Attacks

The wireless sensor network (WSN) has becomes the research area in today’s worlds due to the huge number of application taking the advantage from it. Sensors are small device having memory, power and processing chip that makes it processing device. Due to its dominant nature it is used in battlefields and commercial applications such as building, traffic surveillance, habitat monitoring and smart homes and many more scenarios. Main motive behinds this paper is to introduce different types of attacks encounters during transmission or communication over the wireless sensor network and provides some ideas to overcome from these attacks. Here, we introduce security mechanisms like cryptographic key, authentication and challenges in wireless sensor network. The power computation and unsecure communication is main challenging area of wireless sensor network

Wireless sensor networks (WSNs) have many potential applications [1, 5] and unique challenges. They usually consist of hundreds or thousands small sensor nodes such as MICA2, which operate autonomously; conditions such as cost, invisible deployment and many application domains, lead to small size and limited resources sensors [2]. WSNs are susceptible to many types of physical attacks [1] and most of traditional networks security techniques are unusable on WSNs[2]; due to wireless and shared nature of communication channel, untrusted transmissions, deployment in open environments, unattended nature and limited resources [1]. So, security is a vital requirement for these networks; but we have to design a proper security mechanism that attends to WSN's constraints and requirements. In this paper, we focus on security of WSNs, divide it (the WSNs security) into four categories and will consider them, include: an overview of WSNs, security in WSNs, the threat model on WSNs, a wide v...

MANET is a rapidly emerging mobile communication technology which offers fruitful services in various fields like military battle field, emergency services, entertainment, sensor networks, home and internetworking etc., Due to dynamic topology, open environment, infrastructure less network and lack of centralized administration MANETs are susceptible to various attacks. This paper describes the various types and tools of MANET and it presents an overview of MANET applications, technological challenges and different security attacks.

Almost every night, lasers pointed at an aircraft/ATC tower can lead to hazards.
Especially, during critical phases of flight such as approach, landing and takeoff.
Laser beam can cause distraction, or glare or temporary flash blindness, causing
Loss of Control In-flight (LOC-I) or going around. The major incidents categories
for the MID Region based on reports received directly from airlines was laser
attacks As mentioned in MID Region Annual Safety Report 2014. And because
laser incidents arise every year all over the world, we established an updated
data base including a case study and trends in the period 2013-2015 at
Cairo/Sharm El Sheikh/Luxor airports. Which identifies gaps, hazards, risk
assessment. And finally implement a plan which will allow us to mitigate and
control risks to reach acceptable level of safety.


*The objectives of the Laser Attack Safety guideline case study are:
a. provide effective coordination between all stakeholders by establishing Local
Laser Working Group (LLWG);
b. managing and controlling risk by identifying hazards and assesse risk with Root
cause and gap analysis;
c. establishing data base to provide trends for targeted airports;
d. finally, to provide Mitigation Measures and Safety recommendations to achieve
Safe operations at airports, rolling out the plan progressively to airports across
country;
RGS WG/4-WP13
-3-
e. provide guidance material for CAA to establish training campaign for pilots,
awareness campaign for ATCO and Public awareness campaign; and
f. could be used as an oversight audit tool by CAA.

L’exercice de l’art infirmier répond à des règles réglementaires qui sont d’ordre public. Ceci implique qu’elles sont directement opposables à l’infirmier et ne souffrent pas d’exception. Néanmoins, en situation d’exception, ces règles répondent clairement à la problématique de l’infirmier placé en situation de catastrophe, attentat ou face à de nombreuses victimes.

Web application brings us convenience but also has some potential security problems. SQL injection attacks topped the list of Top 10 Network Security Problems released by OWASP, and the detection technology of SQL injection attacks has been one of the hotspots of network security research. In this paper, we propose a SQL injection detection method that does not rely on background rule base by using a natural language processing model and deep learning framework on the basis of comprehensive domestic and international research. The method can improve the accuracy and reduce the false alarm rate while allowing the machine to automatically learn the language model features of SQL injection attacks, greatly reducing human intervention and providing some defense against 0day attacks that never occur.

