Browsing by Author "Veerasamy, Namosha"
Now showing 1 - 20 of 39
Results Per Page
Sort Options
Item Application of geospatial data in cyber security(2022-06) Veerasamy, Namosha; Yoolla, Yaseen; Dawood, Zubeida CGeospatial data is often perceived as only being related to maps, compasses and locations. However, the application areas of geospatial data are far wider and even extend to the field of cybersecurity. Not only is there an ability to show points of interestand emerging network traffic conditions, geospatial data also has the ability to model cyber crime growth patterns and indicate affected areas as well as the emergence of certain type of cyber threats. Geospatial data can feed into intelligence systems, help with analysis, information sharing, and help create situational awareness. This is particularly useful in the area of cyber security. Geospatial data is very powerful and can help to prioritise cyber threats and identify critical areas of concern. Previously, geospatial data was primarily used by militaries, intelligence agencies, weather services or traffic control. Currently, the application of geospatial data has multiplied, and it spans many more industries and sectors. So too for cyber security, geospatial data has a wide number of uses. It may be difficult to find patterns or trends in large data sets. However, the graphic capabilities of geo mapping help present data in more digestible manner. This may help analysts identify emerging issues, threats and target areas. In this paper, the usefulness of geospatial data for cyber security is explored. The paper will cover a framework of the key application areas that geospatial data can serve in the field of cyber security. The ten application areas covered in the paper are: tracking, data analysis, visualisation, situational awareness, cyber intelligence, collaboration, improved response to cyber threats, decision-making, cyber threat prioritisation and protect cyber infrastructure It is aimed that through the paper, the application areas of geospatial data can be more widely adopted.Item Application of non-quantitative modelling in the analysis of a network warfare environment(2008-07) Veerasamy, Namosha; Eloff, JHPNetwork warfare is an emerging concept that focuses on the network and computer based forms through which information is attacked and defended. Various computer and network security concepts thus play a role in network warfare. Due the intricacy of the various interacting components, a model to better understand the complexity in a network warfare environment would be beneficial. Non-quantitative modelling is a useful method to better characterize the field due to the rich ideas that can be generated based on the use of secular associations, chronological origins, linked concepts, categorizations and context specifications. This paper proposes the use of non-quantitative methods through a morphological analysis to better explore and define the influential conditions in a network warfare environmentItem Applying data-mining techniques in honeypot analysis(2006-07) Veerasamy, Namosha; Mokhonoana, PM; Vorster, JThis paper proposes the use of a data mining techniques to analyse the data recorded by the honeypot. This data can also be used to train Intrusion Detection Systems (IDS) in identifying attacks. Since the training is based on real data it will better identify and classify attacks than the rule based intrusion IDS’sItem Building an ontology for cyberterrorism(Academic Publishing International, 2012-07) Veerasamy, Namosha; Grobler, M; Von Solms, BCyberterrorism and the use of the Internet for cyberterrorism is an emerging field. Often cyberterrorism activities overlap with traditional hacking and Information and Communication Technology (ICT) Infrastructure exploitation. As a result, the defining and differentiating characteristics of cyberterrorism can easily be misunderstood. The use of an ontology specifically developed for cyberterrorism, will provide a common framework to share conceptual models. By using an ontology, the internal and external environment of a field (in this case, cyberterrorism) can be captured together with the relationships between the environments. This paper proposes an ontology to identify whether a cyber event can be classified as a cyberterrorist attack or a support activity. The role of the cyberterrorism ontological model will be to provide a better structure and depiction of relationships, interactions and influencing factors by capturing the content and boundaries in the field of cyberterrorism.Item Conceptual high-level framework of cyberterrorism(Mindsystems, 2009-04) Veerasamy, NamoshaUneasiness arises from the possibility of random cyber attacks. In the global information and network warfare battle, cyberterrorism has become a critical concern in that terrorists may seek to strike the innocent and wreak havoc due to dependency on networked communications. However, much misconception exists over what exactly cyberterrorism entails and the role of cybercrime and hacking. A conceptual framework is therefore proposed and focuses on clarifying the field by summarising techniques, objectives, targets and capabilities. The framework strives to provide a more descriptive synopsis of cyberterrorism and form a good baseline