ABSTRACT
Cybersecurity is an increasingly important factor in consumer attitudes toward online shopping. Online shopping has become an essential part of our lives in this digital era. As the popularity of online and e-commerce shopping continues to grow, so does the potential for cyber threats and attacks. As more and more consumers turn to online shopping, cyber threats such as hacking, identity theft, and credit card fraud have become more frequent. Therefore, understanding the factors of cybersecurity that affect consumer attitude is essential to build trust and creating a safe and sound shopping environment. This research explores the factors of cybersecurity that affect consumers' attitudes to shopping online and uses a survey to test several hypotheses related to influential cyber factors. Bangladesh is a developing country in Southeast Asia, and like many other countries, has experienced an increase in cyber threats and attacks in recent years. Consumers in Bangladesh face many of the same cyber threats, such as phasing attacks, malware, data breach, and other types of cyber security threats over online shopping. As a result of these cyber threats, online consumers are increasingly concerned about online security risks which may impact their willingness to engage in online shopping. Therefore, it is essential to identify critical factors of cyber security that impact consumers's attitudes toward online shopping to mitigate cyber risk and improve consumer trust in online shopping. This paper provides the result of a research study that will provide a better understanding of factors that influence consumer's trust and engagement with online and E-commerce platforms in Bangladesh) . © 2023 IEEE.
ABSTRACT
E-commerce sites are flourishing nowadays in lockdown. A lot of entrepreneurs are making their own sites and selling them online. In 2020, one of INTERPOL's private sector partners detected 907,000 spam messages, 737 malware incidents, and 48,000 malware URLs connected to COVID-19 during the period from January to April. 'Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19.' states Jürgen Stock, INTERPOL Secretary General. The main threats during this pandemic are Malware/Ransomware(36%), Phishing/Scam(59%), Fake News(14%) and Malicious Domains(22%). Cybercriminals are active in these pandemic times and the developers designing stunning user interfaces without basic cybersecurity knowledge is a great attraction for these criminals. Our goal is to explain how easily hackers gain access by selecting 10 top vulnerabilities from OWASP and exploiting them. © 2023 IEEE.
ABSTRACT
In the recent trends, block chain technology plays a vital role due to its secured methodology. Since many parts of the world severely affected by COVID pandemic situation, people used to perform more of digital transactions day by day. To provide more security for all online transactions, Block chain Technology is one of the solutions that many countries have started to utilize. Every block in a block chain should be validated and verified by the secured hash algorithms and digital signatures. Since Hacking is difficult in Block Chain Technology, due to its secure hash process, many people started using it for various applications. This article discusses about the working of Digital Signatures especially about Elliptic Curve Digital Signature Algorithm - ECDSA. Digital signatures are signatures done digitally for the purpose of security. ECDSA works on the mechanism of Elliptic Curve and Cryptography algorithms of Elliptic curve. The proposed research work has selected the private key as a random point, which is of type integer ranging between 1 and n-1 in Elliptic curve to sign documents. Then Public key is calculated by multiplying a point from elliptic curve with the Private key. Using this Public key, our digital signature is verified. This is much secured because no one can crack/hack private key. This process is used to verify digital transactions in the block chain technology. Our study helps researcher in block chain technologies to proceed ahead. © 2023 IEEE.
ABSTRACT
Early in 2020, the coronavirus Covid-19, which is produced by the SARS-CoV -2 strain, first gained international attention as a severe health threat. Covid-19 spread quickly around the world, forcing everyone to fight with preventative measures like masks, hand washing, and preserving social distance. But to prevent the virus, vaccination has been playing a key role. Vaccination records that contain patient data make this system very complicated because there is a risk of a privacy breach. Hackers may steal the personal health information of individuals or may carry out cyberattacks against any national health data server. Additionally, there is a chance that dishonest people can purchase and sell fake vaccine certificates on the black market. Blockchain can provide a solution to this regard by its features like data immutability, privacy, transparency and decentralization. For people, governments, and organizations interested in blockchain-based systems, we analyze the blockchain based vaccination management system in this study and provide a current summary. We envision our study to motivate more blockchain based systems. © 2022 IEEE.
