Cybercrime and Risks for Cyber Physical Systems

Cyber Physical Systems (CPS) is the integration of computation and physical systems that make a complete system such as the network, software, embedded systems, and physical components. Major industries such as industrial plants, transport, national grid, and communication systems depend heavily on CPS for financial and economic growth. However, these components may have inherent threats and vulnerabilities on them that may run the risk of being attacked, manipulated or exploited by cyber attackers and commit cybercrimes. Cybercriminals in their quest to bring down these systems may cause disruption of services either for fame, data theft, revenge, political motive, economic war, cyber terrorism, and cyberwar. Therefore, identifying the risks has become imperative in mitigating the cybercrimes. This paper seeks to identify cybercrimes and risks that are associated with a smart grid business application system to determine the motives and intents of the cybercriminal. The paper identified four goals to mitigate the risks: as business value, organizational requirements, threat agent and impact vectors. We used the Analytical Hierarchy Process (AHP) to determine the importance of the goals that contribute to identifying cybercrime and risks in CPS. For the results, a case study is used to identify the threat and vulnerable spots and the prioritized goals are then used to assess the risks using a semi-quantitative approach to determine the net threat level. The results indicate that using the AHP approach to identify cybercrime and risk on CPS provides specific risk mitigation goals

Cybercrime Pervasiveness, Consequences, and Sustainable Counter Strategies

As our connectivity and dependency on technology increases, so does our vulnerability. Technology has provided not only new tools, but also new opportunities for criminals in the digital world. The abuse of new technologies has been threatening economic and Jinancial security and actually devastating the lives of affected indivicluals. In Nigeria, cybercrime has recorded mostly foregin-based individuals and organizations as victims thereby getting Nigeria ranked among the nations with notorious pemasiveness of high-tech crimes. Indeed, adequately formulating a strategy to contain the menace of cybercrime presents aformidable challenge to law enforcement. This paper x-rays noted instances of cybercrime pervasiveness, its devastating consequences, and up-to-date countermeasures in Nigeria It develops an enforceable/sustainable framework to determine how critical infrastructures are put at risk snd how law enforcement should react in responding to the threats

Secure Routing in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to the service providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to the wired network, in WMNs only a subset of the APs are required to be connected to the wired network. The APs that are connected to the wired network are called the Internet gateways (IGWs), while the APs that do not have wired connections are called the mesh routers (MRs). The MRs are connected to the IGWs using multi-hop communication. The IGWs provide access to conventional clients and interconnect ad hoc, sensor, cellular, and other networks to the Internet. However, most of the existing routing protocols for WMNs are extensions of protocols originally designed for mobile ad hoc networks (MANETs) and thus they perform sub-optimally. Moreover, most routing protocols for WMNs are designed without security issues in mind, where the nodes are all assumed to be honest. In practical deployment scenarios, this assumption does not hold. This chapter provides a comprehensive overview of security issues in WMNs and then particularly focuses on secure routing in these networks. First, it identifies security vulnerabilities in the medium access control (MAC) and the network layers. Various possibilities of compromising data confidentiality, data integrity, replay attacks and offline cryptanalysis are also discussed. Then various types of attacks in the MAC and the network layers are discussed. After enumerating the various types of attacks on the MAC and the network layer, the chapter briefly discusses on some of the preventive mechanisms for these attacks.Comment: 44 pages, 17 figures, 5 table

Spatial assessment and management of regional ecosystem services in the Yangtze River Delta Region

