Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more.
Proceedings of the International Conference on Cybersecurity and Cybercrime - 2023 Cover Image

Proceedings of the International Conference on Cybersecurity and Cybercrime - 2023
Proceedings of the International Conference on Cybersecurity and Cybercrime - 2023

Contributor(s): Ioan-Cosmin MIHAI (Editor), Costel CIUCHI (Editor), Gabriel PETRICĂ (Editor)
Subject(s): Economy, ICT Information and Communications Technologies
ISSN: 2393-0837
Published by: Asociatia Romana pentru Asigurarea Securitatii Informatiei
Keywords: cybersecurity; cybercrime; Artificial Intelligence; vulnerability; cyber diplomacy; cyber attack;
Summary/Abstract: The International Conference on Cybersecurity and Cybercrime (IC3) is an annual scientific conference, with the purpose to encourage the exchange of ideas about the evolution of cyberspace, information security challenges, and new facets of the phenomenon of cybercrime. The event provides the appropriate framework for experts to present their research in this field. The International Conference on Cybersecurity and Cybercrime is part of the CyberCon Romania event, organized by the Romanian Association for Information Security Assurance. CyberCon Romania brings together experts from public institutions, private companies, and universities, for raising the level of awareness and embodies the cybersecurity culture.

  • Page Count: 268
  • Publication Year: 2023
  • Language: English
Exploring a Diplomatic System of Cooperation in the Cyber Space through a Proposed Cyber Diplomacy Cooperation Framework

Exploring a Diplomatic System of Cooperation in the Cyber Space through a Proposed Cyber Diplomacy Cooperation Framework
(Exploring a Diplomatic System of Cooperation in the Cyber Space through a Proposed Cyber Diplomacy Cooperation Framework)

  • Author(s):Natalia Bell, Alex MBAZIIRA
  • Language:English
  • Subject(s):History, Economy, Diplomatic history, ICT Information and Communications Technologies
  • Page Range:7-11
  • No. of Pages:5
  • Keywords:cybersecurity;cyberdiplomacy;framework;
  • Summary/Abstract:Cyberattacks are on the rise, and cyber weapons are the main tools used in modern warfare. All these occurrences are changing the nature of traditional diplomacy, contributing to developing new avenues for Cyber Diplomacy. The world's leading nations have realized the importance of establishing a diplomatic system of collaboration in the cyber sphere to facilitate bilateral relationships between nations and cooperation in cyberspace in already-established alliances such as NATO, the United Nations, and regional trade associations. Multiple studies have discussed and detailed the concept of "cyber diplomacy" and the diplomatic behavior associated with it; however, few of these analyses have sought to distinguish the "cyber diplomacy" concept from the more traditional and well-known concept of "diplomacy." The scope of this proposal is to create a Cyber Diplomacy Cooperation Framework which will bring together conventional elements of diplomacy and cutting-edge cybersecurity mechanisms. As cyber warfare concerns are growing, nations need a normative cyber diplomacy framework that can be adapted by countries to prevent cyber-crises and engage more nations in the discussion.
Artificial Intelligence to Counter Cyber-Terrorism

Artificial Intelligence to Counter Cyber-Terrorism
(Artificial Intelligence to Counter Cyber-Terrorism)

  • Author(s):Serena BIANCHI, Marina MANCUSO, Caterina PATERNOSTER, George KALPAKIS, Theodora TSIKRIKA, Stefanos VROCHIDIS, Denitsa KOZHUHAROVA, Bernhard JAEGER
  • Language:English
  • Subject(s):Social Sciences, Economy, Law, Constitution, Jurisprudence, Criminal Law, Sociology, Studies in violence and power, ICT Information and Communications Technologies, EU-Legislation
  • Page Range:12-20
  • No. of Pages:9
  • Keywords:Artificial Intelligence; Counter Extremism; Cyberterrorism; Ethical and Legal Framework; Online Radicalisation;
  • Summary/Abstract:This paper discusses the role of disruptive and innovative technologies for countering the spread of terrorist online content (TCO). In particular, it focuses on the use of Artificial Intelligence (AI) in support to Host Service Providers (HSPs) and Law and Enforcement Agencies (LEAs). The violent and terrorist content is more and more disseminated online taking advantages of the opportunities offered by Internet. The diffusion of terrorist propaganda has a negative impact on the civil society and poses several risks. For this reason, the European institutions published in 2021 the Regulation (EU) 2021/784 to address the misuse of hosting services for the dissemination to the public of TOC. It regulates the measures to be applied by HSPs and Member States’ authorities in order to identify and ensure the quick TOC removal and to facilitate cooperation with each other and Europol. In order to be compliant with these dispositions, AI-based disruptive technologies can provide LEAs and HSPs, especially the small and micro-ones, a concreate support. The implementation of the Regulation and the use of AI technologies have legal and ethical implications that have to be considered. The paper is based on the work and preliminary research conducted in the framework of the European funded project ALLIES, “AI based framework for supporting micro and small Hosting Service Providers (HSPs) on the report and removal of online terrorist content”, Grant Number 101080090.
Innovation in the Financial Sector (FinTech): Paradigms, Causes, Effects and Perspectives

Innovation in the Financial Sector (FinTech): Paradigms, Causes, Effects and Perspectives
(Innovation in the Financial Sector (FinTech): Paradigms, Causes, Effects and Perspectives)

