Journals Portal Naif Arab University for Security Sciences
Not a member yet
    520 research outputs found

    Cybercrimes and Virtual Worlds: A Systematic Literature Review

    No full text
    With the evolutions of the gaming industry and the increasing number of virtual worlds (e.g., Metaverse), these applications can be an excellent vector to commit cybercrimes. Since this argument is rarely discussed academically, this literature review aims to bring more attention to the topic by assessing the current state of the art and proposing a starting point for future research. The keyword selection process required an in-depth analysis of the terms because "Virtual Worlds" can differ by name, type, and quality, making it more difficult to analyze them. Therefore, specific inclusion/exclusion criteria and a grey literature review were also applied to improve the accuracy and the quality of the results. Findings illustrate that the argument is underestimated, and the lack of knowledge in this academic field created a gap that should be addressed over the years. Therefore, this literature review could be the starting point for future researc

    Trusted Microservices: A Security Framework for Users' Interaction with Microservices Applications

    No full text
    Microservices architecture emerges as a promising software design approach that provides large scale soft-ware systems with flexibility, scalability and fault tolerance. Moreover, it is considered a suitable design to be implemented using software containers provided with several cloud providers. However, microservices suffer from several security challenges that hinder its progress. The concept of microservices is to break down the system functionality to a number of small coherent services. Hence, using microservices as a design approach increases the security risks by expanding the risk surface. In contrast to microservices, monolithic applica-tions are implemented as a bulk of codes using single programming language. Such environment has several drawbacks related to flexibility and maintainability, but limits security issues. On the other hand, microservices implementation uses several programming languages and frameworks to implement small units of system func-tionality. Such environment opens the door to new critical security issues. The proposed work introduces the problem of securing microservices and provides a novel approach to protect microservices applications from masquerade attacks. The proposed framework also provides high protection to users from malicious services. The framework was implemented using 150 software containers to define users' HTTP requests and a set of 20 microservices were tested to proof its applicability and benefits

    A Security System for Detecting Denial of Service (DDoS) and Masquerade Attacks on Social Networks

    No full text
    This study on a security system for detecting denial of service (DDoS) and masquerade attacks on social networks specifically describes how a Convolutional Neural Network (CNN) algorithm was employed. The dataset used for this research is the CICIDS2017 dataset, which contains benign data (no attack present) and the most up-to-date, frequent attacks which resemble true, real-world data. The feature extraction method used was recursive feature elimination (RFE), which reduced 77 columns of the dataset to 10 columns. This research was motivated by the limitation of Alguliyev and Abdullayeva 2019, which focused on the prediction of DDoS attack occurrence by getting related texts in social media. It has a limited attack class that focuses solely on DDoS attacks, and it does not perform social media network prediction in general. The objective of this research is to develop a security system for detecting DDoS and masquerade attacks and evaluate the detection model on social media networks. The system was tested on Facebook and Instagram. The result of the training accuracy that we derived from this research is 99.53%, while the testing accuracy is 99.52%. The result of this research is compared with previous studies’ results. This study recommends that the model implemented can be enhanced more effectively by comparing the accuracy of alternative deep learning algorithms to that of the CNN utilized in the current prediction model

    The Factors Influencing the Use of Password Managers

    No full text
    This paper investigates the factors that influence the actual use of password managers. In this paper, we have integrated some factors from the Technology Acceptance Model (perceived ease of use, perceived usefulness, and attitude) with other factors from the literature review (user readiness, awareness, and motivation) to investigate the influence of these factors on the use of password managers. The authors used an online questionnaire to collect data. The questionnaire was distributed by using two social media platforms (Twitter and WhatsApp). There were 171 participants from 6 countries who completed the questionnaire. Structural equation modelling was employed by using SmartPLS-3 software to analyse the data. Findings indicate that perceived ease of use, perceived usefulness, and user readiness have a positive impact and are substantially associated with attitude, thus influencing the actual use of password managers. Likewise, perceived usefulness, user readiness, and awareness have a positive impact and are significantly associated with motivation of users to use it, which also influences the actual use of password managers

    Pivot Attack Classification for Cyber Threat Intelligence

    No full text
    The initial access achieved by cyber adversaries conducting a systematic attack against a targeted network is unlikely to be an asset of interest. Therefore, it is necessary to use lateral movement techniques to expand access to different devices within the network to accomplish the strategic attack’s objectives. The pivot attack technique is widely used in this context; the attacker creates an indirect communication tunnel with the target and uses traffic forwarding methods to send and receive commands. Recognising and classifying this technique in large corporate networks is a complex task, due to the number of different events and traffic generated. In this paper, we present a pivot attack classification criteria based on perceived indicators of attack (IoA) to identify the level of connectivity achieved by the adversary. Additionally, an automatic pivot classifier algorithm is proposed to include a classification attribute to introduce a novel capability for the APIVADS pivot attack detection scheme. The new algorithm includes an attribute to differentiate between types of pivot attacks and contribute to the threat intelligence capabilities regarding the adversary modus operandi. To the best of our knowledge, this is the first academic peer-reviewed study providing a pivot attack classification criteria

