Development and Validation of a New Measurement Instrument: The Behavioral-Cognitive Internet Security Questionnaire (BCISQ)

Rapid changes in internet use and, consequently, digitalization of almost every aspect of human life lead inevitably to significant problems in information security and social engineering. As previous studies have shown, the biggest problem in internet security is the behavior of internet users. The aim of this study was to develop and validate a new and reliable instrument that would measure information security and awareness of every information-communication user in a short period of time. The development and validation of the new measurement instrument, the Behavioral-Cognitive Internet Security Questionnaire (BCISQ), was conducted in three phases. The final version consists of 4 subscales (2 behavioral and 2 cognitive) with a total of 17 items. The results revealed good psychometric characteristics of the BCISQ and showed that a short and reliable questionnaire measuring information security (i.e. behavioral aspects of internet security) and users’ awareness (i.e. cognitive aspects of internet security) was successfully developed

Common security issues and challenges in wireless sensor networks and IEEE 802.11 wireless mesh networks

Both Wireless Mesh Network (WMN) and Wireless Sensor Network (WSN) are multi-hop wireless networks. WMN is an emerging community based integrated broadband wireless network which ensures high bandwidth ubiquitous internet provision to users, while, WSN is application specific and ensures large scale real-time data processing in complex environment. Both these wireless networks have some common vulnerable features which may increase the chances of different sorts of security attacks. Wireless sensor nodes have computation, memory and power limitations, which do not allow for implementation of complex security mechanism. In this paper, we discuss the common limitations and vulnerable features of WMN and WSN, along with the associated security threats and possible countermeasures. We also propose security mechanisms keeping in view the architecture and limitations of both. This article will serve as a baseline guide for the new researchers who are concern with the security aspects of WMN and WSN

Security aspects and efforts towards secure Internet of things

Abstract—Internet of Things (IoT) consists of wired and wireless devices, typically supplied with minimum physical resources including limited computational and communication resources. Most of the devices are distinguished by their low bandwidth, short range, scarce memory capacity, limited processing capability and other attributes of inexpensive hardware. The resulting networks are more prone to traffic loss and other vulnerabilities. One of the potential networking challenges is to ensure the network communication among these deployed devices remains secure at less processing and communication overhead, and small packet size. The purpose of this paper is to highlight possible security attacks in Low Power and Lossy Networks (LLNs) as identifying pertinent security issues is an initial step to design the effective countermeasures. The IETF efforts in relevance to security implementation of this type of network are presented with focus on layer-2 and authentication mechanism at upper layer

Secure and Economically Viable Internet Architecture

poster abstractThe evolution of the Internet is one of the most intriguing and magnificent engineering feats in the history of technological innovations. The Internet mirrors and enhances all aspects of our lives, by creating unprecedented opportunities for advancing knowledge in all fields of human activities. However, the 21st century society's needs may not be met by the current trajectory of incremental changes to the current Internet. Furthermore, the continued success of the Internet is increasingly threatened by increased and sophisticated security attacks and by the lack of performance reliability of Internet services. Therefore, the research community worldwide is engaged in exploring new architectures and solutions for the future Internet. We are working to design a new Internet architecture. Our larger team includes multidisciplinary expertise of researchers, from institutions such as Washington University in Saint Louis, Purdue University, and Seikei University in Tokyo Japan. Our research in this field focuses on various major requirements of the future Internet, including security, resilience, mobility, better manageability, economic viability and suitability for the needs of society. The Internet suffers by a number of serious security vulnerabilities, including weak defenses against attacks on hosts, communications, on availability (Denial of Service attacks), and privacy. Furthermore, the existing Internet architecture not only does not provide sufficient security, but worst, it empowers the attacking activities. We are exploring ways make Internet trustworthy, which includes properties such as security, reliability, privacy, and usability. Our multidisciplinary approach is based on the interplay among technical, psychology and legal aspects of system trustworthiness. We propose drastic changes, starting with strong authentication, various layers of security, and evaluation of trust, that will make the Internet a much more trustworthy and resilient system. The future Internet will be composed mostly of mobile nodes such as cell phones, PDAs, various types of sensors, and so on. Unfortunately, today's Internet is not support mobility. We are exploring solutions that provide mobility service based on the interplay among technical, security and economic factors. Our mobility architecture uses cloud computing and explores the tradeoffs among Quality of Service, security, privacy and economic viability of mobility service. This project is currently partially funded by NSF. We are looking forward to expand our collaborations and partnership in this research field

Cyber Security Service Mode Innovation: Comprehensive Operation & Support

With the rapid development of information technology, traditional nation state is faced with challenges from various aspects. However, the state can still lead the internet information security and create a variety of Internet security governance forms based on accepting the uncertainty of Internet security. Countries should focus on the impact of specific information technologies in specific areas and government agencies at specific points in time. This article talks about the cyber security protection and it is mainly focused on implementation schedule of cyber protection and experience exchange during this activity. Also it introduces current support service