Search results for "Cybersecurity"
showing 10 items of 43 documents
Artificial Intelligence for Cybersecurity: A Systematic Mapping of Literature
2020
Due to the ever-increasing complexities in cybercrimes, there is the need for cybersecurity methods to be more robust and intelligent. This will make defense mechanisms to be capable of making real-time decisions that can effectively respond to sophisticated attacks. To support this, both researchers and practitioners need to be familiar with current methods of ensuring cybersecurity (CyberSec). In particular, the use of artificial intelligence for combating cybercrimes. However, there is lack of summaries on artificial intelligent methods for combating cybercrimes. To address this knowledge gap, this study sampled 131 articles from two main scholarly databases (ACM digital library and IEEE…
Los sistemas de información y la auditoría informática aplicados a una institución fiscalizadora subestatal: la Sindicatura de Comptes de la Comunida…
2020
La digitalización es un fenómeno global que afecta a todas las actividades humanas. Las administraciones públicas también han incorporado a sus estructuras las nuevas tecnologías de la información y la comunicación, de manera que el sector público se ha informatizado completamente. En este contexto digital, la auditoría informática es una herramienta que permite fiscalizar las administraciones públicas y, a la vez, mejora la rendición de cuentas. Este artículo examina las principales ventajas y riesgos de la digitalización y ofrece un estudio de caso centrado en una institución fiscalizadora pública española que ha implementado la auditoría informática para auditar todas las operaciones de …
Towards better privacy preservation by detecting personal events in photos shared within online social networks
2015
Today, social networking has considerably changed why people are taking pictures all the time everywhere they go. More than 500 million photos are uploaded and shared every day, along with more than 200 hours of videos every minute. More particularly, with the ubiquity of smartphones, social network users are now taking photos of events in their lives, travels, experiences, etc. and instantly uploading them online. Such public data sharing puts at risk the users’ privacy and expose them to a surveillance that is growing at a very rapid rate. Furthermore, new techniques are used today to extract publicly shared data and combine it with other data in ways never before thought possible. Howeve…
A Note on Keys and Keystreams of Chacha20 for Multi-key Channels
2018
In this paper we analyze the keystreams generated by the Chacha20 stream cipher. We also compare these to the ones generated by its predecessor, the RC4 stream cipher. Due to the proposed multi-key channels in the upcoming TLS 1.3 standard we analyze the behavior of the keystream in the boundary case where there is a single bit difference between two keys used for the initiation of the stream cipher algorithms. The goal is to check whether a single bit change in the key has any predictable influence on the bits of the keystream output.
Knowledge assets for internationalization strategy proposal
2021
[EN] Lack of trust, lack of references and the confidential nature of cybersecurity projects make internationalization in companies from the cybersecurity sector a great challenge. The development of lean methodologies over recent years has presented a method to reduce time and effort, measure performance in each step and pivot when it is necessary to apply a process to a different field. Considering that internationalization resembles entrepreneurship, because of uncertainty and risk in a new market where the value proposition should be validated, the Lean Start-up philosophy will serve as a theoretical framework in which to operate. The study of international challenges of cybersecurity c…
Kiberdraudu un drošības ietekme uz patērētāju uzvedību Fintech uzņēmumos
2021
Līdz ar daudzajiem tehnoloģiskajiem sasniegumiem, kas turpina attīstīties, un pasaule, kādu mēs pazītam, strauji mainās. FinTech pakalpojumi ir pārņēmuši ekonomiku kā daļa no šī modernā tehnoloģiju viļņa. FinTech firmas ir klātesošas gandrīz katrā ekonomikas daļā. Šī tehnoloģija tiek uzskatīta par transformējošu atklājumu, kas ir ietekmējis mūsu dzīvi un ekonomisko sistēmu; tā ir padarījusi sarežģītākus procesus pieejamākus visiem; tomēr FinTech ir radījis ievērojamas problēmas, piemēram, kiberuzbrukumus un pienācīgu noteikumu trūkumu. Klienti un valdības joprojām iepazīstas ar šiem jauninājumiem, jo šī konkrētā ekonomikas joma strauji attīstās. Patērētāji tiek ātri iesaistīti jaunos un lab…
GDL90fuzz: Fuzzing - GDL-90 Data Interface Specification Within Aviation Software and Avionics Devices–A Cybersecurity Pentesting Perspective
2022
As the core part of next-generation air transportation systems, the Automatic Dependent Surveillance-Broadcast (ADS-B) is becoming very popular. However, many (if not most) ADS-B devices and implementations support and rely on Garmin’s GDL-90 protocol for data exchange and encapsulation. In this paper, we research GDL-90 protocol fuzzing options and demonstrate practical Denial-of-Service (DoS) attacks on popular Electronic Flight Bag (EFB) software operating on mobile devices. For this purpose, we specifically configured our own avionics pentesting platform. and targeted the popular Garmin’s GDL-90 protocol as the industry-leading devices operate on it. We captured legitimate traffic from …
HALE-IoT: HArdening LEgacy Internet-of-Things devices by retrofitting defensive firmware modifications and implants
2022
Internet-Of-Things (IoT) devices and their firmware are notorious for their lifelong vulnerabilities. As device infection increases, vendors also fail to release patches at a competitive pace. Despite security in IoT being an active area of research, prior work has mainly focused on vulnerability detection and exploitation, threat modelling, and protocol security. However, these methods are ineffective in preventing attacks against legacy and End-Of-Life devices that are already vulnerable. Current research mainly focuses on implementing and demonstrating the potential of malicious modifications. Hardening emerges as an effective solution to provide IoT devices with an additional layer of d…
Conceptual Characterization of Cybersecurity Ontologies
2020
Part 7:Risk and Security Modeling; International audience; Cybersecurity is known as the practice of protecting systems from digital attacks. Organizations are seeking efficient solutions for the management and protection of their assets. It is a complex issue, especially for great enterprises, because it requires an interdisciplinary approach. The kinds of problems enterprises must deal with and this domain complexity induces misinterpretations and misunderstandings about the concepts and relations in question. This article focus on dealing with Cybersecurity from an ontological perspective. The first contribution is a search of previously existing works that have defined Cybersecurity Ont…
Cyber Situational Awareness in Critical Infrastructure Organizations
2021
The capability related to cybersecurity plays an ever-growing role on overall national security and securing the functions vital to society. The national cyber capability is mainly composed by resilience of companies running critical infrastructures and their cyber situational awareness (CSA). According to a common view, components of critical infrastructures become more complex and interdependent on each other and, as a consequence, ramifications of incidents multiply. In practice, the actions relate to developing better CSA and understanding of a critical infrastructure organization. The aim is to prepare for incidents and their management in a whole-of-society approach. The arrangement i…