Cybercrime Profiling: Decision-Tree Induction, Examining Perceptions of Internet Risk and Cybercrime Victimisation

The Internet can be a double-edged sword. While offering a range of benefits, it also provides an opportunity for criminals to extend their work to areas previously unimagined. Every country faces the same challenges regarding the fight against cybercrime and how to effectively promote security for its citizens and organisations. The main aim of this study is to introduce and apply a data-mining technique (decision-tree) to cybercrime profiling. This paper also aims to draw attention to the growing number of cybercrime victims, and the relationship between online behaviour and computer victimisation. This study used secondhand data collected for a study was carried out using Jordan a s a case study to investigate whether or not individuals effectively protect themselves against cybercrime, and to examine how perception of law influences actions towards incidents of cybercrime. In Jordan, cybercafe's have become culturally acceptable alternatives for individuals wishing to access the Internet in private, away from the prying eyes of society

Forensic Malware Analysis: The Value of Fuzzy Hashing Algorithms in Identifying Similarities

This research aims to examine the effectiveness and efficiency of fuzzing hashing algorithm in the identification of similarities in Malware Analysis. More precisely, it will present the benefit of using fuzzy hashing algorithms, such as ssdeep, sdhash, mvHash and mrsh – v2, in identifying similarities in Malware domain. The obtained results will be compared with the traditional and most common Cryptographic Hashes, such as the MD5, SHA-1 and SHA-256. Furthermore, it will highlight the pros and cons of fuzzy and cryptographic hashing, as well as their adoption in real world applications

Fast authentication in wireless sensor networks

Broadcast authentication is a fundamental security service in wireless sen- sor networks (WSNs). Although symmetric-key-based μTESLA-like schemes were employed due to their energy efficiency, they all suffer from DoS attacks resulting from the nature of delayed message authentication. Recently, sev- eral public-key-based schemes were proposed to achieve immediate broadcast authentication that may significantly improved security strength. However, while the public-key-based schemes obviate the security vulnerability inher- ent to symmetric-key-based μTESLA-like schemes, their signature verifica- tion is time-consuming. Thus, speeding up signature verification is a problem of considerable practical importance, especially in resource-constrained en- vironments. This paper exploits the cooperation among sensor nodes to ac- celerate the signature verification of vBNN-IBS, a pairing-free identity-based signature with reduced signature size. We demonstrate through on exten- sive performance evaluation study that the accelerated vBNN-IBS achieves the longest network lifetime compared to both the traditional vBNN-IBS and the accelerated ECDSA schemes. The accelerated vBNN-IBS runs 66% faster than the traditional signature verification method. Results from theoretical analysis, simulation, and real-world experimentation on a MICAz platform are provided to validate our claims

Intelligent Detection of MAC Spoofing Attack in 802.11 Network

In 802.11, all devices are uniquely identified by a Media Access Control (MAC) address. However, legitimate MAC addresses can be easily spoofed to launch various forms of attacks, such as Denial of Service attacks. Impersonating the MAC address of a legitimate user poses a big challenge for cyber crime investigators. Indeed, MAC spoofing makes the task of identifying the source of the attack very diffi- cult. Sequence number analysis is a common technique used to detect MAC spoofing attack. Existing solutions relying on sequence number analysis, adopt a threshold-based approach where the gap between consecutive sequence numbers is compared to a threshold to decide the presence of a MAC spoofing attack. Nevertheless, threshold-based approach may lead to a high rate of false alerts due to lost or duplicated frames. To overcome the limitations of threshold-based approach, this paper proposes a detection method that relies on a machine learning approach, namely Artificial Neural Network (ANN). ANNs provide the potential to identify and classify network behavior from limited, noisy, incomplete and nonlinear data sources. The experimentation results showed the effectiveness of the proposed detection technique. Moreover, we proposed a user-friendly graphical representation of information to support the interpretation of quantitative results

ARP cache poisoning mitigation and forensics investigation

Address Resolution Protocol (ARP) cache spoofing or poisoning is an OSI layer 2 attack that exploits the statelessness vulnerability of the protocol to make network hosts susceptible to issues such as Man in the Middle attack, host impersonation, Denial of Service (DoS) and session hijacking. In this paper, a quantitative research approach is used to propose forensic tools for capturing evidences and mitigating ARP cache poisoning. The baseline approach is adopted to validate the proposed tools. The evidences captured before attack are compared against evidences captured when the network is under attack in order to ascertain the validity of the proposed tools in capturing ARP cache spoofing evidences. To mitigate the ARP poisoning attack, the security features DHCP Snooping and Dynamic ARP Inspection (DAI) are enabled and configured on a Cisco switch. The experimentation results showed the effectiveness of the proposed mitigation technique

