Search results

A zero-day vulnerability is a complimentary ticket to the attackers for gaining entry into the network. Thus, there is necessity to device appropriate threat detection systems and establish an innovative and safe solution that prevents unauthorised intrusions for defending various components of cybersecurity. We present a survey of recent Intrusion Detection Systems (IDS) in detecting zero-day vulnerabilities based on the following dimensions: types of cyber-attacks, datasets used and kinds of network detection systems.

Purpose: The study focuses on presenting an exhaustive review on the effectiveness of the recent IDS with respect to zero-day vulnerabilities.

Methodology: Systematic exploration was done at the IEEE, Elsevier, Springer, RAID, ESCORICS, Google Scholar, and other relevant platforms of studies published in English between 2015 and 2021 using keywords and combinations of relevant terms.

Findings: It is possible to train IDS for zero-day attacks. The existing IDS have strengths that make them capable of effective detection against zero-day attacks. However, they display certain limitations that reduce their credibility. Novel strategies like deep learning, machine learning, fuzzing technique, runtime verification technique, and Hidden Markov Models can be used to design IDS to detect malicious traffic.

Implication: This paper explored and highlighted the advantages and limitations of existing IDS enabling the selection of best possible IDS to protect the system. Moreover, the comparison between signature-based and anomaly-based IDS exemplifies that one viable approach to accurately detect the zero-day vulnerabilities would be the integration of hybrid mechanism.

Banking traces back to 2000 BC in Assyria, India and Sumeria. Merchants used to give grain loans to farmers and traders to carry goods between cities. In ancient Greece and Roman Empire, lenders in temples, provided loans, and accepted deposits while performed change of money. The archaeological evidence uncovered in India and China corroborates this. The major development in banking came predominantly in the mediaeval, Renaissance Italy, with the major cities Florence, Venice and Genoa being the financial centres. Technology has become an inherent and integral part of our lives. We are generating a huge amount of data in transfer, storage and usage, with greater demands of ubiquitous accessibility, inducing an enormous impact on industry and society. With the emergence of smarter cities and societies, the security challenges pertinent to data become greater, impending impact on the consumer protection and security. The aim of this chapter is to highlight if SSI and passwordless authentication using FIDO-2 protocol assuage security concerns such as authentication and authorisation while preserving the individual's privacy.

A cyberattack is an attempt by cybercriminals as individuals or organizations with unauthorized access using one or more computers and computer systems to steal, expose, change, disable or eliminate information, or to breach computer information systems, computer networks, and computer infrastructures. Cyberattackers gain a benefit from victims, which may be criminal such as stealing data or money, or political or personal such as revenge. In cyberattacks, various targets are possible. Some potential targets for businesses include business and customer financial data, customer lists, trade secrets, and login credentials.

Cyberattackers use a variety of methods to gain access to data, including malware such as viruses, worms, and spyware and phishing methods, man-in-the-middle attacks, denial-of-service attacks, SQL injection, zero-day exploit, and DNS tunneling.

Related to cyberattack, the term cyberwarfare is gaining popularity nowadays. Cyberwarfare is the use of cyberattacks by a state or an organization to cause harm as in warfare against another state's or organization's computer information systems, networks, and infrastructures.

Military, civil, and ideological motivations, or hacktivism can be used to launch a cyberwarfare. For these reasons, cyberwarfare may be used to conduct espionage, sabotage, propaganda, and economic disruption.

Considering highly digitalized business processes such as e-mails, digital banking, online conference, and digital manufacturing methods, damage of cyberwarfare to businesses and countries are unavoidable. As a result, developing strategies for defending against cyberattacks and cyberwarfare is critical for businesses. The concepts of cyberattack and cyberwarfare, as well as business strategies to be protected against them will be discussed in this chapter.

Cyber threats present constantly evolving and unique challenges to national security professionals at all levels of government. Public and private sector entities also face a constant stream of cyberattacks through varied methods by actors with myriad motivations. These threats are not expected to diminish in the near future. As a result, homeland security and national security professionals at all levels of government must understand the unique motivations and capabilities of malicious cyber actors in order to better protect against and respond to cyberattacks. This chapter outlines the most common cyberattacks; explains the motivations behind these attacks; and describes the federal, state, and local efforts to address these threats.

If aeroplanes and passengers, as well as property and people on the ground are to be protected, potential perpetrators of aviation terrorism must be prevented from breaching security checkpoints and gaining access to ‘secure’ airport areas and to aircrafts. Given the interconnectedness of the air transportation system, a sufficiently high level of security must be provided throughout the entire system. In this chapter we examine terrorism issues relevant to airline and airport security internationally, a topic that has received much attention since 9/11. Understanding the key issues is crucial in evaluating the various methods of regulating and providing aviation safety and security. The purpose of this chapter is to review the key features of the Aviation and Transportation Security Act and the characteristics of the resulting security policy. Then we examine terrorism, previous terrorists' acts against aviation as well as current and future aviation threats. A summary of our major points completes the chapter.

Today, the presence of unwanted activities threatening the safety of the field, which has negative effects on daily life and social psychology, is increasing day by day. There is no doubt that it is inevitable to avoid these threats, but it is possible to take some measures to reduce the destructive power of these threats. Nowadays, increasing terrorist attacks increase the importance of field safety design in urban areas. There is a loss of life in attacks around the world. The subject of this study is to investigate the design criteria related to the built environment and the measures to be taken in the case of bomb attacks in the built environment. In this study, a checklist will designed to measure the security design process around the building. The checklist titles are taken mainly from the “Safety design and Landscape Architecture” series of the Landscape Architecture Technical Information Series/LATIS publications by the American Society of Landscape Architects (ASLA) and the Risk Management Series of the Federal Emergency Management Agency/FEMA (FEMA, 2003, 2007; LATIS, 2016) and others. The checklist created as a result of literature review will be tested in Istanbul Sultanahmet Square. As a result of the study, it was determined that improvements should be made in the areas of vehicular and pedestrian access, parking lots, lighting and trash receptacle designs around Sultanahmet Square.