Study on Prevention and Solution of Ransomware Attack

The development of science and technology in this era brought many advantages for peoples, organizations, enterprises, and companies merely a lot of cyber threats are occurring nowadays. Ransomware is one of the families of malicious software that spread quickly and cause a critical impact around the world. Ransomware attacks the victim by infecting the malicious file into the device; they will encrypt and deny the victim to access it. A ransom demand message will prompt the user so that they will gain the money anonymously. The victims are only allowed to access after pay the demand using crypto-currencies such as Bitcoin. There is a lot of reason that cause the ransomware attack around the world, for example, the vulnerability of the system. Otherwise, the weaknesses of security knowledge also become one of the causes. However, many preventions allow the user to avoid the ransomware propagate but the system is not fully free from the ransomware attack. Thus, a lot of solutions are giving out by the researcher to overcome the problem after the attack.

MyMaster : A Multifactor Authentication Scheme for Smart Home Device

Smart homes are one of the Internet of Things (IoT) applications most significant to enable people to operate intelligent devices on the Internet in their homes. However, when users can access an intelligent home system remotely, they have major privacy and confidentiality difficulties to overcome. Nothing has been done to improve the safety characteristics of an intelligent home with current research on authentication approaches. For example, to address these issues and to develop a reciprocal tracking authentication system with a critical aspect of a deal, we recommend an Internet based Smart Home System (IFTTT) model. As a controller and a safety guard, an IFTTT-Home Gateway provides a user with remote access to a Smart Home System within their company. The system is designed for mutual authentication with security features such as anonymity and full advance security by using Elliptical Curve Encryption, Nonces, XOR or cryptographic Hash functions. We also incorporate multi factor authentication (MFA) into the model to ensure more security and preventing privacy leakage.

A Secure Two Factor Authentication Protocol for Cloud-Assisted Wireless Body Area Network Using Blockchain

The recent advancements in technologies have allowed us to come so far and resulted in many breakthroughs. One of the various examples is internet of things, wireless communication, and cloud computing which can be useful if utilize in many fields. In the field of medical, these advancements allowed any medical centres to improve patient’s health remotely simply by using wearable devices on patients that then will amalgamate with the wireless body area network (WBAN). However, WBAN has limited resources which limits its services. To solve this problem, cloud computing is used to provide storage and computation. Unfortunately, these methods allow the system to be vulnerable to various malicious attacks. Attackers can easily gain access to the medical records of patients hence the integrity of security and privacy of confidential data have been compromised. In this paper, we presented a secure protocol for cloud-assisted database using multi-factor authentication and blockchain as an added measure to ensure security. Accordingly, we prove that the presented scheme offers more security and privacy. Therefore, it is the most practical method to be applied in the medical field.

Speech Recorder and Translator using Google Cloud Speech-to-Text and Translation

The most popular video website YouTube has about 2 billion users worldwide who speak and understand different languages. Subtitles are essential for the users to get the message from the video. However, not all video owners provide subtitles for their videos. It causes the potential audiences to have difficulties in understanding the video content. Thus, this study proposed a speech recorder and translator to solve this problem. The general concept of this study was to combine Automatic Speech Recognition (ASR) and translation technologies to recognize the video content and translate it into other languages. This paper compared and discussed three different ASR technologies. They are Google Cloud Speech-to-Text, Limecraft Transcriber, and VoxSigma. Finally, the proposed system used Google Cloud Speech-to-Text because it supports more languages than Limecraft Transcriber and VoxSigma. Besides, it was more flexible to use with Google Cloud Translation. This paper also consisted of a questionnaire about the crucial features of the speech recorder and translator. There was a total of 19 university students participated in the questionnaire. Most of the respondents stated that high translation accuracy is vital for the proposed system. This paper also discussed a related work of speech recorder and translator. It was a study that compared speech recognition between ordinary voice and speech impaired voice. It used a mobile application to record acoustic voice input. Compared to the existing mobile App, this project proposed a web application. It was a different and new study, especially in terms of development and user experience. Finally, this project developed the proposed system successfully. The results showed that Google Cloud Speech-to-Text and Translation were reliable to use in video translation. However, it could not recognize the speech when the background music was too loud. Besides, it had a problem of direct translation, which was challenging. Thus, future research may need a custom trained model. In conclusion, the proposed system in this project was to contribute a new idea of a web application to solve the language barrier on the video watching platform.

IoT Piggy Bank for Money Saving Habit Instillation

Children nowadays are overwhelming with luxurious things and have only little or even no money concepts where most of the kids just reach out to their parents for buying anything they want. This could be an issue for parents, hence kids should be taught the value of money and knowing that save their own money is important to purchase anything they desired. This project proposed an innovative way to inculcate saving behaviours in children using an IoT Piggy Bank. This goal-directed approach allows children to set their saving goals (values of their desired items) and form a saving habit slowly through their saving routines toward their saving goals. Every saving made by the children will be tracked in a mobile app and a buzzer will be triggered as a reinforcer to alert children when they do not save regularly. The user acceptance testing (UAT) of the proposed prototype has shown the majority of the parents (90%) agreed that the proposed IoT piggy bank is very suitable for children to instil saving habit. Most of the children have reacted positively where they were having lots of fun when trying on the IoT piggy bank and expressed that they would continue to use it for saving in the future.