    The Criminal Protection of Women Against Violence: A Study of Jordanian Legislations and International Conventions

    No full text
    يتناول هذا البحث أسس الحماية الجنائية للمرأة في مواجهة جرائم العنف على الصعيدين الداخلي والدولي. ويسلط الضوء بدراسة وصفية مقارنة على الإطار المفاهيمي لظاهرة العنف ضد المرأة، وأهم أسبابها وأشكالها، مبرزًا أهم الوسائل التشريعية والوقائية لمكافحة جرائم العنف ضد المرأة. كما يسعى الباحث من خلال هذه الدراسة إلى إيجاد إطار قانوني صالح للتطبيق على المستويين الدولي والوطني، وذلك بهدف تمكين أصحاب القرار من معالجة هذه الظاهرة والحد من انتشارها بكافّة أشكالها وأنواعها. وقد خلصت الدراسة إلى وجود قصور في وسائل الحماية للمرأة على الصعيد الدولي، وذلك لعدم الاتفاق على تعريف جامع لهذه الظاهرة دوليًا. إلى جانب قصور المعالجة التشريعية لجرائم العنف ضد المرأة في التشريع الأردني؛ نظرًا لعدم شمول المشرع الأردني لبعض أنواع العنف المجتمعي ضمن وسائل المعالجة التشريعية، وعدم وضعه لإطار دستوري يضمن المساواة الموضوعية للمرأة بالرجل بصورة تحظر العنف ضدها. ويوصي الباحث من خلال هذه الدراسة بضرورة تعزيز ثقافة نبذ العنف ضد المرأة لدى مختلف فئات المجتمع؛ وذلك من خلال التوسع بالدراسات القانونية الخاصة بحماية المرأة من خطر هذه الظاهرة.This paper addresses the foundations of criminal protec-tion of women against crimes of violence at the local and inter-national levels. Following a comparative descriptive approach, this paper highlights the conceptual framework of violence against women, its most important causes and forms, empha-sizing the most important legislative and preventive means of combating crimes of violence against women. In this paper, the researcher also seeks to create an applicable legal frame-work at the international and national levels, to enable deci-sion-makers to address this phenomenon and limit its spread in all its forms and types. The study concludes that shortcom-ings are present in the means of protection of women at the international level; this is due to the lack of agreement on an inclusive definition of the phenomenon Internationally. In ad-dition, the Jordanian legislation have failed to address crimes of violence against women. This is due to the fact that the Jor-danian excluded certain types of communal violence from the legislative means. Moreover, a constitutional framework that guarantees the substantive equality of women and men to pre-vent violence against women has not been developed. The researcher recommends the need to promote a cul-ture of non-violence against women in different groups of so-ciety by conducting further legal studies on the protection of women against the threat of this phenomeno

    Spoofing Attack Mitigation in Address Resolution Protocol (ARP) and DDoS in Software-Defined Networking

    No full text
    Software Defined Networking (SDN) shows network operations to be performed for efficient network operations. Due to the increase in network devices, the percentage of attacks is also increased, and it is  challenging to provide defense against such attacks. In SDN, the control plan is separated from the data plane. The control plan is implemented using some central devices called SDN controllers. In SDN Address Resolution Protocol (ARP), spoofing and Distributed Denial of Services (DDoS) attacks are carried out on an enormous scale. These are commonly launched attacks in SDN. Due to these attacks, the network performance is down, and network services are dead. This paper proposed a new auto detection methodology to detect ARP and DDoS attacks and mitigate SDN networks from these attacks. Additionally, we implemented two algorithms: one for flow rules and the second for attack detection. An individual server was installed to check the malicious traffic installation. We present the new forward flooding rules to detect and mitigate attacks. The experiments are performed using LINUX-based network implementation. Our proposal successfully improves network security and enhances network efficiency

    The Credibility of the Machiavellian Personality Scale as a Diagnostic Indicator for Bullying

