Maritime Cyber Security Analysis – How to Reduce Threats?

Cybersecurity is the practice of making the networks that constitute cyber space secure against intrusions. The aim is to maintain the confidentiality, the availability and integrity of information, by detecting interferences. Traditionally, cybersecurity has focused on preventing intrusions and monitoring ports. The evolving threat landscape, however, calls for a more dynamic approach. It is increasingly clear that total cybersecurity is impossible, unless government develops a cyber-security strategy. The aim of this chapter is to discuss government's dynamic approach to addressing challenges of cybersecurity. The chapter looks at the co-ordination of cyber-security activities so as to have a coordinated approach to cyber-crime. This chapter also highlights the idea of protecting sensitive data for the public good. It is generally accepted that technology has become indispensable in modern society. Government's cybersecurity presents a unique challenge simply because of the volume of threats that agencies working for government face on a daily basis.

Download Full-text

Cyber Security and Business Growth

Advances in Business Information Systems and Analytics - Business Analytics and Cyber Security Management in Organizations ◽

10.4018/978-1-5225-0902-8.ch002 ◽

2016 ◽

pp. 14-27

Author(s):

Akanksha Sharma ◽

Prashant Tandekar

Keyword(s):

Cyber Security ◽

Security Policy ◽

Cyber Attacks ◽

Information And Communications Technologies ◽

Sensitive Data ◽

Business World ◽

Global Information Society ◽

Information And Communication ◽

Customer Trust ◽

Telecom Sector

Information and Communications Technologies (ICTs), particular the Internet, have been an increasingly important aspect of global social, political and economic life, and are the backbone of the global information society today. Their evolution and development has brought many benefits along with the threat of serious cyber-attacks that had been demonstrated over the past few years. Due to cybercrime business world drains huge money each year and incurs a large amount in resolving a single attack. It also damages organization's reputation and brand image, loss of intellectual property and sensitive data, loss of customer trust etc. Addressing major threats and challenges begins with setting up information security policy to ensure confidentiality, integrity and availability of company information and communication. Since telecom Sector is on its boom, a technological solution can solve the immediate challenges of identifying, investigating, and prosecuting computer- related crimes and changes required for long-term problem solving.

Download Full-text

A lightweight cryptographic solution to secure digital transmissions on resource-constrained environments

General Letters in Mathematics ◽

10.31559/glm2021.10.2.4 ◽

2021 ◽

Vol 10 (2) ◽

pp. 38-45

Author(s):

Saiida Lazaar

Keyword(s):

Cyber Security ◽

Hash Functions ◽

Cyber Attacks ◽

Constrained Systems ◽

Sensitive Data ◽

Constrained Environments ◽

Secure Networks ◽

Cyber Space ◽

To Come ◽

Main Components

The great revolution of technology and its fast growth have led to a cyber space increasingly vulnerable to cyber-attacks. For this reason, cyber security becomes paramount to protect our cyber space by presenting and implementing important solutions to protect sensitive data from malicious persons. Thereby various measures of protection have been developed and aim to minimize the risks and damages of attacks. Among them, cryptography plays a vital and crucial role in protecting sensitive transmissions and electronic exchanges through complex networks. Numerous scientific studies have emerged with the advent of the cloud and the Internet of Things (IoT); all of them have expressed a strong need for building secure, efficient and fast cryptosystems targeting confidentiality, integrity and authentication. The last two objectives are essentially built on hash functions which are the main components of many applications and secure networks. The purpose of this paper is to give recent advances of lightweight cryptographic solutions that meet the requirements of constrained systems, and to present a study, in terms of security, energy-consuming and efficiency, of the main hash functions standardized by NIST (National Institute of Standards and Technology). In the end, the paper will give a comparison between the studied hash functions aiming to come up with a recommendation of good lightweight hash functions suitable for implementation in an IoT framework.

Download Full-text

Cyber Security in the Maritime Industry: A Systematic Survey of Recent Advances and Future Trends

Information ◽

10.3390/info13010022 ◽

2022 ◽

Vol 13 (1) ◽

pp. 22

Author(s):

Mohamed Amine Ben Farah ◽

Elochukwu Ukwandu ◽

Hanan Hindy ◽

David Brosset ◽

Miroslav Bures ◽

...