An AODV Based Multifactor Authentication Scheme for Wireless Sensor Network

Wireless Sensor Network (WSN) is a type of wireless network that is fast getting a lot of attention in scientific and industrial applications, and it is a network of decentralized autonomous standalone sensor devices. However, WSN is easily prone to malicious attacks as anyone can access the server through the node without a proper security authentication. In this paper, we proposed a secure AODV based multi-factor authentication scheme for WSN to mitigate physical attack, offline guessing attack and replay attack. Our proposed scheme is preferred to keep the scheme lightweight while providing enough security that requires smart card, user identity, password, and OTP. Our proposed scheme has relatively lower computational cost with a total of 10Th than the other compared schemes except for Adil et al.’s scheme. However, we have around 8288 bits of authentication overhead due to the nature of packet and the addition of factors. Hence, our scheme is outperformed from computational cost perspective, but the scheme is slightly higher on authentication overhead perspective. In the future, multiple device authentication, implementation of biometric feature can be added to improve the scheme.

Mutual Authentication in Body Area Networks (BANs) Using Multi-Biometric and Physiological Signal-Based Key Agreement

The development of wireless technology has had a major impact on the wireless body area networks (WBANs) especially in the medical field where a small wireless sensor is installed in, on, or around the patient’s body for real-time health monitoring and personalized medical treatment. However, the data is collected by the sensors and transmitted via wireless channels. This could make the channel vulnerable to being accessed and falsified by an unauthorized user and may put the lives of the patient at risk and might give a false alarm. Therefore, a secure authentication and data encryption scheme in BANs is needed in a device to establish the interaction. The asymmetric cryptosystems that function in BANs can cause a Man-in-the-Middle attack because the initial requirement in BAN requires the user to configure a master key or password. The impersonation attack may also involve BAN where other individual pretends to be the owner of the devices and lastly Eavesdropping attack where the attack eavesdrops on transmission to unlock devices. With the existing schemes, mutual authentication using the biometric features (fingerprint) and the physiological signal from the electrocardiogram database is used to make sure the authentication is more secure, reliable, and accurate. In this paper, we proposed a new multifactor authentication scheme on biometric authentication which is the retina scan. We proposed the retina scan because the retina of the human eye is unique, remains the same, and cannot be obtained from anywhere which makes it difficult to forge. We also added a new device which is a smart watch to receive a key agreement message from the fingerprint to double confirm the same identification. This is to make sure high security is obtained and offered simplicity, efficiency, and precision scheme for the authentication.

Biometric Blockchain-based Multifactor Privacy Perserving Authentication Scheme for VANETs

To provide the most suitable or compatible scheme to work against various attack toward vehicular ad hoc networks (VANETs) is very challenging. Not only that the high authentication and communication overhead also became a problem for VANETs. Thus, in this paper we use multifactor authentication that could resist various attack toward VANETs. A biometric blockchain-based multifactor privacy-preserving authentication scheme for VANETs. This scheme is proposed by using a new robust pseudo-identity multifactor VANET scheme based on Physical Unclonable Functions (PUF) and biometric data of the vehicle’s authorized user. To calculate the computational cost and the authentication overhead, we compare three of our computational cost and authentication overhead below. From the complexity analysis this proposed scheme has a lower authentication overhead and offers better security level and a low computational cost can be achieved. From the perspective of future, we hope that the cost that involve in this scheme still can be reduce as we offer a high security level. Not only that, but we also hope that this scheme can be implemented practically.

Authentication of IoT device with the enhancement of One-time Password (OTP)

The Robust and Energy Efficient Authentication Protocol works for Industrial Internet of Things. The Internet of Things (IoT) is an arising innovation and expected to give answers for different modern fields. The IoT enable connection of physical devices all around the world to the internet by collecting and sharing critical and real-time data among each other. The increment of devices increases the computational cost during data transmission between devices and towards the internet. In this paper we proposed a solution that is a multi-factor authentication protocol to enhance the protocol proposed by Li et al. For Industrial IoT by adding One Time Password (OTP) after the biometric information of the user is checked by the Gateway Node (GWN) to be able to tackle additional network attack aside from those that are overcome by Li et al. scheme. Our contribution for this project is, we proposed the solution that a multi-factor authentication protocol to enhance the protocol proposed. For Industrial IoT by adding One Time Password (OTP) after the biometric information of the user is checked by the Gateway Node (GWN) to be able to tackle additional network attack aside from those that are overcome. The idea of adding OTP is inspired by where they scheme correlates to biometric of user as well. Our proposal is lower cost than the three protocols regarding authentication overhead and computational cost perspectives. Challenges and future directions of this paper examined the security shortcomings of a client confirmation convention for WSN, which is as proposed by Chang and Le. To address the normal security shortcomings of past protocols, we proposed a strong and energy effective three-factor authentication protocol for WSN.

The Implementation of Strategic Threat Intelligence for Business Organization

Nowadays strategic threat intelligence is very important to all the organization. Strategic cyber threat intelligence can determine who and why to provide key insights to the organization. It purpose is to determine who is behind a particular threat or threat family and addressing to evolving trends. The strategic level of cyber threat intelligence also included and explains about why. Why makes a company or an organization a target? Strategic Threat Intelligence offer the overview of the threat status of the organization. Therefore, the C-Suite include chief executive officer (CEO), chief financial officer (CFO), chief operating officer (COO) and chief information officer (CIO) of the organization use cyber threat intelligence data to understand the high-level trends and threats to the company or the organization. The C-Suite of the organization also need to know how to implement the strategic threat intelligence to prevent unexpected things happen. This research paper aims to discuss about the importance of the strategic threat intelligence to the company or organization and how to implement it. After knowing and understanding the implementation of strategic threat intelligence to the company or organization, this research paper also will discuss about the when of using strategic threat intelligence. The issue and challenges is also discussed in the article.