to contextually place the area of cyberterorism against the backdrop of other computer and network crime.Item Contextualising cybersecurity readiness in South Africa(Academic Conferences and Publishing International Ltd., 2019-03) Veerasamy, Namosha; Mashiane, Charmaine T; Pillay, KThe expansion of the information society has brought with it a revolution in the use of Information Communication Technology (ICT). In South Africa, the adoption of various digital devices and technologies has introduced conveniences but at the same time it also opens up the door for various cybercrime attackers. This digital paradox demonstrates that ICT has tremendous capabilities for the rapid provision of services but at the same time can be exploited by malicious cybercriminals. It is vital that organisations and individuals not overlook the strong imperative for cybersecurity. In an interconnected world, cybersecurity and cybercrime go hand in hand. With cyber-attacks and data breaches are on the rise organisations need to be constantly adapting their security measures and preparing for cyber threats. At the end of 2017, a survey was carried out on the state of cyber readiness levels across various sectors in South Africa. The aim of the survey was to identify the current security posture in organisations and ascertain where the gaps were in order to respond to developing cyber threats. Cybersecurity needs to be viewed from various dimensions and thus the survey focused on the status of cybersecurity plans, strategies, governance, standards, Computer Security Incident Response Team (CSIRT) membership, awareness programs, vulnerability and risk assessments as well as incident management capabilities. This paper presents the results of the survey which are further analysed in order to contextualise critical findings and recommendations. The survey provided important insights into cyber readiness in South Africa. In this paper the results are placed in context of global trends in order to determine key areas that require attention. It is important to identify how organisations in South Africa should be dealing with disaster recovery planning and how to remain operational when faced with system interruptions and interferences. Contextualising the cyber readiness levels helps asses the latest threat landscape, as well as develop strategies to mitigate these cyber risks.Item Countermeasures to consider in the combat against cyberterrorism(CSIR. Defence Peace Safety and Security, 2010-10) Veerasamy, Namosha; Grobler, MCyberterrorism addresses the convergence of the fear-causing world of terrorism with the abstract realm of cyberspace, computers and networks. While cyberterrorism can be executed using various technical security exploits, it inherently stems various social, political or religious views. This paper presents an overview of the motivating forces behind cyberterrorism which can provide the baseline to develop a countermeasure strategy. In this paper, countermeasures that can be used to deter cyberterrorism from both these psychological and technical perspectives are covered. It provides a high-level overview of the fight against terrorism and discusses countermeasures that can be used to combat cyber terrorism to create awareness.Item Cyber threat intelligence exchange: A growing requirement(2017-06) Veerasamy, NamoshaManaging the rise of cyber-attacks has become a growing challenge. Cyber space has become a battleground of threats ranging from malware to phishing, spam and password theft. Cybersecurity solutions mainly try to take a defensive stance and build a wall around pertinent technologies in an effort to protect them. However, perpetrators still manage to find a way to infiltrate networks and systems. This is where cyber intelligence can play a fundamental role. Cyber intelligence provides an alternative route for countering complex threats as it provides a collated manner in which to gain new insights and develop detective and reactive actions. Cyber intelligence supports the understanding of not only known threats and also looks to investigating the source, motivation and capabilities of the attacker. Cyber threat intelligence sharing encompasses various sources, uses, types of data, tools, skills and challenges. This paper proposes a framework that places these various aspects in perspective in order to provide background information for the initiation of a cyber threat intelligence sharing and exchange initiative.Item Cyber threats focusing on Covid-19 outbreak(2021-02) Veerasamy, NamoshaThe outbreak of the novel corona virus or Covid-19 has sparked a wave of changes. Social-distancing and remote working meant that increasingly employees and individuals were reliant on Information Communication Technologies (ICT) to connect and gain access to information. In light of the outbreak of the virus, a vast number of users were required to carry out business activities remotely. Users turned to cyberspace for communication, entertainment and information. A critical dependency for ICT emerged. This also resulted in various fraudsters, attackers and criminals seeking to take advantage of the unsettling situation. This paper takes a look at pertinent cyber threats that aimed to utilise the corona virus in order to exploit users. This work