We kindly inform you that, as long as the subject affiliation of our 300.000+ articles is in progress, you might get unsufficient or no results on your third level or second level search. In this case, please broaden your search criteria.
Cyberattacks are on the rise, and cyber weapons are the main tools used in modern warfare. All these occurrences are changing the nature of traditional diplomacy, contributing to developing new avenues for Cyber Diplomacy. The world's leading nations have realized the importance of establishing a diplomatic system of collaboration in the cyber sphere to facilitate bilateral relationships between nations and cooperation in cyberspace in already-established alliances such as NATO, the United Nations, and regional trade associations. Multiple studies have discussed and detailed the concept of "cyber diplomacy" and the diplomatic behavior associated with it; however, few of these analyses have sought to distinguish the "cyber diplomacy" concept from the more traditional and well-known concept of "diplomacy." The scope of this proposal is to create a Cyber Diplomacy Cooperation Framework which will bring together conventional elements of diplomacy and cutting-edge cybersecurity mechanisms. As cyber warfare concerns are growing, nations need a normative cyber diplomacy framework that can be adapted by countries to prevent cyber-crises and engage more nations in the discussion.
More...
This paper discusses the role of disruptive and innovative technologies for countering the spread of terrorist online content (TCO). In particular, it focuses on the use of Artificial Intelligence (AI) in support to Host Service Providers (HSPs) and Law and Enforcement Agencies (LEAs). The violent and terrorist content is more and more disseminated online taking advantages of the opportunities offered by Internet. The diffusion of terrorist propaganda has a negative impact on the civil society and poses several risks. For this reason, the European institutions published in 2021 the Regulation (EU) 2021/784 to address the misuse of hosting services for the dissemination to the public of TOC. It regulates the measures to be applied by HSPs and Member States’ authorities in order to identify and ensure the quick TOC removal and to facilitate cooperation with each other and Europol. In order to be compliant with these dispositions, AI-based disruptive technologies can provide LEAs and HSPs, especially the small and micro-ones, a concreate support. The implementation of the Regulation and the use of AI technologies have legal and ethical implications that have to be considered. The paper is based on the work and preliminary research conducted in the framework of the European funded project ALLIES, “AI based framework for supporting micro and small Hosting Service Providers (HSPs) on the report and removal of online terrorist content”, Grant Number 101080090.
More...
The changes and evolution of the international and domestic financial-banking system, in the context of globalization, after the financial crisis of 2008, determined the emergence of global, virtual banks, megabanks, financial groups that use disruptive technologies and technological innovations. The first FinTech Action Plan (technology-based innovation in the field of financial services or financial technological innovations) of the European Union mark, as well, the first step circumscribed to the EU Digital Finance Strategy, in order to allow the expansion of innovative business models, but without forgetting to strengthen cyber security and to increase the degree of integrity of the financial system. In this context, however, it is important to take into account the variety of the institutions and the technologies in the countries participating in the Single Supervisory Mechanism (SSM), because the FinTech banks capture the different activities of the credit institutions in different jurisdictions to be closer to the customers and the investors and, in the same time, to expand the area of supervision of the problems related to the emergence of FinTech, because they exceed a sector of the economy or a geographical area and involves multiple financial-banking supervisory and regulatory institutions, belonging to various sectors.
More...
In the past decade, the Internet of Things (IoT) has had a significant impact on a global scale. The Internet of Things (IoT) has facilitated the interconnection of a vast number of devices in contemporary times. The proliferation of Internet of Things (IoT) devices underscores the importance of ensuring robust security measures to safeguard against potential threats. The RPL protocol has been specifically designed for routing purposes within the context of IoT devices, operating at the network layer. The exploitation of the RPL protocol poses a threat to IoT networks and has the potential to substantially affect network performance. This article introduces the STACK project, which aims to improve IoT transmission capabilities, identify and mitigate attacks using performance and interference monitoring, and use methods tightly integrated with an intelligent edge.
More...
As the use of internet-based software increased, cybersecurity has emerged as a major issue in the current world. The fast-paced technology innovations allowed most companies to scale their business, consumers to access easier their favorite products, thus increasing the reliance on web-based software. The importance of web security cannot be emphasized given the increase in cybercrime and the damage it poses to businesses, people, and governments. This paper proposes an automated solution capable of detecting and exploiting common vulnerabilities found on web-based software, this being done without performing any malicious intended operations. By using software capable of automatically detecting the means a client could communicate with a server, users can ensure that a thorough verification is done on their web-applications, revealing the blind spots that developers may have overlook.
