On the Origins of Advance Fee Fraud Electronic Mails: A Technical Investigation Using Internet Protocol Address Tracers

One issue that is concerning to the web security community is the correct identification of the origins of advance fee fraud mails. This has serious implications for directing concerted efforts towards mitigating the malaise in the right direction. Although previous research (Cuckier et al, 2007, Gbenga, 2007; Igwe, 2007; Progame, 2007) opined that these mails originate mainly from Nigeria and other West African Countries, research is warranted using available tracking tools to validate previously held notions about the issue of advance fee e-fraud mails. We harvested in real-time aggregated advance fraud e-mails over a two year period using the sinkhole aggregation methodology as proposed by Abhinav et al (2008), Using freeware e-mail and internet protocol address tracers, we obtained results that deviates from the generally held believes about the origins of advance fee fraud e-mails. Our findings have implications for research on spam filtering and by extension web security

Hybrid Spread-Spectrum TCP for Combating Fraudulent Cyber Activities against Reconnaissance Attacks

The inefficiencies of current intrusion detection system against fraudulent cyber activities attracts the attention of computer gurus, also known as “hackers” to exploit known weakness on a particular host or network. These hackers are expert programmers who mainly focus on how the Internet works, and they interact with each other to know its strengths and weaknesses. Then they develop advanced tools which an average attacker with little background can use to know the liveness, reachability and running service on the network. Once an attacker identifies these details, he can accurately launch an effective attack and get maximum benefit out of it with less probability of attack detection. In this paper, a system that opens ports on a firewall by generating a connection attempt on a set of pre-specified closed ports is established. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host that sent the connection attempts to connect over specific port(s). This conceals and protects network services which are running on the computer

Camouflages and Token Manipulations-The Changing Faces of the Nigerian Fraudulent 419 Spammers

The inefficiencies of current spam filters against fraudulent (419) mails is not unrelated to the use by spammers of good-word attacks, topic drifts, parasitic spamming, wrong categorization and recategorization of electronic mails by e-mail clients and of course the fuzzy factors of greed and gullibility on the part of the recipients who responds to fraudulent spam mail offers. In this paper, we establish that mail token manipulations remain, above any other tactics, the most potent tool used by Nigerian scammers to fool statistical spam filters. While hoping that the uncovering of these manipulative evidences will prove useful in future antispam research, our findings also sensitize spam filter developers on the need to inculcate within their antispam architecture robust modules that can deal with the identified camouflages

A Realist Evaluation of the Sustainability of Disease Surveillance Intervention Outcomes in Sub-Saharan Africa

In recent years, the use of Information and Communication Technologies (ICTs) and to improve disease surveillance has been on the increase. This is in line with the notion that ICTs improve timeliness, availability and quality of public health data. Sub-Saharan Africa (SSA) is burdened with increasing health challenges and poor health infrastructure. Thus, an explosion of ICT-based health surveillance interventions to curb these challenges. However, despite the implementation of these interventions, important questions around the effectiveness and sustainability still remain. This study proposes a realist evaluation of disease surveillance intervention outcomes from a sustainability perspective to uncover what works, for whom, under what conditions and why? We also discuss how the complex adaptive systems theory and affordance theory provide a lens for investigating this phenomenon. The results of this study will contribute to the evidence based movement for Information Systems (IS) research and practice in SSA

