In the last few years, the appealing features of cloud computing have been fueling the integration of cloud environments in the industry, which has been consequently motivating the research on related technologies by both the industry and the academia. The possibility of paying-as-you-go mixed with an on-demand elastic operation is changing the enterprise computing model, shifting on-premises infrastructures to off-premises data centers, accessed over the Internet and managed by cloud hosting providers. Regardless of its advantages, the transition to this computing paradigm raises security concerns, which are the subject of several studies. Besides of the issues derived from Web technologies and the Internet, clouds introduce new issues that should be cleared out first in order to further allow the number of cloud deployments to increase. This paper surveys the works on cloud security issues, making a comprehensive review of the literature on the subject. It addresses several key topics, namely vulnerabilities, threats, and attacks, proposing a taxonomy for their classification. It also contains a thorough review of the main concepts concerning the security state of cloud environments and discusses several open research topics.

/pdf/security-issues-in-cloud-environments-a-survey-1t9z0if3y4.pdf

Security issues in cloud environments: a survey

The Internet of things (IoT) is still in its infancy and has attracted much interest in many industrial sectors including medical fields, logistics tracking, smart cities and automobiles. However as a paradigm, it is susceptible to a range of significant intrusion threats. This paper presents a threat analysis of the IoT and uses an Artificial Neural Network (ANN) to combat these threats. A multi-level perceptron, a type of supervised ANN, is trained using internet packet traces, then is assessed on its ability to thwart Distributed Denial of Service (DDoS/DoS) attacks. This paper focuses on the classification of normal and threat patterns on an IoT Network. The ANN procedure is validated against a simulated IoT network. The experimental results demonstrate 99.4% accuracy and can successfully detect various DDoS/DoS attacks.

/pdf/threat-analysis-of-iot-networks-using-artificial-neural-2qbhkwjige.pdf

Threat analysis of IoT networks using artificial neural network intrusion detection system

Cloud security issues and challenges

Electronic learning (e-learning) is a broader approach to learning that brings new opportunities for learning and teaching in many fields of education far from the traditional classroom environment. Over the past decades, research in the field indicates a proliferation of e-learning contents and discrepancies that affect interoperability patterns in education for students and teachers; however, little has been done to assess the usability of e-learning systems. From a different perspective, this study aims to provide information on the numerous findings relating to the cumulative results of e-learning in education. This systematic review uses a full protocol with the aim of standardizing and specifying all the procedures adopted to collect and code 99 academic articles from 2010 to 2018 with keywords: education and e-learning. The text analysis as conducted using the qualitative software Leximancer to extract meaning from the large number of articles retrieved. The results highlight four dominant themes, namely education systems and learning issues that in turn promote student behaviours and the use of online learning tools. This research contributes towards providing research propositions that can be used in a cogent theoretical framework and, based on the analysis, we also propose a new definition of e-learning.

Tracking e-learning through published papers: a systematic review

Intrusion detection has attracted a considerable interest from researchers and industries. The community, after many years of research, still faces the problem of building reliable and efficient IDS that are capable of handling large quantities of data, with changing patterns in real time situations. The work presented in this manuscript classifies intrusion detection systems (IDS). Moreover, a taxonomy and survey of shallow and deep networks intrusion detection systems is presented based on previous and current works. This taxonomy and survey reviews machine learning techniques and their performance in detecting anomalies. Feature selection which influences the effectiveness of machine learning (ML) IDS is discussed to explain the role of feature selection in the classification and training phase of ML IDS. Finally, a discussion of the false and true positive alarm rates is presented to help researchers model reliable and efficient machine learning based intrusion detection systems.