  • Author(s):Ruxandra RÎMNICEANU
  • Language:English
  • Subject(s):Economy, Supranational / Global Economy, Business Economy / Management, Law on Economics, ICT Information and Communications Technologies, EU-Legislation
  • Page Range:21-33
  • No. of Pages:13
  • Keywords:cyber security; Digital Operational Resilience; disruptive technologies and technological innovations; innovative business models; systemic risks;
  • Summary/Abstract:The changes and evolution of the international and domestic financial-banking system, in the context of globalization, after the financial crisis of 2008, determined the emergence of global, virtual banks, megabanks, financial groups that use disruptive technologies and technological innovations. The first FinTech Action Plan (technology-based innovation in the field of financial services or financial technological innovations) of the European Union mark, as well, the first step circumscribed to the EU Digital Finance Strategy, in order to allow the expansion of innovative business models, but without forgetting to strengthen cyber security and to increase the degree of integrity of the financial system. In this context, however, it is important to take into account the variety of the institutions and the technologies in the countries participating in the Single Supervisory Mechanism (SSM), because the FinTech banks capture the different activities of the credit institutions in different jurisdictions to be closer to the customers and the investors and, in the same time, to expand the area of supervision of the problems related to the emergence of FinTech, because they exceed a sector of the economy or a geographical area and involves multiple financial-banking supervisory and regulatory institutions, belonging to various sectors.
An Overview of RPL Networks from the Viewpoint of Cybersecurity

An Overview of RPL Networks from the Viewpoint of Cybersecurity
(An Overview of RPL Networks from the Viewpoint of Cybersecurity)

  • Author(s):Cosmina STALIDI, Eduard-Cristian POPOVICI, George SUCIU
  • Language:English
  • Subject(s):Social Sciences, Economy, Sociology, Methodology and research technology, ICT Information and Communications Technologies
  • Page Range:34-42
  • No. of Pages:9
  • Keywords:RPL; Contiki; COOJA; Security challenges; IoT;
  • Summary/Abstract:In the past decade, the Internet of Things (IoT) has had a significant impact on a global scale. The Internet of Things (IoT) has facilitated the interconnection of a vast number of devices in contemporary times. The proliferation of Internet of Things (IoT) devices underscores the importance of ensuring robust security measures to safeguard against potential threats. The RPL protocol has been specifically designed for routing purposes within the context of IoT devices, operating at the network layer. The exploitation of the RPL protocol poses a threat to IoT networks and has the potential to substantially affect network performance. This article introduces the STACK project, which aims to improve IoT transmission capabilities, identify and mitigate attacks using performance and interference monitoring, and use methods tightly integrated with an intelligent edge.
Vulnerability Scanner: Web-based Security Testing

Vulnerability Scanner: Web-based Security Testing
(Vulnerability Scanner: Web-based Security Testing)

  • Author(s):Andrei-Daniel ANDRONESCU, Ioana-Ilona BRĂSLAȘU, Dumitru-Iulian NĂSTAC
  • Language:English
  • Subject(s):Politics / Political Sciences, Politics, Economy, Security and defense, ICT Information and Communications Technologies
  • Page Range:43-48
  • No. of Pages:6
  • Keywords:Chromium; File Inclusion Attacks; NodeJS; Puppeteer; SQL injection; vulnerability scanner; web application security; testing;
  • Summary/Abstract:As the use of internet-based software increased, cybersecurity has emerged as a major issue in the current world. The fast-paced technology innovations allowed most companies to scale their business, consumers to access easier their favorite products, thus increasing the reliance on web-based software. The importance of web security cannot be emphasized given the increase in cybercrime and the damage it poses to businesses, people, and governments. This paper proposes an automated solution capable of detecting and exploiting common vulnerabilities found on web-based software, this being done without performing any malicious intended operations. By using software capable of automatically detecting the means a client could communicate with a server, users can ensure that a thorough verification is done on their web-applications, revealing the blind spots that developers may have overlook.
Ensuring the Security of a Communication Network through Resilience. Mathematical Modeling

Ensuring the Security of a Communication Network through Resilience. Mathematical Modeling
(Ensuring the Security of a Communication Network through Resilience. Mathematical Modeling)

  • Author(s):Constantin-Alin COPACI, Dorina-Luminiţa COPACI
  • Language:English
  • Subject(s):Economy, ICT Information and Communications Technologies
  • Page Range:49-54
  • No. of Pages:6
  • Keywords:edge resilience; graph; node resilience; restoration; service-oriented network;
  • Summary/Abstract:Many of the network computing systems used in various organizations are not resilient enough to withstand attacks and failures. The performance of these networks is degraded by failures. Thus, it is important to develop techniques for designing and implementing resilient service-oriented networks that can survive attacks and failures, as well as continue to provide a reasonable level of service. This paper considers the mathematical modeling using graph theory of resilience in service-oriented communication networks. The objective of this paper is to develop the concept of service-oriented resilient system as well as to identify the metrics used to quantify resilience to node and edge failures. Using these metrics, we will choose an appropriate network topology and/or an optimal distribution of services in the network.
Enhancing EU Cyber Defense Through Hardware Trojans Detection Capabilities

Enhancing EU Cyber Defense Through Hardware Trojans Detection Capabilities
(Enhancing EU Cyber Defense Through Hardware Trojans Detection Capabilities)