ABSTRACT
The medical system has been targeted by the cyber attackers, who aim to bring down the health security critical infrastructure. This research is motivated by the recent cyber-attacks happened during COVID 19 pandemics which resulted in the compromise of the diagnosis results. This study was carried to demonstrate how the medical systems can be penetrated using AI-based Directory Discovery Attack and present security solutions to counteract such attacks. We then followed the NIST (National Institute of Standards and Technology) ethical hacking methodology to launch the AI-based Directory Discovery Attack. We were able to successfully penetrate the system and gain access to the core of the medical directories. We then proposed a series of security solutions to prevent such cyber-attacks. © 2022 Creative Commons.
ABSTRACT
One of many challenges created by COVID-19 pandemic is to reduce need of contact. Quick Response (QR) codes offered a readily available solution to this challenge with offer to support contact less processes. Wide adaption of smart mobile devices like smart phones and tablets and huge number of mobile applications available in the respective application stores, which support QR code scanning acted as a catalyst in rapid adaption of QR codes to support contact less processes. Support of QR code-based processing rapidly increased during the pandemic, penetrated all processes like sales and marketing, authentication, and digital payments to name some. On one hand, this served the cause in terms of reducing contact, on other hand, factors like rapid adaption and using it in smart mobile devices, which are existing to cater to the larger purpose of human usage, scanning QR codes was not in that list to start with is bringing in the series of security issues which can arise starting from the human factor, software, misuse and hacking factors. This paper focuses on the QR code processes, differences in terms of security while using a smart device for QR codes when compared to the rugged device-based barcode scanners, the kind of security issues such process can encounter while using smart devises for QR code scanning, factors that must be considered by the applications development as well as the consumers of such functionality and the way to ensure security of consumers of such functionality. © 2022 IEEE.
ABSTRACT
Social networking sites (SNSs) contain a large amount of information that has been self-disclosed by users around the world because it provides a platform for millions of users to express their feelings, emotions, and even deepest thoughts. Some of these information are sensitive and private and can be used by hackers to launch social engineering attacks against the user or the company the user works for. Due to the physical restrictions imposed by the COVID-19 pandemic, more people turned to social media to stay connected with each other and they spent more time on social media and disclosed much more information than the pre-COVID pandemic. The objective of this research is to study the potential security risks and privacy concerns brought by the disclosed information on SNSs during the COVID-19 pandemic. We developed an automated tool to collect and analyze publicly accessible data from Twitter API using some personal keywords such as birthday, anniversary, mental health, suicide etc. to investigate the impact of the COVID-19 pandemic on the disclosed sensitive information. © 2022 IEEE.
ABSTRACT
Patients' medical files are electronically preserved and accessible through a network such as Electronic Health Records (EHRs). Numerous opportunities exist for EHRs to enhance patient care, clinical practice performance indicators, and potential future clinical research contributions. The techniques used to preserve EHRs have proved incredibly unsafe in the contemporary era of smart homes and urban areas. Data can be easily accessed by hackers and unauthorized third parties. Furthermore, the data is not accessible to patients or healthcare practitioners. These plans cannot balance the accessibility and security of the data. But with blockchain, these issues can be resolved. Any application created utilizing blockchain technology is secure and inaccessible to unauthorized parties thanks to the three critical characteristics of the technology: Security, Decentralization, and Transparency. In a blockchain network, it is nearly difficult to manipulate data. This research work utilizes blockchain technology to deploy EHRs and improve their security and privacy. With its decentralized structure and cryptographic techniques, blockchain technology will maintain control over who gets access to information. Furthermore, it will maintain a balance between accessing data and privacy. The advanced aspects of the EHR system are handled by this research using smart contracts. The comprehensive healthcare management solution across a network can incorporate several sectors, such as billing and transportation. A website program can be combined with it to increase interactivity. By adding pharmacists to the system as a participant, EHRs can help them track medical sales. © 2023 IEEE.