    No full text
    هدفت الدراسة إلى التحقق من بنية مقياس MACH للشخصية الوصولية لتقييم المواقف تجاه الطبيعة البشرية والثقة بين العلاقات الشخصية واستخدامه كمؤشر لتشخيص سلوك التنمر. وبلغت عينة الدراسة 156 من الشباب من مستخدمي مواقع التواصل الاجتماعي. واعتمدت الدراسة على تصميم الدراسات المستعرضة للتحقق من الآراء النظرية لبنية مقياس الوصولية ذي البنيات الأربعة والثلاثة والعاملين والعامل العام، وقد تفوقت البنية رباعية العوامل في مطابقتها لبيانات العينة. واستخدمت الدراسة الصدق التمييزي، وقد زادت قدرة المقياس على التمييز بين مرتفعي ومنخفضي التنمر. كما استخدمت الدراسة أسلوب ROC Curve وذلك لاستخدام مقياس الشخصية الوصولية في تشخيص ذوي القدرة على التنمر، وذلك باختيار نقطة قطع لسمة التنمر مساوية للوسيط بلغت 28 درجة، كما أظهرت النتائج القدرة التشخيصية للمقياس كاملاً بنسبة %79.6، وهي نسبة مرتفعة، في حين بلغت الحساسية %97.5 وهذا يعني أن للمقياس قدرة على فرز حالات تمارس التنمر، بينما بلغت درجة الخصوصية للمقياس %81.8 وبلغ معدل الكذب في تشخيص الحالات %18.2 وهي نسبة متدنية. لذا توصي الدراسة بضرورة تنفيذ حملات إعلامية للتوعية من مخاطر التنمر على أمن المجتمع مع التركيز على سمات الشخصية الوصولية وكيفية التغلب على هذه السمات، وعمل جلسات إرشادية وبخاصة في المدراس الثانوية والجامعات لتحسين صورة الذات الاجتماعية؛ إذ إن تفاقم الشخصية بسماتها الوصولية قد يدفع الفرد إلى الجريمة.The study aimed to verify the structure of the MACH Machiavellian personality scale to assess attitudes toward human nature and trust in interpersonal connections and use it as an indicator for diagnosing bullying. An available sample was 156 young people who use social networking sites. The study relied on the design of cross-sectional studies to verify the study hypotheses. The study analyzed the Machiavellian Personality Scale by (Dahling et al., 2009) and the Illinois Bullying Behavior Scale for its ability to diagnose bullying. The study verified the theoretical opinions of the scale structure for several factors, namely the four, the three, and the two-factors model, then the four-factor model was superior to its goodness of fit within the sample data. The study used discrimination validity, and the scale’s ability to differentiate between high and low levels of bullying increased. The ROC Curve method could use Machiavellian bullying as a continuous variable and the Illinois scale as a binary variable (0,1). The cutoff point for bullying trait is equal to the median of 28 scores. The diagnostic ability of the scale showed 79.6%, which is a high percentage, while the sensitivity reached 97.5%, which means the scale can sort out cases of bullying, while the specificity of the scale was 81.8%, and the fairness of lying-in diagnosing cases was 18.2%, which is a low percentage. The study recommends that media campaigns to raise awareness of the dangers of the Machiavellian personality, and how to overcome its characteristics regarding its presence in a particular person, and conducting counseling sessions, especially in secondary schools and universities, to improve the social self-image of those who suffer post-traumatic stress, as the aggravation of the personality with its Machiavellian traits may push the individual to the point of crime

    Alternatives to Short-term Imprisonment Penalties In Comparative Criminal Law

    No full text
    نظرًا إلى ندرة الدراسات في بدائل العقوبة السالبة للحرية قصيرة المدة، فقد سعت هذه الدراسةُ إلى إبراز الاتجاهات الحديثة في القانون الجنائي المقارن الهادفة لتحديد نطاق العقوبة السالبة للحرية قصيرة المدة لمساوئها العديدة وقصورها عن تحقيق غايات العقوبة في إصلاح الجاني وإعادة تكيفه مع قيم المجتمع ومصالحه الاجتماعية. وأوضحت الدراسة سلبيات عقوبة السجن قصيرة المدة التي لا تتيح للمؤسسات العقابية تنفيذ برامج الإصلاح والتأهيل للمحكوم عليهم؛ كما أنها تتسبب في مشكلة اكتظاظ السجون وتمثل عبئًا ماليًا كبيرًا على الدولة للنفقات الباهظة على النزلاء في السجون. وكشفت الدراسة أنّ التشريعات الجنائية الحديثة في الدول العربية والغربية تتبنى بدائل وتدابير متنوعة لمعالجة مساوئ العقوبة السالبة للحرية قصيرة المدة. وأظهرت أنواع العقوبات البديلة السائدة في التشريعات الجنائية الحديثة. كما توصلت الدراسة إلى عدة نتائج من أهمها: أن بدائل العقوبة السالبة للحرية في القانون الجنائي المقارن تتيح للقاضي وسائل وتدابير متنوعة لمعالجة مشكلات وعيوب عقوبة سلب الحرية قصيرة المدة.Given the scarcity of studies on alternatives to short–term imprisonment penalties in comparative law, this study explores modern trends in comparative criminal law that seek to limit judicial applications of short–term imprisonment penalties in order to avoid its negative effects on rehabilitation of prisoners. The study clarified the negative aspects of short–term imprisonment on programs aiming to cure prisoners’ delinquency. The present study sheds light on modern criminal legislations in both Arabic and Western countries which adopt diverse alternatives for remedy of the negative effects of short–term imprisonment punishment. In conclusion the study disclosed modern trends in criminal legislations to provide various alternatives and means to enhance judicial efforts for remedy of the negative effects of short–term penalties

