Computer Sciences Commons^™

The Impact Of Personality Traits On User’S Susceptibility To Social Engineering Attacks, Brian Cusack, Kemi Adedokun

Australian Information Security Management Conference

Phishing attacks and other social manipulation attacks are an everyday occurrence for most workers in their email boxes. Others experience social engineering tricks to take and divert payments on legitimate electronic commerce transactions. This exploratory pilot study aims to examine the impact of user’s personality on the likelihood of user’s susceptibility to social engineering attacks. Five expert interviews were conducted to investigate what traits makes some individuals more or sometimes less susceptible to social engineering attack than others. The personality traits were obtained using the big five personality model for correlation with interview data. The result suggests that users with …

Mobile Device Wardriving Tools’ Comparison: Nuku’Alofa As Case Study, Raymond Lutui, ‘Osai Tete’Imoana, George Maeakafa

Australian Information Security Management Conference

This paper describes the justification for a project to assess the security status of wireless networks usage in Nuku’alofa, the CBD of Tonga, By War Driving these suburbs, actual data was gathered to indicate the security status of wireless networks and provide an understanding of the users’ level of awareness and attitudes towards wireless security. This paper also takes the opportunity to compare the performance of the War driving tools that this study employed – GMoN, SWardriving, and Wi-Fi Scan. Wireless network communication remains a challenging and critical issue. This study takes an exploratory approach in which it allows the …

Vulnerability Analysis: Protecting Information In The Iot, Brian Cusack, Feiqiu Zhuang

Australian Information Security Management Conference

The research was designed to study IoT security vulnerabilities and how to better protect IoT communications. By researching the system a Fitbit uses for communications, this research analyzes and reveals security defects in the IoT architecture. The research first uses a man-in the middle (MITM) attack to intercept and analyze the Fitbit system traffic to identify security weakness. Then uses a replay attack to further validate these flaws. Finally, countermeasures against these security threats are proposed. The research findings show the Fitbit’s IoT communication architecture has serious information security risks. Firstly, the Fitbit tested does not encrypt the raw data …

Detection Techniques In Operational Technology Infrastructure, Glenn Murray, Matthew Peacock, Priya Rabadia, Paresh Kerai

Australian Information Security Management Conference

In previous decades, cyber-attacks have not been considered a threat to critical infrastructure. However, as the Information Technology (IT) and Operational Technology (OT) domains converge, the vulnerability of OT infrastructure is being exploited. Nation-states, cyber criminals and hacktivists are moving to benefit from economic and political gains. The OT network, i.e. Industrial Control System (ICS) is referred to within OT infrastructure as Supervisory Control and Data Acquisition (SCADA). SCADA systems were introduced primarily to optimise the data transfer within OT network infrastructure. The introduction of SCADA can be traced back to the 1960’s, a time where cyber-attacks were not considered. …

The Relevance Of A Good Internal Control System In A Computerised Accounting Information System, Raymond Lutui, Tau’Aho ‘Ahokovi

Australian Information Security Management Conference

Advancements in information technology (IT) have enabled companies to use computers to carry out their activities that were previously performed manually. Accounting systems that were previously performed manually can now be performed with the help of computers. With all the advantages of computerized accounting software, business owners need to realize that problems do arise for a variety of reasons. Dependence on computers sometimes leads to bigger problems. This paper, therefore provide a detail information about the concept of internal control to its relevance in a computerised accounting information. This study also considers the trend between manual and computerised accounting system. …

Bringing Defensive Artificial Intelligence Capabilities To Mobile Devices, Kevin Chong, Ahmed Ibrahim

Australian Information Security Management Conference

Traditional firewalls are losing their effectiveness against new and evolving threats today. Artificial intelligence (AI) driven firewalls are gaining popularity due to their ability to defend against threats that are not fully known. However, a firewall can only protect devices in the same network it is deployed in, leaving mobile devices unprotected once they leave the network. To comprehensively protect a mobile device, capabilities of an AI-driven firewall can enhance the defensive capabilities of the device. This paper proposes porting AI technologies to mobile devices for defence against today’s ever-evolving threats. A defensive AI technique providing firewall-like capability is being …

