Exploring Cyber Security Vulnerabilities in the Age of IoT

The modernization of rail control systems has resulted in an increasing reliance on digital technology and increased the potential for security breaches and cyber-attacks. Higher-level European Train Control System(ETCS) systems in particular depend on communications technologies to enable greater automation of railway operations, and this has made the protecting the integrity of infrastructure, rolling stock, staff and passengers against cyber-attacks ever more crucial. The growth in Internet of Things (IoT) technology has also increased the potential risks in this area, bringing with it the potential for huge numbers of low-cost sensing devices from smaller manufacturers to be installed and used dynamically in large infrastructure systems; systems that previously relied on closed networks and known asset identifiers for protection against cyber-attacks. This chapter demonstrates that how existing data resources that are readily available to the railways could be rapidly combined and mapped to physical assets. This work contributes for developing secure reusable scalable framework for enhancing cyber security of rail assets

Security of the Cloud

The chapter presents current security concerns in the Cloud Computing Environment. The cloud concept and operation raise many concerns for cloud users since they have no control of the arrangements made to protect the services and resources offered. Additionally, it is obvious that many of the cloud service providers will be subject to significant security attacks. Some traditional security attacks such as the Denial of Service attacks (DoS) and distributed DDoS attacks are well known, and there are several proposed solutions to mitigate their impact. However, in the cloud environment, DDoS becomes more severe and can be coupled with Economical Denial of Sustainability (EDoS) attacks. The chapter presents a general overview of cloud security, the types of vulnerabilities, and potential attacks. The chapter further presents a more detailed analysis of DDoS attacks' launch mechanisms and well-known DDoS defence mechanisms. Finally, the chapter presents a DDoS-Mitigation system and potential future research directions.

Legal Issues

Privacy and security are two items being woven into the fabric of American law concerning mobile devices. This chapter will review and analyze the associated laws and policies that are currently in place or have been proposed to ensure proper execution of security measures for mobile and other devices while still protecting individual privacy. This chapter will address the fact that as the American society significantly uses mobile devices, it is imperative to understand the legal actions surrounding these technologies to include their associated uses. This chapter will also address the fact that with 9/11 in the not so distant past, cyber security has become a forefront subject in the battle against global terrorism. Furthermore, this chapter will examine how mobile devices are not like the devices of the past as the computing power is on par with that of some desktops and the fact that these devices have the ability to execute malicious applications. In addition, this chapter will discuss the reality, significance, legal and practical affects of the fact that suspicious programs are being executed offensively and security based attacks can be performed as well with the use of programs such as Kali Linux running on Android.

Cloud Crime and Fraud

Changing trends in IT industry are opening new avenues. With the scalability, flexibility, and economic advantage offered by cloud computing, more and more organizations are moving towards cloud for their applications. With all the benefits of cloud computing, it poses a danger of digital crime and security breaches. These challenges are compounded by the fact that cybercrime and the transgressors transcend geographical boundaries while the law enforcement does not. This paper tries to focus on how cloud computing is rising to the challenges thrown in from cyber space and recent developments to avoid and mitigate cloud fraud and abuse. Taking counter measures at organizational level, will alleviate and up to an extent eliminate security breaches. With current knowledge on policy and standards adopted by developed nations, the policy makers and law enforcement agencies in developing countries can work towards formulating standards and guidelines for awareness on threats, vulnerabilities and effectiveness of security controls to respond to risk.

Cyber Space Security Assessment Case Study

Cyberspace is known as the digital electronic medium for the knowing range of securing in the cyberspace. Therefore the importance of inferring the reference measure in the form of assessment procedure to improve the knowledge and making the decision for the e- government services. A series of the standards build on the application of data mining methods specifically represented as decision tress model, Logistic regression, association rules model, Bayesian network for making reference measurements, to measure the extent of securing the data, and the provided services. The authors discuss various types of cyber-attacks describing how data mining helps in detection and prevention of these attacks. A comparative analysis between a set of selected frameworks is presented. Finally this chapter imparts numbers of applications for the data mining Methodologies in Cyber Security. Results applied on the site of the authority for cleaning and beautifying Cairo governorate in Egypt.