  • Author(s):Vasile-Florin POPESCU, Victor GÂNSAC, Olivia COMȘA, Cristian ICHIMESCU, Dănuţ TURCU, George BUCĂȚA
  • Language:English
  • Subject(s):Economy, ICT Information and Communications Technologies
  • Page Range:55-61
  • No. of Pages:7
  • Keywords:defense industry; hardware Trojans; System-on-Chip; reverse engineering; image acquisition;
  • Summary/Abstract:Software Trojans and cybersecurity are a concern worldwide. Hardware Trojans are likely to be an issue faced by the Defence Industry of all countries. Information on how defense industry stakeholders deal with HT in Defense Products is by nature scarce or even inaccessible. It is however fair to assume that they adapt and use IC RE methodologies, notably some developed for IP infringement, to search for HTs. With these RE methodologies, checking a chip after its fabrication implies to deconstruct and analyze the whole surface and all the layers of a chip. It is thus hard to know for sure which states has acquired Hardware Trojan detection capabilities. There are however indications that some States could be in the process of acquiring such capabilities.
Carnival of Cybercrimes - Taking off the Mask of Synthetic Identity Theft

Carnival of Cybercrimes - Taking off the Mask of Synthetic Identity Theft
(Carnival of Cybercrimes - Taking off the Mask of Synthetic Identity Theft)

  • Author(s):Larisa-Mădălina MUNTEANU
  • Language:English
  • Subject(s):Economy, Law, Constitution, Jurisprudence, Criminal Law, ICT Information and Communications Technologies
  • Page Range:62-70
  • No. of Pages:9
  • Keywords:cyberattacks; financial fraud; personal data; regulatory framework; synthetic identity theft;
  • Summary/Abstract:This article portrays a comparative and doctrinal analysis that aims to combine theoretical and applicable knowledge over a deeply rooted, yet still unfamiliar cybercrime: synthetic identity theft. The jurisdictional dimensions explore the European Union (EU), United Kingdom (UK) and United States (US) in terms of expertise, legal initiatives, regulations and practical cases. As a prerequisite, the study has addressed the connection with identity theft and identity fraud as the Criminal Law “labels” it generally belongs to. Moreover, the most thought-provoking part represents analysing the nexus between synthetic identity theft and personal data protection, focused on security incidents. On this latter point, personal data breaches are proven as frequently being both a cause and an effect for synthetic identity theft. Subsequently, this turns out to have significant impact on individuals and organisations alike, predominantly in the financial sector, although harm may take several shapes.
Countering Daesh Cognitive and Cyber Warfare with OSINT and Basic Data Mining Tools

Countering Daesh Cognitive and Cyber Warfare with OSINT and Basic Data Mining Tools
(Countering Daesh Cognitive and Cyber Warfare with OSINT and Basic Data Mining Tools)

  • Author(s):Gianluigi ME, Maria Felicita MUCCI
  • Language:English
  • Subject(s):Politics / Political Sciences, Politics, Economy, Security and defense, ICT Information and Communications Technologies
  • Page Range:71-80
  • No. of Pages:10
  • Keywords:clustering analysis; cognitive warfare; counterterrorism; Daesh; national security; virtual jihad;
  • Summary/Abstract:Digital civilization has changed war circumstances. Emerging dangers have asymmetry, variety, and continual change; quick transmission through the network; near-immediacy; possibility for unrestricted access; and swift power to affect people’s behavior. Cognitive Warfare, an international relations issue, uses information, cyber, and psychological warfare tactics. Daesh sends threatening messages to Western countries and spreads internet propaganda to recruit new members and induce terror. The study attempts to propose a novel knowledge-based approach for detecting terrorists by examining data obtained from Twitter and leading Daesh publications, through Data Mining techniques.
ChatGPT - Information Security Overview

ChatGPT - Information Security Overview
(ChatGPT - Information Security Overview)

  • Author(s):Gabriela TOD-RĂILEANU, Sabina-Daniela AXINTE
  • Language:English
  • Subject(s):Politics / Political Sciences, Politics, Economy, Security and defense, ICT Information and Communications Technologies
  • Page Range:81-85
  • No. of Pages:5
  • Keywords:chatGPT; Artificial Intelligence; information security; risk; exploitation;
  • Summary/Abstract:About one hundred years ago humanity experienced a substantial change when we embraced the use of electricity in our homes and daily lives. Now, humanity is changing once again by adopting the use of artificial intelligence on a larger scale. Expressing concerns about the next industrial revolution that will fundamentally alter the way we live, work, and relate to one another. ChatGPT has become so popular in the last months that a lot of technical or not so technical people have used it and integrated in their daily work to complete tasks faster and more efficient, but this article will highlight the abuse of chatGPT by the people that do not have always good intentions - threat actors. This article is approaching the Information Security risks that have appeared with the use of chatGPT by the employees that are not aware about the threats or even the use of chatGPT by the threat actors that are aware and ready to abuse its computational power.
Cyber Diplomacy and Artificial Intelligence: Opportunities and Challenges

Cyber Diplomacy and Artificial Intelligence: Opportunities and Challenges
(Cyber Diplomacy and Artificial Intelligence: Opportunities and Challenges)

  • Author(s):Alexandra-Cristina DINU
  • Language:English
  • Subject(s):Politics / Political Sciences, Social Sciences, Economy, Governance, Sociology, Security and defense, ICT Information and Communications Technologies, Globalization
  • Page Range:86-93
  • No. of Pages:8
  • Keywords:Artificial Intelligence; cyber diplomacy; cybersecurity; global governance;
  • Summary/Abstract:The application of AI in cyber diplomacy offers promising prospects for enhancing international cybersecurity efforts. AI can analyze extensive data sets and uncover patterns that may indicate cyber threats. This can equip governments and organizations with a deeper understanding of the nature and scope of cyber threats, thereby facilitating more effective responses. Additionally, AI can enable the creation of automated threat detection and response systems, thereby reducing response times and improving the overall efficacy of cybersecurity measures. Furthermore, AI can facilitate the development of predictive models that can anticipate potential cyber threats before they materialize, further enhancing the ability to address cybersecurity challenges.
Artificial News Popularity Detection Based on Telegram Channels in Azerbaijan

