Journal of Information Security and Cybercrimes Research https://journals.nauss.edu.sa/index.php/JISCR <p style="text-align: justify;">Journal of Information Security and Cybercrimes Research ( JISCR ) is an academic, refreed, and periodic journal. It is a journal published by Naif Arab University for Security Sciences (NAUSS). It publishes specialized researches on the Information Security and their pertinent topics in order to disseminate the comprehensive concept of security.</p> Naif Arab University for Security Sciences en-US Journal of Information Security and Cybercrimes Research 1658-7782 <p>&nbsp; &nbsp; &nbsp; You must read and accept the copyright terms and conditions(<a href="https://journals.nauss.edu.sa/index.php/JISCR/Copyrights" target="_blank" rel="noopener">click here for&nbsp;copyright terms</a>).</p> A Systematic Review of Machine Learning Algorithms in Cyberbullying Detection: Future Directions and Challenges https://journals.nauss.edu.sa/index.php/JISCR/article/view/1488 <p>Social media networks are becoming an essential part of life for most of the world’s population. Detecting cyberbullying using machine learning and natural language processing algorithms is getting the attention of researchers. There is a growing need for automatic detection and mitigation of cyberbullying events on social media. In this study, research directions and the theoretical foundation in this area are investigated. A systematic review of the current state-of-the-art research in this area is conducted. A framework considering all possible actors in the cyberbullying event must be designed, including various aspects of cyberbullying and its effect on the participating actors. Furthermore, future directions and challenges are also discussed.</p> Muhammad Arif Copyright (c) 2021 Journal of Information Security and Cybercrimes Research http://creativecommons.org/licenses/by-nc/4.0 2021-06-01 2021-06-01 4 1 01 26 10.26735/GBTV9013 Cyberthreats on Implantable Medical Devices https://journals.nauss.edu.sa/index.php/JISCR/article/view/1481 <p><em>The significant and rapid technological development in the field of medical care, and Implanted Medical Device, clearly lead to improve the quality of care and effectiveness of treatment for numerous diseases that were previously difficult to be controlled. Technological growth has accompanied by a marked fear of academics and researchers during the past ten years from cyber threats that may lead to breaking the goal of creating these devices. Cyberspace risks and threats would expose many patients who use these devices to health complications and then endanger their lives. The risks and the vulnerability of these devices raised the curiosity to search and audit concerns that were purely theoretical and not associated with practical experience. The rapidity of change in the structure of the implanted medical device works as a barrier and reducing the possibility of their exposure to cyber threats. However, create comprehensive policy parallel with raising the awareness of the health care providers are the proactive steps to stop such threats and will be barriers from the cyber threats, therefore, no complete and comprehensive protection from cyberspace threats without ignoring that the Cyber threats will remain in places.</em></p> Mohammed N. A. Sabra Copyright (c) 2021 Journal of Information Security and Cybercrimes Research http://creativecommons.org/licenses/by-nc/4.0 2021-06-01 2021-06-01 4 1 36 42 10.26735/XVJR7905 Defense mechanisms against Distributed Denial of Service attacks:Comparative Review https://journals.nauss.edu.sa/index.php/JISCR/article/view/1422 <p>Distributed Denial of Service (DDoS) remains a big concern in Cybersecurity. DDoS attacks are implemented to prevent legitimate users from getting access to services. The attackers make use of multiple hosts that have been compromised (i.e., Botnets) to organize a large-scale attack on targets. Developing an effective defensive mechanism against existing and potential DDoS attacks remains a strong desire in the cybersecurity research community. However, development of effective mechanisms or solutions require adequate evaluation of existing defense mechanism and a critical analysis of how these methods have been implemented in preventing, detecting, and responding to DDoS attacks.</p> <p> This paper adopted a systematic review method to critically analyze the existing mechanisms. The review of existing literature helped classify the defense mechanism into four categories: source-based, core-router, victim-based, and distributed systems. A qualitative analysis was used to exhaustively evaluate these defense mechanisms and determine their respective effectiveness. The effectiveness of the defense mechanisms was evaluated on six key parameters: coverage, implementation, deployment, detection accuracy, response mechanism, and robustness. The comparative analysis reviewed the shortcomings and benefits of each mechanism.</p> <p> The evaluation determined that victim-based defense mechanisms have a high detection accuracy but is associated with massive collateral as the detection happens when it is too late to protect the system. On the other hand, whereas stopping an attack from the source-end is ideal, detection accuracy at this point is too low as it is hard to differentiate legitimate and malicious traffic. The effectiveness of the core-based defense systems is not ideal because the routers do not have enough CPU cycles and memory to profile the traffic. Distributed defense mechanisms are effective as components can be spread out across the three locations in a way that takes advantage of each location.</p> <p> The paper also established that the rate-limiting response mechanism is more effective than packet filtering method because it does not restrict legitimate traffic. The analysis revealed that there is no single defense mechanism that offers complete protection against DDoS attacks but concludes that the best defense mechanism is the use of distributed defense because it ensures that defense components are placed on all locations.</p> Fahad Alatawi Copyright (c) 2021 Journal of Information Security and Cybercrimes Research https://creativecommons.org/licenses/by-nc/4.0 2021-06-01 2021-06-01 4 1 81 94 10.26735/LQEZ4186 Overview of the Impact of Human Error on Cybersecurity based on ISO/IEC 27001 Information Security Management https://journals.nauss.edu.sa/index.php/JISCR/article/view/1508 <p>Information security, is the practice of protecting information by mitigating the risk of cyber-attack, and typically includes preventing or reducing the possibility of unauthorized/inappropriate access to data, unlawful use, disclosure, disruption. This concept of information security covers as well various procedures aiming at minimizing the negative effects of such incidents and threats. These threats might be originated from the human behavior which may lead to a wide damage of the organization data assets. Thus, the primary focus of information security is on the balanced protection of confidentiality, integrity and availability of data while maintaining an effective use of the organizations' systems. International standards related to information security such as ISO/IEC 27001 emphasis on effective implementation of the information security policies and applications without hampering the productivity of the organization. This research seeks to draw a set of practical rules to be established within an organization in order to preserve cybersecurity objectives and protect dada speifically from human errors incidents. The drawn rules are based on ISO/IEC 27001 and its application within organizations will rise the employees awarness about their behavior to reduce the impact of such incidents on the orgnaization' systems and data.