Security Vulnerabilities In Android Applications, Crischell Montealegre, Charles Rubia Njuguna, Muhammad Imran Malik, Peter Hannay, Ian Noel Mcateer

Australian Information Security Management Conference

Privacy-related vulnerabilities and risks are often embedded into applications during their development, with this action being either performed out of malice or out of negligence. Moreover, the majority of the mobile applications initiate connections to websites, other apps, or services outside of its scope causing significant compromise to the oblivious user. Therefore, mobile data encryption or related data-protection controls should be taken into account during the application development phase. This paper evaluates some standard apps and their associated threats using publicly available tools and demonstrates how an ignorant user or an organisation can fall prey to such apps.

Xmpp Architecture And Security Challenges In An Iot Ecosystem, Muhammad Imran Malik, Ian Noel Mcateer, Peter Hannay, Syed Naeem Firdous, Zubair Baig

Australian Information Security Management Conference

The elusive quest for technological advancements with the aim to make human life easier has led to the development of the Internet of Things (IoT). IoT technology holds the potential to revolutionise our daily life, but not before overcoming barriers of security and data protection. IoTs’ steered a new era of free information that transformed life in ways that one could not imagine a decade ago. Hence, humans have started considering IoTs as a pervasive technology. This digital transformation does not stop here as the new wave of IoT is not about people, rather it is about intelligent connected devices. …

Mitigating Man-In-The-Middle Attacks On Mobile Devices By Blocking Insecure Http Traffic Without Using Vpn, Kevin Chong, Muhammad Imran Malik, Peter Hannay

Australian Information Security Management Conference

Mobile devices are constantly connected to the Internet, making countless connections with remote services. Unfortunately, many of these connections are in cleartext, visible to third-parties while in transit. This is insecure and opens up the possibility for man-in-the-middle attacks. While there is little control over what kind of connection running apps can make, this paper presents a solution in blocking insecure HTTP packets from leaving the device. Specifically, the proposed solution works on the device, without the need to tunnel packets to a remote VPN server, and without special privileges such as root access. Speed tests were performed to quantify …

An Investigation Into A Denial Of Service Attack On An Ethereum Network, Richard Greene, Michael N. Johnstone

Australian Information Security Management Conference

Apart from its much-publicised use in crypto-currency, blockchain technology is used in a wide range of application areas, from diamonds to wine. The most common application of this technology is in smart contracts in supply chain management, where assurance of delivery and provenance are important. One problem for an Ethereum consortium is the potential for disruption caused by a Denial-of-Service attack across the consortium nodes. Such an attack can be launched from a single source or multiple sources to amplify the effect. This paper investigates the impact of various Denial-of-Service attacks on an Ethereum Consortium deployed on the Azure Cloud …

A Sri Lankan Hacking Case Study, Ishan Senarathna, Matthew Warren

Australian Information Security Management Conference

The aim of the paper is to consider how hacking could impact a country that had historically experienced major cyber-attacks. The aim of the paper is to explore a cyber incident that occurred against the Sri Lankan president and how Sri Lankan authorities reacted to the incident. The paper will focus upon the motivations of the attack, the impact of the attack and how Sri Lankan authorities reacted to the situation.

Evaluating Ip Surveillance Camera Vulnerabilities, Brian Cusack, Zhuang Tian

Australian Information Security Management Conference

Hacking of IP surveillance camera systems came to public attention in 2016 when the high bandwidth and resources were exploited for a massive DDoS attack that affected one third of all US Internet services. A review of previous studies show that a vast number of IP cameras have been hacked because the default usernames and passwords have not been changed from the factory defaults. In this research we asked, What are the vulnerabilities of an IP surveillance camera? The purpose of the study was to provide identification of vulnerabilities and guidance for the protection of surveillance camera systems. The research …

Neurosecurity For Brainware Devices, Brian Cusack, Kaushik Sundararajan, Reza Khaleghparast