Artificial News Popularity Detection Based on Telegram Channels in Azerbaijan
(Artificial News Popularity Detection Based on Telegram Channels in Azerbaijan)

  • Author(s):Davud RUSTAMOV, Jalal RASULZADE, Shamsaddin HUSEYNOV
  • Language:English
  • Subject(s):Social Sciences, Economy, Media studies, Communication studies, ICT Information and Communications Technologies
  • Page Range:94-99
  • No. of Pages:6
  • Keywords:machine learning; natural language processing; popularity detection; telegram; text classification;
  • Summary/Abstract:With the exponential growth of digital media, readers face a daunting task of sifting through vast amounts of information to identify important news. This problem is especially critical for media professionals, journalists, and news agencies who need to quickly filter news articles to identify relevant and significant stories. Machine learning models offer a promising solution by automatically classifying news articles based on their significance. In this paper, we propose novel machine learning models for news significance detection, leveraging state-of-the-art deep learning architectures and a dataset of news articles. We evaluate our models using a variety of performance metrics and demonstrate their effectiveness compared to existing methods. Our proposed approach has the potential to significantly improve the efficiency and accuracy of news selection, benefiting both media professionals and readers alike. Furthermore, it can be beneficial to forecast the popularity of fake news and prevent its dissemination in society. Approximately, 2800 Azerbaijani news articles have been collected from telegram and labeled as popular or unpopular according to statistical calculation results. For news popularity detection, application of SVM, Random Forest and Neural network models and their results have been discussed in this paper.
Smart Email Security Assistant

Smart Email Security Assistant
(Smart Email Security Assistant)

  • Author(s):Cristian PASCARIU, Ioan BACIVAROV
  • Language:English
  • Subject(s):Politics / Political Sciences, Politics, Social Sciences, Economy, Communication studies, Security and defense, ICT Information and Communications Technologies
  • Page Range:100-105
  • No. of Pages:6
  • Keywords:artificial neural networks; email security; indicators of compromise; natural language processing; phishing;
  • Summary/Abstract:With security incidents and breaches growing each year, email is still used as the major entry point to server malicious content that results in credential theft or malware infections enabling malicious threat actors to mount complex attacks. This paper is intended to document a new approach for detecting suspicious and malicious emails leveraging techniques such as security analytics, natural language processing to discover the intent of the email, as well as artificial neural networks to support more complex rules for classification. This solution can be used in a basic mode to flag which emails are safe and which are not, at the same time it can also be used by security analysts to gain a better understanding of the attack vectors and speed up the investigation process.
A Computer Abusive Access Case Study Solved with Windows Registry Analysis

A Computer Abusive Access Case Study Solved with Windows Registry Analysis
(A Computer Abusive Access Case Study Solved with Windows Registry Analysis)

  • Author(s):Pierluigi PERRONE, Antonio SILVESTRE, Giuseppe TARASCHI
  • Language:English
  • Subject(s):Economy, Law, Constitution, Jurisprudence, Criminal Law, ICT Information and Communications Technologies, Court case
  • Page Range:106-112
  • No. of Pages:7
  • Keywords:Cybersecurity; Digital Forensics; Digital Investigation;
  • Summary/Abstract:This article has the aim to describe a real forensics investigation case. An employee is accused of revealing confidential company information related to a project he was working on using a company computer registered to the company domain. The accused defends himself, insinuating the doubt that it could have been anyone because his office is always open. After the seizure and acquisition of a company hard drive, the investigators want to find some evidences related the Windows system registry. In particular, the analysis will be aimed at identifying what were the energy and standby settings at the time of the seizure and if upon reactivation of the screen, the password was requested and needed to access the system.
Easy to Remember, Hard to Guess: A Password Generation Tool for the Digital Age

Easy to Remember, Hard to Guess: A Password Generation Tool for the Digital Age
(Easy to Remember, Hard to Guess: A Password Generation Tool for the Digital Age)

  • Author(s):Ioana-Ilona BRĂSLAȘU, Andrei-Daniel ANDRONESCU, Dumitru-Iulian NĂSTAC
  • Language:English
  • Subject(s):Politics / Political Sciences, Politics, Economy, Security and defense, ICT Information and Communications Technologies
  • Page Range:113-119
  • No. of Pages:7
  • Keywords:hackers; Python; secure password; website; memorable;
  • Summary/Abstract:A brute force attack is a common method used by cybercriminals to gain unauthorized access to user accounts. It is essential for individuals and organizations to take proactive measures to protect themselves from such attacks. One way to do this is by improving their knowledge of cybersecurity and implementing measures to safeguard their online presence. Using programming languages like Python and web-frameworks like Django, websites can be developed to help individuals generate secure and memorable passwords that align with the latest password security standards. This can help anyone who wants to improve their password security, irrespective of whether they have been a victim of a cyber-attack or not.
Artificial Intelligence and its Impact on Cybercrime

Artificial Intelligence and its Impact on Cybercrime
(Artificial Intelligence and its Impact on Cybercrime)