Web application attacks are incessantly increasing in number and in severity. The big data available on the internet motivates hackers to launch new kind of attacks. In this context, intensive research on web application security have been conducted. The most dangerous attack that target web applications is the Structured Query Language Injection (SQLI). This attack represents a serious threat to the web applications. Several research works have been conducted to mitigate this attack either by preventing it from an early stage or detecting it when it occurs. In this paper, we present an overview of the SQL injection attack and a classification of the newly proposed detection and prevention solutions. We classify the different attack sources, goals, and types. Moreover, we discuss and classify the most important and recent proposed solutions to mitigate this attack especially those based on ontology and machine learning.

In the recent era where technology plays a prominent role, persons can be identified (for security reasons) based on their behavioral and physiological characteristics (for example fingerprint, face, iris, key-stroke, signature, voice, etc.) through a computer system called the biometric system. In these kinds of systems the security is still a question mark because of various intruders and attacks. This problem can be solved by improving the security using some efficient algorithms available. Hence the fake person can be identified if he/she uses any synthetic sample of an authenticated person and a fake person who is trying to forge can be identified and authenticated.

Internet of Things (IoT) is the interconnection of heterogeneous smart devices through the Internet with diverse application areas. The huge number of smart devices and the complexity of networks has made it impossible to secure the data and communication between devices. Various conventional security controls are insufficient to prevent numerous attacks against these information-rich devices. Along with enhancing existing approaches, a peripheral defence, Intrusion Detection System (IDS), proved efficient in most scenarios. However, conventional IDS approaches are unsuitable to mitigate continuously emerging zero-day attacks. Intelligent mechanisms that can detect unfamiliar intrusions seems a prospective solution. This article explores popular attacks against IoT architecture and its relevant defence mechanisms to identify an appropriate protective measure for different networking practices and attack categories. Besides, a security framework for IoT architecture is provided with a list of security enhancement techniques.

Closed Circuit TeleVision surveillance systems are frequently the subject of debate. Some parties seek to promote their benefits such as their use in criminal investigations and providing a feeling of safety to the public. They have also been on the receiving end of bad press when some consider intrusiveness has outweighed the benefits. The correct design and use of such systems is paramount to ensure a CCTV surveillance system meets the needs of the user, provides a tangible benefit and provides safety and security for the wider law-abiding public. In focusing on the normative aspects of CCTV, the paper raises questions concerning the efficiency of understanding contemporary forms of "social ordering practices" primarily in terms of technical rationalities while neglecting other, more material and ideological processes involved in the construction of social order. In this paper, a 360-degree view presented on the assessment of the diverse CCTV video surveillance systems (VSS) of recent past and present in accordance with technology. Further, an attempt been made to compare different VSS with their operational strengths and their attacks. Finally, the paper concludes with a number of future research directions in the design and implementation of VSS.

In today's period of the invasive figuring, the Internet has turned into the principle method of information correspondence. In such a situation, giving security to information turns into a mind boggling assignment. In Elliptic bend cryptography (ECC) is a developing most loved in light of the fact that requires less computational force, correspondence data transmission, and memory when contrasted with different cryptosystems In this paper we introduce Elliptic bend cryptography and Diffie–Hellman key understanding, itself is a mysterious (non-confirmed) key-assertion convention, it gives the premise to an assortment of verified conventions, and is utilized to give forward mystery to web programs application utilizing HTTPS. In its mainstream organization on the internet, provides confirmation of the site and related web server that one is corresponding with, which secures against Man-in-the-center assaults. Also, it gives bidirectional encryption of interchanges between a customer and server, which ensures against listening stealthily and messing with and/or manufacturing the substance of the correspondence and for better security we will apply mark and confirmation calculation for ECC and for verification we have performed digital signature algorithm for better assessment of security approach.

Since the Red Army’s invasion of Afghanistan in 1979, the world has been shaken by jihadist terrorism. In forty years, Islamist terrorist attacks have multiplied, reaching as far as the heart of Western countries, New York, Madrid, London, Paris, but also Moscow, etc. By instilling feelings of fear and mistrust, through indiscriminate violence and its repetition, Islamist terrorism fuels or reinforces the demands for authoritarianism and closure that are increasing in democracies.