ABSTRACT
In the present study, 13 covariates have been selected as potentially associated with 3 metrics of the spread of COVID-19 in 20 European countries. Robustness of the linear correlations between 10 of the 13 covariates as main regressors and the 3 COVID-19 metrics as dependent variables have been tested through a methodology for sensitivity analysis that falls under the name of "Multiverse”. Under this methodology, thousands of alternative estimates are generated by a single hypothesis of regression. The capacity of identification of a robust causal claim for the 10 variables has been measured through 3 indicators over a Janus Confusion Matrix, which is a confusion matrix that assumes the likelihood to observe a True claim as the ratio between the absolute difference of estimates with a different sign and the total of estimates. This methodology provides the opportunity to evaluate the outcomes of a shift from the common level of significance to the alternative. According to the results of the study, in the dataset the benefits of the shifts come at a very high cost in terms of false negatives. © 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.
ABSTRACT
The malicious actors continuously produce malicious Android applications with a COVID-19 theme in the context of the pandemic. Users frequently grant the necessary permissions to install those phoney apps without paying much attention. Android permissions are essential points of weakness. Major privacy issues often result from this vulnerability. Hackers with malicious intent have viewed the COVID-19 pandemic as an opportunity to conduct malware attacks to profit financially and advance their nefarious goals. Through COVID-19-related content, people are becoming victims of phishing scams. The android malware seen explicitly during the pandemic of Covid-19 is discussed in this study, and we next analyze malware detection methods with a focus on these Covid-19-Themed malware mobile applications. This research paper attempts to identify dangerous android permissions and the malware families that erupted during the Covid-19 outbreak. © 2023 IEEE.
ABSTRACT
In this digital era of online processing, most information is accessible electronically and is prone to cyber threats. There is a vast range of cyber threats whose behavior is hard to understand in the early phases. These attacks may have some motivation behind them that have significant societal impacts in the form of economic damage, psychological disturbance, a threat to national security, and so on. With the worldwide spread of COVID-19, India experienced an astonishing 86% rise in cybercrimes. Nowadays, cybercrime has become an attractive strategy for hackers to create chaos and disruption. This paper is based on the quantitative analysis of cybercrime in India and its impacts on society, with preventive measures to handle them. In our study, we found that digital related offenses and online frauds are drastically increasing in India during COVID-19 pandemic. As a result, awareness campaigns and security solutions are needed to prevent or mitigate them. © 2022 IEEE.
ABSTRACT
Cyber security is the implementation of smart technologies to safeguard computer systems, mobile devices, communication networks or most importantly the sensitive and confidential data saved in those systems or devices from various types of cyber-attacks, unauthorized access, hackers or intruders. Cyber security can also be considered as a subset of information security because information security is a general term. It aims to protect a wider domain which includes all kinds of information assets either hard copy or soft copy. The recent accelerating rise in digitalization due to Covid-19 has brought in many new challenges. The amount of personal data present on the web due to the same has raised concerns among users. However, it's not only the personal data that is a matter of concern but also the dataset which is given as input to numerous machine learning and deep learning models. Local networks are prone to attacks and intrusion activities now more than ever. As a result, cyber security experts have been working on the development of more complex monitoring systems and algorithms for the detection and prevention of such activities. Various technologies like machine learning and deep learning might play a significant role in improving cyber security. It can help in analyzing patterns and improving the models for recognizing similar attacks in future. This research work aims to study intrusion detection systems in detail and differentiate between intrusion detection systems, intrusion prevention systems and firewalls as IDS and IPS are commonly regarded as the same thing. It also highlights the previous works related to this subject along with their suggested methods. © 2022 IEEE.
ABSTRACT
The Industrial Internet of Things (IIoT) enhances the benefit of the Internet of Things (IoT) to a higher level, especially in industries where human error can lead to catastrophic effects. However, security is a major concern in IIoT as hackers can gain access to connected systems, thus potentially subjecting operations to a shutdown. Besides, the outbreak of the COVID-19 pandemic changed the operations style of organizations into a remote work model. Consequently, there has been a significant increase in cyber-attacks leveraging vulnerabilities of IoT devices connected to the Internet. Considering the above factors, we propose a method of remote user authentication combining Photo Response Non-Uniformity (PRNU) with fingerprint bio-metric, which can prevent attacks. PRNU uniquely identifies the scanner, thereby authenticates the device of the user. To prove the effectiveness of PRNU, we collect fingerprint images from various scanners prototyped using Raspberry Pi and evaluate the performance. Our performance evaluation with a set of 10 fingerprint scanners shows promising results. Moreover, our analysis shows that the proposed scheme achieves a classification accuracy of 99%. © 2022 IEEE.
