Category: Student Projects

Expanded Definition of Cloud

To: Prof. Jason Ellis

From: Muztahid Sakif

Date: October 27, 2021

Subject: Expanded Definition of Cloud

Introduction

The purpose of this document is to define and explore the context/history around the term Cloud. The term cloud is used very often in the networking industry. Although cloud computing began with the military for national security purposes, it’s now increasingly growing in other sectors like business, education, health, and public and private organizations. In this document, I will compare and contrast various definitions of the word cloud from different sources. Also, I will be discussing context around the word cloud. Meaning, how this term applies to the field of networking and the importance of cloud computing for different users. 

Definitions

According to Gale EBooks, “Cloud computing refers to the use of a network of remote servers to store files and perform services. The use of the term the cloud signifies that the network is as common as the clouds in the sky, indicating that the network is ubiquitous, easy to access, and readily available anywhere in the world” [1, p.1]. This is a great, easy-to-understand definition. The comparison of the term ‘cloud’ to ‘clouds’ shows the availability of Cloud in the modern world today. According to Britannica Academic, “Cloud computing, method of running application software and storing related data in central computer systems and providing customers or other users access to them through the Internet” [2, p.1]. The two definitions listed above are intended for different audiences. The first definition from Gale includes audiences that are outside of the computing field, whereas the definition from Britannica is more catered towards people in the computer science or related audiences. Both of these definitions include the concept of the exchanging and accessing data which is important to note. Data is a big component of the term cloud and the role of interacting with data through cloud is what makes it in demand in the current market today. The second definition is more specific as to how clouds are used in today’s world. The use of different software applications was not prevalent in the context of the original definition of cloud. 

Context

The following content expands on the usage of the word cloud in different contexts. According to the authors “Cloud solutions can improve the quality of smart city services, offering support to store, analyse, and extract knowledge from the raw data. The increasing need for supporting interaction between IoT and cloud computing systems has also led to the creation of the edge computing model, which aims to provide processing and storage capacity as an extension of available IoT devices without the need to move data or processing to a data center.” [3, p.2]. 

The use of the phrase “Cloud solutions” is important to note here. This phrase is often used in the context of the benefits of cloud, especially today. Improving the quality of smart city services through the cloud is very relevant, especially in New York City.  Also according to the authors, “Together with derived security data artifacts, this will support the Cloud provider community to implement a Security Manager system for a future Inter-Cloud environment and facilitate the adoption of these results in the private and public sector” [4, p.5]. In this context, the term cloud is mentioned in the context of security. With Cloud, there’s always the question of security which increases with time. This is also relevant to my field (Cyber Security) where the use of Cloud is increasing. 

Here’s a quote example from IEEE Xplore: Cloud Computing Based Social Media Model, writers K. Goel and I. Goel wrote about the role and the importance of cloud in the social media space: “So, to provide better data security, management,no worry of data management and also easy access of data will be required which can be only possible through cloud computing”[5, p.9]. The use of the word cloud here refers to its reach in various fields, including Social Media. The growth of Social Media is ever growing and the influence of cloud can provide its user with better security, management and allow business to grow through Social Media. Businesses, especially today, rely on Social Media advertising for business growth and cloud helps with large sums of data to simplify the process. 

Another quote example from the book Cloud Computing, writer Nayan Ruparelia wrote about cloud of things, which found in various ‘objects’ or technologies that we encounter “A cloud of things has inanimate objects, or things, as its scope; that is, it is a cloud that works with things instead of people or organizations. For example, you can have a cloud of public lighting— such as street or car park lighting— operated on a pay-per-use basis so that the lighting is available only to those who have paid for it and are in the vicinity” [6, p.10]. In this context, the author mentions the term “cloud of things” which is very relevant in the cloud business. Cloud of things can be an efficient way to manage lights as mentioned in the example. Meaning, the lights do not remain turned on all night and waste charge. The use of the term cloud refers to its influence on things instead of people or organizations. Cloud of things remotely monitor, manage and control the Internet of Things enabled devices like refrigerators, fire alarms, door locks, security systems, etc. 