More...
Many of the network computing systems used in various organizations are not resilient enough to withstand attacks and failures. The performance of these networks is degraded by failures. Thus, it is important to develop techniques for designing and implementing resilient service-oriented networks that can survive attacks and failures, as well as continue to provide a reasonable level of service. This paper considers the mathematical modeling using graph theory of resilience in service-oriented communication networks. The objective of this paper is to develop the concept of service-oriented resilient system as well as to identify the metrics used to quantify resilience to node and edge failures. Using these metrics, we will choose an appropriate network topology and/or an optimal distribution of services in the network.
More...
Continuous monitoring of intelligent systems is used to analyze data and text from various sources. They usually monitor things such as risk, controls, opportunities, competition, and other concerns. While there exists literature that provides information on the capabilities of this kind of system, there has been a limited theoretical development in this field. The information sources monitored by these systems provide signals related to events, activities, or issues. However, selecting the appropriate information sources is not a simple task, because it is influenced by factors such as time, cost, redundancy, reliability, or weak signals. Furthermore, for the monitored signals, it is recommended to generate some analytics to study the flow and have a traceability of the issue we are dealing with. In this paper, a signal theory model is introduced and applied to address some of these issues regarding the SSH brute-force attacks. I will use a tool called CheckMK and its capabilities to implement a signal theory model used for monitoring security of a system.
More...
The actual "permacrisis" marks the five transitions that are unfolding simultaneously: a transition in the planet's climate regime, an energy transition, a geopolitical transition, a technological transition and a demographic transition. In this context, all the risks that are around show us that we are dealing with a programmed chaos that might affect the financial ecosystem, also. In this respect, such to avoid a collapse and to strengthen the banking and financial sector, the European entities appreciate that there it is necessary to strengthen the leadership of the EU in the digital domain by promoting inclusive and sustainable digital policies, serving citizens and businesses. Taking into account that the risks of increased exposure to potential cybercrime, operational resilience failures and data protection and privacy issues could have an important impact, the digital transformation must be in line with EU values - the 2030 policy program entitled "The Path to the Digital Decade" and "The Declaration on Digital Rights and Principles in the E.U.".
More...
Based on the Failure Mode and Effects Analysis (FMEA) method, this paper identifies the potential causes that lead to the failure of a Web application built on the WordPress platform. Both software vulnerabilities identified in the U.S. National Vulnerability Database (NVD) and other platform administration and configuration processes that can be exploited in cyber-attacks against the Web application are considered. Finally, measures to eliminate potential security breaches are proposed in the form of a best practice guide for managing sensitive data and increasing the level of security for this type of application.
More...
In the following article we will present how data theft can have serious effects on the personal life of citizens and users of certain applications, and in general on public institutions and countries. In the following we will find out how these data can end up in the hands of hackers, for what purpose they are used and what are the legal implications. In the end we will analyze how the authorities try to limit this phenomenon and how each of us can take protective measures for this purpose.
More...
The security should be an area that can cover multiple technical disciplines that needs to be focused on customers and to try protecting against different threats. There can be multiple disciplines that can be part of the security and those can be: assurance, anti-tamper and information assurance and cybersecurity. Security must be taken into consideration throughout the entire product lifecycle in order to maximize the protection of a system. The purpose of this article is to highlight design security flaws which should always be considered as part of the design flow for an application or a product. The recommendations can be applied in combination with different methodologies, depending on what the company chooses to use, wheatear it is Agile or Waterfall. Principle of security by design will be tackled within the article.
More...
Pseudo-random numbers play an indispensable role in the design of encryption systems, such as public and private key flow. The efficiency of crypto systems is directly proportional to the quality of the secret key generated using a random number generation algorithm. In this paper, the efficiency and applicability of a modified Linear Congruential Generator (LCG) type algorithm will be presented to increase the rate of occurrence of numbers and tend as much as possible to a truly random number. Moreover, it will be integrated into a graphical interface, which can later be integrated into the security of a larger application or even a website.
More...
