Disguised Executable Files in Spear-Phishing Emails: Detecting the Point of Entry in Advanced Persistent Threat

In recent years, cyber attacks have caused substantial financial losses and been able to stop fundamental public services. Among the serious attacks, Advanced Persistent Threat (APT) has emerged as a big challenge to the cyber security hitting selected companies and organisations. The main objectives of APT are data exfiltration and intelligence appropriation. As part of the APT life cycle, an attacker creates a Point of Entry (PoE) to the target network. This is usually achieved by installing malware on the targeted machine to leave a back-door open for future access. A common technique employed to breach into the network, which involves the use of social engineering, is the spear phishing email. These phishing emails may contain disguised executable fi les. This paper presents the disguised executable le detection (DeFD) module, which aims at detecting disguised exe files transferred over the network connections. The detection is based on a comparison between the MIME type of the transferred fi le and the fi le name extension. This module was experimentally evaluated and the results show a successful detection of disguised executable files

A Multi-Stage Classification Approach for IoT Intrusion Detection Based on Clustering with Oversampling

This research received no external funding. The APC is funded by Prince Sultan UniversityThe authors would like to acknowledge the support of Prince Sultan University for paying the Article Processing Charges (APC) of this publication.Intrusion detection of IoT-based data is a hot topic and has received a lot of interests from researchers and practitioners since the security of IoT networks is crucial. Both supervised and unsupervised learning methods are used for intrusion detection of IoT networks. This paper proposes an approach of three stages considering a clustering with reduction stage, an oversampling stage, and a classification by a Single Hidden Layer Feed-Forward Neural Network (SLFN) stage. The novelty of the paper resides in the technique of data reduction and data oversampling for generating useful and balanced training data and the hybrid consideration of the unsupervised and supervised methods for detecting the intrusion activities. The experiments were evaluated in terms of accuracy, precision, recall, and G-mean and divided into four steps: measuring the effect of the data reduction with clustering, the evaluation of the framework with basic classifiers, the effect of the oversampling technique, and a comparison with basic classifiers. The results show that SLFN classification technique and the choice of Support Vector Machine and Synthetic Minority Oversampling Technique (SVM-SMOTE) with a ratio of 0.9 and the k value of 3 for k-means++ clustering technique give better results than other values and other classification techniques.Prince Sultan Universit

Disguised Executable Files in Spear-Phishing Emails: Detecting the Point of Entry in Advanced Persistent Threat

In recent years, cyber attacks have caused substantial financial losses and been able to stop fundamental public services. Among the serious attacks, Advanced Persistent Threat (APT) has emerged as a big challenge to the cyber security hitting selected companies and organisations. The main objectives of APT are data exfiltration and intelligence appropriation. As part of the APT life cycle, an attacker creates a Point of Entry (PoE) to the target network. This is usually achieved by installing malware on the targeted machine to leave a back-door open for future access. A common technique employed to breach into the network, which involves the use of social engineering, is the spear phishing email. These phishing emails may contain disguised executable fi les. This paper presents the disguised executable le detection (DeFD) module, which aims at detecting disguised exe files transferred over the network connections. The detection is based on a comparison between the MIME type of the transferred fi le and the fi le name extension. This module was experimentally evaluated and the results show a successful detection of disguised executable files

Water Demand Management in Some Arab Countries Using GIS

The alarming increase in the scarcity of water in various parts of the world. Water is a main issue in many countries especially in those Arab countries, it has focused a global attention on the need for a stronger and more appropriate water resource management and availability solutions. With about 170 million people in 17 countries suffering from water scarcity and about 275 million in 9 countries having "water stresses" conditions, it becomes imperative for nations to come up with more focused and direct measures that would address and stem this resource scarcity. Water sustainability needs a balance between demand and availability. The main objective of this paper is the application of these  concepts to Arabs countries. Water demand management is about achieving a reduction in the use of water resources, normally through increased efficiency of water application. The management of water resources was not explicitly included in the past from thirty-five years in all most of those countries normative system partly because water was believed to be a free good in mind, and was not accepted to have a price to pay to use it. This work contributed to a low efficiency of water use and waste of it, and water prices are often well below levels needed to cover the costs of the system. Moreover, this contributes to a worse quality of water, and, as quality of water decrease, the management of water resources becomes more challenging and the need to integrate water quality into an overall water resources management grows. The main goal of this paper  is showing, how Geographical  Information Systems (GIS ) can be used to support infrastructure planners and analyst  on water demand of a local area in some Arabs countries such as(Egypt,  Sudan, Libya, Algeria, Tunisia, Morocco, Jordan, KSA and UAE).   Keywords: GIS, Water in land, Water area, XML Schema.

