scholarly journals Social Engineering Attacks: A Survey

2019 ◽  
Vol 11 (4) ◽  
pp. 89 ◽  
Author(s):  
Fatima Salahdine ◽  
Naima Kaabouch
Keyword(s):  
Communication Systems ◽  
Social Engineering ◽  
Sensitive Information ◽  
Security Measures ◽  
Information Communication ◽  
Sensitive Data ◽  
Health Records ◽  
The Social ◽  
Human Tendency ◽  
Detection Strategies

The advancements in digital communication technology have made communication between humans more accessible and instant. However, personal and sensitive information may be available online through social networks and online services that lack the security measures to protect this information. Communication systems are vulnerable and can easily be penetrated by malicious users through social engineering attacks. These attacks aim at tricking individuals or enterprises into accomplishing actions that benefit attackers or providing them with sensitive data such as social security number, health records, and passwords. Social engineering is one of the biggest challenges facing network security because it exploits the natural human tendency to trust. This paper provides an in-depth survey about the social engineering attacks, their classifications, detection strategies, and prevention procedures.

scholarly journals Study of social engineering attacks in Romania 2019

2020 ◽  
Vol XXIII (1) ◽  
pp. 263-270
Author(s):  
Radu Moinescu
Keyword(s):  
Network Security ◽  
Social Engineering ◽  
The Social ◽  
Human Tendency ◽  
Detection Strategies

Social engineering is one of the biggest challenges facing network security because it exploits the natural human tendency to trust. In recent years, cybercriminals have done everything in their power to be innovative. They are taking advantage of every aspect of our lives to develop new social engineering schemes. This paper provides an in-depth survey about the social engineering attacks that took place in Romania in 2019, their classifications, detection strategies, and prevention procedures.

scholarly journals Facilitating the ethical use of health data for the benefit of society: electronic health records, consent and the duty of easy rescue

2016 ◽  
Vol 374 (2083) ◽  
pp. 20160130 ◽  
Author(s):  
Sebastian Porsdam Mann ◽  
Julian Savulescu ◽  
Barbara J. Sahakian
Keyword(s):  
Informed Consent ◽  
Electronic Health Records ◽  
Data Science ◽  
Real Life ◽  
Health Data ◽  
Sensitive Information ◽  
Minimal Risk ◽  
Sensitive Data ◽  
Health Records ◽  
Electronic Health

Advances in data science allow for sophisticated analysis of increasingly large datasets. In the medical context, large volumes of data collected for healthcare purposes are contained in electronic health records (EHRs). The real-life character and sheer amount of data contained in them make EHRs an attractive resource for public health and biomedical research. However, medical records contain sensitive information that could be misused by third parties. Medical confidentiality and respect for patients' privacy and autonomy protect patient data, barring access to health records unless consent is given by the data subject. This creates a situation in which much of the beneficial records-based research is prevented from being used or is seriously undermined, because the refusal of consent by some patients introduces a systematic deviation, known as selection bias, from a representative sample of the general population, thus distorting research findings. Although research exemptions for the requirement of informed consent exist, they are rarely used in practice due to concerns over liability and a general culture of caution. In this paper, we argue that the problem of research access to sensitive data can be understood as a tension between the medical duties of confidentiality and beneficence. We attempt to show that the requirement of informed consent is not appropriate for all kinds of records-based research by distinguishing studies involving minimal risk from those that feature moderate or greater risks. We argue that the duty of easy rescue—the principle that persons should benefit others when this can be done at no or minimal risk to themselves—grounds the removal of consent requirements for minimally risky records-based research. Drawing on this discussion, we propose a risk-adapted framework for the facilitation of ethical uses of health data for the benefit of society. This article is part of the themed issue ‘The ethical impact of data science’.

scholarly journals Medical Image Security Using Quantum Cryptography

10.28945/3968 ◽  
2018 ◽  
Keyword(s):  
Communication Systems ◽  
Medical Image ◽  
High Speed ◽  
Sensitive Information ◽  
Sensitive Data ◽  
New Developments ◽  
Security Applications ◽  
New Applications ◽  
Secured Communication ◽  
Gain Access