Australian Information Security Management Conference

Brainware has a long history of development down into the present day where very simple and usable devices are available to train for the control of games and services. One of the big areas of application has been in the health sciences to provide compensatory control to humans who may lack the usual capabilities. Our concern has been the protection of information in brainware so that a human intention may have confidentiality, integrity, and accessibility to the required implementation mechanisms for services. The research question was: What are the consequences of security failure in brainware? Our research tested a brainware …

The 2017 Homograph Browser Attack Mitigation Survey, Tyson Mcelroy, Peter Hannay, Greg Baatard

Australian Information Security Management Conference

Since their inception, International Domain Names (IDN) have allowed for non-Latin characters to be entered into domain names. This feature has led to attackers forging malicious domains which appear identical to the Latin counterpart. This is achieved through using non-Latin characters which appear identical to their Latin counterpart. This attack is referred to as a Homograph attack. This research continues the work of Hannay and Bolan (2009), and Hannay and Baatard (2012), which assessed the mitigation methods incorporated by web browsers in mitigating IDN homograph attacks. Since these works, time IDN mitigation algorithms have been altered, such as the one …

Core Elements In Information Security Accountability In The Cloud, Zahir Al-Rashdi, Martin Dick, Ian Storey

Australian Information Security Management Conference

This paper proposes 9 core elements of information security accountability in the area of cloud computing. The core elements were determined via a series of 18 case studies with Omani government organisations that were actively using and/or providing cloud computing. 36 interviews were conducted and then analysed using a grounded theory methodology As a result of the analysis, responsibility, transparency, assurance, remediation, accountability support environment, flexible change process, collaboration, mechanisms and commitment to external criteria. The research also found that the emphasis on specific core elements is context-dependent and that there was considerable variation in emphasis amongst the case study …

The Convergence Of It And Ot In Critical Infrastructure, Glenn Murray, Michael N. Johnstone, Craig Valli

Australian Information Security Management Conference

Automation and control systems, such as SCADA (Supervisory Control and Data Acquisition), DCS (Distributed Control Systems) and are often referred to as Operational Technology (OT). These systems are used to monitor and control critical infrastructures such as power, pipelines, water distribution, sewage systems and production control,). Traditionally, these OT systems have had a degree of physical separation from Information Technology (IT) infrastructures. With changing technologies and a drive towards data-driven and remote operations the two technology environments are starting to converge. With this convergence, what was a relatively standalone secure and isolated environment is now connected and accessible via the …

Security Readiness Evaluation Framework For Tonga E-Government Initiatives, Raymond Lutui, Semisi Hopoi, Siaosi Maeakafa

Australian Information Security Management Conference

The rapid expansion of the Information and Communication Technologies (ICTs) in the Pacific have reached the Kingdom of Tonga. The submarine fibre-optic cable which connects Tonga to Fiji and onward to a hub in Sydney went live 2013. Now the people of Tonga experience the high-speed impact of digital communication, fast international access, and social changes such as the government is implementing a digital society through e-government services. This study focuses on identifying the factors that will later become a vulnerability and a risk to the security of Tonga government e-government initiatives. Data was collected through interviews with three government …

Assessment Of Security Vulnerabilities In Wearable Devices, Brian Cusack, Bryce Antony, Gerard Ward, Shaunak Mody

Australian Information Security Management Conference

Wearable devices have proliferated in usage and human experience, and they provide convenience for personal information requirements. These devices are both sensory and immersive for the diverse global network that is generally termed the Internet of things (IoT). The immediacy of the two-way communication created in the IoT has made vulnerable human behaviour and raised debate around information ownership and privacy expectations. The legitimacy of ownership of information and its reuse are prevalent problems. In this research, we tested four wearable devices that share 44% of the current market, for security vulnerabilities. We found serious weaknesses that could result in …

Deceptive Security Based On Authentication Profiling, Andrew Nicholson, Helge Janicke, Andrew Jones, Adeeb Alnajaar

Australian Information Security Management Conference

Passwords are broken. Multi-factor Authentication overcomes password insecurities, but its potentials are often not realised. This article presents InSight, a system to actively identify perpetrators by deceitful adaptation of the accessible system resources using Multi-factor Authentication profiles. This approach improves authentication reliability and attributes users by computing trust scores against profiles. Based on this score, certain functionality is locked, unlocked, buffered, or redirected to a deceptive honeypot, which is used for attribution. The novelty of this approach is twofold; a profile-based multi-factor authentication approach that is combined with a gradient, deceptive honeypot.