Working Definition

Cloud is a networking/information technology infrastructure where all of organizations’ networking resources are shared in a public/private platform that is managed by a service provider. 

References

[1] Foyle, Harvey C. “Cloud Computing.” The SAGE Encyclopedia of Educational Technology, edited by J. Michael Spector, vol. 1, SAGE Reference, 2015, pp. 100-103. Gale eBooks, link.gale.com/apps/doc/CX6197800053/GVRL?u=cuny_nytc&sid=bookmark-GVRL&xid=8a12ab4f. Accessed 6 Oct. 2021

[2] Carr, Nicholas “Cloud Computing.” [Online]. Britannica Academic, Available: https://academic-eb-com.citytech.ezproxy.cuny.edu/levels/collegiate/article/cloud-computing/474374 [Accessed: 06-Oct-2021]. 

[3]. M. Fazio, R. Ranjan, M. Girolami, J. Taheri, S. Dustdar and M. Villari, “A Note on the Convergence of IoT, Edge, and Cloud Computing in Smart Cities,” in IEEE Cloud Computing, vol. 5, no. 5, pp. 22-24, Sep./Oct. 2018, doi: 10.1109/MCC.2018.053711663.

[4] M. Kretzschmar, M. Golling and S. Hanigk, “Security Management Areas in the Inter-cloud,” 2011 IEEE 4th International Conference on Cloud Computing, 2011, pp. 762-763, doi: 10.1109/CLOUD.2011.83.

[5]. K. Goel and I. Goel, “Cloud computing based social media model,” 2016 International Conference on Inventive Computation Technologies (ICICT), 2016, pp. 1-3, doi: 10.1109/INVENTIVE.2016.7823184.[6] Ruparelia, Nayan B.. Cloud Computing, MIT Press, 2016. ProQuest Ebook Central, https://ebookcentral.proquest.com/lib/citytech-ebooks/detail.action?docID=4527741.

Expanded Definition of API

TO:              Prof. Ellis 

FROM:        Michael Vanunu

DATE:         Oct. 27, 2021

SUBJECT:   Expanded Definition of API (Application Programming Interface)

Introduction

The purpose of this document is to explain the meaning of an API for what it is and what its used for. The term “API” stands for Application programming interface. The way I will be explaining and defining it is by what it does and how it is implemented into our daily lives. An API has many different forms it comes in, but it essentially has the same job and results for when and how it is used. How we will be looking into this definition of API will be through the lens of how they are designed and what it comes with. There is a lot to investigate when it comes into those things which I will be going through in this expanded definition.

Definitions

The first definition I will get into comes from the Oxford English Dictionary, which goes like this, “Computing application programming (or program) interface, a set of routines, protocols, and tools designed to allow the development of applications that can utilize or operate in conjunction with a given item of software, set of data, website, etc.” [1]. What it is saying is that there is a process that must be followed to achieve the goal of the API, which is designed to develop and utilize itself with what its tasked to do. Examples of which it mentions are software, data as well as websites but there are more instances.

The second definition I will get into comes from the Meriam Webster Dictionary. The definition from them goes like this, “a set of rules that allows programmers to develop software for a particular operating system without having to be completely familiar with that operating system” [2]. This definition, from the Meriam Webster Dictionary, is more precise into its definition of it. What this definition is saying is that an API’s means is to make things easier when two set of things need to communicate, it’s like a middleman that makes things easier for both parties in a sense. An example for this one would be, for example, how a GPU driver and a Game Engine need to communicate with each other. For them to communicate they would need to be programmed and configured in very specific and certain ways just so they can work with each other, which would be a lot of extra and unnecessary work. You can imagine how hard this would be if every single thing, or games in this example, has to be programmed in a very specific way just so they can work together but that is where the API comes in and makes our lives easier. The API becomes our middleman which can connect the two without having to go through a ton of extra rigorous work. This is why API’s are very important and crucial in our lives, they are used for a lot of things we use on a daily basis.