aims to show how the health crisis was manipulated for fraudulent cyber schemes, attacks and exploits, as well to create awareness on these cyber threats in order to prevent users from falling victim to them. Furthermore, the paper also looks at the approach of these attacks to identify the main characteristics for the attack execution. This can help with identification and deterrence of Covid-19 related cyberattacks.Item Cyberterrorism - the spectre that is the convergence of the physical and virtual worlds(Academic Press, 2020-09) Veerasamy, NamoshaTechnological advancements continue to progress and so too grows the prospect of cyberterrorism. Hacking tools are growing in sophistication, and agitated terrorist groups may look for an innovative outlet for their political, religious or philosophical ideals. The potential for computers to be used as weapons/targets in political or religious struggles has become a concern in this modern age. This chapter will investigate the threat of cyberterrorism and how it converges from the digital and physical domains. It will look at providing a general understanding of the concept of cyberterrorism in order to assess the threat, impact and causes. This chapter will address the various definitions relating to cyberterrorism in order to break down critical components that may constitute a cyberattack. The severity, target and motivation are just some of the core concepts that critically define cyberterrorism. In this chapter, several queries regarding cyberterrorism are discussed in order to differentiate between cybercrime, hacking and cyberterrorism. Overall, this chapter aims to show the significance of the cyberterrorism threat and its associated ties to cybercrime and terrorism.Item Dangers of social networking sites- the propagation of malware(Ebsohost, 2013-07) Labuschagne, WA; Veerasamy, NamoshaThe paper will illustrate the dangers of social networking malware through examples. In addition, the paper will discuss propagation techniques used in social networking malware. The aim of the paper is to create user awareness to minimise the risk of falling prey to malware in popular social networking platforms. The paper will recommend best practices to users to guard against falling prey to social networking malware. In addition, the design of a high-level system to identify potential social network media malware will be proposed. Through this paper, users can better identify potential malware before they infect themselves.Item The dark side of Web 2.0(Springer, 2012-09) Labuschagne, WA; Eloff, MM; Veerasamy, NamoshaSocial networking sites have increased in popularity and are utilized for many purposes which include connecting with other people, sharing information and creating content. Many people on social networking sites use these platforms to express opinions relating to current affairs within society. People do not realize the value of their data divulged on these platforms and the tactics implemented by social engineers to harvest the seemingly worthless data. An attack vector is created when a user can be profiled using responses from one of these platforms and the data combined with leaked information from another platform. This paper discusses methods for how this data, with no significant value to the users, can become a commodity to social engineers. This paper addresses what information can be deducted from responses on social news sites, as well as investigating how this information can be useful to social engineers.Item Design of a cyber security awareness campaign for internet Cafés users in rural areas(2011-05) Labuschagne, WA; Eloff, MM; Veerasamy, Namosha; Mujinga, MAfrica may have the lowest number of Internet users in the world, but it also has the highest growth rate and the number of users is steadily growing. A majority of the African population is still excluded from global cyber networks and thus have very low cyber literacy rates. A consequence of these two factors is that many Internet users access the Internet without understanding or even realising the dangers of the cyber world. Proactive measures need to be developed to ensure that these new Internet users are equipped with computer and information security knowledge to mitigate possible cyber attacks. Due to limited availability of infrastructure, a large percentage of the African population access the Internet via Internet Cafés. A need has been identified to make users aware of the threats that may be present at an Internet Café. This paper addresses how the National Institute of Standards and Technology (NIST) framework, defined in the guide, “Building an Information Technology Security Awareness and Training Program”, can be used to develop a security awareness program that focuses on possible cyber threats at Internet Cafés. This guide provides a framework that can be applied to construct a security awareness program. It consists of four steps that form part of the life cycle of an information technology (IT) security awareness and training program. These steps are used to identify requirements of a security training strategy, to develop material that addresses the identified requirements, for the effective roll-out of the program, and to ensure the program is current and to monitor the effectiveness of