  • Author(s):Carla LOZONSCHI, Irina Bakhaya
  • Language:English
  • Subject(s):Economy, Law, Constitution, Jurisprudence, Criminal Law, ICT Information and Communications Technologies
  • Page Range:120-126
  • No. of Pages:7
  • Keywords:Artificial Intelligence; cybercrime; cybersecurity; deepfakes; bots;
  • Summary/Abstract:It is well known that technology is becoming increasingly prevalent among us, and that it is evolving at a quick pace. We're hearing more and more about artificial intelligence and how it affects our lives. Opinions on AI split the globe into two camps. Therefore, we choose to discuss what Artificial Intelligence is and how it marks our lives. Is it good to employ artificial intelligence? If so, how far should this be taken? Can it be used in a bad way? Sure, but this may also play a significant role in preventing and combatting cybercrime. All of these topics will be addressed in the next article.
Protecting Your E-Commerce Business. Analysis on Cyber Security Threats

Protecting Your E-Commerce Business. Analysis on Cyber Security Threats
(Protecting Your E-Commerce Business. Analysis on Cyber Security Threats)

  • Author(s):Georgiana ANDREIANU
  • Language:English
  • Subject(s):Economy, Law, Constitution, Jurisprudence, Criminal Law, ICT Information and Communications Technologies, EU-Legislation, Commercial Law
  • Page Range:127-134
  • No. of Pages:8
  • Keywords:attack; cyber security; e-commerce; threat; vulnerability;
  • Summary/Abstract:This paper aims to gather complete information needed for a retailer running an e-commerce website, with the intention of presenting some of the most common cyber security threats, such as malware, ransomware, SQL injection, and phishing, as well as ways to prevent them from happening and ways to manage the aftermath of a full-scale attack being carried out. Some best practices will be noted as a process that should always be considered when setting up an e-commerce business, and a risk management strategy will be outlined. An analysis will be performed on a data breach with one of the biggest number of victims in the last decade, which affected the Microsoft Exchange Servers.
Types of Attacks and Security Methods. Virtual Machines

Types of Attacks and Security Methods. Virtual Machines
(Types of Attacks and Security Methods. Virtual Machines)

  • Author(s):Dorina-Luminiţa COPACI, Constantin-Alexandru COPACI
  • Language:English
  • Subject(s):Politics / Political Sciences, Politics, Economy, Security and defense, ICT Information and Communications Technologies
  • Page Range:135-140
  • No. of Pages:6
  • Keywords:attack; security; Virtualization; virtual machine; VMware Workstation;
  • Summary/Abstract:Virtualization is a type of process used to create a virtual environment. Many organizations think about the security implications after implementing a new technology. Virtualization can be used in many ways and requires appropriate security controls in each situation. This paper presents the idea of using a virtual machine to share services and information over the Internet. In case of an attack, the resources of the virtual machine will be affected, while the resources of the real machine are safe. In this paper, we present the perspective of an attack by running malicious software on a virtual machine. We will show that although unauthorized control of the virtual machine is obtained, the real machine is not affected.
A Signal Theory Model for Security Monitoring using CheckMK

A Signal Theory Model for Security Monitoring using CheckMK
(A Signal Theory Model for Security Monitoring using CheckMK)

  • Author(s):Iliuță-Alexandru IONEL
  • Language:English
  • Subject(s):Politics / Political Sciences, Politics, Economy, Security and defense, ICT Information and Communications Technologies
  • Page Range:141-148
  • No. of Pages:8
  • Keywords:Brute force; Monitoring; Security; Signal; SSH;
  • Summary/Abstract:Continuous monitoring of intelligent systems is used to analyze data and text from various sources. They usually monitor things such as risk, controls, opportunities, competition, and other concerns. While there exists literature that provides information on the capabilities of this kind of system, there has been a limited theoretical development in this field. The information sources monitored by these systems provide signals related to events, activities, or issues. However, selecting the appropriate information sources is not a simple task, because it is influenced by factors such as time, cost, redundancy, reliability, or weak signals. Furthermore, for the monitored signals, it is recommended to generate some analytics to study the flow and have a traceability of the issue we are dealing with. In this paper, a signal theory model is introduced and applied to address some of these issues regarding the SSH brute-force attacks. I will use a tool called CheckMK and its capabilities to implement a signal theory model used for monitoring security of a system.
Digitalization of Finance: Effect or Cause of Programmed Chaos?

Digitalization of Finance: Effect or Cause of Programmed Chaos?
(Digitalization of Finance: Effect or Cause of Programmed Chaos?)

  • Author(s):Ruxandra RÎMNICEANU
  • Language:English
  • Subject(s):Economy, Law, Constitution, Jurisprudence, Law on Economics, ICT Information and Communications Technologies, EU-Legislation
  • Page Range:149-159
  • No. of Pages:11
  • Keywords:cybercrime; data protection and privacy issues; digitalization of the financial services sector; financial ecosystem; operational resilience;
  • Summary/Abstract:The actual "permacrisis" marks the five transitions that are unfolding simultaneously: a transition in the planet's climate regime, an energy transition, a geopolitical transition, a technological transition and a demographic transition. In this context, all the risks that are around show us that we are dealing with a programmed chaos that might affect the financial ecosystem, also. In this respect, such to avoid a collapse and to strengthen the banking and financial sector, the European entities appreciate that there it is necessary to strengthen the leadership of the EU in the digital domain by promoting inclusive and sustainable digital policies, serving citizens and businesses. Taking into account that the risks of increased exposure to potential cybercrime, operational resilience failures and data protection and privacy issues could have an important impact, the digital transformation must be in line with EU values - the 2030 policy program entitled "The Path to the Digital Decade" and "The Declaration on Digital Rights and Principles in the E.U.".
A FMEA Analysis on Web Applications

A FMEA Analysis on Web Applications
(A FMEA Analysis on Web Applications)