[This Proceedings paper was revised and published in the 2018 issue of the journal Issues in Informing Science and Information Technology, Volume 15] Medical images are very sensitive data that are being transferred here and there either for referral cases or consultation. Since these images are very sensitive, they have to be kept securely. Since the advent of the internet, transferring of these images is being done on the network in the form of data. Data security applications have drawn lots of interest over time. Unauthorized users daily derive ways to gain access to sensitive information while application programmers continue to devise new methods of keeping information safe. One of the best ways to which data could be kept secured is through the use of cryptography. Not just Cryptography, there are new applications of the principles of quantum mechanics to cryptography has led to a remarkable new dimension in secured communication. As a result of these new developments, it is now possible to construct cryptographic communication systems which keep transferred data safe and secure. Therefore, in this paper, a reliable and dependable way of securing medical image using Darpa Quantum Network that delivers end to end network security via high-speed Quantum Key Distribution, and testing the Network against sophisticated eavesdropping attacks is being proposed.

scholarly journals An ensemble random forest algorithm for privacy preserving distributed medical data mining

2021 ◽  
Vol 12 (6) ◽  
pp. 0-0
Keyword(s):  
Data Mining ◽  
Random Forest ◽  
Imbalanced Data ◽  
Distributed Data Mining ◽  
Sensitive Information ◽  
Distributed Data ◽  
Sensitive Data ◽  
Health Records ◽  
Data Mining Approach ◽  
Proposed Model

As the voluminous amount of data is generated because of inexorably widespread proliferation of electronic data maintained using the Electronic Health Records (EHRs). Medical health facilities have great potential to discern the patterns from this data and utilize them in diagnosing a specific disease or predicting outbreak of an epidemic etc. This discern of patterns might reveal sensitive information about individuals and this information is vulnerable to misuse. This is, however, a challenging task to share such sensitive data as it compromises the privacy of patients. In this paper, a random forest-based distributed data mining approach is proposed. Performance of the proposed model is evaluated using accuracy, f-measure and appa statistics analysis. Experimental results reveal that the proposed model is efficient and scalable enough in both performance and accuracy within the imbalanced data and also in maintaining the privacy by sharing only useful healthcare knowledge in the form of local models without revealing and sharing of sensitive data.

scholarly journals Privacy Preservation of Sensitive Data using Polymorphic Encryption and Cryptographic Techniques

2019 ◽  
Vol 8 (12S) ◽  
pp. 433-440
Keyword(s):  
Privacy Preservation ◽  
Narrative Approach ◽  
Data Sets ◽  
Sensitive Information ◽  
Sensitive Data ◽  
Health Records ◽  
Secure Storage ◽  
Other Information ◽  
The One ◽  
Cryptographic Techniques

The compilation and analysis of health records on a big data scale is becoming an essential approach to understand problematical diseases. In order to gain new insights it is important that researchers can cooperate: they will have to access each other's data and contribute to the data sets. In many cases, such health records involves privacy sensitive data about patients. Patients should be cautious to count on preservation of their privacy and on secure storage of their data. Polymorphic encryption and Pseudonymisation, form a narrative approach for the management of sensitive information, especially in health care. The conventional encryptionsystem is rather inflexible: once scrambled, just one key can be utilized to unscramble the information. This inflexibility is turning into an each more noteworthy issue with regards to huge information examination, where various gatherings who wish to research some portion of an encoded informational index all need the one key for decoding. Polymorphic encryption is another cryptographic strategy that tackles these issues. Together with the related procedure of polymorphic pseudonymisation new security and protection assurances can be given which are fundamental in zones, for example, (customized) wellbeing area, medicinal information accumulation by means of self-estimation applications, and all the more by and large in protection inviting character the board and information examination.Encryption, pseudonymization and anonymization are some of the importanttechniques that facilitate the usders on security of sensitive data, and ensure compliance both from an Data Regulation act and any other information security act like Health Insurance Portability and Accountability Act - (HIPAA) regulations.

scholarly journals Phishing: A Serious Threat to Online Banking

2011 ◽  
pp. 23-26
Author(s):  
Subasish Mohanty ◽  
Biswajit Rout
Keyword(s):  
Web Sites ◽  
Credit Card ◽  
Instant Messaging ◽  
Public Awareness ◽  
Social Engineering ◽  
Web Security ◽  
Sensitive Information ◽  
Security Measures ◽  
User Training ◽  
Security Technologies