Both definitions are idealistically the same. The difference between the two that are given is that the first one, from the Oxford Dictionary, is saying it’s a set of things that need to be done to develop and utilize the use of itself (The API). The second definition I gave, from the Meriam-Webster dictionary is that it’s talking specifically about how programmers can develop things easier because they have an API as the middleman to help with what they are trying to accomplish. Both are similar in a sense that they are saying that an API is used to connect things that need it to achieve what the user sets out to do. Where the definitions differ from these two dictionaries is that one is broader, and one is more specific. A programmer is more likely to use the Meriam-Webster definition whereas the everyday person may use the Oxford definition.

Context

A quote from the e-book API design for C++, “The important underlying concept is that an API is well defined interface that provides a specific service to other pieces of software.” [3, Pg. 1]. This quote is bringing up the fact of how the API is being a specific service for other pieces, that is what its job is, to connect pieces more easily and make things easier for us in day-to-day life.

A quote from another e-book called Enterprise API Management, “Long story short, APIs become products in their own right and thus require the same level of design thinking, ongoing attention, and evolution as other business products.” [4, Pg. 87]. This quote talks about a way an API is used and explained. An API requires as much design thinking, attention and evolution as most products do in order to be successful.

Working Definition

The working definition for the API is that it is used to connect things together through an easier means to save a lot of time and work. The way an API is related to major is that it is a possible type of thing I may have to be a part of coding one day or it is even a part of the programs I use in order to code and run the codes. API is used every day by almost everyone, it is a big part of our life and society.

References [Heading Level 2]

[1]        “API,” in Oxford English Dictionary, 3rd ed. Oxford, UK: Oxford Univ. Press, 1975, def. 1. [Online]. Available: https://www.oed.com

[2]        “application programming interface,” in Meriam-Webster Dictionary, 11th ed. Springfield, MO: Merriam Webster, 1968, def. 1. [Online]. Available: https://www.merriam-webster.com

[3] R. Martin, API design for C++ 1st ed., Boston: Elsevier/Morgan Kaufmann, 2011.

[4] W. Luis, Enterprise API Management, Birmingham, England: Packt Publishing, 2019.

500 – Word’s how escalators change our sense of space forever

TO: Prof. Ellis
FROM: Olamide Yomi
DATE: Sep 20, 2021,
SUBJECT: 500 – Word’s how escalators change our sense of space forever

The following is a 500-word or close to 500-word summary of a peer-reviewed article that describes computer science and the importance of teaching computer science in methodology method to help students get a wide view of computer science. This will give students more zest in every course they take. According to the author of the article with teaching computer in a methodology method “guide students to understand computer science from a higher perspective and learn computer science through the methodology of subject and educate students to face the future.” [1, p. 293].

The introduction of computer science and technology help provide students with the understanding of computer science major, by which setting a stage for students to think about computer science course more deeply. There are two types of computers and technology arrangement. One is the general understanding of soft and hardware and mastering the utilization of the operating system and office software, the other is also comparable to the methodology of computer science and technology trying to understand deeply its basic sequence.

College basics teach computer from implementation limiting student perspective of the computer science. Unlike methodology of computer science and technology dive deeper into the cognition of nature of computer science and the main field and essential character of computer science.

The researcher hopes to get a new perspective of the “methodology of the subject” and introduce core conception, essential question, typical teaching method, and knowledge system. They also trust that students would understand the higher perspective and learn it through the methodology of the subject and educate to face the future. In this article Educationalist B. A Cyxomjnhcknn says “learning interests are the important part of learning activities” [2, p. 293].  interest in computer course itself is what attracts students and scared them at first. The cultivation of the student’s interest is the top consideration for all teachers. Teachers must lead students into learning it.

Core technologies and core concepts will help students understand the strategies of learning computer science. Algorithms describe the process of solving a problem and taking limited procedures in solving it. Students would be to learn about algorithms both emotionally and rationally make a description in form.