But have we measured the reality of this violence that worries us so much? Of course, we know that the United States was the scene of the most deadly series of attacks in the history of terrorism on 9/11. We may also know that in Europe France is the most affected country. We can see that Islamist violence strikes more often, even harder, outside the Western world. But we cannot say that we know how to evaluate Islamist violence in this way.

The Fondation pour l’innovation politique wanted to contribute to this evaluation. Since spring 2018, we have been working to quantify Islamist terrorism, to identify the forms it has taken over these decades, to classify the acts it may have inspired or initiated, to estimate the number of its victims, to identify the most deadly organisations and the most affected countries.
To do this, we collected a very large amount of information, to the point of building a large database. It is available in open data on our website data.fondapol.org.

We believe that the mass of information gathered sheds new light on the phenomenon of Islamist violence. It makes it possible to better describe it, to better understand it, to document its severity. Thus, by way of illustration, we can establish that between 1979 and 2019, at least 33,769 Islamist terrorist attacks took place worldwide. They caused the deaths of at least 167,096 people. We can also say that Islamist terrorist attacks account for 18.8% of all attacks worldwide, but that they are responsible for 39.1% of the lives lost due to terrorism; or that, during the years studied, there has been an intensification of this violence and that the deadliest period is the most recent: from 2013 onwards, in our opinion, Islam has become the main cause (63.4%) of deaths due to terrorism in the world. We identify and quantify operating methods and targets. The vision of the phenomenon improves, the image becomes clearer. In this way, we show that the majority of the victims of Islamist terrorism are Muslims (91.2%).

Smart contracts have a piece of code which are executed under certain conditions and are deployed on blockchain. Some of the applications of smart contracts are crypto assets, Health care applications, voting, IOT, digital rights, gambling, escrow, music rights management, record keeping, smart property and e-governance. Smart contracts plays a crucial role in these applications but adversaries exploit smart contracts due to vulnerabilities in smart contracts and millions of dollars are drained within few years, like The DAO attack, King of the Ether Throne, Multi-player games, Parity Multisig Wallet, Rubixi, GovernMental, Dynamic libraries and Batch Transfer Overflow. Due to these reasons, an extensive research is required on attacks on smart contracts with efficient detective and preventive methods. In this paper, we concentrate on vulnerabilities of smart contracts which are the root cause of the attacks. The existing work on these attacks has discussed only a few of the vulnerabilities and there is a need to cover all smart contract vulnerabilities over Ethereum. The taxonomy of vulnerabilities is listed below with smart contract code and the investigations done on how the attackers are exploiting the Smart Contracts with these vulnerabilities..

Today with the vast technological advancements in the various means of communication, instant messaging applications play a very crucial role in the transmission of messages from one user to another who will be residing at different locations at a minimal cost or with the support of the internet facility. With the advancements in technology comes the need to secure applications from malicious attackers who try to steal user credentials or may also cause passive attacks on the network. The chat application uses the XMPP server for the secure transmission of messages between the users. The defense organizations need a more secure chat application for communicating in a highly confidential manner. Therefore we try to propose a smart and secure chat application for the defense organization. Many existing Android chat applications are compared to analyze their features, security principles, and flaws to bring forward an innovative and secure android chat application.

Web application brings us convenience but also has some potential security problems. SQL injection attacks topped the list of Top 10 Network Security Problems released by OWASP, and the detection technology of SQL injection attacks has been one of the hotspots of network security research. In this paper, we propose a SQL injection detection method that does not rely on background rule base by using a natural language processing model and deep learning framework on the basis of comprehensive domestic and international research. The method can improve the accuracy and reduce the false alarm rate while allowing the machine to automatically learn the language model features of SQL injection attacks, greatly reducing human intervention and providing some defense against 0day attacks that never occur.

Social engineering attacks are phenomena that are equally applicable to both the physical world and cyberspace. These attacks in the physical world have been studied for a much longer time than their counterpart in cyberspace. This motivates us to investigate how social engineering attacks in the physical world and cyberspace relate to each other, including their common characteristics and unique features. For this purpose, we propose a methodology to unify social engineering attacks and defenses in the physical world and cyberspace into a single framework, including: (i) a systematic model based on psychological principles for describing these attacks; (ii) a systematization of these attacks; and (iii) a systematization of defenses against them. Our study leads to several insights, which shed light on future research directions towards adequately defending against social engineering attacks in cyberspace.