The paper aims to address how open sources, available in the public space, can provide relevant, high-quality information on which organizations (whether public or private) can strengthen their decision-making process. For example: the development of public policies, the development of security policies, law enforcement norms, the adaptation of tax systems to the digital age, the implementation of targeted marketing campaigns, the widespread access to continuing education, with the aim of creating an adapted workforce in the digital age, the business environment can support technology change through a more intense collaboration with authorities, local communities and society as a whole, etc.
More...
In the current context, technology plays a crucial role in our lives, from the moment we wake up until the end of the day we interact directly or indirectly with this new world. Since it appeared, its purpose has been to come to the aid of humanity, to evolve in an efficient and effective way and with all that, it also represented an open door for people who used technology in an obscure way. The number of cases of cyber-attacks has increased exponentially, from data theft to the integrity of critical sectors (health, transport, energy, financial), every possibility was tried to be exploited, leading to serious consequences. Awareness is the first step towards safety, and further it is important how to use technology in order not to be the target of attacks, but also to stay informed and to become better persons in daily activities. This paper presents an analysis of automated testing for software applications, what it is, how automated testing is divided, the benefits brought by it, as well as unit testing details and some examples. Finally, automatic security testing is discussed, the most emerging web application security risks, suggestions about Android security testing tools and some automation frameworks. The focus is on creating an overview, differentiating between the terms used and exemplifying them.
More...
This scientific study aims to explore the potential for launching a cyber-attack through SEAP platform, particularly in light of the increasing use of ransomware as a tool to cause widespread damage to critical infrastructure. The study focuses on the methodology of a ransomware attack on a critical infrastructure, with a specific emphasis on the analysis of the infection process, persistence mechanism, encryption process, recovery prevention, and propagation mechanisms, as well as the communication with command and control servers.
More...
This paper is based on the study of cybercrime in the context of a world based on technology. Whether it is financial losses, data leaks or mental trauma resulting from harassment in the online environment, cybercrime is part of the reality of the modern world, where the multiple advantages of using the most advanced technologies bring with them disadvantages that cannot be ignored. We will treat the types of cyberattacks, but also the methods by which we can protect ourselves as much as possible. An example of increasing the degree of security in terms of physical access to a room containing sensitive information, achieved at low cost, is also provided. A "smart" entrance mat is used to provide access, a coconut fiber mat into which Linqstat (Velostat) tactile force sensors and the data processing electronics provided by them have been inserted.
More...
In a continuously evolving world, technology has not been left out of the process which consists of studies and research done by specialists in the field of cyber technology. Although the latter has brought along benignant effects in society, it can be considered a controversial domain due to those effects that can be used against the public safety and national security. Cyber-attacks & Cyber terrorism are just two of them, usually countered by Cyber intelligence, OSINT security, Cyber risk management. These actions are coordinated by different intelligence services such as: Federal Bureau of Investigation – FBI, Romanian Intelligence Service – SRI, Federal Security Service – FSB, while they have to cooperate with civilians, due to a shortage of employees. The lack of qualified staff on the following domain: awareness of the different types of cyber-attack, such as malware, web-based attacks, phishing, web application attacks, spam, distributed denial of service (DDoS), identity theft, data breach, insider threat, botnets, physical manipulation, damage, theft and loss, information leakage, ransomware, cyber-espionage, industrial espionage and crypto jacking, reaches an amount of 7.659 officials that are needed in this area.
More...
Malware analysis is the process of locating and examining malicious software or code with the aim of comprehending its operation and developing countermeasures. Malware can take many forms, such as viruses, worms, Trojans, and ransomware, and can cause significant harm to individuals, organizations, and even entire countries. To determine a piece of malware's purpose, potential effects, and capabilities, malware analysis entails examining the behavior, structure, and functionalities of the malware. Malware analysts are essential to the cybersecurity sector because they strive to spot dangers, eliminate them, and defend against online attacks. By using the knowledge gleaned from malware analysis, security solutions can be created that will better protect businesses from dangerous software. Malware analysis is a crucial part of any successful cybersecurity strategy in the continually changing threat landscape of today. In this article, we will explore the key concepts of malware analysis, including its purpose, techniques, and tools and we will contrast methods for detecting malware using static, dynamic, and hybrid analysis.
More...