The Application of Mixed Method in Developing a Cyber Terrorism Framework

Mixed method research has becoming an increasingly popular approach in the discipline of sociology, psychology, education, health science and social science. The purpose of this paper is to describe the application of mixed method in developing a cyber terrorism framework. This project has two primary goals: firstly is to discover the theory and then develop a conceptual framework that describes the phenomena, and secondly is to verify the conceptual framework that describes the phenomena. In order to achieve conclusive findings of the study, a mixed method research is recommended: qualitative data and quantitative data are collected and analyzed respectively in a separate phase. The mixed method approach improves the rigor and explanation of the research results, thus bring conclusive findings to the study outcome. By utilizing qualitative and quantitative techniques within the same study, we are able to incorporate the strength of both methodologies and fit together the insights into a workable solution

A Dynamic Cyber Terrorism Framework

Abstract—Many nations all over the world have increased their dependency on cyberspace by maximizing the use of Information and Communication Technology (ICT). In this digital age, the concept of cyber terrorism or the use of cyberspace to carry out terrorist activities has emerged. Interestingly, there are many concepts of cyber terrorism provided by researchers, policy makers and individuals. This paper proposes a framework describing the core components of cyber terrorism. The authors have analyzed the data by using a grounded theory approach, in which the framework is drawn. The framework defines cyber terrorism from six perspectives: Target, motivation, method of attack, domain, action by perpetrator, and impact. In addition, the proposed framework provides a dynamic way in defining cyber terrorism as well as describing its influential considerations. Continued research in this area can be further conducted, which may lead to the development of strategic and technological framework to counter cyber terrorism

Information Security Threats to e-government Services in Kenya

This study examined information security threats to e-government services commonly known as e-citizen Grounded on General Systems Theory examined the nature of complex inter-relationships and interdependence of global society states non-state actors and individuals and how they relate in a complex internet enabled communication network Mixed method cross sectional survey was used Targeted population of 12000 respondents from 51 Huduma Centres Purposive sampling at 10 was chosen where 1200 structured questionnaires issued returned 966 responses at 80 The data was processed and analysed using SPSS The hypothesis was tested at 5 significance level The study found that Kenyan citizens were the majority at 50 Companies at 35 Foreign Agencies 10 and Foreign Nationals at 5 The services sought Government to G2C 43 Government to Business G2B 35 Government to employees G2E 20 and Government to Government G2G 2 The study identified 12 categories of information security threats i e unauthorized access illegal devices unauthorized codes distributed denial of services ddos false publications computer frauds cyber espionage terrorism and squatting phishing identity thefts electronic interceptions fraudulent electronic data employee aiding and child pornograph

Proportionality and its Applicability in the Realm of Cyber Attacks

With an ever-increasing reliance on State cyber-attacks, the need for an international treaty governing the actions of Nation-States in the realm of cyberwarfare has never been greater. States now have the ability to cause unprecedented civilian loss with their cyber actions. States can destroy financial records, disrupt stock markets, manipulate cryptocurrency, shut off nuclear reactors, turn off power grids, open dams, and even shut down air traffic control systems with the click of a mouse. This article argues that any cyber-attack launched with a reasonable expectation to inflict “incidental loss of civilian life, injury to civilians, or damage to civilian objects,” must be subject to the existing laws of proportionality. This article further examines the broader concept of proportionality, and the difficulties associated with applying a proportionality analysis to an offensive cyber-strike. This paper asserts that the ambiguities and complexities associated with applying the law of proportionality—in its current state and within a cyber context—will leave civilian populations vulnerable to the aggressive cyber actions of the world’s cyber powers. Consequently, this article stresses the necessity of developing a proportionality standard within a unified international cyberwarfare convention and asserts that such a standard is required in order to prevent the creation of a pathway towards lethal cyber aggressions unrestrained by the laws of war

Anti Money Laundering Mechanism: An Application of Principal-Agent Model for Pakistan

In this paper anti money laundering policy of the international financial regime is analyzed in principal agent model perspective. The strategy of the principal for formal agents is deliberated for global financial stability. This strategy encompasses incentive and dis-incentive for cooperation of formal agent. Formal agent by cooperating with principal may induce dis-incentive for informal agent. All the integrating stake holders make decision on the basis of comparison of present value of marginal cost of non-cooperation and present value of returns from cooperation. As the desired objective of the principal is to minimize transaction of money through informal channels therefore it has to include informal agents and clients in the strategy. The successful anti money laundering strategy can only be evolved by the cooperation of all the stakeholders.International Financial Regime, Principal Agent model and Money Laundering

Machine Learning Approach to Mobile Forensics Framework for Cyber Crime Detection in Nigeria