Currently, companies are more into using distributed systems and relying on network and communication facilities for transmitting critical and important information that needs to be secured. Therefore, protecting companies information becomes more important, and information security is essential to maintain. Information security is defined as protecting the information, the system, and the hardware that use, store and transmit the information, to ensure integrity, confidentiality and availability of data and operation procedures are protected. In this paper, we illustrate the factors that impact information security in different fields; cyber security, Internet of Things and network security from various studies and outline the security requirements to reduce this impact. I. INTRODUCTION Nowadays, most of the companies are interested in technology system in order to achieve a quicker procedure than the old-fashioned way, and for this system to be more effective, it must be saved from threats and information security must be maintained. The main objectives of information security that must be implemented to ensure the protection of data in any corporation are: (i) confidentiality, (ii) integrity and (iii) availability. The companies structure should be protected from active and passive attacks, such as (illegal access, unauthorized improvement of data and interruption) [1]. Information security and cyber security are both global and exciting subject for many researchers. The international standard, ISO/IEC 27002 (2005), defines Information Security as: "The preservations of the confidentiality, integrity and availability of information, for any form (hard copy or soft copy, electronic store, transmitted by email, or any other format)". While, the International Telecommunications Union (ITU) defines cyber security as follows: "Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets" [2]. Both cyber security and information technology security requires continuous assessment and newness because they are vastly developed fields. Reputation and compromise intellectual property of organization will be affected by cyber attacks. Cyber attackers face problems in system security that uses multi-layer firewalls, so they depend on social engineering [3]. Due to the rapid increase of using technologies, that provide some comfort to the user, such as saving time and effort. The Internet of Things (IoT) is considered the best technology, with its applications that facilitate our work and live by providing features (i.e. connectivity, active engagement) that help us to achieve improvement, increase evolution and knowledge exchange. IoT is defined as a group of people and devices interconnected with each other. In addition, it allows devices to communicate with each other without involvement of human, it includes interconnected sensors of real world, devices of electronics and systems to the Internet. The main support of the IoT is the Internet. So that, any security threats that target the Internet can affect the IoT [4]. According to the importance of network and technology for any application, the security of network should be taken very important. The design of network depends on Open System Interface (OSI) model that gives many benefits when designing network security (e.g. flexibility, standardization of protocols, and easy to use). Network is unprotected to attacks while transferring data into communication channels. The security requirements of network are confidentiality and integrity. In addition, it is better to confirm that the complete network is secure when considering with network security [5]. In this paper, we will illustrate the factors effect on the multiple domains (Information System IS, cyber space, IoT and Network security) from various studies, to show how these factors effect and what are security requirements that can be used to reduce this effect. The reminder of this paper is organized as follows. Section II illustrates studies of various topics IS, Cyber space, IoT, and Network. In Section III, we discuss about different attacks that effect on security of multiple fields and the security requirements to prevent the attacks. Section IV is devoted to represent some relevant comments and concluding remarks.

This paper offers an up-to-date, comprehensive, extensive and targeted survey on Behavioral Biometrics and Continuous Authentication technologies for mobile devices. Our aim is to help interested researchers to effectively grasp the background in this field and to avoid pitfalls in their work. In our survey, we first present a classification of behavioral biometrics and continuous authentication technologies for mobile devices and an analysis for behavioral biometrics collection methodologies and feature extraction techniques. Then, we provide a state-of-the-art literature review focusing on the machine learning models performance in seven types of behavioral biometrics for continuous authentication. Further, we conduct another review that showed the vulnerability of machine learning models against well-designed adversarial attack vectors and we highlight relevant countermeasures. Finally, our discussions extend to lessons learned, current challenges and future trends.

Keywords
Machine Learning, Behavioral Biometrics, Continuous Authentication, Mobile Devices, Attacks, Defense, Survey.