A Comparison Of 2d And 3d Delaunay Triangulations For Fingerprint Authentication, Marcelo Jose Macedo, Wencheng Yang, Guanglou Zheng, Michael N. Johnstone

Australian Information Security Management Conference

The two-dimensional (2D) Delaunay triangulation-based structure, i.e., Delaunay triangle, has been widely used in fingerprint authentication. However, we also notice the existence of three-dimensional (3D) Delaunay triangulation, which has not been extensively explored. Inspired by this, in this paper, the features of both 2D and 3D Delaunay triangulation-based structures are investigated and the findings show that a 3D Delaunay structure, e.g., Delaunay tetrahedron, can provide more feature types and a larger number of elements than a 2D Delaunay structure, which was expected to provide a higher discriminative capability. However, higher discrimination does not necessarily lead to better performance, especially in …

Literature-Based Analysis Of The Influences Of The New Forces On Isms: A Conceptual Framework, Zahir Al-Rashdi, Martin Dick, Ian Storey

Australian Information Security Management Conference

This paper presents an analysis that arose from a comprehensive review of the academic and professional literature of two areas – information security management systems (ISMS) and information resources – and their relationship with information security. It analyzes the role of ISMS in protecting an organization’s information environment and infrastructure. It has identified four key areas that strongly influence the safety of information resources: cloud computing; social media/networking; mobility; and information management/big data. Commonly referred to as ‘new forces’, these four aspects are all growing exponentially and are not easily controlled by IT. Another key finding of the paper is …

Financial Fraud Risk Management And Corporate Governance, Raymond Lutui, Tau'aho 'Ahokovi

Australian Information Security Management Conference

Risk management is important so that risk is assessed, understood and appropriately managed. This is important both for conformance and performance. It is essential that strategic planning and management decisions are made appropriately in the context of the risk appetite of the corporation and its various stakeholders – especially its shareholders. If a company does not have a good understanding of risk, the likelihood of conformance and performance failure is high, this implies good internal and external corporate intelligence. Large global corporations have a significant impact on economies around the world. These entities are subject to intense competition and require …

Security Vulnerabilities And Cyber Threat Analysis Of The Amqp Protocol For The Internet Of Things, Ian Noel Mcateer, Muhammad Imran Malik, Zubair Baig, Peter Hannay

Australian Information Security Management Conference

The Internet of Things (IoT) expands the global Internet-connected network to encompass device-to-device, device-to-server, and server-to-server connectivity for an ever-increasing variety of end-user devices. IoT remains a somewhat amorphous entity, with little in the way of coordinated development, and is undermined largely by a manufacturer-driven scramble to be first-to-market with the latest innovation. Communication between IoT devices/servers relies on underlying protocols, which must be efficient and effective to establish and maintain reliability and integrity of data transfer. However, the lack of coordination during IoT’s expansion has resulted in a variety of communications protocols being developed. AMQP (Advanced Message Queuing Protocol) …

Intelligent Feature Selection For Detecting Http/2 Denial Of Service Attacks, Erwin Adi, Zubair Baig

Australian Information Security Management Conference

Intrusion-detection systems employ machine learning techniques to classify traffic into attack and legitimate. Network flooding attacks can leverage the new web communications protocol (HTTP/2) to bypass intrusion-detection systems. This creates an urgent demand to understand HTTP/2 characteristics and to devise customised cyber-attack detection schemes. This paper proposes Step Sister; a technique to generate an optimum network traffic feature set for network intrusion detection. The proposed technique demonstrates that a consistent set of features are selected for a given HTTP/2 dataset. This allows intrusion-detection systems to classify previously unseen network traffic samples with fewer false alarm than when techniques used in …

