1,504 research outputs found
Examining marketing cyber-security in the digital age: Evidence from marketing platforms
The current study aimed to examine marketing cyber-security (DDoS Attacks, Cross-Site Scripting, SQL Attacks, and passwords attacks) in the digital age by presenting evidence from digital marketing platforms. Depending on the quantitative approach and utilizing a questionnaire as a tool, (133) marketing managers in digital marketing companies in Jordan responded to an online questionnaire. SPSS was used to screen and analyze the gathered data. Results of the study accepted the main hypothesis, and it appeared that marketing cyber-security has a statistically positive influence on marketing platforms, in addition to that, it appeared that the highest influence of sub-variables was for the benefit of Structured Query Language (SQL) Attacks explaining 35.8% of the variation. This result meant that SQL attacks-security does have a statistically positive influence on marketing platforms. This hypothesis could be tested through various methodologies, for example, surveys, interviews, focus groups, and/or experiments. The study recommended that marketers should use role-based access to limit the data employees can access and regularly review their permissions. Further recommendations were presented in the study
Website Phishing Detection Using Machine Learning Techniques
Phishing is a cybercrime that is constantly increasing in the recent years due to the increased use of the Internet and its applications. It is one of the most common types of social engineering that aims to disclose or steel users sensitive or personal information. In this paper, two main objectives are considered. The first is to identify the best classifier that can detect phishing among twenty-four different classifiers that represent six learning strategies. The second objective aims to identify the best feature selection method for websites phishing datasets. Using two datasets that are related to Phishing with different characteristics and considering eight evaluation metrics, the results revealed the superiority of RandomForest, FilteredClassifier, and J-48 classifiers in detecting phishing websites. Also, InfoGainAttributeEval method showed the best performance among the four considered feature selection methods
Review and comparison of US, EU, and UK regulations on cyber risk/security of the current Blockchain Technologies - viewpoint from 2023
The results of this study show that cybersecurity standards are not designed in close cooperation between the two major western blocks - US and EU. In addition, while the US is still leading in this area, the security standards for cryptocurrencies, internet-of-things, and blockchain technologies have not evolved as fast as the technologies have. The key finding from this study is that although the crypto market has grown into a multi-trillion industry, the crypto market has also lost over 70% since its peak, causing significant financial loss for individuals and cooperationâs. Despite this significant impact to individuals and society, cybersecurity standards and financial governance regulations are still in their infancy
Desain Arsitektur Aplikasi QR Code sebagai Anti Phishing Serangan QR Code
QR Codes are very vulnerable to falsification because it is difficult to distinguish the original QR Code from a fake QR Code. Because of this vulnerability, the scanning process on fake QR Codes can direct users to dangerous sites with important information or data from the user. To assess QR Code security vulnerabilities and actions using a secure Application-based QR Code Architecture as Anti Phishing against QR Code attacks using hash functions and digital signatures. In experiments simulated attack types to malicious QR codes that redirect users to phishing sites. The real URL is disguised into the QR Code, where the user does not suspect, the URL is redirected to the fake site. As a result, intruders can easily use QR codes as vectors for phishing attacks targeted at smartphone users, even if they are using a browser that has security features
Recommended from our members
Bridging the Gap Between Public Organizaions and Cybersecurity
Cyberattacks are a major problem for public organizations across the nation, and unfortunately for them, the frequency of these attacks is constantly growing. This project used a case study approach to explore the types of cybersecurity public organization agencies face and how those crimes can be mitigated. The goal of this paper is to understand how public organization agencies have prepared for cyberattacks and discuss additional suggestions to improve their current systems with the current research available This research provides an analysis of current cyber security systems, new technologies that can be implemented, roadblocks public agencies face before and during the implementation of changes, and the benefits of shared knowledge across departments. The survey shows that while each agency utilizes different systems to protect its networks, the experts interviewed believe there are areas for improvement. One major roadblock to public organization agencies is dealing with the multi-step approval process of public sector entities. Relevant research also shows that sharing knowledge between groups can be beneficial for similar groups and entities with similar goals. The conclusions of this research are that mitigation of cyber-attacks need leadership buy-in, knowledge sharing between agencies, and the implementation of new technologies such as artificial intelligence (AI) models. Areas of further study include the ethics surrounding the use of AI, the problem of creating a sustained cybersecurity mindset, and how the implementation process can be streamlined in public organizations
Next-Generation Industrial Control System (ICS) Security:Towards ICS Honeypots for Defence-in-Depth Security
The advent of Industry 4.0 and smart manufacturing has led to an increased convergence of traditional manufacturing and production technologies with IP communications. Legacy Industrial Control System (ICS) devices are now exposed to a wide range of previously unconsidered threats, which must be considered to ensure the safe operation of industrial processes. Especially as cyberspace is presenting itself as a popular domain for nation-state operations, including against critical infrastructure. Honeypots are a well-known concept within traditional IT security, and they can enable a more proactive approach to security, unlike traditional systems. More work needs to be done to understand their usefulness within OT and critical infrastructure. This thesis advances beyond current honeypot implementations and furthers the current state-of-the-art by delivering novel ways of deploying ICS honeypots and delivering concrete answers to key research questions within the area. This is done by answering the question previously raised from a multitude of perspectives. We discuss relevant legislation, such as the UK Cyber Assessment Framework, the US NIST Framework for Improving Critical Infrastructure Cybersecurity, and associated industry-based standards and guidelines supporting operator compliance. Standards and guidance are used to frame a discussion on our survey of existing ICS honeypot implementations in the literature and their role in supporting regulatory objectives. However, these deployments are not always correctly configured and might differ from a real ICS. Based on these insights, we propose a novel framework towards the classification and implementation of ICS honeypots. This is underpinned by a study into the passive identification of ICS honeypots using Internet scanner data to identify honeypot characteristics. We also present how honeypots can be leveraged to identify when bespoke ICS vulnerabilities are exploited within the organisational networkâfurther strengthening the case for honeypot usage within critical infrastructure environments. Additionally, we demonstrate a fundamentally different approach to the deployment of honeypots. By deploying it as a deterrent, to reduce the likelihood that an adversary interacts with a real system. This is important as skilled attackers are now adept at fingerprinting and avoiding honeypots. The results presented in this thesis demonstrate that honeypots can provide several benefits to the cyber security of and alignment to regulations within the critical infrastructure environment
Supervised Learning in Time-dependent Environments with Performance Guarantees
In practical scenarios, it is common to learn from a sequence of related problems (tasks).
