows that adversarial attacks with slight imperceptible changes can undermine deep neural network techniques in healthcare. This raises questions regarding the safety of deploying these IoH devices in clinical situations. In this paper, we review the techniques used in fighting against cyber-attacks. Then, we propose to study the robustness of some well-known CNN architectures’belonging to sequential, parallel, and residual families, such as LeNet5, MobileNetV1, VGG16, ResNet50, and InceptionV3 against fast gradient sign method (FGSM) and projected gradient descent (PGD) attacks, in the context of classification of chest radiographs (X-rays) based on the IoH application. Finally, we propose to improve the security of these CNN structures by studying standard and adversarial training. The results show that, among these models, smaller models with lower computational complexity are more secure against hostile threats than larger models that are frequently used in IoH applications. In contrast, we reveal that when these networks are learned adversarially, they can outperform standard trained networks. The experimental results demonstrate that the model performance breakpoint is represented by γ= 0.3 with a maximum loss of accuracy tolerated at 2%. Author
ABSTRACT
The year 2020-21 has shown us that the likelihood of extreme events is greater than we would have expected. When organizational resources are stretched to their limits due to extreme events, they are also more vulnerable to cyber-attacks and knowledge risks. Based on the events that took place during the 2020-21 period, we identify five knowledge risks and categorize them as technical, behavioral, and legal risks. We identify possible controls to mitigate these knowledge risks: proper knowledge identification, guidelines for employee knowledge behavior, identification and evaluation of online communication channels, and risk re-assessment to knowledge. © 2022 IEEE Computer Society. All rights reserved.
ABSTRACT
The medical system has been targeted by the cyber attackers, who aim to bring down the health security critical infrastructure. This research is motivated by the recent cyber-attacks happened during COVID 19 pandemics which resulted in the compromise of the diagnosis results. This study was carried to demonstrate how the medical systems can be penetrated using AI-based Directory Discovery Attack and present security solutions to counteract such attacks. We then followed the NIST (National Institute of Standards and Technology) ethical hacking methodology to launch the AI-based Directory Discovery Attack. We were able to successfully penetrate the system and gain access to the core of the medical directories. We then proposed a series of security solutions to prevent such cyber-attacks. © 2022 Creative Commons.
ABSTRACT
The energy sector is highly vulnerable to cyber-attacks due to its inherently complex ecosystem of both physical and cyber infrastructure spreading across the globe. Cyber-security breaches in this domain could have a significant impact not only on the global economy but also on citizens' lives. This paper aims at evaluating the security awareness and competency of European Electrical Power and Energy Systems (EPES) organisations' workforce during the COVID-19 pandemic and the Ukrainian war. A targeted assessment campaign has been designed and conducted from 11th February 2022 until 18th March 2022. During that period, 132 participants, out of the 266 invited employees, participated in the campaign. The collected results were analysed from different perspectives unveiling significant findings regarding information security readiness and resilience of individuals and, consequently, organisations in the European energy sector. Key findings are discussed in detail concluding with various cyber-security recommendations addressing both the emerged vulnerabilities and the need for security culture evolution. © 2023 Elsevier Ltd