With the rapid growth in technology there is a need to increase security measures to take security system at next level. Cyber security is of developing concern to every single person, as information technology has become all too common. The confidential and critical data of the user is there on the system and is highly susceptible to strike. Therefore it is important to validation the devices or to control the sustainable access of the system to permitted users only. Previous understanding-based and badge-based validation mechanisms are slowly ineffectual and therefore assailant find multiple technique to overcome these methods. Biometric validation is a significant step forward in an independent person authentication. Biometric characteristics are closely connected to a single person and a strong tool for permitting user entrance. Biometrics is the modern technology of measuring and analyzing human body biological data to improve system safety by supplying precise and useful prototype and procedures for the authentication and recognition of individuals, and its applications are commonly utilized in government sectors, defense as well as industry. This paper examines the dif erent biometric characteristics commonly utilized in a biometric system and the dif erent type of biometric system.

Security in this world of digital computing plays a typical role, since all the operations are automated and large volumes of data are being maintained in the servers. Cloud computing is one of the evolving technologies where a huge volume of storage is made on-line, data and services are also distributed. Because of its distributed nature, they have become easy targets for the intruders to exploit the information. The well known Distributed Denial of Service (DDoS) attack is the most prominent attacks in this area of computing. DDoS is the single largest threat to internet and internet of things. This paper provides a wide survey on various DDoS attacks, their vulnerabilities and countermeasures proposed against them. Also this paper provides an in-depth analysis on effects of DDoS attacks in the Cloud environment. Through the analysis done it will be useful for designing a secured cloud infrastructure which will abide the DDoS attacks.

Security is one of the key important factors in ad hoc network due to the open wireless medium and dynamic topology of the network. MANET, VANET and FANET are type of ad hoc network and their applications are served the end users in real environment. VANET and FANET are next generation network and due to safety applications more attractions for end users in these networks. In this paper, we will provide the survey on security issues and challenges in the field of MANET, VANET and FANET. The successful implementation of these networks in real environment, it is require the network will be secure and end user can take benefit from their life safety applications.

Vehicular Ad hoc Networks (VANETs) have emerged recently as one of the most attractive topics for researchers and automotive industries due to their tremendous potential to improve traffic safety, efficiency and other added services. However, VANETs are themselves vulnerable against attacks that can directly lead to the corruption of networks and then possibly provoke big losses of time, money, and even lives. This paper presents a survey of VANETs attacks and solutions in carefully considering other similar works as well as updating new attacks and categorizing them into different classes.

In today's digital world, in every field there is massive use of digital contents. Digital documents can be copied and scattered easily to large numbers of people without any cost. People can download audio, image and video files, and they can share them with friends and they can influence or change their original contents. Due to this, there is more probability of copying of such digital information. So, there is an urgent need of prohibiting such illegitimate copyright of digital media. Digital watermarking (DWM) is the dominant solution to this problem. This paper aims to provide an exhaustive survey of digital watermarking techniques especially focuses on image watermarking types and its applications in today's world.

The following article intends to examine the role Boko Haram has been playing over the years. Based on the analysis of the news randomly taken from the Nigerian media, it seeks to offer suggestions on how the media and other Nigerian development agents can contribute to an end of the attacks carried out by this group. Subsequently, it is expected to show that the media, in conjunction with other Nigerian development agents, can be used to identify the criminal activities of Boko Haram insurgents in the area, and also used to study the modus vivendi and modus operandi of this group.

Wireless Sensor Networks are special kind of Ad-hoc networks, used in various applications like military and healthcare areas and characterized by severely constrained computational, memory and energy resources. When wireless sensor networks are deployed in an open or hostile environment security becomes extremely important, as they are prone to different types of malicious attacks. This paper includes the outline of the energy constraints, security requirements, and some of the security mechanisms to counter these attacks.