According to students’ questionnaires, 88 percent wish they can apply the skill to using the software after they finish their course. Teachers have the responsibility to constructing works so students can study themselves and their practical abilities through task-driven mode.

the main content of the theoretical part is the introduction of computer hardware and software systems; the scientific problem has three discipline forms and the core concepts. Typical mathematical method and system and system science. Students thought of enlightened through the proportional variation-seeking algorithm, the mathematical method for problem-solving and this make them realized the leading character of mathematics in computing discipline and guidelines of subject methodology. This improves their curiosity and their thirst for knowledge can be inspired. Strong practical characteristics will be able to demonstrate to students when they get on a computer, they can watch and simultaneously operate.

Every teacher has a concept about the methodology of computer science and technology. The teaching

Schools should adopt different means of teaching students different means to teach content. The most important is to implement research-oriented teaching in the classroom.

[1]          Fu Hefang and Li Zhaoxia, “Research and discussion on Introduction to Computer Science and Technology teaching based on methodology,” 2010 2nd International Conference on Education pp. 293-295 Technology and Computer, 2010, https://doi: 10.1109/ICETC.2010.5529680.

500-Word Summary Of Article About Unikernel Security

TO: Prof. Ellis
FROM: Edwin Baez
DATE: October 6th, 2021
SUBJECT: 500-Word Summary Of Article About Unikernel Security

The following 500-word summary of an Article about Unikernel Security. The author discusses the risks and benefits of running applications on Unikernel environments. By showing many diagrams and going in-depth on what each type of kernel does and allows, we can differentiate which kernels are right for us.

The Kernel is the essential center of a computer’s Operating System. It is basically the core that provides basic services for all other parts of the OS. Modern-day applications require cloud services to run in a Kernel environment, making it vulnerable to attacks. A unikernel is a specialized, single address space machine image constructed using the developer’s minimal set of a selection of services. With Unikernel environments, attacks are less likely due to the lightweight memory footprint and self-contained environment.

Virtualization is the process of mirroring or emulating a system using the resources of a host machine. It can be used to re-create networks or emulate a whole new machine, thus making it more secure to use. Virtual Machines cannot communicate with each other, so if one is ever infiltrated then no harm will be caused to the actual host machine. In other words, you can use your computer to run a virtual computer and whatever happens to that virtual computer will have no effect on your actual computer/hardware.

There are various types of Virtualization. The first is Full-Virtualization, which aliases the hardware the guest machine runs on. The main appeal is its ability to mirror hardware, making it more reliable, provides more consistent performance, and is able to isolate in case of a malicious attack. If a cyber-attack were to happen, the attacker cannot attack the host but can eventually see that It is attacking a virtual machine. The second type of virtualization is OS-Virtualization. OSV is ran on a single kernel but it runs many operating systems at once. It’s basically many containers and each holding its own operating system. These containers don’t have access to the hardware of the physical machine so it is limited to the OS of the host. With that said, If the machine was ever to get attacked, all containers will be compromised.

There are two types of unikernels whose security profiles differ. Clean Slate Unikernels are not emulators. They are written in a single programming language whether it’s C++, HalVM, or Javascript. They also allow language-specific virtual machines to function, for example, Java Virtual Machine (JVM). Legacy Unikernels, on the other hand, implement a subset to ensure unmodified software can run while only requiring minor configurations. According to J. Talbot et al, “They don’t support timesharing (the ability to simultaneously run multiple independent programs), instead, they delegate this role to the virtualization layer” [1, p.2].

Isolation is the main goal of most, if not all, security enthusiasts. Software running on a Unikernel is more isolated than software running in a container. This is due to the fact that unikernels are singular and have a reduced attack surface.

REFERENCE

[1] J. Talbot et al., “A Security Perspective on Unikernels,” 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), 2020, pp. 1-7, doi: 10.1109/CyberSecurity49315.2020.9138883.