  • Author(s):Gabriel PETRICĂ, Costel CIUCHI
  • Language:English
  • Subject(s):Economy, Media studies, Communication studies, ICT Information and Communications Technologies
  • Page Range:160-169
  • No. of Pages:10
  • Keywords:cybersecurity; FMEA analysis; software vulnerabilities; WordPress;
  • Summary/Abstract:Based on the Failure Mode and Effects Analysis (FMEA) method, this paper identifies the potential causes that lead to the failure of a Web application built on the WordPress platform. Both software vulnerabilities identified in the U.S. National Vulnerability Database (NVD) and other platform administration and configuration processes that can be exploited in cyber-attacks against the Web application are considered. Finally, measures to eliminate potential security breaches are proposed in the form of a best practice guide for managing sensitive data and increasing the level of security for this type of application.
The Implications and Effects of Data Leaks

The Implications and Effects of Data Leaks
(The Implications and Effects of Data Leaks)

  • Author(s):Paul-Andrei PREDESCU, Dragoș BĂLAN
  • Language:English
  • Subject(s):Economy, Law, Constitution, Jurisprudence, Criminal Law, ICT Information and Communications Technologies
  • Page Range:170-177
  • No. of Pages:8
  • Keywords:cybercrime; cybercriminal; data breach; data leak; malware;
  • Summary/Abstract:In the following article we will present how data theft can have serious effects on the personal life of citizens and users of certain applications, and in general on public institutions and countries. In the following we will find out how these data can end up in the hands of hackers, for what purpose they are used and what are the legal implications. In the end we will analyze how the authorities try to limit this phenomenon and how each of us can take protective measures for this purpose.
Security by Design

Security by Design
(Security by Design)

  • Author(s):Elena-Denisa STROE
  • Language:English
  • Subject(s):Economy, ICT Information and Communications Technologies
  • Page Range:178-181
  • No. of Pages:4
  • Keywords:design; OWASP; security; web application;
  • Summary/Abstract:The security should be an area that can cover multiple technical disciplines that needs to be focused on customers and to try protecting against different threats. There can be multiple disciplines that can be part of the security and those can be: assurance, anti-tamper and information assurance and cybersecurity. Security must be taken into consideration throughout the entire product lifecycle in order to maximize the protection of a system. The purpose of this article is to highlight design security flaws which should always be considered as part of the design flow for an application or a product. The recommendations can be applied in combination with different methodologies, depending on what the company chooses to use, wheatear it is Agile or Waterfall. Principle of security by design will be tackled within the article.
Enhancing the Security of Cryptographic Systems by Pseudo-Random Number Generation Algorithms

Enhancing the Security of Cryptographic Systems by Pseudo-Random Number Generation Algorithms
(Enhancing the Security of Cryptographic Systems by Pseudo-Random Number Generation Algorithms)

  • Author(s):Evelyn ENESCU
  • Language:English
  • Subject(s):Economy, ICT Information and Communications Technologies
  • Page Range:182-189
  • No. of Pages:8
  • Keywords:cybersecurity; encryption systems; hazard; Linear Congruential Generator; token;
  • Summary/Abstract:Pseudo-random numbers play an indispensable role in the design of encryption systems, such as public and private key flow. The efficiency of crypto systems is directly proportional to the quality of the secret key generated using a random number generation algorithm. In this paper, the efficiency and applicability of a modified Linear Congruential Generator (LCG) type algorithm will be presented to increase the rate of occurrence of numbers and tend as much as possible to a truly random number. Moreover, it will be integrated into a graphical interface, which can later be integrated into the security of a larger application or even a website.
Open-Source Intelligence - Useful Tools in Data Analysis

Open-Source Intelligence - Useful Tools in Data Analysis
(Open-Source Intelligence - Useful Tools in Data Analysis)

  • Author(s):Adelaida STĂNCIULESCU
  • Language:English
  • Subject(s):Economy, ICT Information and Communications Technologies
  • Page Range:190-196
  • No. of Pages:7
  • Keywords:Open Source Data (OSD); Open Source Information (OSINF); Open Source Intelligence (OSINT);
  • Summary/Abstract:The paper aims to address how open sources, available in the public space, can provide relevant, high-quality information on which organizations (whether public or private) can strengthen their decision-making process. For example: the development of public policies, the development of security policies, law enforcement norms, the adaptation of tax systems to the digital age, the implementation of targeted marketing campaigns, the widespread access to continuing education, with the aim of creating an adapted workforce in the digital age, the business environment can support technology change through a more intense collaboration with authorities, local communities and society as a whole, etc.
Unit Testing and Automate Security Testing

Unit Testing and Automate Security Testing
(Unit Testing and Automate Security Testing)

  • Author(s):Roxana PRUTEANU
  • Language:English
  • Subject(s):Economy, ICT Information and Communications Technologies
  • Page Range:197-204
  • No. of Pages:8
  • Keywords:Automated Testing; Unit Testing; Development Testing; Dynamic Testing; Automated Security Testing;
  • Summary/Abstract:In the current context, technology plays a crucial role in our lives, from the moment we wake up until the end of the day we interact directly or indirectly with this new world. Since it appeared, its purpose has been to come to the aid of humanity, to evolve in an efficient and effective way and with all that, it also represented an open door for people who used technology in an obscure way. The number of cases of cyber-attacks has increased exponentially, from data theft to the integrity of critical sectors (health, transport, energy, financial), every possibility was tried to be exploited, leading to serious consequences. Awareness is the first step towards safety, and further it is important how to use technology in order not to be the target of attacks, but also to stay informed and to become better persons in daily activities. This paper presents an analysis of automated testing for software applications, what it is, how automated testing is divided, the benefits brought by it, as well as unit testing details and some examples. Finally, automatic security testing is discussed, the most emerging web application security risks, suggestions about Android security testing tools and some automation frameworks. The focus is on creating an overview, differentiating between the terms used and exemplifying them.
An Efficient Security System That Uses Artificial Intelligence to Detect and Identify Objects