This study is an exploratory assessment of Phishing, SMiShing and Vishing attacks against mobile devices. It examines the implications of end-user behavior towards mitigating the risks posed by using mobile devices for online services and facilities. Phishing is that socially engineered attack aimed at enticing unsuspecting users with familiar websites spoofed and purported to come from a legitimate organization or source. It lures the user to furnish the assailant with the user's access credentials, for which privileged access would be gained to harm the user. SMiShing attacks also happen whenever text messages are sent for the user to either click on a link provided, which leads to a fraudulent website or for the attacker to get access to the user's contacts and/or any other confidential information. Vishing is a voice phishing attack, whereby a voice call received from an assailant lures the target into providing personal information with the intention to use that information to cause harm. With the proliferation of smart phones, tablets and hotspots, these social engineering attacks on mobile devices are now prevalent. The study observed and strategically interviewed 20 end-users for their knowledge, perceptions and behavior when confronted with phishing attack situations. The results show that men are more comfortable and trusting on the cyber-space and thus more susceptible to phishing attacks than women. The results also indicate that most users are either slightly aware or not at all aware of Phishing, SMiShing and Vishing threats against their mobile devices. Interestingly, 55% would occasionally examine the messages received as perceived threats, whilst 35% would never or almost never scrutinize any messages. A taxonomy of 'alluring" and "decoying" words used in phishing attacks is provided as a benchmark to end-users to guard against becoming cyber-victims. Of the most commonly used operating systems, the iOS was found to be the most susceptible to phishing attacks.

Government of Cabo Delgado produced a report about the impact of the insurgency in the province.

The violence started in October 2017 when a group of 30 masked men launched attacks over three days against police posts in Mocímboa da Praia, a city of around 30,000 residents located 100 kilometers south of the border with the United Republic of Tanzania. According to the police, the attack left 16 dead, including 14 from the armed group and two police officers.

This was the first episode in a series of similar attacks suffered in the region over the following months. Since then, many attacks have been recorded in the province, leaving at least 600 dead, among officials and civilians, according to https://fr.globalvoices.org/2020/01/19/244041/

Cyber security refers to protection of a network, system and web application or a website from an attacker who tries to gain access unethically. There are two types of cyber security, offensive and defensive. Due to the increase in internet user's cyber-attacks are also increasing. The growth in cyberspace led to an increase in vulnerabilities to all kinds of cyber attacks. This paper discusses increasing common cyber attacks and why defensive security should be a compulsory subject to every internet using individuals to safeguard the network or system being accessed with basic security measures and precautions. Cyber security is a very vast field one can possibly learn from not being in a cyber security background but one can know about the types of attacks, their consequences, basic precautions and security measures.

Throughout the world, every field has obtained a drastic transformation. The ultimate reason is digital technologies. This change made better performances of individual, industries, government, private organizations etc. Even this revolution brought many reward, this also has harmful side that is cyber threat. The attention must be turn to cyber threat at the same time when we are getting benefit from these digital technologies. Cyber threats are improving its intelligence day by day. The updating of knowledge in recent threats is significant one to prevent from this harm. This paper tries to find out what are the modern cyber attacks made and research over those.

Wireless Sensor Network(WSN) is an emerging technology and explored field of researchers worldwide in the past few years, so does the need for effective security mechanisms. The sensing technology combined with processing power and wireless communication makes it lucrative for being exploited in abundance in future. The inclusion of wireless communication technology also incurs various types of security threats due to unattended installation of sensor nodes as sensor networks may interact with sensitive data and /or operate in hostile unattended environments. These security concerns be addressed from the beginning of the system design. The intent of this paper is to investigate the security related issues in wireless sensor networks. In this paper we have explored general security threats in wireless sensor network with extensive study.

The recent form of change in working on resources and platform introduced the term virtualization. Virtualization comes with its own merits and challenges. As it hides physical characteristics of the resources and the concept of encapsulation comes into picture. Hypervisor based architecture requires fewer hardware resources and can communicate more efficiently. All major players have introduced their hypervisor based solution to the virtualization. One of the challenges comes with it is the virtualization security.

Security is an important issue in the actual educational context where e-learning increases in popularity and increasingly more people are taking online courses. The e-learning platforms are today production systems that need to be secured. To achieve a good level of security, there are many important elements that must be taken into account: authentication, access control, data integrity, content protection, etc. Information security can be obtained using methods such as cryptography and network protocols. In this paper we will highlight some key security issues that must be taken into consideration in developing and using an e-learning platform. We will also examine some security aspects of one of the most popular open-source e-learning systems: Moodle.

