Analysis of Mobile Malware: A Systematic Review of Evolution and Infection Strategies

The open-source and popularity of Android attracts hackers and has multiplied security concerns targeting devices. As such, malware attacks on Android are one of the security challenges facing society. This paper presents an analysis of mobile malware evolution between 2000-2020. The paper presents mobile malware types and in-depth infection strategies malware deploys to infect mobile devices. Accordingly, factors that restricted the fast spread of early malware and those that enhance the fast propagation of recent malware are identified. Moreover, the paper discusses and classifies mobile malware based on privilege escalation and attack goals. Based on the reviewed survey papers, our research presents recommendations in the form of measures to cope with emerging security threats posed by malware and thus decrease threats and malware infection rates. Finally, we identify the need for a critical analysis of mobile malware frameworks to identify their weaknesses and strengths to develop a more robust, accurate, and scalable tool from an Android detection standpoint. The survey results facilitate the understanding of mobile malware evolution and the infection trend. They also help mobile malware analysts to understand the current evasion techniques mobile malware deploys

Motivation-based Attacker Modelling for Cyber Risk Management: A Quantitative Content: Analysis and a Natural Experiment

Cyber-attacks have a tremendous impact on worldwide economic performance. Hence, it is vitally important to implement effective risk management for different cyber-attacks, which calls for profound attacker models. However, cyber risk modelling based on attacker models seems to be restricted to overly simplified models. This hinders the understanding of cyber risks and represents a heavy burden for efficient cyber risk management. This work aims to forward scientific research in this field by employing a multi-method approach based on a quantitative content analysis of scientific literature and a natural experiment. Our work gives evidence for the oversimplified modelling of attacker motivational patterns. The quantitative content analysis gives evidence for a broad and established misunderstanding of attackers as being illicitly malicious. The results of the natural experiment substantiate the findings of the content analysis. We thereby contribute to the improvement of attacker modelling, which can be considered a necessary prerequisite for effective cyber risk management.

User Acceptance of Password Manager Software: Evidence from Australian Microbusinesses

While text passwords are still a pervasive authentication tool, their inadequacies are well recognized. Such poorly chosen and weak passwords are the main reasons behind security breaches. Multiple authentication techniques such as biometric, token-based, and knowledge-based authentication have been developed to overcome data leaks. However, acceptance of these authenticating techniques is complicated, and users find them hard to use. Microbusinesses, defined as having less than two employees, usually have very limited resources including budget, information security expertise and updated computer systems to fulfil the security requirements. Many microbusiness owners use the same information technology as they would in home but for more sophisticated commercial reasons. An effective and easy way for microbusinesses to add an extra protection layer to their systems and passwords is through the use of password managers. This paper examines the useability and ease of use of the password manager software. We extended the Technology Acceptance Model (TAM) and tested the mediating role of self-efficacy on TAM's relationship with computer security usage. A sample of 420 microbusiness owners was taken to test the relationships among the variables through an online web-based survey. The results confirmed that self-efficacy plays a vital role in the user acceptance of password managers and reported its mediating role between perceived ease of use, perceived usefulness, and computer security usage.

A Strategic Vision for Combating Cyberterrorism

Cyberterrorism has become a well-known cybersecurity subject in today's digital world. The spread of cybercrimes calls for disseminating ethical values and peace between countries and individuals. Because of this phenomenon's danger to society, this study sought to lay down directives for security strategies to confront cyberterrorism. Hence, the study's main research problem revolves around highlighting the role of security authorities in addressing cyberterrorism according to the specialists in information technology (IT) centers in Saudi universities in Riyadh. Hence, a descriptive analysis method was adopted as a research methodology. We distributed questionnaires as a study tool to 150 specialists in IT centers in Saudi universities in Riyadh. The study yielded different views regarding the types and ways of cyberterrorism committed through the internet. Results showed the respondents' opinions regarding the essential types of cyberterrorism. Moreover, they emphasize the need to raise awareness in dealing with cyberterrorism by enforcing cybersecurity with the most prominent means and procedures that the authorities are responsible for. The most critical recommendations are: (1) the need to provide the employees with the technical skills to know how to deal with any potential security breach, (2) the need to provide specialized training courses in protection methods for workers, and (3) the need to develop the means of security and legal protection through developing e-government security agreements.

Web Application based Image Geolocation Analysis to Detect Human Trafficking

Migrant smuggling is a dangerous phenomenon threatening international peace and security. This global concern for many countries is mainly due to the high use of multimedia devices and social media. There are great demands to specify an in depth gathering of information about a suspect’s mobile device while investigating cases of human trafficking and migrant smuggling. The primary purpose of this study is to help resolve the human trafficking problem that currently faces Sudan. In this paper we cover the steps used to geolocate images captured from suspects and victims’ mobile devices cameras. The obtained images are then analyzed using our specialized developed web application. This latter is built using open-source tools such as the Laravel framework and a Google Maps API which is considered as the main component of the web application. The results of the developed web application on a real case in Sudan has proven its usefulness in easing and speeding up the digital investigation process.