An Efficient Security System That Uses Artificial Intelligence to Detect and Identify Objects
(An Efficient Security System That Uses Artificial Intelligence to Detect and Identify Objects)

  • Author(s):Grigor PARANGONI, Dumitru-Iulian NĂSTAC
  • Language:English
  • Subject(s):Economy, ICT Information and Communications Technologies
  • Page Range:205-208
  • No. of Pages:4
  • Keywords:Object detection; YOLOv5; computer vision; security system; image processing;
  • Summary/Abstract:Object identification is a significant task in computer vision due to the complexity and diversity of the things that must be detected. Rapid response time and precision are critical, particularly in security applications. We investigate YOLOv5, one of the most efficient object identification algorithms on the market, in this study. Our goal is to show how successful this algorithm is in a security system when compared to other existing alternatives. We also created a web interface that allows visitors to view the live camera feed and track the object detection process in real time. We provide our action plan, as well as the technology and knowledge required to complete this project. The suggested security system consists of a high-resolution surveillance camera and the YOLOv5 object detection algorithm. We created and implemented this system using computer programming and image processing technologies. Our findings reveal that the YOLOv5 algorithm outperforms alternative solutions in terms of speed and accuracy.
Cybercrimes in the Metaverse: Challenges and Solutions

Cybercrimes in the Metaverse: Challenges and Solutions
(Cybercrimes in the Metaverse: Challenges and Solutions)

  • Author(s):Alexandru-Valentin TEODOROV
  • Language:English
  • Subject(s):Economy, Law, Constitution, Jurisprudence, Criminal Law, ICT Information and Communications Technologies
  • Page Range:209-215
  • No. of Pages:7
  • Keywords:AI policy; blockchain; cybercrime; metaverse; prevention; response;
  • Summary/Abstract:The emergence of the metaverse has brought about novel opportunities for user interaction and commerce. However, with these new technologies also comes the rise of cybercrime as well as new types of cybercrime. The current article aims to delve into the manifold forms of cybercrime that loom large in the metaverse - from virtual theft and identity theft, to cyberbullying. At the same time, the paper explores the multiple challenges that come with preventing and addressing such crimes, such as the arduous task of identifying perpetrators and the inefficacy of law enforcement as well as the necessity for new laws created for the metaverse. In conclusion, the study will explore viable solutions for preventing and mitigating cybercrimes in the metaverse. The article aims to do exploratory research of cybercrimes and technological solutions such as blockchain and AI, as well as policy and legal changes, so that the metaverse can be a safe and secure haven for all users.
Financing Terrorism: Economy's Dark Side

Financing Terrorism: Economy's Dark Side
(Financing Terrorism: Economy's Dark Side)

  • Author(s):Andreea-Mădălina VÂRTEI
  • Language:English
  • Subject(s):Politics / Political Sciences, Politics, Economy, Law, Constitution, Jurisprudence, Criminal Law, Security and defense, ICT Information and Communications Technologies
  • Page Range:216-223
  • No. of Pages:8
  • Keywords:ATF; Black Economy; Financing Terrorism; Hidden transaction; White-Collar Crime;
  • Summary/Abstract:In the hidden depths of covert operations and clandestine dealings, the sinew of currency entwines in a sinister ballet, fueling the malevolent fires of terrorism, bestowing upon it the means to unleash havoc and anguish upon unsuspecting souls. Within the intricate web of the global economy, the haunting specter of terrorist financing looms large, its tendrils entangling a labyrinthine network of cartels funding jihadist endeavors, all entwined within the ideological struggle between material wealth and religious fervor. The aim of this study is to delve into the intricate layers of terrorist financing. The first layer involves conducting a literature review focusing on the 2000s, providing insights into the subject. Moving on to the second layer, a behavioral analysis of terrorist financiers is presented, highlighting the formation of alliances between terrorists and financiers. The third layer examines the utilization of advanced technology and intelligent materials in combating the issue of terrorist financing. Finally, the research concludes with an overview of the challenges posed by the influence of the black economy in a globalized world.
Security Testing for E-Commerce Applications

Security Testing for E-Commerce Applications
(Security Testing for E-Commerce Applications)

  • Author(s):Alexandru-Petrișor LAZĂRA
  • Language:English
  • Subject(s):Economy, Law, Constitution, Jurisprudence, ICT Information and Communications Technologies, Commercial Law
  • Page Range:224-229
  • No. of Pages:6
  • Keywords:e-commerce security; security testing; software vulnerability; software risk mitigation; automated security tools;
  • Summary/Abstract:Over the past decade, as the e-Commerce market has evolved into a shopping ecosystem involving multiple devices and store concepts, retailers have been continuously innovating the online shopping experience introducing convenient features like multi-device optimizations, product customization, quick and secure checkout processes, or recurrent payments to attract more customers and influence purchase decisions. The main guidelines that are followed in this paper are revolving around security testing and how it can be performed in the form of manual and automated testing, with aid from automated security tools. This paper looks at the threats e-Commerce Applications are facing in regards with cybersecurity and intends to assist preventing vulnerabilities being exploited by malicious intended users by showing the importance of performing security testing to identify weaknesses, mitigate risks and to raise awareness of the importance of strong security measures and procedures.
Prevention of Widespread Ransomware Cyber-Attacks through the SEAP Platform

