Security Awareness on Ransomware Threats Detection and their Protection Techniques

Computing and smart monitoring devices or machines are involved in every organization and sector in present era. These machines have any operating system (OS), software and applications installed based on the requirement. Due to available security vulnerabilities in OS or software and applications, these machines have more chances to become victims of Ransomware attacks. Attacker demands for ransom in any form of cryptocurrency like Bitcoin and other to normalize the files and services. Ransomwares are pandemic threats globally. Paper focuses on this part of the cybersecurity issues, the latest ransomware and their variants. In our research, we tried our best to explained ransomware and millions of dollar damage done by them in the past few years. Further, we have provided different ransomware spreading and detection mechanisms. At the end of the paper, if any machine infected through ransomware so some prevention, protection and recovery tools and techniques have been mentioned.

Download Full-text

Hardware Information Flow Tracking

ACM Computing Surveys ◽

10.1145/3447867 ◽

2021 ◽

Vol 54 (4) ◽

pp. 1-39

Author(s):

Wei Hu ◽

Armaiti Ardeshiricham ◽

Ryan Kastner

Keyword(s):

Access Control ◽

Computer Security ◽

Information Flow ◽

Hardware Security ◽

Computing System ◽

Security Vulnerabilities ◽

Information Flow Tracking ◽

Side Channels ◽

Security Properties ◽

Tools And Techniques

Information flow tracking (IFT) is a fundamental computer security technique used to understand how information moves through a computing system. Hardware IFT techniques specifically target security vulnerabilities related to the design, verification, testing, manufacturing, and deployment of hardware circuits. Hardware IFT can detect unintentional design flaws, malicious circuit modifications, timing side channels, access control violations, and other insecure hardware behaviors. This article surveys the area of hardware IFT. We start with a discussion on the basics of IFT, whose foundations were introduced by Denning in the 1970s. Building upon this, we develop a taxonomy for hardware IFT. We use this to classify and differentiate hardware IFT tools and techniques. Finally, we discuss the challenges yet to be resolved. The survey shows that hardware IFT provides a powerful technique for identifying hardware security vulnerabilities, as well as verifying and enforcing hardware security properties.

Download Full-text

A Robot Operating System Framework for Secure UAV Communications

Sensors ◽

10.3390/s21041369 ◽

2021 ◽

Vol 21 (4) ◽

pp. 1369

Author(s):

Hyojun Lee ◽

Jiyoung Yoon ◽

Min-Seong Jang ◽

Kyung-Joon Park

Keyword(s):

Operating System ◽

Unmanned Aerial Vehicles ◽

Ground Control ◽

Unmanned Aerial System ◽

Security Framework ◽

Security Vulnerabilities ◽

Robot Operating System ◽

Security Issues ◽

Aerial Vehicles ◽

Ground Control Station

To perform advanced operations with unmanned aerial vehicles (UAVs), it is crucial that components other than the existing ones such as flight controller, network devices, and ground control station (GCS) are also used. The inevitable addition of hardware and software to accomplish UAV operations may lead to security vulnerabilities through various vectors. Hence, we propose a security framework in this study to improve the security of an unmanned aerial system (UAS). The proposed framework operates in the robot operating system (ROS) and is designed to focus on several perspectives, such as overhead arising from additional security elements and security issues essential for flight missions. The UAS is operated in a nonnative and native ROS environment. The performance of the proposed framework in both environments is verified through experiments.

Download Full-text

Security Vulnerabilities of SGX and Countermeasures

ACM Computing Surveys ◽

10.1145/3456631 ◽

2021 ◽

Vol 54 (6) ◽

pp. 1-36

Author(s):

Shufan Fei ◽

Zheng Yan ◽

Wenxiu Ding ◽

Haomeng Xie

Keyword(s):

Operating System ◽

Security Risks ◽

Security Vulnerabilities ◽

Future Directions ◽

High Security ◽

Secure Hardware ◽

Run Time ◽

Shed Light

Trusted Execution Environments (TEEs) have been widely used in many security-critical applications. The popularity of TEEs derives from its high security and trustworthiness supported by secure hardware. Intel Software Guard Extensions (SGX) is one of the most representative TEEs that creates an isolated environment on an untrusted operating system, thus providing run-time protection for the execution of security-critical code and data. However, Intel SGX is far from the acme of perfection. It has become a target of various attacks due to its security vulnerabilities. Researchers and practitioners have paid attention to the security vulnerabilities of SGX and investigated optimization solutions in real applications. Unfortunately, existing literature lacks a thorough review of security vulnerabilities of SGX and their countermeasures. In this article, we fill this gap. Specifically, we propose two sets of criteria for estimating security risks of existing attacks and evaluating defense effects brought by attack countermeasures. Furthermore, we propose a taxonomy of SGX security vulnerabilities and shed light on corresponding attack vectors. After that, we review published attacks and existing countermeasures, as well as evaluate them by employing our proposed criteria. At last, on the strength of our survey, we propose some open challenges and future directions in the research of SGX security.