The Yangtze River Delta (YRD) metropolitan region is one of the most rapidly urbanized regions in China and has experienced a remarkable period of population growth (at an annual growth rate of 3.0%), and urbanization (at an annual growth rate of 9.2%). Rapid urbanization has dramatically changed land use/land cover patterns and ecosystems in the region, causing widespread environmental problems such as habitat fragmentation, aggravation of environmental pollution, decline in biodiversity and ecosystem degredation. These problems have restricted the sustainable development of socio-economic system of the Yangtze River Delta Region. Facing the challenges, the Yangtze River Delta Region is carrying out the practice of regional integration planning and cooperation in environmental governance, which urgently needs the guidance of relevant theories and methods. Some of the key environmental policy pilots have been carried on in this region, such as the Ecological Red Line Policy (Bai et al, 2016; Lü et al, 2013). This policy has one of the main objectives of protecting important eco-function areas i.e. ecosystem service hot spots, to deliver services such as water storage, clean drinking water, and carbon sequestration, and to maintain ecological safety to support economic and social development, which an important policy orientation of ecosystem services approach.Ecosystem services are the contributions of ecosystem structure and function to human well-being, connecting natural and socio-economic systems. The ecosystem services approach is considered to be one of the important decision support tools for guiding and formulating environmental policies. Based on the theories and methods of ecosystem services, combined with local expert knowledge, remote sensing and GIS technologies, this dissertation aims is mainly to develop a comprehensive framework of ecosystem services assessment and decision support for rapid urbanization regions.Based on this framework, the spatial characteristics, supply-demand relationship and flow direction of ecosystem services in the Yangtze River Delta Region are analysed and evaluated. Main results of this thesis are as follows:(1) According to the characteristics of the regional ecosystems of the Yangtze River Delta Region, combined with local expert knowledge, the Burkhard’s scoring and assessment method of ecosystem services was improved, and the score matrix between twelve ecosystem types and twenty-three ecosystem services in the Yangtze River Delta Region was established.(2) Based on DPSIR model, the characteristics of the social-ecological complex ecosystem and change of ecosystem services in the Yangtze River Delta Region were analysed. The main ecological and environmental problems were identified. Causes and main driving forces of decline in ecosystem services were revealed in the region.(3) Based on ARCGIS platform, the status quo of ecosystem services in the Yangtze River Delta region was analysed and evaluated. The spatial differentiation characteristics and main impact factors of ecosystem services in the Yangtze River Delta region were clarified. The hot spots of total ecosystem services were aggregated in the southwest areas, while the cold spots were distributed in the middle and northeast areas of the region. The hot spots of supporting services and regulating services aggregately distributed in the southwest mountainous areas while hot spots of provisioning services mainly in the northeast plain, and high value of cultural services widespread in the waterbodies and southwest mountainous areas. The spatial heterogeneity is determined by biophysical features and land use types. Based on the assessment, six major ecosystem services functional zones were divided: (I) South Ecological Integrity Conservation Zone, (II) Southwest Mountainous and Hilly Forest Ecological Zone, (III) Northeast Plain Agriculture Ecological Zone, (IV) Middle Aquatic Ecological Conservation Zone, (V) Eastern Coastal Estuaries Ecological Zone, and (VI) Urban Development Area., and the corresponding management strategies on the basis of environmental problems and ecosystem services characteristics in each of the functional zones were put forward.(4) Using regional spatial data in net primary productivity, the quality levels of forest and cropland were graded and the previous scores of ecosystem services in forest and cropland were calibrated. Then, the hot spots and clustering patches of forest and farmland ecosystem services were identified by ARCGIS tools. Finally, the forest ecosystem conservation areas (red line) and cropland ecosystem conservation areas (red line) in the Yangtze River Delta region were delineated.(5) Based on the improved Burkhard’s supply-demand budget of ecosystem services method, the budgets of three regulating services (erosion regulating service, flood regulating service and water purification regulating service) of the sixteen core cities in the region were established, and the characteristics of surplus and deficit of three services of the cities in the region were analysed. Combing the budget with analysis of flow direction of ecosystem services, the potential provisioning cities and the benefiting cities of ecosystem services are identified. On the basis of the results, the potential model of regional inter-city environmental cooperation is proposed.This dissertation not only improves the methods of ecosystem service assessment and decision support in rapidly urbanized regions, but also makes contributions to the guidance in delineation of ecological red line, regional environmental cooperation and sustainable development in the Yangtze River Delta Region

Cyber-crime Science = Crime Science + Information Security

Cyber-crime Science is an emerging area of study aiming to prevent cyber-crime by combining security protection techniques from Information Security with empirical research methods used in Crime Science. Information security research has developed techniques for protecting the confidentiality, integrity, and availability of information assets but is less strong on the empirical study of the effectiveness of these techniques. Crime Science studies the effect of crime prevention techniques empirically in the real world, and proposes improvements to these techniques based on this. Combining both approaches, Cyber-crime Science transfers and further develops Information Security techniques to prevent cyber-crime, and empirically studies the effectiveness of these techniques in the real world. In this paper we review the main contributions of Crime Science as of today, illustrate its application to a typical Information Security problem, namely phishing, explore the interdisciplinary structure of Cyber-crime Science, and present an agenda for research in Cyber-crime Science in the form of a set of suggested research questions

Towards a scope management of non-functional requirements in requirements engineering

Getting business stakeholders’ goals formulated clearly and project scope defined realistically increases the chance of success for any application development process. As a consequence, stakeholders at early project stages acquire as much as possible knowledge about the requirements, their risk estimates and their prioritization. Current industrial practice suggests that in most software projects this scope assessment is performed on the user’s functional requirements (FRs), while the non-functional requirements (NFRs) remain, by and large, ignored. However, the increasing software complexity and competition in the software industry has highlighted the need to consider NFRs as an integral part of software modeling and development. This paper contributes towards harmonizing the need to build the functional behavior of a system with the need to model the associated NFRs while maintaining a scope management for NFRs. The paper presents a systematic and precisely defined model towards an early integration of NFRs within the requirements engineering (RE). Early experiences with the model indicate its ability to facilitate the process of acquiring the knowledge on the priority and risk of NFRs