the program. This framework can be used to address an identified threat in a specific context. This paper addresses the development of a security awareness campaign with the focus on reducing threats emanating from Internet CafésItem Design of cyber security awareness game utilizing a social media framework(2011-08) Labuschagne, WA; Burke, Ivan D; Veerasamy, Namosha; Eloff, MMSocial networking sites are a popular medium of interaction and communication. Social networking sites provide the ability to run applications and games to test users’ knowledge. The popularity of social networks makes it an ideal tool through which awareness can be created on existing and emerging security threats. This paper proposes an interactive game hosted by social networking sites with the purpose of creating awareness on information security threats and vulnerabilities. The game applies principles of good game design which includes: the decisions over hypermedia, multimedia and hypertext to achieve perception, comprehension or projection, comprehensive database of questions, weighted system, use of practical data, automation, dynamcis, effort and user acceptance. The aim of the paper is show the effectiveness of using a virtual tool in cyber awareness creation. This paper will thus deal with the proposal of an interactive web-based game which informs and then tests users about potential security threats and vulnerabilities.Item Determination of meme proliferation factors(Academic conferences, 2014-07) Veerasamy, Namosha; Labuschagne, WAThe ubiquity of the Internet has become part of everyday life. The Intenet allows for the searching of information on topics that are relevant at that particular time. The possession of valuable information by members of a network improves the worth of such members and subsequently increases their influence. Memes refer to pieces of information or message that replicate. Social networking sites on the Internet provide an ideal platform to propagate messages as groups of like-minded people connect with one another and communicate ideas. Messages pertaining to popular, trending or controversial topics become memes on social networking platforms. The design of memes serving as narratives has the potential to create disinformation or create a revolution as in the case of the Arab Spring. Narratives are the use of stories to influence behaviour. Messages could be created for nefarious purposes and if these messages become memes, these malicious messages can replicate at a rapid rate and potentially influence behaviour and action in a negative manner. The converse is also true a positive change could be attained though the propagation of memes designed for that specific outcome. It is essential to understand what factors are required to effectively disseminate memes within a narrative network with the goal to transform behaviour of the members in the social network. As the majority of Internet users indiscriminately trust the content encapsulated within the information highway, a threat exists in which entities with power could influence society. This paper addresses factors that could increase the proliferation of memes within cyber space. A framework is proposed of high-level factors that can be used in the design of a meme so as to increase its proliferation. Thereafter, the paper presents an experiment whereby these proliferation factors were investigated. Overall, the goal of the paper is to demonstrate how messages can be designed to proliferate and potentially influence individuals.Item The evolution of cyber threats in the South African context(2022-03) Veerasamy, NamoshaA Cybersecurity Operation Centre (SOC) is a centralized hub within an organisation that houses people, processes, and technologies aimed at continuous monitoring of the organization’s assets in order to prevent, detect, analyse, and respond to cybersecurity incidents against that organisation. SOCs are critical to the collection, analysis, and response to cybersecurity events and incidents faced by an organisation. This article discusses the architecture of an SOC that enables quick and timely responses to events and incidents. Firstly, the article describes an architecture of the SOC, the SOC’s processes, personnel, and technologies. Secondly, the article discusses what type of information and logs should be collected, analysed, and interpreted. Lastly the article discusses how to handle an incident through the six stages of incident response.Item Examining barriers to entry: Disparate gender representation in cybersecurity within Sub-Saharan Africa(2023-04) Botha-Badenhorst, Danielle P; Veerasamy, NamoshaGlobally, women are underrepresented in the fields of Science, Technology, Engineering and Mathematics (STEM). In Sub-Saharan Africa (SSA), this underrepresentation is even more prevalent, as fewer women pursue STEM careers in SSA when compared to the global norm. Cybersecurity is a critical subsection of STEM; one that is widely accepted as a field withenormous growth potential, yet only a small proportion of these jobs belong to women. Despite attempts to narrow the gender gap in cybersecurity, persistent factors still contribute to this disparity. Within this field, developing countries struggle with the same issues that impact their more developed