</p> Amar Y. El-Bably Copyright (c) 2021 Journal of Information Security and Cybercrimes Research https://creativecommons.org/licenses/by-nc/4.0 2021-06-01 2021-06-01 4 1 95 102 10.26735/WLPW6121 Digital Forensic Methodology for Detection of Abnormal Flight of Drones https://journals.nauss.edu.sa/index.php/JISCR/article/view/1518 <p>When a drone accident has occurred, it is difficult to decide whether it is due to a crime, malfunction, mistake, or external force. Although the cause of the accident is elucidated through analysis of artifacts or flight data, there are many limitations. In this study, we present a method for detecting an abnormal flight using the motor current values and controller direction values of a drone. The experimental result revealed that, in the case of a normal flight, the current values of four motors were similar in hovering state and the current value of rear motors were increased when the drone was flying forwards. In the case of an abnormal flight, when the drone moved rightwards due to external force in hovering state, the current values of the two motors on the right side were increased greatly. After a period of time following the movement to the right side, the current values of all the motors converged to 0. In the future, motor current values and controller direction values may be used to determine whether an abnormal flight in a drone accident has occurred because of external force by wind, birds, persons, or the like.</p> Hyunji Moon Euihyun Jin Hyeon Kwon Sangeun Lee Kim Gibum Copyright (c) 2021 Journal of Information Security and Cybercrimes Research http://creativecommons.org/licenses/by-nc/4.0 2021-06-01 2021-06-01 4 1 27 35 10.26735/IDJD2809 Comparative Study and Analysis on Integrity of Data Files Using Different Tools and Techniques https://journals.nauss.edu.sa/index.php/JISCR/article/view/1492 <p>Digital forensic investigation is the scientific process of collection, preservation, examination, analysis, documentation and presentation of digital evidence from digital devices, so that the evidence is in compliance with legal terms and acceptable in a court of law. Integrity of the digital evidence is an indispensable part of the investigation process and should be preserved to maintain the chain of custody. This is done through hashing technique using standardized forensic tools. However, while handling the evidences , lack of knowledge might lead to unintentional alteration of computed hash. This violates the chain of custody and makes the evidence inadmissible in a court of law. In this paper, our objective is to determine the different conditions under which the original hash value of a digital evidence changes. For this, we create different scenarios using sample data files and compute their hash values. A comparative study and analysis are done to determine in which scenario the original hash value of the data file changes. The results of the research will prove useful and essential for Criminal Justice Functionaries in gaining knowledge about various conditions leading to the change in hash value of digital evidence and therefore, avoid its accidental alteration during forensic investigation/examination.</p> Kumarshankar Raychaudhuri M. George Christopher Nayeem A. Hamdani Copyright (c) 2021 Journal of Information Security and Cybercrimes Research http://creativecommons.org/licenses/by-nc/4.0 2021-06-01 2021-06-01 4 1 43 54 10.26735/SYMQ8715 The Status Quo of Information Security from the Perspective of Information Technology Staff in Jordanian University Libraries https://journals.nauss.edu.sa/index.php/JISCR/article/view/1307 <p>This study aims to explore the status quo of information security from the perspective of information technology (IT) staff in Jordanian university libraries and to discuss the most prominent difficulties they face. Moreover, it aims to identify the effect of the variables (years of experience, type of university, job level, and specialization) on the staff estimation of the status quo of information security and the difficulties they face. The study population consisted of all (96) staff members of the IT departments in the libraries of public and private Jordanian universities for the academic year 2015-2016, of whom (84) responded. To answer the study questions, a questionnaire that examines the status quo of information security was adopted, it consisted of five themes. The questionnaire also included questions to study the difficulties facing IT staff. The results indicated that the respondents&rsquo; estimation of the status quo of information security in Jordanian universities libraries was at medium level, as the item &ldquo;procedures for the protection of computer systems and networks&rdquo; and the item &ldquo;access control to information systems&rdquo; were ranked first in the study fields with a high rating. Results also indicated that the overall level of difficulties attained a medium level, and that the most prominent difficulties facing IT staff in universities libraries are the shortage of personnel specialized in information security and the lack of budget allocated to information security in university libraries. The study also showed a statistically significant difference at the level of significance (&alpha;&le;0.05) for the variables of &ldquo;job level&rdquo; and &ldquo;specialization&rdquo; in the staff estimation of the status quo of information security. Also, a statistically significant difference was found in the staff estimation of the difficulties they face related to the specialization variable. The study recommends paying more attention to the various aspects of information security in libraries, such as the infrastructure in regard to technology and the existence of a precise policy to ensure information security and to increase the number of human resources specialized in the field of information security.</p> Hussam M. Almasalha Nasharawan N. Taha Amnah Abumqibl Copyright (c) 2021 Journal of Information Security and Cybercrimes Research http://creativecommons.org/licenses/by-nc/4.0 2021-06-01 2021-06-01 4 1 55 80 10.26735/MWVL7997