Keyword(s):

Cyber Security ◽

State Of The Art ◽

Satellite System ◽

Cyber Attacks ◽

Future Research ◽

Maritime Industry ◽

Cyber Crimes ◽

Global Navigation Satellite ◽

Levels Of Integration

The paper presents a classification of cyber attacks within the context of the state of the art in the maritime industry. A systematic categorization of vessel components has been conducted, complemented by an analysis of key services delivered within ports. The vulnerabilities of the Global Navigation Satellite System (GNSS) have been given particular consideration since it is a critical subcategory of many maritime infrastructures and, consequently, a target for cyber attacks. Recent research confirms that the dramatic proliferation of cyber crimes is fueled by increased levels of integration of new enabling technologies, such as IoT and Big Data. The trend to greater systems integration is, however, compelling, yielding significant business value by facilitating the operation of autonomous vessels, greater exploitation of smart ports, a reduction in the level of manpower and a marked improvement in fuel consumption and efficiency of services. Finally, practical challenges and future research trends have been highlighted.

Download Full-text

Cyber Security and Business Growth

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch059 ◽

2018 ◽

pp. 1208-1221

Author(s):

Akanksha Sharma ◽

Prashant Tandekar

Keyword(s):

Cyber Security ◽

Security Policy ◽

Cyber Attacks ◽

Information And Communications Technologies ◽

Sensitive Data ◽

Business World ◽

Global Information Society ◽

Information And Communication ◽

Customer Trust ◽

Telecom Sector

Information and Communications Technologies (ICTs), particular the Internet, have been an increasingly important aspect of global social, political and economic life, and are the backbone of the global information society today. Their evolution and development has brought many benefits along with the threat of serious cyber-attacks that had been demonstrated over the past few years. Due to cybercrime business world drains huge money each year and incurs a large amount in resolving a single attack. It also damages organization's reputation and brand image, loss of intellectual property and sensitive data, loss of customer trust etc. Addressing major threats and challenges begins with setting up information security policy to ensure confidentiality, integrity and availability of company information and communication. Since telecom Sector is on its boom, a technological solution can solve the immediate challenges of identifying, investigating, and prosecuting computer- related crimes and changes required for long-term problem solving.

Download Full-text

Government's Dynamic Approach to Addressing Challenges of Cybersecurity in South Africa

Handbook of Research on Information and Cyber Security in the Fourth Industrial Revolution - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-4763-1.ch013 ◽

2018 ◽

pp. 364-381

Author(s):

Thokozani Ian Nzimakwe

Keyword(s):

Cyber Security ◽

Modern Society ◽

Daily Basis ◽

Cyber Crime ◽

Security Strategy ◽

Dynamic Approach ◽

Sensitive Data ◽

Unique Challenge ◽

The Public ◽

Cyber Space

Cybersecurity is the practice of making the networks that constitute cyber space secure against intrusions. The aim is to maintain the confidentiality, the availability and integrity of information, by detecting interferences. Traditionally, cybersecurity has focused on preventing intrusions and monitoring ports. The evolving threat landscape, however, calls for a more dynamic approach. It is increasingly clear that total cybersecurity is impossible, unless government develops a cyber-security strategy. The aim of this chapter is to discuss government's dynamic approach to addressing challenges of cybersecurity. The chapter looks at the co-ordination of cyber-security activities so as to have a coordinated approach to cyber-crime. This chapter also highlights the idea of protecting sensitive data for the public good. It is generally accepted that technology has become indispensable in modern society. Government's cybersecurity presents a unique challenge simply because of the volume of threats that agencies working for government face on a daily basis.

Download Full-text

Comparison between Saudi Arabia and USA: Prevention and Dealing with Cyber Security

10.54216/jisiot.050203 ◽

2021 ◽

pp. 77-87

Author(s):

Sonia Ibrahim ◽

◽

...

Keyword(s):

Saudi Arabia ◽

Deep Learning ◽

Cyber Security ◽

Denial Of Service ◽

Cyber Attacks ◽

Sensitive Data ◽

External Threats ◽

The Us ◽

Security Practices ◽

Training And Support

Cyber security practices mainly involve the prevention of external threats to software, hardware, server data, and other assets which are connected to the internet. Organizations follow a lot of cyber security practices to protect their systems and databases from malicious cyber actors. Cybercriminals use different techniques like spear-phishing, phishing, password attack, denial of service, ransomware, etc. to cause harm to people, organizations, and governments and steal important information from them. We analyzed the use of deep learning algorithms to deal with cyber-attacks. Deep neural networks or deep learning consist of machine learning procedures to support the network to fix complex issues and learn from unmanaged data. In addition, we also analyzed some of the cyber security laws and practices implemented in the US and Saudi Arabia to work collaboratively against cyber threats. It is observed that both countries are doing well against cyberthreats, but they need to work even more to provide training and support to professionals in the public sector who handle sensitive data about cyber security.