Tonga’S Organisational Vulnerability To Social Engineering, Raymond Lutui, Viliami Fe’Aomoeata

Australian Information Security Management Conference

Tonga is a small developing island in the south pacific and ICT is still in its early stages. In this paper we ask the questions, what is social engineering and who is this social engineer, what are the threats to Tonga, how can these threats be identified and which countermeasures can be taken to mitigate the risk of social engineering? The answers to these questions will lead to a social engineering risk management framework to make the risks of social engineering more transparent and help organisations implement mitigating controls against social engineering. The study was performed in four chosen organisations …

A Review Of Data Breaches And Losses That Occurred From Laptops That Were Stolen Or Otherwise Misplaced In 2015 And 2016, Samuel Griffith Wakeling, Peter Hannay, Zubair Baig

Australian Information Security Management Conference

This paper provides an analysis of what information can be found on laptops that may or may not have connections to an organisation of some form, the statistics of the number of laptops stolen or otherwise misplaced in 2015 and 2016, and the number of potentially affected people from each of the cases. As seen in many news articles, laptops are often stolen or otherwise misplaced by employees or contractors in an organisational environment. As discovered in this research, many laptops are stolen from vehicles or homes of employees rather than organisation’s buildings, but not all. The majority of stolen …

The Proceedings Of 15th Australian Information Security Management Conference, 5-6 December, 2017, Edith Cowan University, Perth, Australia, Craig Valli (Ed.)

Australian Information Security Management Conference

Conference Foreword

The annual Security Congress, run by the Security Research Institute at Edith Cowan University, includes the Australian Information Security and Management Conference. Now in its fifteenth year, the conference remains popular for its diverse content and mixture of technical research and discussion papers. The area of information security and management continues to be varied, as is reflected by the wide variety of subject matter covered by the papers this year. The papers cover topics from vulnerabilities in “Internet of Things” protocols through to improvements in biometric identification algorithms and surveillance camera weaknesses. The conference has drawn interest and …

A Critical Analysis Of Security Vulnerabilities And Countermeasures In A Smart Ship System, Dennis Bothur, Guanglou Zheng, Craig Valli

Australian Information Security Management Conference

It is timely to raise cyber security awareness while attacks on maritime infrastructure have not yet gained critical momentum. This paper analyses vulnerabilities in existing shipborne systems and a range of measures to protect them. It discusses Information Technology network flaws, describes issues with Industrial Control Systems, and lays out major weaknesses in the Automated Identification System, Electronic Chart Display Information System and Very Small Aperture Terminals. The countermeasures relate to the concept of “Defence-in-depth”, and describe procedural and technical solutions. The maritime sector is interconnected and exposed to cyber threats. Internet satellite connections are feasible and omnipresent on vessels, …

An Investigation Into Some Security Issues In The Dds Messaging Protocol, Thomas White, Michael N. Johnstone, Matthew Peacock

Australian Information Security Management Conference

The convergence of Operational Technology and Information Technology is driving integration of the Internet of Things and Industrial Control Systems to form the Industrial Internet of Things. Due to the influence of Information Technology, security has become a high priority particularly when implementations expand into critical infrastructure. At present there appears to be minimal research addressing security considerations for industrial systems which implement application layer IoT messaging protocols such as Data Distribution Services (DDS). Simulated IoT devices in a virtual environment using the DDSI-RTPS protocol were used to demonstrate that enumeration of devices is possible by a non-authenticated client in …

Understanding And Combatting Terrorist Networks: Coupling Social Media Mining With Social Network Analysis, Benn Van Den Ende

Australian Information Security Management Conference

Throughout the past decade the methods employed by terrorist organisations have changed drastically. One of these key changes has been associated with the rise of social media such as Facebook, Twitter, YouTube and blogging in general. Terrorist organisations appear to be using the wide reach and vast network capabilities created by social media to disseminate propaganda, radicalise susceptible individuals, recruit potential fighters and communicate strategic and operational objectives. However, this growing terrorist presence on Social Media can also offer invaluable insights into the social networks of terrorist organisations through the use of Social Media Mining and Social Network Analysis. By …