ABSTRACT
Smartphone has become the 4th basic necessity of human being after Food, Cloths and Home. It has become an integral part of the life that most of the business and office work can be operated by mobile phone and the demand for online classes demand for all class of students have become a compulsion without any alternate due to the COVID-19 pandemic. Android is considered as the most prevailing and used operating system for the mobile phone on this planet and for the same reason it is the most targeted mobile operating system by the hackers. Android malware has been increasing every quarter and every year. An android malware is installed and executed on the smartphones quietly without any indication and user’s acceptance, that possess threats to the consumer’s personal and/or classified information stored. To address these threats, varieties of techniques have been proposed by the researchers like Static, Dynamic and Hybrid. In this paper a systematic review has been carried out on the relevant studies from 2017 to 2020. Assessment of the malware detection capabilities of various techniques used by different researchers has been carried out with comparison of the performance of different machine learning models for the detection of android malwares by assessing the results of empirical evidences such as datasets, features, tools, etc. However the android malware detection still faces several challenges and the possible solution with some novel approach or technique to improve the detection capabilities is discussed in the discussion and conclusion. © 2022, Springer Nature Switzerland AG.
ABSTRACT
Today, the question of information security at industrial enterprises that are objects of critical information infrastructure (hereinafter - OCII) is especially actual because of attacks by hackers that have become more frequent during the COVID-19 pandemic, the most known was the attack on the American company Colonial Pipeline. The main goals of ensuring the information security of industrial networks are the ensuring data and tags integrity that transmitted over industrial communication channels, preventing the interruption or complete stop of automated technological processes. To do this, it is necessary to use an effective technical device that ensures the security of information transmitted via a communication channels in industrial automated control systems operating at industrial enterprises in the Russian Federation using the concept of import substitution. In the article, we make the compare of technical devices ensure information security by means of calculation the evaluation of information security. This research aims at identifying the most effective technical device that increases the level of information security protection of the OCII and reduces the costs of information security systems creation and/or modernization. © 2022 SPIE
ABSTRACT
Large-scale dark web marketplaces have been around for more than a decade. So far, academic research has mainly focused on drug and hacking-related offers. However, data markets remain understudied, especially given their volatile nature and distinct characteristics based on shifting iterations. In this paper, we perform a large-scale study on dark web data markets. We first characterize data markets by using an innovative theoretical legal taxonomy based on the Council of Europe’s Cybercrime Convention and its implementation in Dutch law. The recent Covid-19 pandemic showed that cybercrime has become more prevalent with the increase of digitalization in society. In this context, important questions arise regarding how cybercrime harms are determined, measured, and prioritized. We propose a determination of harm based on criminal law qualifications and sanctions. We also address the empirical question of what the economic activity on data markets looks like nowadays by performing a comprehensive measurement of digital goods based on an original dataset scraped from twelve marketplaces consisting of approximately 28,000 offers from 642 vendors. The resulting analysis combines insights from the theoretical legal framework and the results of the measurement study. To our knowledge, this is the first study to combine these two elements systematically. © 2022, IFIP International Federation for Information Processing.
ABSTRACT
The SARS-CoV-2 first surfaced in 2019 in China and later spread across the globe causing a pandemic. Immunisation has thus far been considered to be mankind's weapon of choice in the frontline fight against the virus defined as Covid-19. Mass vaccination programmes carried out by nations are closely related to public health information, data safety and data security. As countries roll out the immunisation efforts, cyber offenders try to exploit people's personal health data and inoculation records while citizens can also be exposed to fake vaccine certificates issued by hackers. To prevent such any data breach or data exploitation, an effective system is urgently required to be in place that ensures the maximum security at a time of the unprecedented global crisis. Blockchain can be the perfect solution in this case thanks to its transparency, trustworthiness, and decentralised operations. We have proposed a blockchain based framework for covid 19 vaccination process to provide data immutability, transparency and correctness of beneficiary registration for vaccination, eliminating identity thefts and impersonation, tamper proof self-reporting of side effects, person identification and vaccine certification. © 2022 IEEE.
