SIGCSE - A multi-level video game for teaching security (abstract only)

Video games can provide a secure and motivating active learning environment with practical scenarios. This video game project simulates a security competition where the player has to protect the system and keep the services running by reacting to injections that occur at random. The game has several modules (content areas) and levels. Modules have at least two levels. The first level requires installing and configuring hardware/software. For the second level players needs to respond to random events. In the Network module, players install and configure network components such as a firewall/router, a WPA2 WIFI, a web filter/proxy, a spam filter and antivirus software. In the Database Module, players install Apache Web Server, the Data Management System (DBMS) and Database Applications. Players need to install the database and the web-server in a port different than their default port, disable default passwords and test for SQL injection before installing the database. In the Encryption Module, players will be given several scenarios and need to choose the best encrypting method perform the actions to ensure that the data is encrypted. The last module integrates content areas from all other modules

Constructing video games to teach security using Game Maker, Flash and Unity

Video Games and Security are two popular specializations in practically any computing curriculum. For most computer science topics (Programming, System Analysis, Databases) students can be required to build a product at the end of the course. In security, this is a greater challenge. Professors can\u27t inject viruses on a network for students to practice removing them. However, videogames can simulate this scenario. The target audience for this Tutorial will be any computer science professor, although professors teaching videogames or security may have greater interest

Readiness, Safety, and Privacy on Adopting Autonomous Vehicle Technology: UAE Case Study

© 2019 IEEE. Different perspectives discuss autonomous vehicle (AV) as predicted future transportation that includes design, engineering, economics, computer science, social, economic, legislation, and ethical aspects. On the other hand, AV technology offers new problems such as new engineering aspects, social and ethical problems, and presents in the form of an idealized decision-making problem. There are many benefits to AV vehicles, which are at the forefront of technology development. However, the level of cybersecurity provided by this technology is poorly understood. Cyber-attacks against AV can have severe implications for safety, privacy, manufacturers\u27 reputation, and overall perception. In this research, we examine public opinion regarding the implications and challenges that might face AV technology in the United Arab Emirates (UAE). We claim that the successful adoption of AV in future transport systems will be achieved by reasonable risk management approaches that deal with different potential threats of cybersecurity. This survey produced usable responses from 204 participants. The significant result was that the respondents had not previously heard of vehicle-related technology; however, most had a positive first opinion on technology. Around 85% of participants felt that the expected benefits were likely to occur. They expressed a high level of concern regarding security and performance issues. Respondents stated that safety is the most crucial aspect of driverless vehicles. Mostly, it stated that personal communication devices should integrate with the AV\u27s internet connection. The primary outcomes are that the population feels positive about AV and have optimistic expectations regarding its benefits. While maintaining some concerns, most of the people are willing to drive the AV

Experience with video games for security

This paper describes the creation of video games to teach security. The first section explains why video games can be effective tools for improving security awareness. The next section provides an overview of existing video games related to security. The third section describes why three platforms for building videogames were selected. The last section describes the prototypes created and the results of classroom testing

Critical structure of ethics behind offensive cyber warfare

Nowadays cyber warfare is used to be as a tool in military for attacking other countries which may have a direct affect on their nation. The aim of this research is to investigate the ethics behind the offensive cyber war. Cyber army faces great challenges in how to ethically conduct operations. The author discussed the concept of ethics and reasons that led to use information technology in military war, the effects of using cyber war on civilians, the legality of the cyber war and ways of controlling the use of information technology that may used against civilians. The author recommends that if cyber war is needed to be used against enemy, it should be used to hit only military significant goals, avoid indiscriminate attacks and minimize harms to civilians. This research uses a survey methodology to study the awareness of Arab citizens about the cyber war, provide findings and evidences of ethics behind the offensive cyber warfare. Detailed strategies and approaches should be developed in this aspect. The author recommended urging the scientific and technological research centers to improve the security and develop the defending systems to prevent the use of technology in military war against civilians. The Security Council in the international community must not tolerate any country using technology to use against civilians. Future recommendations could focus on the utilization of cyber warfare scientific knowledge to further investigation of using cyber arms. This can be gained in community awareness of understanding the meaning of cyber warfare through various media of press. © 2013 IEEE

Ethics behind cyber warfare: A study of Arab citizens awareness

© 2014 IEEE. Persisting to ignore the consequences of Cyber Warfare will bring severe concerns to all people. Hackers and governments alike should understand the barriers of which their methods take them. Governments use Cyber Warfare to give them a tactical advantage over other countries, defend themselves from their enemies or to inflict damage upon their adversaries. Hackers use Cyber Warfare to gain personal information, commit crimes, or to reveal sensitive and beneficial intelligence. Although both methods can provide ethical uses, the equivalent can be said at the other end of the spectrum. Knowing and comprehending these devices will not only strengthen the ability to detect these attacks and combat against them but will also provide means to divulge despotic government plans, as the outcome of Cyber Warfare can be worse than the outcome of conventional warfare. The paper discussed the concept of ethics and reasons that led to use information technology in military war, the effects of using cyber war on civilians, the legality of the cyber war and ways of controlling the use of information technology that may be used against civilians. This research uses a survey methodology to overlook the awareness of Arab citizens towards the idea of cyber war, provide findings and evidences of ethics behind the offensive cyber warfare. Detailed strategies and approaches should be developed in this aspect. The author recommended urging the scientific and technological research centers to improve the security and develop defending systems to prevent the use of technology in military war against civilians