The mobile Cyber Crime detection is challenged by number of mobile devices (internet of things), large and complex data, the size, the velocity, the nature and the complexity of the data and devices has become so high that data mining techniques are no more efficient since they cannot handle Big Data and internet of things. The aim of this research work was to develop a mobile forensics framework for cybercrime detection using machine learning approach. It started when call was detected and this detection is made by machine learning algorithm furthermore intelligent mass media towers and satellite that was proposed in this work has the ability to classified calls whether is a threat or not and send signal directly to Nigerian communication commission (NCC) forensic lab for necessary action

The European Security Industry: A Research Agenda

The security industry can be defined, in the first instance, as the industry that produces the goods and services required to protect citizens from insecurity. Yet, this industry, as opposed to defence, has not been an area of intense research. Their boundaries are unclear and the industry is not well characterised. This paper analyses this knowledge gap and presents some ideas for a research agenda for this industry that could assist in unveiling the main features, the potential weaknesses and strengths, and the capability to solve the security needs of society in an efficient and effective way. The paper discusses a definition of this economic sector useful in setting its boundaries, and it briefly describes the main types of industries operating within the sector. It analyses methods for gathering information regarding the industry, customers, and other market agents. Finally, it outlines ways for assessing market performance in terms of the structure-conduct-performance paradigm.security industry, security market, terrorism and organised crime countermeasures, competition, market performance

Balancing End-to-End Encryption and Public Safety

Over the last decade, there has been a significant debate around end-to-end encryption (E2EE) and its implications for public safety. At the forefront of the discourse is a false dichotomy between protecting privacy and ensuring national security. At the extreme ends of this deeply polarised debate are two key arguments. On the privacy side, it is believed that governments and law enforcement agencies desire unrestrained exceptional access to E2EE communications to spy on their citizens. On the security side, it is maintained that obtaining lawful exceptional access is the only way to protect citizens and uphold national security. The debate has reached a deadlock, with both sides perpetuating zero-sum views.However, experts are calling for a more nuanced conversation about possible solutions to the criminal use of E2EE services. It is vital that a range of views are considered in order to identify the key issues and inform a more productive debate. Through a review of the existing literature and insights from 22 semi-structured interviews, this paper balances the perspectives from a range of relevant stakeholders on the main elements of the E2EE debate and presents some key takeaways in an effort to move away from a crude privacy-versus-security binary.The paper presents the following key findings:There are clear and significant cyber security and privacy benefits to E2EE. Efforts to weaken or restrict its access would be a net loss for all.Criminal use of E2EE is a significant risk to public safety and solutions are vital. Yet, it should also be acknowledged that technology is an enabler of criminal and harmful activity and should not be treated as the root cause.The possibility of developing technical tools which could assist law enforcement investigations should not be categorically ruled out, but future proposals must be measured against the principles of proportionality, legality and technical robustness.Alternative options for law enforcement investigations such as metadata analysis and legal hacking should be considered, but they are not without their drawbacks. Legal hacking could be proportionate but its reliance on software vulnerabilities is largely at odds with strong cyber security. Metadata analysis is promising but more research is needed to determine the extent to which it can be used to aid law enforcement investigations.Industry do have a responsibility to make their platforms safer and free from criminal abuse. This requires implementation of safety-by-design principles and the provision of resources for better digital literacy and education. Governments must have oversight over the technical tools developed.A more nuanced debate must continue which actively moves away from zero-sum views of absolute privacy versus absolute security, and focuses more on how the risks to public safety can be reduced in proportion with the need to protect citizens' rights and freedoms

Future prospects for personal security in travel by public transport

This work was supported by the Engineering and Physical Sciences Research Council [grant number EP/I037032/1]. No other funding support from any other bodies was provided.Peer reviewedPublisher PD

Strategies for Implementing Successful IT Security Systems in Small Businesses

Owners of small businesses who do not adequately protect business data are at high risk for a cyber attack. As data breaches against small businesses have increased, it has become a growing source of concern for consumers who rely on owners of small businesses to protect their data from data breaches. Grounded in general systems theory and routine activity approach, the focus of this qualitative multiple case study was to explore strategies used by owners of small businesses to protect confidential company data from cyber attacks. The process used for collecting data involved semistructured face-to-face interviews with 5 owners of small businesses in Florida, as well as a review of company documents that were relevant to strategies used by owners of small businesses to protect confidential company data from cyber attacks. The thematic analysis of the interview transcripts revealed 4 themes for protecting business data against cyber attacks, which are security information management strategy, organizational strategy, consistent security policy, and cybersecurity risk management strategy. A key finding is that owners of small businesses could develop an organizational strategy by incorporating procedures used to protect from and respond to cyber attacks. The implications for positive social change include the potential to increase customers’ confidence and businesses’ economic growth, as well as stimulate the socioeconomic lifecycle, resulting in potential employment gains for residents within the communities