• The Journal of Industrial Distribution & Business
• /
• v.12 no.12
• /
• pp.1-10
• /
• 2021

Purpose: Cyber criminals have affected various markets and the banking system has encountered various kinds of cyberattacks. The purpose of this study is to analyze cybercrime that is an emerging threat and investigate the significant contribution of financial literacy and public awareness on cybercrimes. To understand the security issues and the need for corrective steps, the techniques and strategies used by cyber fraudsters in obtaining unauthorized access and use the financial information for purpose of fraud need to be understood. Research design, data and methodology: A sample of 123 banks employees from 12 commercial banks in Malaysia was surveyed. This study differs from previous studies as it surveyed the employees' awareness, and this approach fills in the gap in existing literature. Results: The financial literacy and public awareness have positive impact on organizational performance effectiveness to combat threat of cybercrime. Some recommendations are also proposed from research findings, for banking industry and government regulations. Conclusion: The present study focuses on banking sector so its findings cannot be generalized to other sectors. Linking these topics has created a new study in combating threat of cybercrimes generally, and specifically in Malaysia. The present study enhances the understanding of customers' role to combat the impact of cybercrimes on performances of banking industry.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.187-195
• /
• 2021

The intensification of the processes of the digital economy development is leading to the transformation of the higher education system. Universities are forced to digitalize their own educational, research, international, marketing, financial and economic activities in order to maintain a competitive position in the global market of educational services. The purpose of the article is to study the role of information and communication technologies in the development of the higher education system and to ensure its adaptability to modern challenges of digital economy. To achieve this goal, methods of content analysis, logical generalization, systematization and a structural-functional method are used. In the article, the authors substantiate the urgency of forming a holistic strategy to ensure the adaptability of higher education to the challenges of digital economy. In the structure of this strategy, the information-technological block is singled out and described. The authors specified a set of positive synergetic effects from the introduction of modern information and communication technologies in the activities of universities. The main information threats to the digitalization of higher education related to the protection of personal data and university systems from cyberattacks and fraudulent schemes are identified. In conclusion, the authors detail the measures for the strategy implementation to ensure the adaptability of higher education to digital economy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.11
• /
• pp.4310-4330
• /
• 2020

With the continuous emergence of new applications and cyberattacks and their frequent updates, the need for automatic protocol reverse engineering is gaining recognition. Although several methods for automatic protocol reverse engineering have been proposed, each method still faces major limitations in extracting clear specifications and in its universal application. In order to overcome such limitations, we propose an automatic protocol reverse engineering method using a two-pathway model based on a contiguous sequential pattern (CSP) algorithm. By using this model, the method can infer both command-oriented protocols and non-command-oriented protocols clearly and in detail. The proposed method infers all the key elements of the protocol, which are syntax, semantics, and finite state machine (FSM), and extracts clear syntax by defining fine-grained field types and three types of format: field format, message format, and flow format. We evaluated the efficacy of the proposed method over two non-command-oriented protocols and three command-oriented protocols: the former are HTTP and DNS, and the latter are FTP, SMTP, and POP3. The experimental results show that this method can reverse engineer with high coverage and correctness rates, more than 98.5% and 99.1% respectively, and be general for both command-oriented and non-command-oriented protocols.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.12
• /
• pp.4909-4926
• /
• 2020

Cyberattacks penetrate the server and perform various malicious acts such as stealing confidential information, destroying systems, and exposing personal information. To achieve this, attackers perform various malicious actions by infecting endpoints and accessing the internal network. However, the current countermeasures are only anti-viruses that operate in a signature or pattern manner, allowing initial unknown attacks. Endpoint Detection and Response (EDR) technology is focused on providing visibility, and strong countermeasures are lacking. If you fail to respond to the initial attack, it is difficult to respond additionally because malicious behavior like Advanced Persistent Threat (APT) attack does not occur immediately, but occurs over a long period of time. In this paper, we propose a technique that detects an unknown attack using an event log without prior knowledge, although the initial response failed with anti-virus. The proposed technology uses a combination of AutoEncoder and 1D CNN (1-Dimention Convolutional Neural Network) based on semi-supervised learning. The experiment trained a dataset collected over a month in a real-world commercial endpoint environment, and tested the data collected over the next month. As a result of the experiment, 37 unknown attacks were detected in the event log collected for one month in the actual commercial endpoint environment, and 26 of them were verified as malicious through VirusTotal (VT). In the future, it is expected that the proposed model will be applied to EDR technology to form a secure endpoint environment and reduce time and labor costs to effectively detect unknown attacks.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.17 no.1
• /
• pp.35-44
• /
• 2021

With the development of information technology, the cybersecurity threat continues as digital-related technologies are applied to the instrumentation and control system of nuclear power plants. The malfunction of the instrumentation and control system can cause economic damage due to shutdown, and furthermore, it can lead to national disasters such as radioactive emissions, so countering cybersecurity threats is an important issue. In general, the study of cybersecurity in instrumentation and control systems is concentrated on safety systems, and diverse protection systems perform protection and reactor shutdown functions, leading to reactor shutdown or, in the worst case, non-stop situations. To accurately analyze cyber threats in the diverse protection system, its linked facilities should be analyzed together. Risk analysis should be conducted by analyzing the potential impact of inter-facility cyberattacks on related facilities and the impact of cybersecurity on each configuration module of the diverse protection system. In this paper, we analyze the linkage of the diverse protection system and discuss the cybersecurity linkage threat by analyzing the availability of equipment, the cyber threat impact of the linked equipment, and the configuration module's cybersecurity vulnerability.