Download Full-text

The Methods and Recent Invented Tools and Techniques Used in Archaeology for Delicately Preserving the Past for the Future

Archaeological Discovery ◽

10.4236/ad.2018.64017 ◽

2018 ◽

Vol 06 (04) ◽

pp. 338-354

Author(s):

Halima Akhter ◽

Noor-E-Afroz Promei

Keyword(s):

The Past ◽

The Future ◽

Tools And Techniques

Download Full-text

The Emulated OCODE Machine for the Support of BCPL

DAIMI Report Series ◽

10.7146/dpb.v4i45.7692 ◽

1975 ◽

Vol 4 (45) ◽

Author(s):

Ole Sørensen

Keyword(s):

Operating System ◽

Programming Language ◽

Design Process ◽

Internal Representation ◽

The Past ◽

Future Analysis ◽

Systems Programming

In the spring of 1973 it was decided to implement the language BCPL on the experimental microprogrammable computer RIKKE-1 being constructed in this department. The language was chosen to be the systems programming language for RlKKE-1, one argurment being the possibility of transferring the Oxford Operating system OS 8 to RIKKE-1. This paper describes the design process for an internal representation of OCODE, the resulting machine, the emulator, and the assembler, and finally there is a discussion of our experiences of running the OCODE machine during the past 8 months. Some future analysis and possible modifications are mentioned.

Download Full-text

Machine Learning and Artificial Intelligence in Online Fake Transaction Alerting

Engineering International ◽

10.18034/ei.v3i2.566 ◽

2015 ◽

Vol 3 (2) ◽

pp. 115-126 ◽

Cited By ~ 5

Author(s):

Naresh Babu Bynagari

Keyword(s):

Artificial Intelligence ◽

Machine Learning ◽

Fraud Detection ◽

Learning Ability ◽

The Core ◽

The Past ◽

Music Selection ◽

Intelligent Analysis ◽

Set Up ◽

Detection Mechanisms

Artificial Intelligence (AI) is one of the most promising and intriguing innovations of modernity. Its potential is virtually unlimited, from smart music selection in personal gadgets to intelligent analysis of big data and real-time fraud detection and aversion. At the core of the AI philosophy lies an assumption that once a computer system is provided with enough data, it can learn based on that input. The more data is provided, the more sophisticated its learning ability becomes. This feature has acquired the name "machine learning" (ML). The opportunities explored with ML are plentiful today, and one of them is an ability to set up an evolving security system learning from the past cyber-fraud experiences and developing more rigorous fraud detection mechanisms. Read on to learn more about ML, the types and magnitude of fraud evidenced in modern banking, e-commerce, and healthcare, and how ML has become an innovative, timely, and efficient fraud prevention technology.

Download Full-text

Canadian Geotechnical Research Site No. 1 at Gloucester

Canadian Geotechnical Journal ◽

10.1139/t01-025 ◽

2001 ◽

Vol 38 (5) ◽

pp. 1134-1141 ◽

Cited By ~ 13

Author(s):

G C McRostie ◽

C B Crawford

Keyword(s):

Information Exchange ◽

Soil Property ◽

Soil Improvement ◽

Real Estate Market ◽

Scientific Cooperation ◽

The Past ◽

Research Site ◽

Sensitive Clay ◽

Unusual Amount ◽

Tools And Techniques

A parcel of land just south of Ottawa at Gloucester has been the site of an unusual amount of geotechnical research over the past 45 years. The parcel was recently to have been placed on the open real estate market but has been saved for scientific purposes and is now designated as "Canadian Geotechnical Research Site No. 1 at Gloucester". This paper presents an outline of the research that has been conducted at the site, in four general divisions, namely compressibility, strength, deformation, and soil property improvement. It is hoped that the site will stimulate the development and evaluation of new tools and techniques, foster scientific cooperation and information exchange, and allow the results of research involving the site to improve the state of practice, education, and research.Key words: sensitive clay, compressibility research, strength research, deformation research, soil improvement research.