Social networks IM forensics: Encryption analysis

In most regards, the twenty-first century may not bring revolutionary changes in electronic messaging technology in terms of applications or protocols. Security issues that have long been a concern in messaging application are finally being solved using a variety of products. Web-based messaging systems are rapidly evolving the text-based conversation. The users have the right to protect their privacy from the eavesdropper, or other parties which interferes the privacy of the users for such purpose. The chatters most probably use the instant messages to chat with others for personal issue; in which no one has the right eavesdrop the conversation channel and interfere this privacy. This is considered as a non-ethical manner and the privacy of the users should be protected. The author seeks to identify the security features for most public instant messaging services used over the internet and suggest some solutions in order to encrypt the instant messaging over the conversation channel. The aim of this research is to investigate through forensics and sniffing techniques, the possibilities of hiding communication using encryption to protect the integrity of messages exchanged. Authors used different tools and methods to run the investigations. Such tools include Wireshark packet sniffer, Forensics Tool Kit (FTK) and viaForensic mobile forensic toolkit. Finally, authors will report their findings on the level of security that encryption could provide to instant messaging services. © 2013 Engineering and Technology Publishing

IPhone forensics techniques and crime investigation

The smart phones are used worldwide due to their enhanced features, computing capabilities, increased storage capacity, attractive touch interface, and the ability to use the Wi-Fi signals. The smart phones have new uploaded features that make them more interesting. These include, sharing video and pictures via social network websites such as, Facebook and Twitter. Due to the large number of people using smart phones, there is a growing concern for electronic crimes. Therefore, the digital forensic of the smart phones has became an essential practice to forensic analyst and security specialists. Investigators found that smart phones are now a significant potential source of digital evidence in criminal investigations. The paper investigates different types of logical backup and encryption techniques used with the smart phones. Different smart phones were examined; examples of these are iPhone 3GS, BlackBerry Bold, and Samsung Omnia II I8000. The paper has also addressed the storage and location of social network data. © 2011 IEEE

State of Art of the Effectiveness in Adopting Blockchain Technology-UAE Survey Study

© 2019 IEEE. The Government of the United Arab Emirates (UAE) is moving towards the Smart City and integrating Blockchain (BC) technology among its services to the public. In April 2018, the UAE government launched a Blockchain Strategy of 2021. Under this initiative, 50 percent of government transactions will be processed over a BC platform. Eleven billion dirhams are expected to be saved in transactions and documents prepared in the government sector. The UAE 2021 strategy includes four pillars, focusing on residence happiness, government efficiency, advanced legislation, and global entrepreneurship. In October 2016, the emirate of Dubai, launched a local BC strategy to become the first energy-powered city that leads the future economy by 2020. This motivation placed the Government of UAE as a unique and pioneered country in innovation and enabling the ecosystem to be addressed in both the public and private sectors. This strategy is based on three domains: government effectiveness, industry innovation, and international, domestic leadership. BC projects will be experimenting throughout the country in many sectors such as energy, transportation, logistics, tourism, health, education and employment, economic development, safety and justice, social services, municipal and land works. This paper study the state of art of the UAE strategy towards adopting BC technology among all its entities. A survey has been conducted to evaluate the strategic effectiveness of this new technology. The study involves a combination of 71 public and private companies that operate in the UAE. The outcome shows that there is a need to integrate this technology. At the same time, the survey concluded that 92.0% of the companies are aware of the technology. It also highlighted that 55% of companies suffer from the lack of experienced consultants and outsources their services. The survey confirmed that BC technology had been used in different industrial use cases such as supply chain (35%), Internet of things (27%), and financial transactions (25%)

The study of the interrelation between law programs and digital forensics in UAE Academia

The field of digital forensics is growing in the Middle East which is shown by the establishment of technical digital forensic programs in various universities. Even though these programs are important for the development and advancement of the field they are overlooking the legal aspect of e-crimes and digital forensics in UAE. This paper discusses available law programs and its relations to e-crimes and digital forensics, analyzing the implications caused by the lack of proper e-crimes and digital forensics educational materials in UAE law programs. Even though there are efforts made to overcome this gap between the legal and the technical aspect of digital forensics by creating individual courses it still lacks a strong educational law program preparing the judicial system to face these crimes in a more effective manner. This paper also discusses the possible improvement on the curricula of law programs. Copyright 2013 ACM