• Journal of Information Technology Services
• /
• v.19 no.6
• /
• pp.83-95
• /
• 2020

"I think security is only trying to make it uncomfortable." "10% of my work is entering IDs and passwords, such as boot passwords, mobile phone authentication numbers, etc." As reflected in the complaint above, stress caused by information security among organizations' members is increasing. In order to strengthen information security, practical solutions to reduce stress are needed because the motivation of the members is needed in order for organizations to function properly. Therefore, this study attempts to suggest key factors that can enhance security while reducing information security stress among members of organizations. To this end, based on the theory of protection motivation, trust and security stress from information security policies are set as mediating factors to explain changes in security reinforcement behavior. Furthermore, risk, efficacy, and reaction costs of cyberattacks are considered as prerequisites. Our study suggests a solution to the security reinforcement problem by analyzing the factors that influence the behavior of members of organizations. In turn, this can raise protection motivation among members.

• Journal of information and communication convergence engineering
• /
• v.20 no.4
• /
• pp.250-258
• /
• 2022

The emerging scope of the Internet-of-Things (IoT) has piqued the interest of industry and academia in recent times. Therefore, security becomes the main issue to prevent the possibility of cyberattacks. Jamming attacks are threads that can affect performance and cause significant problems for IoT device. This study explores a smart jamming attack (coalition attack) in which the attackers were previously a part of the legitimate network and are now back to attack it based on the gained knowledge. These attackers regroup into a coalition and begin exchanging information about the legitimate network to launch attacks based on the gained knowledge. Our system enables jammer nodes to select the optimal transmission rates for attacks based on the attack probability table, which contains the most probable link transmission rate between nodes in the legitimate network. The table is updated constantly throughout the life cycle of the coalition. The simulation results show that a coalition of jammers can cause highly successful attacks.

• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.204-214
• /
• 2022

Speedy development has been witnessed in communication technologies and the adoption of the Internet across the world. Information dissemination is the primary goal of these technologies. One of the rapidly developing nations in the Middle East is Saudi Arabia, where the use of communication technologies, including mobile and Internet, has drastically risen in recent times. These advancements are relatively new to the region when contrasted to developed nations. Thus, offenses arising from the adoption of these technologies may be new to Saudi Arabians. This study examines cyber security awareness among Saudi Arabian citizens in distinct settings. A comparison is made between the cybersecurity policy guidelines adopted in Saudi Arabia and three other nations. This review will explore distinct essential elements and approaches to mitigating cybercrimes in the United States, Singapore, and India. Following an analysis of the current cybersecurity framework in Saudi Arabia, suggestions for improvement are determined from the overall findings. A key objective is enhancing the nationwide focus on efficient safety and security systems. While the participants display a clear knowledge of IT, the surveyed literature shows limited awareness of the risks related to cyber security practices and the role of government in promoting data safety across the Internet. As the findings indicate, proper frameworks regarding cyber security need to be considered to ensure that associated threats are mitigated as Saudi Arabia aspires to become an efficient smart nation.

• ETRI Journal
• /
• v.44 no.6
• /
• pp.991-1003
• /
• 2022

Industrial control systems (ICSs) used to be operated in closed networks, that is, separated physically from the Internet and corporate networks, and independent protocols were used for each manufacturer. Thus, their operation was relatively safe from cyberattacks. However, with advances in recent technologies, such as big data and internet of things, companies have been trying to use data generated from the ICS environment to improve production yield and minimize process downtime. Thus, ICSs are being connected to the internet or corporate networks. These changes have increased the frequency of attacks on ICSs. Despite this increased cybersecurity risk, research on ICS security remains insufficient. In this paper, we analyze threats in detail using STRIDE threat analysis modeling and DREAD evaluation for distributed control systems, a type of ICSs, based on our work experience as cybersecurity specialists at a refinery. Furthermore, we verify the validity of threats identified using STRIDE through case studies of major ICS cybersecurity incidents: Stuxnet, BlackEnergy 3, and Triton. Finally, we present countermeasures and strategies to improve risk assessment of identified threats.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.69-78
• /
• 2023

With the global rise of digital data, the uncontrolled quantity of data is susceptible to cyber warfare or cyber attacks. Therefore, it is necessary to improve cyber security systems. This research studies the behavior of malicious acts and uses Higuchi Fractal Dimension (HFD), which is a non-linear mathematical method to examine the intricacy of the behavior of these malicious acts and anomalies within the cyber physical system. The HFD algorithm was tested successfully using synthetic time series network data and validated on real-time network data, producing accurate results. It was found that the highest fractal dimension value was computed from the DoS attack time series data. Furthermore, the difference in the HFD values between the DoS attack data and the normal traffic data was the highest. The malicious network data and the non-malicious network data were successfully classified using the Receiver Operating Characteristics (ROC) method in conjunction with a scaling stationary index that helps to boost the ROC technique in classifying normal and malicious traffic. Hence, the suggested methodology may be utilized to rapidly detect the existence of abnormalities in traffic with the aim of further using other methods of cyber-attack detection.