Software Optimisation of Lightweight Klein Encryption in IoT

The Internet of Things (IoT) and Wireless Sensor Network (WSN) devices are prone to security vulnerabilities, especially when they are resource-constrained. Lightweight cryptography is a promising encryption concept for IoT and WSN devices, that can mitigate these vulnerabilities. For example, Klein encryption is a lightweight block cipher, which has achieved popularity for the trade-off between performance and security. In this paper, we propose one novel method to enhance the efficiency of the Klein block cipher and the effects on the Central Processing Unit (CPU), memory usage, and processing time. Furthermore, we evaluate another approach on the performance of the Klein encryption iterations. These approaches were implemented in the Python language and ran on the Raspberry PI 3. We evaluated and analyzed the results of two modified encryption algorithms and confirmed that two enhancing techniques lead to significantly improved performance compared to the original algorithm

Overview of the Impact of Human Error on Cybersecurity based on ISO/IEC 27001 Information Security Management

Information security is the practice of protecting information by mitigating the risk of cyber-attack, and typically includes preventing or reducing the possibility of unauthorized/inappropriate access to data, unlawful use, disclosure, disruption. This concept of information security covers as well various procedures aiming at minimizing the negative effects of such incidents and threats. These threats might be originated from the human behavior which may lead to a wide damage of the organization data assets. Thus, the primary focus of information security is on the balanced protection of confidentiality, integrity and availability of data while maintaining an effective use of the organizations' systems. International standards related to information security such as ISO/IEC 27001 emphasis on effective implementation of the information security policies and applications without hampering the productivity of the organization. This research seeks to draw a set of practical rules to be established within an organization to preserve cybersecurity objectives and protect dada specifically from human errors incidents. The drawn rules are based on ISO/IEC 27001 and its application within organizations will rise the employee’s awareness about their behavior to reduce the impact of such incidents on the organization' systems and data.

A Systematic Review of Machine Learning Algorithms in Cyberbullying Detection: Future Directions and Challenges

Social media networks are becoming an essential part of life for most of the world’s population. Detecting cyberbullying using machine learning and natural language processing algorithms is getting the attention of researchers. There is a growing need for automatic detection and mitigation of cyberbullying events on social media. In this study, research directions and the theoretical foundation in this area are investigated. A systematic review of the current state-of-the-art research in this area is conducted. A framework considering all possible actors in the cyberbullying event must be designed, including various aspects of cyberbullying and its effect on the participating actors. Furthermore, future directions and challenges are also discussed.

Defense mechanisms against Distributed Denial of Service attacks: Comparative Review

Distributed Denial of Service (DDoS) remains a big concern in Cybersecurity. DDoS attacks are implemented to prevent legitimate users from getting access to services. The attackers make use of multiple hosts that have been compromised (i.e., Botnets) to organize a large-scale attack on targets. Developing an effective defensive mechanism against existing and potential DDoS attacks remains a strong desire in the cybersecurity research community. However, development of effective mechanisms or solutions require adequate evaluation of existing defense mechanism and a critical analysis of how these methods have been implemented in preventing, detecting, and responding to DDoS attacks. This paper adopted a systematic review method to critically analyze the existing mechanisms. The review of existing literature helped classify the defense mechanism into four categories: source-based, core-router, victim-based, and distributed systems. A qualitative analysis was used to exhaustively evaluate these defense mechanisms and determine their respective effectiveness. The effectiveness of the defense mechanisms was evaluated on six key parameters: coverage, implementation, deployment, detection accuracy, response mechanism, and robustness. The comparative analysis reviewed the shortcomings and benefits of each mechanism. The evaluation determined that victim-based defense mechanisms have a high detection accuracy but is associated with massive collateral as the detection happens when it is too late to protect the system. On the other hand, whereas stopping an attack from the source-end is ideal, detection accuracy at this point is too low as it is hard to differentiate legitimate and malicious traffic. The effectiveness of the core-based defense systems is not ideal because the routers do not have enough CPU cycles and memory to profile the traffic. Distributed defense mechanisms are effective as components can be spread out across the three locations in a way that takes advantage of each location. The paper also established that the rate-limiting response mechanism is more effective than packet filtering method because it does not restrict legitimate traffic. The analysis revealed that there is no single defense mechanism that offers complete protection against DDoS attacks but concludes that the best defense mechanism is the use of distributed defense because it ensures that defense components are placed on all locations.

The Status Quo of Information Security from the Perspective of Information Technology Staff in Jordanian University Libraries

This study aims to explore the status quo of information security from the perspective of information technology (IT) staff in Jordanian university libraries and to discuss the most prominent difficulties they face. Moreover, it aims to identify the effect of the variables (years of experience, type of university, job level, and specialization) on the staff estimation of the status quo of information security and the difficulties they face. The study population consisted of all (96) staff members of the IT departments in the libraries of public and private Jordanian universities for the academic year 2015-2016, of whom (84) responded. To answer the study questions, a questionnaire that examines the status quo of information security was adopted, it consisted of five themes. The questionnaire also included questions to study the difficulties facing IT staff. The results indicated that the respondents’ estimation of the status quo of information security in Jordanian universities libraries was at medium level, as the item “procedures for the protection of computer systems and networks” and the item “access control to information systems” were ranked first in the study fields with a high rating. Results also indicated that the overall level of difficulties attained a medium level, and that the most prominent difficulties facing IT staff in universities libraries are the shortage of personnel specialized in information security and the lack of budget allocated to information security in university libraries. The study also showed a statistically significant difference at the level of significance (α≤0.05) for the variables of “job level” and “specialization” in the staff estimation of the status quo of information security. Also, a statistically significant difference was found in the staff estimation of the difficulties they face related to the specialization variable. The study recommends paying more attention to the various aspects of information security in libraries, such as the infrastructure in regard to technology and the existence of a precise policy to ensure information security and to increase the number of human resources specialized in the field of information security.