Journal of Information Security and Cybercrimes Research 2020-06-04T07:17:58+03:00 Open Journal Systems <p style="text-align: justify;">Journal of Information Security and Cybercrimes Research ( JISCR ) is an academic, refreed, and periodic journal. It is a journal published by Naif Arab University for Security Sciences (NAUSS). It publishes specialized researches on the Information Security and their pertinent topics in order to disseminate the comprehensive concept of security.</p> Enhancing PC Data Security via Combining RSA Cryptography and Video Based Steganography 2020-06-04T07:17:58+03:00 Nouf A. Al-Juaid Adnan A. Gutub Esam A. Khan <p>This paper proposed an enhanced system for securing sensitive text-data on personal computer benefitting from the combination of both techniques: cryptography and steganography. The system security is generated by involving RSA cryptography followed by video based steganography as two sequential layers to insure best possible security gaining the advantages from both. The study modeled the system and implemented it to be tested to explore the relation between security, capacity and data dependency. The experimentations covered testing securing data within 15 different size videos showing interesting results. The research gave enhancement to capacity vs. security, as enforced unavoidable tradeoff. The work uniqueness is presented in showing different measures allowing the user and application to be the decision maker to choose. The tests provided all possibilities of accepting security of 1-LSB, 2-LSB, and 3-LSB methods detailing their effects on the cover video. The main outcome proved applicability to be adopting 3-LSB approach to give acceptable security with practical capacity preferred making 3-LSB winning among 1-LSB and 2-LSB techniques.</p> 2018-05-30T22:49:27+03:00 Copyright (c) 2018 Journal of Information Security and Cybercrimes Research ( JISCR ) Parental Role in Protecting Children and Dangers of Social Networks Sites 2020-06-04T07:06:59+03:00 Nabih T Abdelmajeed <p>It becomes quite clear that the modern communication technologies have been used in different aspects of life. The fast Spread of this technology is because of the ease of use it, especially after the huge turnout on multiple social networking sites nowadays. The widespread use of modern communication techniques among male and female students has been observed, and unfortunately, the number of breaches against this category is increasing. This is because of many reasons, such as, they have been not adequately trained and there is a lack of students’ concern of the seriousness of information security. Although some students have a good experience to use these techniques, they are caught up in hackers' nets. In this study, the researcher conducted a comparison between many categories of families, trained and untrained students and parents, in order to know the role of parents in protecting their children from electronic breakthroughs. The study found that there is a very important role for parents in protecting their children from the electronic threats, even in cases where the sons have a sufficient educational level in dealing with these new technologies.</p> 2018-05-30T22:49:28+03:00 Copyright (c) 2018 Journal of Information Security and Cybercrimes Research ( JISCR ) Automatic Intrusion Detection System Using Deep Recurrent Neural Network Paradigm 2020-06-04T07:10:08+03:00 Ahmed Elsherif <p dir="LTR">Network security field had gained research community attention in the last decade due to its growing importance. This paper addresses directly one vital problem in that field is “Intrusion Detection System” (IDS). As much as many researchers tackle this problem, many challenges arise while converting this research to reliable automatic system. The biggest challenge is to make the system works with low false alarm with new unseen threats. In this paper, we address this challenge by building a descriptive model using different models of deep Recurrent Neural Network (RNNs). (RNN) models has the ability to generalize the knowledge that can be used to identify seen and unseen threats. This generalization comes from RNN capabilities to define in its terms the normal behavior and the deviation accepted to be normal. Four different models of RNN were tested on a benchmark dataset, NSL-KDD, which is a standard test dataset for network intrusion. The proposed system showed superiority over other previously developed systems according to the standard measurements: accuracy, recall, precision and f-measure.</p> 2018-05-30T22:49:28+03:00 Copyright (c) 2018 Journal of Information Security and Cybercrimes Research ( JISCR ) Overview of Cyberattack on Saudi Organizations 2020-06-04T07:13:45+03:00 Salem Alelyani Harish Kumar <p dir="LTR">&nbsp;The beginning of Twenty first century saw a new dimension of security, the cybersecurity. Developed countries have started exploiting the vulnerabilities of cybersecurity to gain supremacy and influence over the rival countries. Hence, over the past decade, malware, i.e., malicious software, has become a major security threat in regards to the cybersecurity. The Kingdom of Saudi Arabia (KSA) has become a major target of cyber conflicts due to increased economic activity, digital transformation, high rate of technology adoption between citizen and organizations and rise of the oil and gas industry. However, unfortunately, there is a lack of research or scientific investigation of cyberattacks on KSA. This fact motivated us in conducting this work. This paper presents, a case study of attacks on Saudi Organization by malwares. We concentrate on two particular malwares: Shamoon and Ransomware. The timeline of attacks by these malware, also presented, along with their structures and methodologies in order to shield ourselves against similar attacks in the future.</p> 2018-05-30T22:49:28+03:00 Copyright (c) 2018 Journal of Information Security and Cybercrimes Research ( JISCR ) Survey on Updating IDSs’ Signatures Databases 2020-02-27T06:54:12+03:00 Mutep Yahya Alyousef Nabih T Arar <p dir="LTR">With the rapid development and growth of the internet and networking, greater numbers of attacks are arising that threaten networks and information security alike. Thus, different types of intrusion detection systems (IDSs) have been introduced: either signature-based IDSs, anomaly-based IDSs, or a hybrid of both. Many IDSs that have adopted the signature-based method suffer from many challenges, one of these challenges is how to detect a new attack in the incoming traffic that its signature doesn’t stored in the known signatures database, while at the same time keeping the rate of false-positive alarms low. Many IDSs update their signatures databases from time to time through the internet or by relying on the network administrator to manually update the database with new attack signatures. Manual updating is a labour-intensive process, can be prone to errors, and is not always practical. This is a survey paper on the various studies regarding the updating process for known IDSs’ signatures databases over time.</p> 2018-05-30T22:49:28+03:00 Copyright (c) 2018 Journal of Information Security and Cybercrimes Research ( JISCR ) The Distinguish Between Information Security and Privacy 2020-02-27T06:54:13+03:00 Alia M AlSulaimi <p dir="LTR">People, on the global scale, are either with government surveillance on information to ensure their safety or against it to protect their own privacy. Therefore, this paper sheds light on both sides and shows possible solutions to reveal the distinguish between information security and privacy. They represent two different and complementary domains of action. Security and privacy represent essential elements of an interconnected world of information. In this world, the demand for access to personal information is strong and increasing; it’s required to adjust products people’s taste. Security plays a role for the state in controlling and monitoring the transactions and movements.</p> 2018-05-30T22:49:29+03:00 Copyright (c) 2018 Journal of Information Security and Cybercrimes Research ( JISCR ) Trust Modeling in Wireless Sensor Networks: State of the Art 2020-06-04T07:00:59+03:00 Mohammed Mahdi AlQahatani Mostafa G. M. Mostafa <p dir="LTR">Wireless sensor networks (WSNs) is the backbone of the new generation of internet of things (IoT). WSNs are growing rapidly and security threats are increasingly growing as well. Trust computing plays a crucial role in WSN security modeling. In WSN node trust is important to keep the network safe and operational. This paper presents the state-of-the-art techniques in WSN Trust modeling. Comparison and analysis of most recent solutions were conducted. Direction and trends of current and future research approaches are also presented.</p> 2018-05-30T22:49:29+03:00 Copyright (c) 2018 Journal of Information Security and Cybercrimes Research ( JISCR )