Prevention of Widespread Ransomware Cyber-Attacks through the SEAP Platform
(Prevention of Widespread Ransomware Cyber-Attacks through the SEAP Platform)

  • Author(s):Eduard-Ștefan SANDU
  • Language:English
  • Subject(s):Politics / Political Sciences, Politics, Social Sciences, Economy, Sociology, Security and defense, Methodology and research technology, ICT Information and Communications Technologies
  • Page Range:230-240
  • No. of Pages:11
  • Keywords:critical infrastructures; cyber-attack; cybersecurity; ransomware; SEAP;
  • Summary/Abstract:This scientific study aims to explore the potential for launching a cyber-attack through SEAP platform, particularly in light of the increasing use of ransomware as a tool to cause widespread damage to critical infrastructure. The study focuses on the methodology of a ransomware attack on a critical infrastructure, with a specific emphasis on the analysis of the infection process, persistence mechanism, encryption process, recovery prevention, and propagation mechanisms, as well as the communication with command and control servers.
A Method of Warning About Unauthorized Access to a Room

A Method of Warning About Unauthorized Access to a Room
(A Method of Warning About Unauthorized Access to a Room)

  • Author(s):Cristian-Ovidiu OPRIȘ
  • Language:English
  • Subject(s):Economy, Law, Constitution, Jurisprudence, Criminal Law, ICT Information and Communications Technologies
  • Page Range:241-246
  • No. of Pages:6
  • Keywords:access security; cyberattacks; tactile sensor; Velostat;
  • Summary/Abstract:This paper is based on the study of cybercrime in the context of a world based on technology. Whether it is financial losses, data leaks or mental trauma resulting from harassment in the online environment, cybercrime is part of the reality of the modern world, where the multiple advantages of using the most advanced technologies bring with them disadvantages that cannot be ignored. We will treat the types of cyberattacks, but also the methods by which we can protect ourselves as much as possible. An example of increasing the degree of security in terms of physical access to a room containing sensitive information, achieved at low cost, is also provided. A "smart" entrance mat is used to provide access, a coconut fiber mat into which Linqstat (Velostat) tactile force sensors and the data processing electronics provided by them have been inserted.
Guarding the Nation: A Comprehensive Look at State Cybersecurity Measure

Guarding the Nation: A Comprehensive Look at State Cybersecurity Measure
(Guarding the Nation: A Comprehensive Look at State Cybersecurity Measure)

  • Author(s):Marian-Emilian SPĂTARU, Alexandru BARCAN
  • Language:English
  • Subject(s):Politics / Political Sciences, Politics, Economy, Security and defense, ICT Information and Communications Technologies
  • Page Range:247-257
  • No. of Pages:11
  • Keywords:cyber intelligence; OSINT security; cyber-attacks; cyber terrorism; cyber risk management;
  • Summary/Abstract:In a continuously evolving world, technology has not been left out of the process which consists of studies and research done by specialists in the field of cyber technology. Although the latter has brought along benignant effects in society, it can be considered a controversial domain due to those effects that can be used against the public safety and national security. Cyber-attacks & Cyber terrorism are just two of them, usually countered by Cyber intelligence, OSINT security, Cyber risk management. These actions are coordinated by different intelligence services such as: Federal Bureau of Investigation – FBI, Romanian Intelligence Service – SRI, Federal Security Service – FSB, while they have to cooperate with civilians, due to a shortage of employees. The lack of qualified staff on the following domain: awareness of the different types of cyber-attack, such as malware, web-based attacks, phishing, web application attacks, spam, distributed denial of service (DDoS), identity theft, data breach, insider threat, botnets, physical manipulation, damage, theft and loss, information leakage, ransomware, cyber-espionage, industrial espionage and crypto jacking, reaches an amount of 7.659 officials that are needed in this area.
Methods for Detecting Malware Using Static, Dynamic and Hybrid Analysis

Methods for Detecting Malware Using Static, Dynamic and Hybrid Analysis
(Methods for Detecting Malware Using Static, Dynamic and Hybrid Analysis)

  • Author(s):Alexandru-Radu BELEA
  • Language:English
  • Subject(s):Economy, ICT Information and Communications Technologies
  • Page Range:258-265
  • No. of Pages:8
  • Keywords:dynamic analysis; hybrid analysis; malware; PE file; static analysis;
  • Summary/Abstract:Malware analysis is the process of locating and examining malicious software or code with the aim of comprehending its operation and developing countermeasures. Malware can take many forms, such as viruses, worms, Trojans, and ransomware, and can cause significant harm to individuals, organizations, and even entire countries. To determine a piece of malware's purpose, potential effects, and capabilities, malware analysis entails examining the behavior, structure, and functionalities of the malware. Malware analysts are essential to the cybersecurity sector because they strive to spot dangers, eliminate them, and defend against online attacks. By using the knowledge gleaned from malware analysis, security solutions can be created that will better protect businesses from dangerous software. Malware analysis is a crucial part of any successful cybersecurity strategy in the continually changing threat landscape of today. In this article, we will explore the key concepts of malware analysis, including its purpose, techniques, and tools and we will contrast methods for detecting malware using static, dynamic, and hybrid analysis.
Back to list
2024 © CEEOL. ALL Rights Reserved. Privacy Policy | Terms & Conditions of use
ver2.0.10282
Toggle Accessibility Mode