Cybersecurity and the Digital Health: An Investigation on the State of the Art and the Position of the Actors

Cybercrime is increasingly exposing the health domain to growing risk. The push towards a strong connection of citizens to health services, through digitalization, has undisputed advantages. Digital health allows remote care, the use of medical devices with a high mechatronic and IT content with strong automation, and a large interconnection of hospital networks with an increasingly effective exchange of data. However, all this requires a great cybersecurity commitment—a commitment that must start with scholars in research and then reach the stakeholders. New devices and technological solutions are increasingly breaking into healthcare, and are able to change the processes of interaction in the health domain. This requires cybersecurity to become a vital part of patient safety through changes in human behaviour, technology, and processes, as part of a complete solution. All professionals involved in cybersecurity in the health domain were invited to contribute with their experiences. This book contains contributions from various experts and different fields. Aspects of cybersecurity in healthcare relating to technological advance and emerging risks were addressed. The new boundaries of this field and the impact of COVID-19 on some sectors, such as mhealth, have also been addressed. We dedicate the book to all those with different roles involved in cybersecurity in the health domain

Measuring and Disrupting Malware Distribution Networks: An Interdisciplinary Approach

Malware Delivery Networks (MDNs) are networks of webpages, servers, computers, and computer files that are used by cybercriminals to proliferate malicious software (or malware) onto victim machines. The business of malware delivery is a complex and multifaceted one that has become increasingly profitable over the last few years. Due to the ongoing arms race between cybercriminals and the security community, cybercriminals are constantly evolving and streamlining their techniques to beat security countermeasures and avoid disruption to their operations, such as by security researchers infiltrating their botnet operations, or law enforcement taking down their infrastructures and arresting those involved. So far, the research community has conducted insightful but isolated studies into the different facets of malicious file distribution. Hence, only a limited picture of the malicious file delivery ecosystem has been provided thus far, leaving many questions unanswered. Using a data-driven and interdisciplinary approach, the purpose of this research is twofold. One, to study and measure the malicious file delivery ecosystem, bringing prior research into context, and to understand precisely how these malware operations respond to security and law enforcement intervention. And two, taking into account the overlapping research efforts of the information security and crime science communities towards preventing cybercrime, this research aims to identify mitigation strategies and intervention points to disrupt this criminal economy more effectively

Quality and Inequity in Digital Security Education

Few users have a formal, authoritative introduction to digital security. Rather, digital security skills are often learned haphazardly, as users filter through an overwhelming quantity of security education from a multitude of sources, hoping they're implementing the right set of behaviors that will keep them safe. In this thesis, I use computational, interview, and survey methods to investigate how users learn digital security behaviors, how security education impacts security outcomes, and how inequity in security education can create a digital divide. As a first step toward remedying this divide, I conduct a large-scale measurement of the quality of the digital security education content (i.e., security advice) that is available to users through one of their most cited sources of education: the Internet. The results of this evaluation suggest a security education ecosystem in crisis: security experts are unable or unwilling to narrow down which behaviors are most important for users' security, leaving end-users -- especially those with the least resources -- to attempt to implement the hundreds of security behaviors advised by educational materials

Proceedings, MSVSCC 2016

Proceedings of the 10th Annual Modeling, Simulation & Visualization Student Capstone Conference held on April 14, 2016 at VMASC in Suffolk, Virginia

Identity theft

Recognized as one of the fastest growing crimes in the United States, identify theft has eluded customary, reactive systems of containment, due to its rapidly changing nature, the dependency upon legislative and corporate efforts and the perceptions of the law enforcement and the business industry, which minimizes its impact. The prevention strategies have been ill matched to the nature of the crimes or interceded after the crimes have been committed. In order to institute comprehensive identity theft protection, including the conviction of the criminals, a system sensitive to the changing nature of the crimes, the access a criminal has to personal identifying data and one which is proactive in nature is needed. Therefore, the purpose of this study was to explore the usefulness of the routine activity theory (RAT) in the understanding of identity theft. The interview data were analyzed to explore the perceptions of the stakeholders, their evaluation of the usefulness of the application of this theory, and to determine more effective identify theft protection. Using an ethnographic paradigm, a cross sectional representation of the stakeholders, twenty five law enforcement professionals, offenders and victims were provided with five general and five specific to each group of stakeholders (interviews) and probing (conversations) inquires to determine the current state of practice and whether their responses supported that RAT would be advantageous in the containment of this crime. The analyses of the data revealed that RAT would be useful in the understanding of identity theft, provide a framework to modify the state of practice from a retrospective analyses after a theft was committed, to preventive measures, and that no ample framework was present. Implementing RAT as a theoretical model would be more pragmatic and incorporate a more global approach to the standard of practice. The confounding conditions, such as the guardedness of the disclosed information, the limited access to archival records, the offenders available for the study, and the lack of formative studies to systematize the data indicated that additional research is needed. These include: (1) categorization of the interview data into propositions, and (2) the benefits of educational programs for governmental and law enforcement officers using RAT as proactive system in the reduction of these crimes