    Security Measures Taken to Manage COVID-19 Crisis in Kingdom of Saudi Arabia

    No full text
    تناولت الدراسة الإجراءات الأمنية المتخذة لإدارة أزمة كورونا في المملكة العربية السعودية؛ وذلك من حيث الأنشطة والأعمال والترتيب الزمني الخاضع للإجراءات الأمنية، وأوضحت الدراسة كذلك تصنيف الإجراءات الأمنية المتخذة لإدارة الأزمة، وكشفت عن الجهود الأمنية المبذولة في متابعة ورصد المخالفات الخاصة بذلك. وقد استخدمت الدراسة المنهج الوصفي التحليلي متمثلًا في أسلوب تحليل المحتوى باستخدام أداة تحليل المحتوى كأداة لجمع المعلومات وقد طُبقت الدراسة على كافة البيانات الصادرة من قبل وزارة الداخلية السعودية للفترة من (2020) إلى (2022) المتعلقة بالإجراءات الأمنية المتخذة في أثناء أزمة كورونا وعددها (123) بيانًا رسميًا. كما خلصت إلى عدة نتائج؛ من أهمها: أن من أبرز الأنشطة والأعمال الخاضعة للإجراءات الأمنية لإدارة أزمة كورونا هو (التجول)، وجاء الربع الثاني من سنة (2020م) أعلى من حيث الترتيب الزمني الذي اتخذت فيه الإجراءات الأمنية لإدارة الأزمة، وأن أبرز إجراء أمني تم اتخاذه لإدارة أزمة كورونا هو إجراء (التعليق ورفع التعليق والحظر الجزئي)، وجاء الربع الأول من سنة (2021م) أعلى رصدًا للمخالفات الخاصة بذلك. وقد أوصت الدراسة؛ بوضع خطط لاستمرارية الأعمال في أثناء الأزمات لكافة المنظمات الحكومية، وبخاصة المنظمات والأجهزة الأمنية، وتطبيق المهام والأعمال الأمنية واستمرارها في أثناء الأزمات، وتوثيق الجهود الأمنية الاستباقية، واستثمار نجاح تجربة الأجهزة الأمنية السعودية في مواجهة وإدارة أزمة كورونا.This research examines the security measures taken to manage the Coronavirus crisis in Saudi Arabia, in terms of activities and actions related to Coronavirus crisis security measures and the timeframe for adopting Coronavirus crisis security measures. The study addressed the classification of security measures taken to manage the Coronavirus crisis. It highlighted the security efforts made to monitor and follow-up the related violations. To achieve the study objectives, the researcher adopted the descriptive-analytical method represented in the content analysis method, using the content analysis tool as a tool for collecting data. The study was applied to all the statements issued by the Saudi Ministry of Interior during the period from 2020AD to 2022AD related to the security measures taken during COVID-19. The number of these official statements was (123). The study concluded with several results. One of the most significant results was the activities and actions exposed to security measures to address the coronavirus epidemic is: the second quarter of 2020 witnessed the most security measures put in place to deal with the coronavirus pandemic. The first quarter of 2021 witnessed the highest number of violations of the related measures. The study recommended the development of plans to keep business running during crises for all governmenta organizations, in particular security organizations and entities. The study also recommended implementing security tasks during crises, documenting proactive security efforts and investing on the success of the Saudi security services case in confronting and managing COVID-19 crisis

    0

    full texts

    520

    metadata records
    Updated in last 30 days.
    Journals Portal Naif Arab University for Security Sciences
    Access Repository Dashboard
    Do you manage Open Research Online? Become a CORE Member to access insider analytics, issue reports and manage access to outputs from your repository in the CORE Repository Dashboard! 👇