Download Full-text

Detecting SQL Injection Using Correlative Log Analysis

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.32.15720 ◽

2018 ◽

Vol 7 (2.32) ◽

pp. 389

Author(s):

T Sreeja ◽

Dr Manna Sheela Rani Chetty ◽

Sekhar Babu Boddu

Keyword(s):

Cyber Security ◽

Web Application ◽

Finite Automata ◽

Cyber Attacks ◽

Log Analysis ◽

Security Market ◽

Sensitive Data ◽

Sql Injection ◽

Automated Tools ◽

Global Demography

The spiking landscape of cyber-attacks is reflecting its trend towards invoking vulnerabilities in a web application. The vulnerabilities seem to be over-growing second by second beside being over-coming time to time. The reason behind is, new attack vectors are often being deployed by the threat actors. The global cyber security market alone has brought a turnover of about $350 billion, which shows how wide the attack landscape is and how expensive it is to detect, protect and respond to the cyber issues. Most of the security experts have quoted that, the average cost of a data breach will exceed to $150million by 2020 and about 80 percent of the global demography were nowhere aware of such attacks. From the past few years, SQL injection is acting as a major vector in breaching the sensitive data. Detecting SQL injection through log correlation is the most effective methodology utilized under adaptive environments seeking no tool investigation. This paper exposes a detection methodology of an SQL injection attack without any mere concentration on automated tools. The paper goes with a motto of detection through configuring the available resources like web server,database,and an IDS in a way of creating adaptable environment that can bring the entire attacker information through log analysis. The paper would represent the attacker phases in a finite automata.

Download Full-text

Formal security analysis of lightweight authenticated key agreement protocol for IoT in cloud computing

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v24.i1.pp621-636 ◽

2021 ◽

Vol 24 (1) ◽

pp. 621

Author(s):

Ahmed H. Aly ◽

Atef Ghalwash ◽

Mona M. Nasr ◽

Ahmed A. Abd-El Hafez

Keyword(s):

Cloud Computing ◽

Key Agreement ◽

Mutual Authentication ◽

Security Analysis ◽

Internet Security ◽

Cyber Attacks ◽

Session Key ◽

Sensitive Data ◽

Processing Power ◽

Iot Devices

The internet of things (IoT) and cloud computing are evolving technologies in the information technology field. Merging the pervasive IoT technology with cloud computing is an innovative solution for better analytics and decision-making. Deployed IoT devices offload different types of data to the cloud, while cloud computing converges the infrastructure, links up the servers, analyzes information obtained from the IoT devices, reinforces processing power, and offers huge storage capacity. However, this merging is prone to various cyber threats that affect the IoT-Cloud environment. Mutual authentication is considered as the forefront mechanism for cyber-attacks as the IoT-Cloud participants have to ensure the authenticity of each other and generate a session key for securing the exchanged traffic. While designing these mechanisms, the constrained nature of the IoT devices must be taken into consideration. We proposed a novel lightweight protocol (Light-AHAKA) for authenticating IoT-Cloud elements and establishing a key agreement for encrypting the exchanged sensitive data was proposed. In this paper, the formal verification of (Light-AHAKA) was presented to prove and verify the correctness of our proposed protocol to ensure that the protocol is free from design flaws before the deployment phase. The verification is performed based on two different approaches, the strand space model and the automated validation of internet security protocols and applications (AVISPA) tool.

Download Full-text

Survey of Recent Cyber Security Attacks on Robotic Systems and Their Mitigation Approaches

Detecting and Mitigating Robotic Cyber Security Risks - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-2154-9.ch019 ◽

2017 ◽

pp. 284-299 ◽

Cited By ~ 3

Author(s):

Abdullahi Chowdhury ◽

Gour Karmakar ◽

Joarder Kamruzzaman

Keyword(s):

Digital Media ◽

Cyber Security ◽

Cyber Attacks ◽

Rapid Expansion ◽

Robotic Systems ◽

Sensitive Data ◽

Public And Private ◽

Security Research ◽

Cyber Crimes ◽

Iot Devices

With the rapid expansion of digital media and the advancement of the artificial intelligence, robotics has drawn the attention of cyber security research community. Robotics systems use many Internet of Things (IoT) devices, web interface, internal and external wireless sensor networks and cellular networks for better communication and smart services. Individuals, industries and governments organisations are facing financial loses, losing time and sensitive data due these cyber attacks. The use these different devices and networks in robotics systems are creating new vulnerabilities and potential risk for cyber attacks. This chapter discusses about the possible cyber attacks and economics losses due to these attacks in robotics systems. In this chapter, we analyse the increasing uses of public and private robots, which has created possibility of having more cyber-crimes. Finally, contemporary and important mitigation approaches for these cyber attacks in robotic systems have been discussed in this chapter.

Download Full-text