Security Management in Mobile Cloud Computing

Mobile cloud computing is a technique or model in which mobile applications are built, powered and hosted using cloud computing technology. In Mobile Cloud computing we can store information regarding sender, data and receiver on cloud through mobile application. As we store more and more information on cloud by client, security issue will arise. This chapter presents a review on the mobile cloud computing concepts as well as security issues and vulnerabilities affecting Cloud Systems and the possible solutions available to such issues within the context of cloud computing. It also describes the pros and cons of the existing security strategy and also introduces the existing issues in cloud computing such as data integrity, data segregation, and security.

Arts and Branches of Science Significantly Contributing to Cyber and Cyber Security

Academia plays an important role in shaping a country's cyber readiness. In the past years, nations have started investing in new cyber-related programs at colleges and universities. This also includes promoting academic exchange with partner countries, as well as putting effort into improved cooperation between industries and scholars in the area of cyber. In many cases the efforts focus largely on computer science and closely related branches of science. However, the very nature of the cyberspace as both a continuation and a reflection of the physical world require a broader perspective on academic assets required to create and sustain sound cyber defines capabilities. Acknowledging this premise, this paper sets out to map branches of science that significantly contribute to the domain known as ‘cyber' and searches for new aspects for further development.

A Novel Ammonic Conversion Algorithm for Securing Data in DNA Using Parabolic Encryption

In today's era, the traditional cryptographic methods are not sufficient to provide security to the data. Everyone wants to secure their data whether the data is bank transaction, email transaction, personal data or the data related to work. To provide security to the data, DNA cryptography emerges as a new field. DNA cryptography is a new branch of cryptography. It provides security to the data by converting the data in the form of DNA sequence. A lot of research has been done in the area of this cryptography. It consists of various stages like converting data in the form of DNA, reverse conversion, various methods of encryption etc. Various methods of encryption are present until now in the DNA cryptography. But the problem with them is that they all have more emphasis on biological encryption methods. There is a need of methods which make use of simple biological methods and complex binary or other number system encryption. In this paper, the authors are proposing a new algorithm for providing security to the data at two levels. The authors propose a parabolic transposition in a circular arrangement of data. In the proposed algorithm, data is arranged in a circular way. The number of rows and columns acts as a key for binary encryption. For encrypting the DNA sequence, the authors convert the DNA sequence into amino acid. This amino acid sequence will act as a cipher text and send to the receiver through the open environment. The proposed algorithm is a type of block cipher. It is a transposition cipher. It changes the position of data for binary encryption.

DNA Cryptography

In today's world, sensitive information like secret message, financial transaction, medical report, personal information is transferred over public communication channel. Since the advancement of communication begins, data security becomes a massive problem. The increasing rate of eavesdropping over communication channel leads the introduction of cryptography algorithm for data transmission. Different traditional cryptographic technique is adopted worldwide for protected data transmission. The recent advancement on this field is DNA based cryptography. This chapter describes the application of DNA as computational tool after the exposure of its capability was discovered by Leonard M. Adleman in 1994. Its random nature also helps the cryptography algorithm to become unbreakable. Conventional cryptography methods are sometimes susceptible to attack by the intruder. Therefore the idea of using codon based DNA as a computational tool is used in this cryptography method as an alternative method that fetches new hope in communication technology.

TVGuarder

Cloud computing has a most vulnerable security concerns as virtualization. This paper presents a Trace-enable Virtualization protection framework named TVGuarder, which protects IaaS user's important data from being illegally accessed or maliciously damaged by insider attacks. A threat model is established to characterize cloud-oriented insider attacks and countermeasures are proposed in TVGuarder. First, LSM hooks in host OS kernel are leveraged to enforce that VM images could only be accessed by host virtualization service. Second, a trusted loading mechanism is proposed to prevent tampered or disguised virtualization process from being executed in Host OS. Third, a log-based back tracing mechanism is designed to record full call trace of VM operations and guarantee that only legitimate VM operations are allowed. TVGuarder has been implemented in Openstack platform and several comprehensive experiments are conducted. Experimental results show that TVGuarder can identify several important insider attacks and protect virtual machine images with only a small performance degradation.