Phishing is an attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. Many websites have now created secondary tools for applications, like maps for games, but they should be clearly marked as to who wrote them, and you should not use the same passwords anywhere on the internet.

scholarly journals Threat Language: Cognitive Exploitation in Social Engineering

2018 ◽  
Author(s):  
Handoko Handoko ◽  
Dwi Anggreini Waskito Putri
Keyword(s):  
Social Psychology ◽  
Decision Making ◽  
Social Communication ◽  
Cognitive Process ◽  
Cognitive Linguistics ◽  
Social Engineering ◽  
Sensitive Information ◽  
The Social ◽  
Psychological Threat ◽  
Social Engineer

A social engineering aims to elicit sensitive information by using various manipulation approach to exploit the victim. The increasing of social communication platform such as email, messenger, facebook, linkedin, researchgate, combined with the social psychology and cognitive linguistics become a new weapon to attack either personal or even institutional targets. This paper explores the language used by the attacker to expose psychological threat to elicit sensitive information and to direct the victim to execute the certain action. The data are taken from emails which contain threat language. This paper illustrates how an attacker uses threat language to perform social engineering. The analysis is based on social engineering attack classification (Mouton, 2016) and cognitive pragmatics (Bara, 2010). The result shows rather than using persuasive approach, the attacker uses the threat to exploit cognitive process in thinking and decision making. Moreover the research also found pattern of a social engineer email: warning, threat, and enhancement.

scholarly journals An Ensemble Random Forest Algorithm for Privacy Preserving Distributed Medical Data Mining

2021 ◽  
Vol 12 (6) ◽  
pp. 1-23
Author(s):  
Musavir Hassan ◽  
Muheet Ahmed Butt ◽  
Majid Zaman
Keyword(s):  
Data Mining ◽  
Random Forest ◽  
Imbalanced Data ◽  
Distributed Data Mining ◽  
Sensitive Information ◽  
Distributed Data ◽  
Sensitive Data ◽  
Health Records ◽  
Data Mining Approach ◽  
Proposed Model

As the voluminous amount of data is generated because of inexorably widespread proliferation of electronic data maintained using the Electronic Health Records (EHRs). Medical health facilities have great potential to discern the patterns from this data and utilize them in diagnosing a specific disease or predicting outbreak of an epidemic etc. This discern of patterns might reveal sensitive information about individuals and this information is vulnerable to misuse. This is, however, a challenging task to share such sensitive data as it compromises the privacy of patients. In this paper, a random forest-based distributed data mining approach is proposed. Performance of the proposed model is evaluated using accuracy, f-measure and appa statistics analysis. Experimental results reveal that the proposed model is efficient and scalable enough in both performance and accuracy within the imbalanced data and also in maintaining the privacy by sharing only useful healthcare knowledge in the form of local models without revealing and sharing of sensitive data.

Effective Multi-Layer Security for Campus Network

2015 ◽  
Vol 2 ◽  
pp. 6
Author(s):  
Isiaka Ajewale Alimi
Keyword(s):  
Network Architecture ◽  
Communication Systems ◽  
Denial Of Service ◽  
High Rate ◽  
Campus Network ◽  
Security Measures ◽  
Security Breaches ◽  
Security Technologies ◽  
Network Layers ◽  
Firewall System

The development in different communication systems as well as multimedia applications and services leads to high rate of Internet usage. However, transmission of information over such networks can be compromised and security breaches such as virus, denial of service, unauthorized access, and theft of proprietary information which may have devastating impact on the system may occur if adequate security measures are not employed. Consequently, building viable, effective, and safe network is one of the main technical challenges of information transmission in campus networks. Furthermore, it has been observed that, network threats and attacks exist from the lower layers of network traffic to the application layer; therefore, this paper proposes an effective multi-layer firewall system for augmenting the functionalities of other network security technologies due to the fact that, irrespective of the type of access control being employed, attacks are still bound to occur. The effectiveness of the proposed network architecture is demonstrated using Cisco Packet Tracer. The simulation results show that, implementation of the proposed topology is viable and offers reasonable degree of security at different network layers.

Sign in / Sign up

Export Citation Format

Share Document