Since last-decade, smart-phones have gained widespread usage. Mobile devices store personal details such as contacts and text messages. Due to this extensive growth, smart-phones are attracted towards cyber-criminals. In this research work, we have done a systematic review of the terms related to malware detection algorithms and have also summarized behavioral description of some known mobile malwares in tabular form. After careful solicitation of all the possible methods and algorithms for detection of mobile-based malwares, we give some recommendations for designing future malware detection algorithm by considering computational complexity and detection ration of mobile malwares.

Driven in part by federal law, accessibility (a11y) support for disabled users is becoming ubiquitous in commodity OSs. Some assistive technologies such as natural language user interfaces in mobile devices are welcomed by the general user population. Unfortunately, adding new features in modern, complex OSs usually introduces new security vulnerabilities. Accessibility support is no exception. Assistive technologies can be defined as computing subsystems that either transform user input into interaction requests for other applications and the underlying OS, or transform application and OS output for display on alternative devices. Inadequate security checks on these new I/O paths make it possible to launch attacks from accessibility interfaces. In this paper, we present the first security evaluation of accessibility support for four of the most popular computing platforms: Microsoft Windows, Ubuntu Linux, iOS, and Android. We identify twelve attacks that can bypass state-of-the-art defense mechanisms deployed on these OSs, including UAC, the Yama security module, the iOS sandbox, and the Android sandbox. Further analysis of the identified vulnerabilities shows that their root cause is that the design and implementation of accessibility support involves inevitable trade-offs among compatibility, usability, security, and (economic) cost. These trade-offs make it difficult to secure a system against misuse of accessibility support. Based on our findings, we propose a number of recommendations to either make the implementation of all necessary security checks easier and more intuitive, or to alleviate the impact of missing/incorrect checks. We also point out open problems and challenges in automatically analyzing accessibility support and identifying security vulnerabilities.

Cyber security refers to protection of a network, system and web application or a website from an attacker who tries to gain access unethically. There are two types of cyber security, offensive and defensive. Due to the increase in internet user's cyber-attacks are also increasing. The growth in cyberspace led to an increase in vulnerabilities to all kinds of cyber attacks. This paper discusses increasing common cyber attacks and why defensive security should be a compulsory subject to every internet using individuals to safeguard the network or system being accessed with basic security measures and precautions. Cyber security is a very vast field one can possibly learn from not being in a cyber security background but one can know about the types of attacks, their consequences, basic precautions and security measures.

Blockchain technology is the key for decentralized society and gathered a lot of attention in recent times. The technology of Blockchain offers an infrastructure of secure network that allows the users to perform any operation without middleman. It is expected to bring a revolution due to its characteristics of being transparent, secure and scalable. Blockchain technology will bring the considerable efficiency gains, transparency, cost savings and fraud detection while allowing the data to be shared in real-time between multiple parties in a trusted and transparent manner. This chapter elaborately discusses the basic building blocks of Blockchain technology such as public key cryptography, Digital signature, Elements and types of Blockchain and its applications in different sectors. I. INTRODUCTION Blockchain is a chain of blocks in which the information of transactions is recorded and maintained in a distributed public ledger across a number of computers that are linked in a peer-to-peer network. Blockchain was first introduced by [1] who proposed a peer-to-peer payment system that allows cash transactions through the Internet without relying on the need for a financial institution. Blockchain is secure by design, and an example of a system with a high byzantine failure tolerance [2]. Bitcoin is the first application of the Blockchain concept to create a currency that could be exchanged over the internet using cryptography to secure the transactions. Bitcoin blockchain is the mother of all blockchain. Blockchain is an ordered data structure that contains blocks of transactions. Each block in the blockchain is linked to the previous block in the chain. The first block in the chain is referred to as the Genesis block. Each block created gets layered on top of the previous block to form a stack called a Blockchain. There are a set of rules for confirmation of the legitimacy of a block and to verify that block has not been altered maliciously. Blockchain technology solved the problem of Double-spending (the event where customer can spend a set of the same bitcoins in two different transactions) as the second transaction would be recognized as invalid.