Download Full-text

Big Data, Knowledge, and Business Intelligence

Encyclopedia of Information Science and Technology, Fourth Edition ◽

10.4018/978-1-5225-2255-3.ch081 ◽

2018 ◽

pp. 943-950

Author(s):

G. Scott Erickson ◽

Helen N. Rothberg

Keyword(s):

Big Data ◽

Knowledge Management ◽

Competitive Advantage ◽

Intellectual Capital ◽

Business Intelligence ◽

Competitive Intelligence ◽

Business Analytics ◽

The Past ◽

The People ◽

Tools And Techniques

Knowledge management (KM), intellectual capital (IC), and competitive intelligence are distinct yet related fields that have endured and grown over the past two decades. KM and IC have always differentiated between the terms and concepts of data, information, knowledge, and wisdom/intelligence, suggesting value only comes from the more developed end of the range (knowledge and intelligence). But the advent of big data/business analytics has created new interest in the potential of data and information, by themselves, to create competitive advantage. This new attention provides opportunities for some exchange with more established theory. Big data gives direction for reinvigorating the more mature fields, providing new sources of inputs and new potential for analysis and use. Alternatively, big data/business analytics applications will undoubtedly run into common questions from KM/IC on appropriate tools and techniques for different environments, the best methods for handling the people issues of system adoption and use, and data/intelligence security.

Download Full-text

Lighting the Lean Spark in Silver Spark

Asian Case Research Journal ◽

10.1142/s021892751850013x ◽

2018 ◽

Vol 22 (02) ◽

pp. 299-323

Author(s):

Pooja Gupta ◽

Anand Deshpande

Keyword(s):

Lead Times ◽

Production Facility ◽

Production Flow ◽

The Past ◽

Detailed Assessment ◽

Lean Tools ◽

Quick Assessment ◽

Tools And Techniques

Silver Spark Apparel Ltd. is a fully owned subsidiary of Raymonds Ltd. and produces some of the best-known apparel brands in India. The company owns and runs three apparel plants in Bengaluru. The head of the “SILVER SPARK” plant, Ashish Grover, feels that despite all the successes achieved in the past, the plant needs improvement. The production lead times were longer than required and the factory seemed to lack a smooth production flow. At this time, he met Andy Dey, a LEAN specialist. Ashish invited Andy to his factory and asked him for his opinion on improving the process using LEAN tools and techniques. After listening to the quick assessment, Ashish engaged Andy as a LEAN consultant and requested a detailed assessment of each department. Based on the assessment, Ashish plans to implement the LEAN process in the production facility.

Download Full-text

Towards Cross-site Scripting Vulnerability Detection in Mobile Web Applications

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i4.1.19484 ◽

2018 ◽

Vol 7 (4.1) ◽

pp. 18

Author(s):

Isatou Hydara ◽

Abu Bakar Md Sultan ◽

Hazura Zulzalil ◽

Novia Admodisastro

Keyword(s):

Mobile Phones ◽

Web Applications ◽

Personal Information ◽

Denial Of Service ◽

Vulnerability Detection ◽

Security Vulnerabilities ◽

Mobile Web ◽

The Past ◽

Web Developers ◽

Cross Site

Cross-site scripting vulnerabilities are among the top ten security vulnerabilities affecting web applications for the past decade and mobile version web applications more recently. They can cause serious problems for web users such as loss of personal information to web attackers, including financial and health information, denial of service attacks, and exposure to malware and viruses. Most of the proposed solutions focused only on the Desktop versions of web applications and overlooked the mobile versions. Increasing use of mobile phones to access web applications increases the threat of cross-site scripting attacks on mobile phones. This paper presents work in progress on detecting cross-site scripting vulnerabilities in mobile versions of web applications. It proposes an enhanced genetic algorithm-based approach that detects cross-site scripting vulnerabilities in mobile versions of web applications. This approach has been used in our previous work and successfully detected the said vulnerabilities in Desktop web applications. It has been enhanced and is currently being tested in mobile versions of web applications. Preliminary results have indicated success in the mobile versions of web applications also. This approach will enable web developers find cross-site scripting vulnerabilities in the mobile versions of their web applications before their release.

Download Full-text