Such tasks are usually time-dependent in the sense that consecutive tasks are often
significantly more similar. Time-dependency is common in multiple applications such
as load forecasting, spam main filtering, and face emotion recognition. For instance, in
the problem of load forecasting, the consumption patterns in consecutive time periods
are significantly more similar since human habits and weather factors change gradually
over time. Learning from a sequence tasks holds promise to enable accurate performance
even with few samples per task by leveraging information from different tasks. However,
harnessing the benefits of learning from a sequence of tasks is challenging since tasks
are characterized by different underlying distributions.
Most existing techniques are designed for situations where the tasksâ similarities
do not depend on their order in the sequence. Existing techniques designed for timedependent
tasks adapt to changes between consecutive tasks accounting for a scalar
rate of change by using a carefully chosen parameter such as a learning rate or a weight
factor. However, the tasksâ changes are commonly multidimensional, i.e., the timedependency
often varies across different statistical characteristics describing the tasks.
For instance, in the problem of load forecasting, the statistical characteristics related
to weather factors often change differently from those related to generation.
In this dissertation, we establish methodologies for supervised learning from a sequence
of time-dependent tasks that effectively exploit information from all tasks,
provide multidimensional adaptation to tasksâ changes, and provide computable tight
performance guarantees. We develop methods for supervised learning settings where
tasks arrive over time including techniques for supervised classification under concept
drift (SCD) and techniques for continual learning (CL). In addition, we present techniques
for load forecasting that can adapt to time changes in consumption patterns
and assess intrinsic uncertainties in load demand. The numerical results show that the
proposed methodologies can significantly improve the performance of existing methods
using multiple benchmark datasets. This dissertation makes theoretical contributions
leading to efficient algorithms for multiple machine learning scenarios that provide computable
performance guarantees and superior performance than state-of-the-art techniques
Artificial Intelligence and International Conflict in Cyberspace
This edited volume explores how artificial intelligence (AI) is transforming international conflict in cyberspace. Over the past three decades, cyberspace developed into a crucial frontier and issue of international conflict. However, scholarly work on the relationship between AI and conflict in cyberspace has been produced along somewhat rigid disciplinary boundaries and an even more rigid sociotechnical divide â wherein technical and social scholarship are seldomly brought into a conversation. This is the first volume to address these themes through a comprehensive and cross-disciplinary approach. With the intent of exploring the question âwhat is at stake with the use of automation in international conflict in cyberspace through AI?â, the chapters in the volume focus on three broad themes, namely: (1) technical and operational, (2) strategic and geopolitical and (3) normative and legal. These also constitute the three parts in which the chapters of this volume are organised, although these thematic sections should not be considered as an analytical or a disciplinary demarcation
Cybersecurity Mindfulness in the Age of Mindless AIs: Investigating AI Assistants Impact in High-Reliability Organizations
The Focus: The focus of this Master Thesis is to investigate how AI tools, such as Large Learning Models (LLMs), impact cybersecurity operations in organizations that are regarded as highly reliable. To understand the impacts of AI tools on such operations, we also need to understand the nature of AI tools, their context of use and the experience of users that rely on them.
Research Approach: This thesis is structured around two different methods of investigation. First a systematic literature review was conducted, where related articles was found in different databases, i.e. Google Scholar, Web of Science and the Basket of Eight publications. After this a Qualitative study was conducted where a multiple case study with interviews and random sampling was utilized. A total of 8 informants were interviewed for this study, each lasting ~30 minutes where the questions were based on the findings from the literature.
Findings: From the literature it became clear that AIs, while better than humans in many things such as analyzing Big Data, intrusion detection and other pattern recognition activities, does bring with it many difficulties to the individual and the organization. AIs and LLMs are prone to making you develop an overreliance on them where you accept their answers because of your own biases, while the information itself might be fundamentally wrong or even deceitful. This phenomenon is called AI Hallucination and is vital to understanding an AIs effect on individuals. The literature highlighted that when using any tool, it was important to realize that the AI tool is simply a machine and might be wrong, question everything and do not accept any information at face value. Quite simply, think things through. LLMs have a problem with transparency, it is impossible to know its âreasoningâ behind the information it provides. This fact is supported by both the literature and the interviews themselves. Overreliance, hallucination, cultivating the wrong kind of trust and lack of transparency all lead to an individual acting mindless who takes the information as true. While they have been deceived by trusting something that essentially is untrustworthy or at the very least should have been looked more into.
Implication: The practical implications for this study is that an organization, especially if it is of high reliability should carefully identify measures to avoid the negative impact of AI Assistants when used in day-to-day work in cybersecurity operations
- âŠ