Virtualization and cyber security: arming future security practitioners

In the past five years cybercrime has grown to become one of the most significant threats to the safety of the nation and its economy. The government’s call to arms has been eagerly accepted by business enterprises and academia. But training cyber security professionals raises a unique set of challenges. Cost, space, time and scalability are among the issues identified and possible solutions proposed. As a cyber-security professionals, we have realized the importance of practical experience which can be hard to deliver in a lecture based environment. The primary aim of this project is to evaluate and recommend a platform for Virtual handson Labs which may be used to provide a secure environment for cyber security students to evaluate and receive hands-on experience on possible threats and countermeasures. There are similar labs setup in different universities across the world but we have not been able to find any studies evaluating the virtualization platforms for their merit in order to run a virtual lab. Hence we study three of the most popular virtualization platforms and recommendations are provided to guide anyone who desires to setup such a la

Energy and Delay aware Physical Collision Avoidance in Unmanned Aerial Vehicles

Several solutions have been proposed in the literature to address the Unmanned Aerial Vehicles (UAVs) collision avoidance problem. Most of these solutions consider that the ground controller system (GCS) determines the path of a UAV before starting a particular mission at hand. Furthermore, these solutions expect the occurrence of collisions based only on the GPS localization of UAVs as well as via object-detecting sensors placed on board UAVs. The sensors' sensitivity to environmental disturbances and the UAVs' influence on their accuracy impact negatively the efficiency of these solutions. In this vein, this paper proposes a new energy- and delay-aware physical collision avoidance solution for UAVs. The solution is dubbed EDCUAV. The primary goal of EDC-UAV is to build in-flight safe UAVs trajectories while minimizing the energy consumption and response time. We assume that each UAV is equipped with a global positioning system (GPS) sensor to identify its position. Moreover, we take into account the margin error of the GPS to provide the position of a given UAV. The location of each UAV is gathered by a cluster head, which is the UAV that has either the highest autonomy or the greatest computational capacity. The cluster head runs the EDC-UAV algorithm to control the rest of the UAVs, thus guaranteeing a collision free mission and minimizing the energy consumption to achieve different purposes. The proper operation of our solution is validated through simulations. The obtained results demonstrate the efficiency of EDC-UAV in achieving its design goals.Peer reviewe

Deep Ensemble Learning based GPS Spoofing Detection for Cellular-Connected UAVs

Publisher Copyright: AuthorUnmanned Aerial Vehicles (UAVs) are an emerging technology in the 5G and beyond systems with the promise of assisting cellular communications and supporting IoT deployment in remote and density areas. Safe and secure navigation is essential for UAV remote and autonomous deployment. Indeed, the open-source simulator can use commercial software-defined radio tools to generate fake GPS signals and spoof the UAV GPS receiver to calculate wrong locations, deviating from the planned trajectory. Fortunately, the existing mobile positioning system can provide additional navigation for cellular-connected UAVs and verify the UAV GPS locations for spoofing detection, but it needs at least three base stations at the same time. In this paper, we propose a novel deep ensemble learning-based, mobile network-assisted UAV monitoring and tracking system for cellular-connected UAV spoofing detection. The proposed method uses path losses between base stations and UAVs communication to indicate the UAV trajectory deviation causedby GPS spoofing. To increase the detection accuracy, three statistics methods are adopted to remove environmental impacts on path losses. In addition, deep ensemble learning methods are deployed on the edge cloud servers and use the multi-layer perceptron (MLP) neural networks to analyze path losses statistical features for making a final decision, which has no additional requirements and energy consumption on UAVs. The experimental results show the effectiveness of our method in detecting GPS spoofing, achieving above 97% accuracy rate under two BSs, while it can still achieve at least 83% accuracy under only one BS.Peer reviewe

Transfer Learning based GPS Spoofing Detection for Cellular-Connected UAVs

Funding Information: The research work presented in this paper was partially supported by the European Union's Horizon 2020 Research and Innovation Program through the INSPIRE-5Gplus project under Grant No. 871808. It was also partially supported by the national key RandD program of China under Grant No.2018YFB2100400 and the national science foundation of China under Grant No.61972308 Publisher Copyright: © 2022 IEEE. | openaire: EC/H2020/871808/EU//INSPIRE-5GplusUnmanned Aerial Vehicles (UAVs) are set to become an integral part of 5G and beyond systems with the promise of assisting cellular communications and enabling advanced applications and services, such as public safety, caching, and virtual/mixed reality-based remote inspection. However, safe and secure navigation of UAVs is a key requisite for their integration in the airspace. The GPS spoofing is one of the major security threats to remotely and autonomously controlled UAVs. In this paper, we propose a machine learning-based, mobile network-assisted UAV monitoring and control system that allows live monitoring of UAVs' locations and intelligent detection of spoofed positions. We introduce the Convolutional Neural Network (CNN) in the edge UAV Flight Controller (UFC) to locate a UAV and detect any GPS spoofing by comparing differences between the theoretical path loss computed by UFC and the corresponding path loss reported by the connected base station (BS). To reduce the detection latency as well as to increase the detection accuracy, transfer learning is leveraged to transfer the CNN knowledge between edge servers when the UAV handovers from one BS to another. The performance evaluation shows that the proposed solution can successfully detect spoofed GPS positions with an accuracy rate above 88% using only one BS.Peer reviewe