Ini adalah IAES Nawala dari Institute of Advanced Engineering and Science. Hari ini kami akan share mengenai keamanan data. Implementasi keamanan sangatlah penting untuk menjaga kerahasiaan, integrasi, dan ketersediaan data. Data yang rentan dapat disalahgunakan oleh penyerang. AlSharaa dkk melakukan penelitian yang mengulas mengenai ethical hacking terhadap serangan siber hingga penetration testing. Selengkapnya dapat dibaca pada artikel berikut:
Since 1980 cyberattacks have been evolving with the rising numbers of internet users and the constant evolving of security systems, and since then security systems experts have been trying to fight these kinds of attacks. This paper has both ethical and scientific goals, ethically, to raise awareness on cyberattacks and provide people with the knowledge that allows them to use the world wide web with fewer worries knowing how to protect their information and their devices with what they can. Scientifically, this paper includes a deep understanding of types of hackers, attacks, and various ways to stay safe online. This research investigates how ethical hackers adapt to the current and upcoming cyber threats. The different approaches for some famous hacking types along with their results are shown. Python and Ruby are used for coding, which we run on Kali Linux operating system.
Selected advanced themes in ethical hacking and penetration testing |
Buthayna AlSharaa, Saed Thuneibat, Rawan Masadeh, Mohammad Alqaisi
Perencanaan keamanan data merupakan suatu hal penting untuk diperhatikan untuk meningkatkan penjaminan rahasia dan privasi. Ethical competence keamanan siber dalam organisasi perlu dibuat dan disepakati untuk menangani serangan-serangan siber. Gambaran terkait Ethical competence telah dirincikan oleh Ariffin dan Maskat pada penelitian berikut:
A proactive cyber security plan to safeguard confidential information and privacy still lacks initiatives to avoid frequent harmful attacks. Cybersecurity professionals must possess ethical competence and prove worthy of overseeing valuable information for efficient decision‐making since ethical competence is fundamental for daily practice. There is a need to define what it means to be ethically competent in the era of IR4.0. The previous competence models still lack consideration of both artificial intelligence (AI) and emotional intelligence (EI) skills. AI brings new opportunities to cyber security organizations that focus on AI skills related to cognitive Intelligence or intelligent quotient (IQ). EI, which refers to emotional quotient (EQ), is a good predictor of ethical competence as it can perceive and express emotions precisely to facilitate thought to understand and manage emotions. However, practically, most cyber security organizations focused on AI skills and disregarded EI skills’ roles. This research proposes a cyber artemotional model that blends AI skills and EI skills for cyber security employees. This research would benefit cyber security organizations with cyber artemotional model as employees ethical competence assessment, and it is in line with the demand of IR4.0.
A proposal of ethical competence model for cyber security organization |
Nor Hapiza Mohd Ariffin, Ruhaila Maskat
Serangan siber menjadikan kerahasiaan dan privasi data terganggu. Hal itu menyebabkan terganggunya aktifitas organisasi. Seperti serangan modifikasi dan pembajakan data, data yang telah dimodifikasi oleh penyerang tidak akan lagi dapat terintegrasi dengan data aslinya. Perubahan data oleh pihak yang tidak memiliki otoritas akan berdampak pada penurunan kepercayaan pelanggan kepada organisasi. Kaviani dkk dalam penelitiannya melakukan review mendalam terkait serangan-serangan siber terutama serangan modifikasi data. Adapun lebih lengkapnya dapat dibaca pada:
This paper is a review of types of modification data attack based on computer systems and it explores the vulnerabilities and mitigations. Altering information is a kind of cyber-attack during which intruders interfere, catch, alter, take, or erase critical data on the PCs and applications through using network exploit or by running malicious executable codes on victim’s system. One of the most difficult and trendy areas in information security is to protect the sensitive information and secure devices from any kind of threats. Latest advancements in information technology in the field of information security reveal huge amount of budget funded for and spent on developing and addressing security threats to mitigate them. This helps in a variety of settings such as military, business, science, and entertainment. Considering all concerns, the security issues almost always come at first as the most critical concerns in the modern time. As a matter of fact, there is no ultimate security solution; although recent developments in security analysis are finding daily vulnerabilities, there are many motivations to spend billions of dollars to ensure there are vulnerabilities waiting for any kind of breach or exploit to penetrate into the systems and networks and achieve particular interests. In terms of modifying data and information, from old-fashioned attacks to recent cyber ones, all of the attacks are using the same signature: either controlling data streams to easily breach system protections or using non-control-data attack approaches. Both methods can damage applications which work on decision-making data, user input data, configuration data, or user identity data to a large extent. In this review paper, we have tried to express trends of vulnerabilities in the network protocols’ applications.
Modification data attack inside computer systems: a critical review |
Vahid Kaviani J, Parvin Ahmadi Doval Amiri, Farsad Zamani Brujeni, Nima Akhlaghi
Kesadaran akan keamanan data perlu ditingkatkan untuk mengantisipasi serangan siber. Fadli dkk melakukan penelitian mengenai pemahaman terkait kesadaran dan pencegahan akan serangan siber. Penelitian tersebut digunakan untuk mengukur tingkat pemahaman akan ancaman serangan siber dan pencegahannya. Adapun lebih detail diijelaskan pada halaman berikut:
This article aims to provide an overview of cyber attack awareness and prevention in network security. This article discussed the different types of cyber attacks, current trends of cyber attacks, how to prevent cyber attacks and uum students’ awareness of cyber attacks. First, we will go over the different types of cyber attack, current trend, impact of cyber attack and the prevention. The approach entailed comparing and observing the outcomes of 13 different papers. The survey’s findings would demonstrate the results obtained after analyzing the data collection which are the questionnaire filled out by respondents after watching the cyber attack awareness video to improve awareness of students through the cyber attack. Depending on the outcome of this survey, we will have a better understanding of current students’ knowledge and awareness of cyber attacks, allowing us to improve students’ understanding of cyber threats and the necessity of cyber security.
Cyber attack awareness and prevention in network security |
Zolkipli Mohamad Fadli, Shu See Yong, Low Kai Kee, Gan Hui Ching
Beberapa artikel diatas merupakan sedikit dari banyaknya penelitian terkait keamanan siber. Untuk mendapatkan informasi lebih banyak kalian dapat mengakses secara GRATIS di: https://iaesprime.com/index.php/csit/, https://ijeecs.iaescore.com/, dan https://ijict.iaescore.com/.
Redaksi: I. Busthomi