Shallow and Deep Networks Intrusion Detection System: A Taxonomy and Survey

This article describes a new learning paradigm, known as ubiquitous learning or u-learning, which is supported by the ubiquitous computing technologies. Instead of that, the article also aims at providing fundamental information related to u-learning for researchers who are interested in venturing this new area of ubiquitous computing. The u-learning definition and characteristics are compared and discussed in proposing a conclusive definition of u-learning together with its characterization. Finally, some of the u-learning applications are explained to further enhance the understanding of u-learning concept. Keywords: Ubiquitous Computing, Ubiquitous learning, u-learning; definition; characteristic. INTRODUCTION Ubiquitous computing can be considered as the new hype in the information and communication world. It is normally associated with a large number of small electronic devices (small computers) which have computation and communication capabilities such as smart mobile phones, contactless smart cards, handheld terminals, sensor network nodes, Radio Frequency IDentification (RFIDs) etc. which are being used in our daily life (Sakamura & Koshizuka,2005). These small computers are equipped with sensors and actuators, thus allowing them to interact with the living environment. In addition to that, the availability of communication functions enables data exchange within environment and devices. In the advent of this new technology, learning styles has progressed from electronic-learning (m-learning) to mobile-learning (m-learning) and from mobile-learning to ubiquitous-learning (u-learning). Ubiquitous learning, also known as u-learning is based on ubiquitous technology. The most significant role of ubiquitous computing technology in u-learning is to construct a ubiquitous learning environment, which enables anyone to learn at anyplace at anytime. Nonetheless, the definition and characteristic of u-learning is still unclear and being debated by the research community. Researchers have different views in defining and characterizing u-learning, thus, leads to misconception and misunderstanding of the original idea of u-learning. Therefore, this article aims at providing fundamental information pertaining to u-learning; specifically for the researchers who are interested in venturing this newly established area of ubiquitous computing. In this article, the concept of ubiquitous computing and how the technology is applied in learning environment will be discussed. Later, we will review various attempts to define and provide characterizations of u-learning. Finally, we will present our own definition and characterization of u-learning and discuss some applications in u-learning. UBIQUITOUS COMPUTING According to Sakamura & Koshizuka (2005), ubiquitous computing can be considered as "a new trend of information and communication technologies". The term "ubiquitous computing" was coined by late Mark Weiser (1952 - 1999), described as "the calm technology, that recedes into the background of our lives". His vision allows people and the environment with the combination of various computational technologies to exchange information and services at anytime and anywhere (Weiser, 1991). Ubiquitous Computing Technologies Computing and communication technologies are among the key technologies that forming ubiquitous computing. The advancement of computing technologies together with the enhancement of wireless communication technologies nowadays help out to support the expansion of ubiquitous computing. In recent years, a variety of computing and communication technologies have been developed, such as sensors and actuators, RFID (Radio Frequency Identification) tags and cards, wireless communication equipment, mobile phones, PDAs (Personal Digital Assistant), and wearable computers. Ubiquitous Computing Technologies in Learning A person is said to be learning, when he/she is in the process of acquiring knowledge or skill. …

/pdf/the-definition-and-characteristics-of-ubiquitous-learning-a-4r0xmm1dhh.pdf

The definition and characteristics of ubiquitous learning: A discussion

Organization has come to realize that network security technology has become very important in protecting its information. With tremendous growth of internet, attack cases are increasing each day along with the modern attack method. One of the solutions to this problem is by using Intrusion Detection System (IDS). Machine Learning is one of the methods used in the IDS. In recent years, Machine Learning Intrusion Detection system has been giving high accuracy and good detection on novel attacks. In this paper the performance of a Machine Learning algorithm called Decision Tree (J48) is evaluated and compared with two other Machine Learning algorithms namely Neural Network and Support Vector Machines which has been conducted by A. Osareh [1] for detecting intrusion. The algorithms were tested based on accuracy, detection rate, false alarm rate and accuracy of four categories of attacks. From the experiments conducted, it was found that the Decision tree (J48) algorithm outperformed the other two algorithms.

Comparison of Machine Learning algorithms performance in detecting network intrusion

Since the past 20 years the uses of web in daily life is increasing and becoming trend now. As the use of the web is increasing, the use of web application is also increasing. Apparently most of the web application exists up to today have some vulnerability that could be exploited by unauthorized person. Some of well-known web application vulnerabilities are Structured Query Language (SQL) Injection, Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF). By compromising with these web application vulnerabilities, the system cracker can gain information about the user and lead to the reputation of the respective organization. Usually the developers of web applications did not realize that their web applications have vulnerabilities. They only realize them when there is an attack or manipulation of their code by someone. This is normal as in a web application, there are thousands of lines of code, therefore it is not easy to detect if there are some loopholes. Nowadays as the hacking tools and hacking tutorials are easier to get, lots of new hackers are born. Even though SQL injection is very easy to protect against, there are still large numbers of the system on the internet are vulnerable to this type of attack because there will be a few subtle condition that can go undetected. Therefore, in this paper we propose a detection model for detecting and recognizing the web vulnerability which is; SQL Injection based on the defined and identified criteria. In addition, the proposed detection model will be able to generate a report regarding the vulnerability level of the web application. As the consequence, the proposed detection model should be able to decrease the possibility of the SQL Injection attack that can be launch onto the web application.

Detection model for SQL injection attack: An approach for preventing a web application from the SQL injection attack

A Method for Web Application Vulnerabilities Detection by Using Boyer-Moore String Matching Algorithm☆

AODV (Ad hoc On Demand Vector) is a reactive routing protocol in wireless mobile ad hoc network (MANET). AODV is accepted due to its ability to adapt rapidly in dynamic network environment with minimum overhead and small management packet size. However, AODV has limitation in security, thus it is susceptible to various attacks. One of the popular attacks in AODV is the Black Hole attack. There have been many works done to secure AODV from this attack but there are still some issues that need to be addressed. In this paper we proposed a novel method called ERDA (Enhance Route Discovery for AODV). ERDA will improve the security of the AODV during the route discovery process so that the adverse effect caused by the attack to the network performance is reduced. A simulation model has been developed to simulate the proposed method. Results obtained from simulation have shown that ERDA does not introduce high overhead during safe time (no attacks) and provide better performance during attack time (presence of Black hole) in the network.

Kamarularifin Abd Jalil

Papers

The definition and characteristics of ubiquitous learning: A discussion

Comparison of Machine Learning algorithms performance in detecting network intrusion

Detection model for SQL injection attack: An approach for preventing a web application from the SQL injection attack

A Method for Web Application Vulnerabilities Detection by Using Boyer-Moore String Matching Algorithm☆

Securing routing table update in AODV routing protocol