ABSTRACT
The Covid-19 pandemic has been a driving force for a substantial increase in online activity and transactions across the globe. As a consequence, cyber-attacks, particularly those leveraging email as the preferred attack vector, have also increased exponentially since Q1 2020. Despite this, email remains a popular communication tool. Previously, in an effort to reduce the amount of spam entering a users inbox, many email providers started to incorporate spam filters into their products. However, many commercial spam filters rely on a human to train the filter, leaving a margin of risk if sufficient training has not occurred. In addition, knowing this, hackers employ more targeted and nuanced obfuscation methods to bypass in-built spam filters. In response to this continued problem, there is a growing body of research on the use of machine learning techniques for spam filtering. In many cases, detection results have shown great promise, but often still rely on human input to classify training datasets. In this study, we explore specifically the use of deep learning as a method of reducing human input required for spam detection. First, we evaluate the efficacy of popular spam detection methods/tools/techniques (freeware). Next, we narrow down machine learning techniques to select the appropriate method for our dataset. This was then compared with the accuracy of freeware spam detection tools to present our results. Our results showed that our deep learning model, based on simple word embedding and global max pooling (SWEM-max) had higher accuracy (98.41%) than both Thunderbird (95%) and Mailwasher (92%) which are based on Bayesian spam filtering. Finally, we postulate whether this improvement is enough to accept the removal of human input in spam email detection. © 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.
ABSTRACT
SARS stands for Severe Acute Respiratory Syndrome, which is also known as COVID-19. Covid is an uncommonly overwhelming contamination that spreads through breathing dots from corrupted individuals talking, sneezing, or hacking. At whatever point you come into near contact with a polluted person or contact a contaminated surface or thing, the disease can spread rapidly. There's clearly no checking pro open to battle COVID-19, and the foremost sublime strategy for ensuring oneself against an sickness is to remain lost from it. Wearing a facemask that covers the nose and mouth in an open reach and washing hands routinely utilizing something like 70% alcohol based sanitizers are prescribed to diminish viral degradation. Significant Learning advancement has shown its capacity to see and arrange things by analyzing photographs. A collected picture data includes 20,000 photos that were consistently cropped in 224×224 pixels and had a 97 percent accuracy rate during the model's training. Utilizing Python and Open CV utilizing Tensor Stream, the developed system sees individuals wearing or not wearing a facemask and chooses the genuine separate between them. The detected informational stored in cloud. It raises an alert when it recognizes persons who aren't wearing a mask and snaps images of their faces. It is unconcerned with physical distance. This study will aid in preventing the virus from spreading and in preventing people from contracting it. © 2022 IEEE.
ABSTRACT
Due to the growth of internet technology, there is a sharp rise in the growth of IoT enabled devices. IoT (Internet of Things) refers to the connection of various embedded devices with limited processing and memory. With the heavy adoption of IoT applications, cloud computing is gaining traction with the ever-increasing demand to process and compute a massive amount of data coming from various devices. Hence, cloud computing and IoT are often related to each other. However, there are two challenges in deploying the IoT and cloud computing frameworks: security and Privacy. This article discusses various types of security threats affecting IoT and cloud computing, and threats are classified using machine learning (ML). ML has gained much momentum in recent years and is applied in various domains. One of the main subdomains of machine learning is used in IoT and cloud security. A machine learning model can be trained with data based on which the model can predict the impending security threats. Popular security techniques to protect IoT devices from hackers are IoT authentication, access control, malware detection, and secure overloading. Supervised learning algorithms can be used to detect malware in the runtime behavior of applications. The malware is detected from network traffic and is labeled based on its suspicious behavior. Post identification of malware, the application data is stored in a database trained via an ML classifier algorithm (KNN or Random Forest). With increased training, the model can identify malware applications with higher accuracy. © 2022 IEEE.