Negli ultimi anni, l’Italia non è stata colpita da attacchi terroristici di matrice jihadista, né ha sperimentato gli elevati livelli di radicalizzazione di alcuni dei suoi vicini europei. Significativamente, il numero di foreign fighters che hanno abbandonato il territorio italiano per unirsi allo Stato Islamico o ad altri gruppi jihadisti – circa 130 individui – è molto più basso se comparato ai numeri della Francia, della Germania, del Regno Unito, ma anche di paesi più piccoli come l’Austria o il Belgio.
Questo quadro di relativa quiete, tuttavia, presenta un’importante eccezione, riguardante la propaganda dello Stato Islamico, che menziona l’Italia e, in particolare, Roma con una frequenza che può apparire sproporzionata.
Analizzando i contenuti ufficiali in lingua inglese pubblicati dallo Stato Islamico a partire dalla proclamazione del “Califfato” (nel giugno del 2014), il presente studio di carattere esplorativo ha contato 432 riferimenti all’Italia, al Vaticano e a Roma. La città è frequentemente citata, con diverse accezioni, anche nella propaganda in lingua araba. L’analisi dei riferimenti individuati mostra che, a parte alcune eccezioni significative, lo Stato Islamico riserva particolare attenzione all’Italia perché si riferisce a Roma come simbolo dell’Occidente e della Cristianità. La maggior parte delle menzioni, infatti, riprende fonti islamiche secondarie che affermano che il Giorno del Giudizio giungerà soltanto quando i musulmani combatteranno i “Romani”, e profetizzano la loro conquista di “Roma” (originariamente sulla base di un riferimento storico al confronto secolare tra le forze musulmane e i “Romani” d’Oriente - ovvero i Bizantini - in epoca medievale).
A ogni modo, la posizione centrale che la capitale italiana occupa nei messaggi jihadisti – anche in senso figurato – è un fenomeno allarmante, poiché può essere interpretata dai seguaci dello Stato Islamico come un’esortazione a compiere attacchi nella Città Eterna o, più in generale, in Italia.

Wireless sensor networks (WSNs) have many potential applications [1, 5] and unique challenges. They usually consist of hundreds or thousands small sensor nodes such as MICA2, which operate autonomously; conditions such as cost, invisible deployment and many application domains, lead to small
size and limited resources sensors [2]. WSNs are susceptible to many types of physical attacks [1] and most of traditional networks security techniques are unusable on WSNs[2]; due to wireless and shared nature of communication channel, untrusted transmissions, deployment in open environments, unattended nature and limited resources [1]. So, security is a vital requirement for these networks; but we have to
design a proper security mechanism that attends to WSN's constraints and requirements. In this paper, we
focus on security of WSNs, divide it (the WSNs security) into four categories and will consider them, include: an overview of WSNs, security in WSNs, the threat model on WSNs, a wide variety of WSNs' physical attacks and a comparison of them. This work enables us to identify the purpose and capabilities
of the attackers; also, the goal, final result and effects of the physical attacks on WSNs are introduced. Also this paper discusses known approaches of security detection and defensive mechanisms against the physical attacks; this would enable it security managers to manage the physical attacks of WSNs more effectively.

Wireless Sensor networks consists of hundreds or thousands of low cost, low power and self-organizing nodes which are highly distributed. Due to the reason that the sensor nodes are highly distributed, there is a need of security in the network. Security is an important issue nowadays in almost every network. There are some security issues and many attacks that need to be look around and work upon. This paper discusses some of the issues and the denial of service attacks of security.

One of the most promising and exciting areas of communication technology is Vehicular Ad Hoc Networks (VANETs). It enables vehicles to communicate among and between each other and fixed infrastructures, and, to provide a safe and enjoyable driving experience. However, VANETs are very susceptible to attacks that could easily be evasive due to its dynamic topology, and, resulting in very dramatic results in traffic. To develop a suitable security solution for VANETs, it must first be understand how such attacks could affect the network. Therefore, this study analyzes four different types of attacks against two popular routing protocols (AODV, GPSR) in VANETs. All attacks, blackhole, dropping, flooding, and bogus information, were implemented on two real maps having low and high density. The results clearly show how attacks could severely affect communication and, the need for security solutions for such highly dynamic networks.