A Combined CNN and LSTM Model for Arabic Sentiment Analysis

Deep neural networks have shown good data modelling capabilities when dealing with challenging and large datasets from a wide range of application areas. Convolutional Neural Networks (CNNs) offer advantages in selecting good features and Long Short-Term Memory (LSTM) networks have proven good abilities of learning sequential data. Both approaches have been reported to provide improved results in areas such image processing, voice recognition, language translation and other Natural Language Processing (NLP) tasks. Sentiment classification for short text messages from Twitter is a challenging task, and the complexity increases for Arabic language sentiment classification tasks because Arabic is a rich language in morphology. In addition, the availability of accurate pre-processing tools for Arabic is another current limitation, along with limited research available in this area. In this paper, we investigate the benefits of integrating CNNs and LSTMs and report obtained improved accuracy for Arabic sentiment analysis on different datasets. Additionally, we seek to consider the morphological diversity of particular Arabic words by using different sentiment classification levels.Comment: Authors accepted version of submission for CD-MAKE 201

Selected Papers from the 6th Fábos Conference on Landscape and Greenway Planning

This book contains five research articles and one review article derived from the 6th Fabos Conference on Greenway Planning held at the University of Massachusetts, Amherst, in April of 2019. Specific topics covered include greenway planning and analysis for urban morphology, typology, climate change impact and recreational and health usage, in addition to historic greenway restoration. All the articles illustrate multidisciplinary approaches for analyzing urban greenway functions within expanding and contracting cities

SMART - IWRM - Sustainable Management of Available Water Resources with Innovative Technologies - Integrated Water Resources Management in the Lower Jordan Rift Valley : Final Report Phase II (KIT Scientific Reports ; 7698)

SMART was a multi-lateral research project with partners from Germany, Israel, Jordan and the Palestinian Territories. The overall goal was to develop a transferable approach for Integrated Water Resources Management (IWRM) in the water shortage region of the Lower Jordan Valley. The innovative aspect addressed all available water resources: groundwater and surface waters, but also wastewater, brackish water and flood water that need to be treated for use

A review of multi-factor authentication in the internet of healthcare things

Objective: This review paper aims to evaluate existing solutions in healthcare authentication and provides an insight into the technologies incorporated in Internet of Healthcare Things (IoHT) and multi-factor authentication (MFA) applications for next-generation authentication practices. Our review has two objectives: (a) Review MFA based on the challenges, impact and solutions discussed in the literature; and (b) define the security requirements of the IoHT as an approach to adapting MFA solutions in a healthcare context. Methods: To review the existing literature, we indexed articles from the IEEE Xplore, ACM Digital Library, ScienceDirect, and SpringerLink databases. The search was refined to combinations of ‘authentication’, ‘multi-factor authentication’, ‘Internet of Things authentication’, and ‘medical authentication’ to ensure that the retrieved journal articles and conference papers were relevant to healthcare and Internet of Things-oriented authentication research. Results: The concepts of MFA can be applied to healthcare where security can often be overlooked. The security requirements identified result in stronger methodologies of authentication such as hardware solutions in combination with biometric data to enhance MFA approaches. We identify the key vulnerabilities of weaker approaches to security such as password use against various cyber threats. Cyber threats and MFA solutions are categorised in this paper to facilitate readers’ understanding of them in healthcare domains. Conclusions: We contribute to an understanding of up-to-date MFA approaches and how they can be improved for use in the IoHT. This is achieved by discussing the challenges, benefits, and limitations of current methodologies and recommendations to improve access to eHealth resources through additional layers of security