Regulatory Perspective on Nuclear Cyber Security: The Fundamental Issues

We are living in a digital and information-driven age; hence need to retain information on virtually every aspect of our lives, nuclear information inclusive. Security in computer systems is strongly related to the notion of dependability. For such system to be reliable and secure in a nuclear facility, unauthorized logic changes must be prevented - confidentiality, field device inputs and outputs must remain immutable throughout their usable lifetime - integrity, and everything should remain in an operable state - availability. The dynamic and complex nature of cyber threats has made it a serious challenge to secure computer systems in nuclear facilities. Despite the adoption of varied cyber security services, policies, mechanisms, strategies and regulatory frameworks like confidentiality, integrity, availability, non-repudiation, encipherment, defence-in-depth, design basis threat, IAEA technical guidance documents such as: GS-R-1, GS-R-2, NSS13, NSS17, NST036, NST045, and NST047, IEEE standard 7-4.3.2-2010, NIST SP 800-53, NIST SP 800-82, NEI 08-09 and country-specific requirements such as: 10 CFR 73.54, 10 CFR 73.1, RG 5.71 (USNRC), KINS/RG-N08.22 (South Korea) respectively, the threats remain persistent. This paper is aimed at providing a regulatory perspective on nuclear cyber security, its relationship to nuclear safety and security, regulatory requirements and cyber security global best practice recommendations and strategies to prevent its occurrence. This is imperative as Nigeria prepares to join the league of countries with operational nuclear power plants and reactors by its approval and adoption of the nuclear power programme roadmap in 2007

The Impact of ICT Projects on Developing Economies: The Case of People with Physical Disabilities in Nigeria

This study investigates the use of computers by People with Disabilities (PWDs) and whether it improves capability and human development in sub-Saharan Africa. Based on a case study’s findings and interviews with PWDs, we build on the Technology-Augment Capability Approach to show how computers as technical objects and caregivers as non-technical objects facilitate four key capabilities for PWDs, namely (1) Capability to education, (2) Capability to socio-economic activities, (3) Capability to social relations, (4) Informational capabilities and capability to employment. However, PWDs’ ability to convert the use of computers into capabilities is influenced by conversion factors, such as personal, social, environmental, technological, choice, and agency. Furthermore, our findings show also that there are enabling factors, such as accessibility, technological know-how, computer features, and Internet connectivity which facilitate PWDs’ achieved functionings

A maximum entropy classification scheme for phishing detection using parsimonious features

Over the years, electronic mail (e-mail) has been the target of several malicious attacks. Phishing is one of the most recognizable forms of manipulation aimed at e-mail users and usually, employs social engineering to trick innocent users into supplying sensitive information into an imposter website. Attacks from phishing emails can result in the exposure of confidential information, financial loss, data misuse, and others. This paper presents the implementation of a maximum entropy (ME) classification method for an efficient approach to the identification of phishing emails. Our result showed that maximum entropy with parsimonious feature space gives a better classification precision than both the Naïve Bayes and support vector machine (SVM)

A Maximum Entropy Classification Scheme for Phishing Detection using Parsimonous Features

Over the years, electronic mail (e-mail) has been the target of several malicious attacks. Phishing is one of the most recognizable forms of manipulation aimed at e-mail users and usually, employs social engineering to trick innocent users into supplying sensitive information into an imposter website. Attacks from phishing emails can result in the exposure of confidential information, financial loss, data misuse, and others. This paper presents the implementation of a maximum entropy (ME) classification method for an efficient approach to the identification of phishing emails. Our result showed that maximum entropy with parsimonious feature space gives a better classification precision than both the Naïve Bayes and support vector machine (SVM

A Similarity Threshold-based Tool for Generating and Assessing Essay Computer-Based Examinations

Most computer-based assessments (CBA) employ test generators that produce multiple choice questions usually with our options. The limitations of these types of evaluation are that students can randomly select or guess answers with a 25% chance of choosing the right answer per question. The implication is that there is a one out of four probability that students can pass such examinations without understanding the contents taught in class; without studying for the examination and by just guessing answers. In the light of the foregoing, the effectiveness of multiple choice and objective questions as a tool for evaluating students’ mastery of subjects can be questioned. Unfortunately, most test generators do not have the capability for handling essay-based questions due to the fact that there are no rigid responses to essay examination questions. We attempted to bridge this gap by developing EssayTest - a tool that generates essay based questions and mark essay based examinations. Using JAVA, JDBC, MYSQL and other third party interface design tools, EssayTest employ similarity thresholds to match tokens in the answers supplied by teachers and responses from the students in an essay-based CBA as a way of scoring the examination. Preliminary tests showed very promising results