counterparts. Issues that impact both SSA and the global participation of women in cyber-security include lacking representation and awareness as well as retention problems. Further, issues such as harassment, gender bias and the idea that cybersecurity is a “man’s world” are also contributing factors. A slew of other factors is also at play in SSA; this includes issues of low school attendance by girls, restricted educational opportunities, and other systemic challenges. Girls and women are less likely to complete lower and secondary education, which has a ripple effect – fewer women reach higher education in SSA when compared to global trends. Generally, higher or tertiary education is necessary to join the cybersecurity workforce. Research exploring the challenges women in SSA face when trying to enter the cybersecurity field is limited. This paper presents an overview of the most persistent challenges faced in SSA and globally. It highlights the current skill shortage in the cybersecurity field that is exasperated by global challenges,Barrett, S including issues unique to the region. Educational pathways available to girls and women are explored, as well as the issues leading to widespread skill shortages within SSA. Programs striving to increase the participation of women in cybersecurity are discussed. Lastly, some suggestions to remediate this pervasive issue are also provided.Item Examining misinformation and deep fakes(2024-09) Veerasamy, Namosha; Khan, Zubeida; Badenhorst, Danielle PMisinformation in the form of deep fakes and phishing links can not only spread false information but can only be used a weapon in the hands of cyber criminals. To combat this problem, the authors investigate fake news and misinformation, in a South African context. In the paper, the use of cyber scams that contain misinformation will also be unpacked. This aims to create an awareness and defensive approach to tackling emerging cyber threats that prey on misinformation. This paper tackles a growing concern by examining the pervasiveness of fake news by looking into the extent that fake news infiltrates various media channels and its potential impact on public perception and decision-making. The paper will also explore the anatomy of fake news by dissecting the common tactics and strategies employed by purveyors of fake news and highlight red flags that can help the public identify misinformation. Maintaining academic integrity is pivotal to the research and publication community. This paper will also promote the use of trusted sources and verification of information. The paper aims to promote media literacy by sharing strategies to enhance media literacy and critical thinking skills, empowering individuals to discern credible information from misleading content. This paper proposes a human-centric framework to empower individuals in South Africa to become discerning consumers of information. Recognizing the limitations of Artificial Intelligence (AI)-based detection methods and the unique challenges of the South African context (multilingualism, resource constraints), the framework emphasizes critical thinking and media literacy skills. It outlines a step-by-step process for evaluating information sources, including source credibility analysis, content verification, and crossreferencing. The effectiveness of the framework is demonstrated by a relevant use-case.Item Framework for military applications of social media(IGI, 2018-04) Veerasamy, Namosha; Labuschagne, William AThis article describes how social media has revolutionised the way in which people communicate, interact and engage. This phenomenon has transformed the digital world with its ease, convenience and numerous capabilities for sharing, involving and participating in exchanges. The military is now being confronted with how this platform can be used to aid its activities. When utilised correctly, social media could become a force multiplier for the military. Day-to-day functions, official communications, networking and training are just some of the capabilities that can be supported by social media. However, clear guidance, management and governance are required in order to ensure that the platform is implemented correctly. This article discusses the drive for the use of social media within the military and how it can be utilised for military activities. It addresses the high-level functionalities of social media within the military, as well as an overall approach to guide the process.Item Framework for the establishment of a Honeynet(2007-09) Veerasamy, Namosha; Eloff, JPHoneypots are decoy machines that are placed on the network to attract attackers, whilst also distracting them from more important targets. Honeypots are thus an ideal medium for collecting data that can later be studied to analyse attackers’ actions and motives. As a decoy and data collection tool honeypots have become a useful security resource. A Honeynet consist of a number of honeypots and can thus be used to compare attack data, experiment with different setups and gather more information. However to successfully set up a Honeynet a number of design, architectural and implementation considerations need to be taken. The aim of this paper is to provide a framework to guide the establishment of a Honeynet