500-Word Summary of Computer Science Education

To: Prof. Ellis

From: Michael Vanunu

Date: Sept. 21, 2021

Subject: 500-Word Summary of Computer Science Education

Computer science and technology have been developing well over time, this has instantiated multiple computer science courses. These courses can lead to problems which a new student wouldn’t be able to obtain reasonably. This will lead to future problems without assistance of people with more experience and knowledge on the subject.

More systems were developed to solve the problem. People like Chanyan Nuntwawong, Karim Hadjar, Antonio Maffei, and others have tried to fix the problem by presenting their ideas throughout the years.

The paper explains how a computer course can help fresh learners explore reasonable and appropriate curriculums.

The design of OSCCA has five basic steps, “Including data collection, data preprocessing, construction Ontology, establishing reasonable rules and implementing the system” [1, Sect. II]. For the first part, knowledge and unit’s points are being collected from the data that includes courses and universities as well as the likes of those places and locations to provide the best data possible. The second step is a very crucial one. The raw data is going to be processed into NLP, which stands for, Natural language processing. This is going to be a very rough processes that uses Apriori algorithm and things alike. The third step will include the interrelationships of the data collected that will be applied to an ontology. The fourth step defines the four reasoning rules that are important to the whole thing. The fifth and final step is to build a website using java that can provide great and available services for people who are new to learning computer science.

Datasets for the course are being collected through internet information as well as college curriculums. A python spider package named scrappy is used to fetch information for the course. “The course datasets consist of courses, units and knowledge points” [2, Sect. III]. These are the points that “Scrapy” fetches to make the best possible outcome for new students trying to learn.

The analysis and the terms of relationships are analyzed by how each item will be defined. NLP is used to detect and extract the best and contributed items. The Apriori algorithm is used in here again. Apriori algorithm will be solving the frequent items as well as the set problems to assist databases.

Computer courses are increasing at a rapid pace. The courses provided by many courses are independent. Newer learners of the computer science field might be confused by a lot of unneeded and unnecessary information. The solution to the problem is the course for OSCCA (a course ontology stem for computer science education is developed).

Y. Wang, Z. Wang, X. Hu, T. Bai, S. Yang and L. Huang, “A Courses Ontology System for Computer Science Education,” 2019 IEEE International Conference on Computer Science and Educational Informatization (CSEI), 2019, pp. 251-254, doi: 10.1109/CSEI47661.2019.8938930.

500-Word Summary of Article About Smart Home And Smart Home Automation Using IoT

TO:       Prof. Ellis
FROM:     Jared Williams
DATE:     Oct. 6, 2021
SUBJECT:  500-Word Summary of Article About Smart Home and Home Automation Using IoT.

               The following is a 500-word summary of an article about the performance of wireless smart home automation using the Internet of Things (IoT). The authors discuss energy consumption around the world setting new records due to the increasing scope of technology. As energy consumption rises, new ways to lower it are being developed. Smart homes and smart home technology can reduce energy consumption and save people money.

               A principal feature of smart home technology is its simplicity, which is something the authors wanted to retain for their project. Agarwal et al. state, “We designed a home automation system using the concept of internet of things (IOT) enabling us to automate basic home functionalities like switching on/off Equipment lights, cooling systems, refrigerators and other home appliances that are operational in homes” [1, p. 630]. The authors discuss a Bluetooth based automation system and a GSM based automation system facilitated through a cell phone. The many ways a GSM based automation system can be used is briefly touched on.

               The authors wanted to remotely control their appliance through the use of a Wi-Fi connection. A html page was created in order to control their appliance for the test. Pseudocode for the project is provided to give a brief understanding of the goal. The authors use a device called an optocoupler, which – depending on their input – completes the circuit transmitting infrared light to a light-sensitive diode that powers on a lightbulb. The authors are using an Arduino device outfitted with Wi-fi capabilities and Bluetooth for their test.

               The steps to achieve the desired outcome are expanded upon from the previously stated pseudocode: The Arduino powers on and attempts to connect to Wi-Fi. If it can’t connect, the Arduino will continue to try until a connection is successful. Once connection is established, it will then await a command. When it receives an “on” or “off” command, the device sends a signal to the opto-coupler to complete the circuit or to break the current. The range of Bluetooth is very limited, which makes Wi-Fi based home automation more appealing as you can control appliances from wherever you have access to the internet. The Arduinos Wi-Fi module allowed for wireless control over the local network.

