Muhammad Ajmal Azad

Muhammad Ajmal Azad, Junaid Arshad, Ali Akmal et al.

Today's smartphones are equipped with a large number of powerful value-added sensors and features such as a low power Bluetooth sensor, powerful embedded sensors such as the digital compass, accelerometer, GPS sensors, Wi-Fi capabilities, microphone, humidity sensors, health tracking sensors, and a camera, etc. These value-added sensors have revolutionized the lives of the human being in many ways such, as tracking the health of the patients and movement of doctors, tracking employees movement in large manufacturing units, and monitoring the environment, etc. These embedded sensors could also be used for large-scale personal, group, and community sensing applications especially tracing the spread of certain diseases. Governments and regulators are turning to use these features to trace the people thought to have symptoms of certain diseases or virus e.g. COVID-19. The outbreak of COVID-19 in December 2019, has seen a surge of the mobile applications for tracing, tracking and isolating the persons showing COVID-19 symptoms to limit the spread of disease to the larger community. The use of embedded sensors could disclose private information of the users thus potentially bring threat to the privacy and security of users. In this paper, we analyzed a large set of smartphone applications that have been designed to contain the spread of the COVID-19 virus and bring the people back to normal life. Specifically, we have analyzed what type of permission these smartphone apps require, whether these permissions are necessary for the track and trace, how data from the user devices is transported to the analytic center, and analyzing the security measures these apps have deployed to ensure the privacy and security of users.

Nader Sohrabi Safa, Carsten Maple, Steve Furnell et al.

Previous studies show that information security breaches and privacy violations are important issues for organisations and people. It is acknowledged that decreasing the risk in this domain requires consideration of the technological aspects of information security alongside human aspects. Employees intentionally or unintentionally account for a significant portion of the threats to information assets in organisations. This research presents a novel conceptual framework to mitigate the risk of insiders using deterrence and prevention approaches. Deterrence factors discourage employees from engaging in information security misbehaviour in organisations, and situational crime prevention factors encourage them to prevent information security misconduct. Our findings show that perceived sanctions certainty and severity significantly influence individuals' attitudes and deter them from information security misconduct. In addition, the output revealed that increasing the effort, risk and reducing the reward (benefits of crime) influence the employees' attitudes towards prevent information security misbehaviour. However, removing excuses and reducing provocations do not significantly influence individuals' attitudes towards prevent information security misconduct. Finally, the output of the data analysis also showed that subjective norms, perceived behavioural control and attitude influence individuals' intentions, and, ultimately, their behaviour towards avoiding information security misbehaviour.

Junaid Arshad, Muhammad Ajmal Azad, Khaled Salah et al.

Internet of Things (IoT) is a disruptive technology with applications across diverse domains such as transportation and logistics systems, smart grids, smart homes, connected vehicles, and smart cities. Alongside the growth of these infrastructures, the volume and variety of attacks on these infrastructures has increased highlighting the significance of distinct protection mechanisms. Intrusion detection is one of the distinguished protection mechanisms with notable recent efforts made to establish effective intrusion detection for IoT and IoV. However, unique characteristics of such infrastructures including battery power, bandwidth and processors overheads, and the network dynamics can influence the operation of an intrusion detection system. This paper presents a comprehensive study of existing intrusion detection systems for IoT systems including emerging systems such as Internet of Vehicles (IoV). The paper analyzes existing systems in three aspects: computational overhead, energy consumption and privacy implications. Based on a rigorous analysis of the existing intrusion detection approaches, the paper also identifies open challenges for an effective and collaborative design of intrusion detection system for resource-constrained IoT system in general and its applications such as IoV. These efforts are envisaged to highlight state of the art with respect to intrusion detection for IoT and open challenges requiring specific efforts to achieve efficient intrusion detection within these systems.