Ubiquitous intelligence for smart cities: a public safety approach

Citizen-centered safety enhancement is an integral component of public safety and a top priority for decision makers in a smart city development. However, public safety agencies are constantly faced with the challenge of deterring crime. While most smart city initiatives have placed emphasis on the use of modern technology for fighting crime, this may not be sufficient to achieve a sustainable safe and smart city in a resource constrained environment, such as in Africa. In particular, crime series which is a set of crimes considered to have been committed by the same offender is currently less explored in developing nations and has great potential in helping to fight against crime and promoting safety in smart cities. This research focuses on detecting the situation of crime through data mining approaches that can be used to promote citizens' safety, and assist security agencies in knowledge-driven decision support, such as crime series identification. While much research has been conducted on crime hotspots, not enough has been done in the area of identifying crime series. This thesis presents a novel crime clustering model, CriClust, for crime series pattern (CSP) detection and mapping to derive useful knowledge from a crime dataset, drawing on sound scientific and mathematical principles, as well as assumptions from theories of environmental criminology. The analysis is augmented using a dual-threshold model, and pattern prevalence information is encoded in similarity graphs. Clusters are identified by finding highly-connected subgraphs using adaptive graph size and Monte-Carlo heuristics in the Karger-Stein mincut algorithm. We introduce two new interest measures: (i) Proportion Difference Evaluation (PDE), which reveals the propagation effect of a series and dominant series; and (ii) Pattern Space Enumeration (PSE), which reveals underlying strong correlations and defining features for a series. Our findings on experimental quasi-real data set, generated based on expert knowledge recommendation, reveal that identifying CSP and statistically interpretable patterns could contribute significantly to strengthening public safety service delivery in a smart city development. Evaluation was conducted to investigate: (i) the reliability of the model in identifying all inherent series in a crime dataset; (ii) the scalability of the model with varying crime records volume; and (iii) unique features of the model compared to competing baseline algorithms and related research. It was found that Monte Carlo technique and adaptive graph size mechanism for crime similarity clustering yield substantial improvement. The study also found that proportion estimation (PDE) and PSE of series clusters can provide valuable insight into crime deterrence strategies. Furthermore, visual enhancement of clusters using graphical approaches to organising information and presenting a unified viable view promotes a prompt identification of important areas demanding attention. Our model particularly attempts to preserve desirable and robust statistical properties. This research presents considerable empirical evidence that the proposed crime cluster (CriClust) model is promising and can assist in deriving useful crime pattern knowledge, contributing knowledge services for public safety authorities and intelligence gathering organisations in developing nations, thereby promoting a sustainable "safe and smart" city

International Academic Symposium of Social Science 2022

This conference proceedings gathers work and research presented at the International Academic Symposium of Social Science 2022 (IASSC2022) held on July 3, 2022, in Kota Bharu, Kelantan, Malaysia. The conference was jointly organized by the Faculty of Information Management of Universiti Teknologi MARA Kelantan Branch, Malaysia; University of Malaya, Malaysia; Universitas Pembangunan Nasional Veteran Jakarta, Indonesia; Universitas Ngudi Waluyo, Indonesia; Camarines Sur Polytechnic Colleges, Philippines; and UCSI University, Malaysia. Featuring experienced keynote speakers from Malaysia, Australia, and England, this proceeding provides an opportunity for researchers, postgraduate students, and industry practitioners to gain knowledge and understanding of advanced topics concerning digital transformations in the perspective of the social sciences and information systems, focusing on issues, challenges, impacts, and theoretical foundations. This conference proceedings will assist in shaping the future of the academy and industry by compiling state-of-the-art works and future trends in the digital transformation of the social sciences and the field of information systems. It is also considered an interactive platform that enables academicians, practitioners and students from various institutions and industries to collaborate