               The purpose of the project was to demonstrate the quality-of-life benefits from using smart home automation and show its potential in reducing power consumption. While smart homes can enhance our quality of life, one major concern is security. You must make sure all security and privacy precautions are taken when implementing the technology. Neglecting the security aspect of smart home technology can leave you vulnerable to attack and a potential invasion of privacy.

Reference

[1]        K. Agarwal, A. Agarwal, and G. Misra, “Review and Performance Analysis on Wireless Smart Home and Home Automation using IoT,” 2019 Third International conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), 2019, pp. 629-633, doi: 10.1109/I-SMAC47947.2019.9032629.

500-word summary on Persistent URLs and Citations

TO: Prof. Ellis

FROM: Alex Cheung

DATE: Oct. 6, 2021

SUBJECT: 500-Word Summary of Article About Persistent URLs and Citations

Persistent URLs and Citations are one of the most important elements of an article, scholarly paper, or any academic writing. These persistent URLs provide a link to a full-text article that will never change thus always linking to the article that is a part of a database or journal. Without them, it might be hard to find that specific full-text article later down the road and. Nicholas Homenda believes that persistent URLs and citations are a necessity as evident by his thought, “As libraries, archives, and museums make unique digital collections openly available via digital library platforms, they expose these resources to users who may wish to cite them” [1, p. 1].

There are four main methods used for persistent URLs that include: Handle, DOI, ARK, and PURL. As libraries, archives, and museums move more of their collections to digital mediums, having a persistent URL to access these materials are essential to find the said material which is part of certain collections [1, p. 1]. Most of these persistent URL services have been around since the 1990s to the early 2000s [1, p. 2]. Each site uses their own version of persistent URLs thus resulting in many different types of links. This calls for more standards for persistent URLs.

There is a term called “link rot” which means that overtime the link will eventually not point to the page or file that it was meant to point to. There have been several studies done on link rot by tracking the availability of the resource over time [1, p. 3]. In recent works by Koster, he mentions that the persistent URL method that appears the most often in literature is the Digital Object Identifier (DOI) [1, p. 4]. 

For over 20 years, persistent URLs have been providing persistent links to digital objects allowing users worldwide to access the content [1, p. 4]. Persistent URLs are even used to create permanent links to government information. This was an early effort by the Cendi Persistent Identification Task Group to implement the Federal Enterprise Architecture (FEA) and a theoretical Federal Persistent Identification Resolver [1, p. 4].

All persistent links should ideally be accessible via URLs that will outlast the information that it is linking to unless that link is subjected to “link rot” [1, p. 4]. In one investigation into “link rot” on information from Medline abstracts from the years 1994-2006, shows that about 20% of the links were dead in 2008. The topic of “link rot” has been discussed as early as 2003 in a book by Markwell and Brooke named ““Broken Links: Just How Rapidly Do Science Education Hyperlinks Go Extinct”, which is cited by many link rot studies but it looks like this too has suffered from link rot in works that cited this book [1, p.4]. 

In a recent study, they tried to locate digital collections that met the following criteria:

  1. Openly available
  2. Part of a repository service
  3. Gathered as part of a site or service that contains multiple collections
  4. Unique to an institution but not duplicated or licensed content

With these criteria in place, it helps to find unique and publicly available digital collections [1, p. 5]. The study found that the DLF institution had 171 out of 197 member institutions that had accessible digital collections, while only 153 out of the 171 met the criteria for this study [1, p. 6]. 

Reference

[1] Homenda, N. (2021) ‘Persistent URLs and Citations Offered for Digital Objects by Digital Libraries’, Information Technology & Libraries, 40(2), pp. 1–12. doi: 10.6017/ital.v40i2.12987.

500-word summary on Cyber-attacks and Countermeasures

From: Anthony Cuomo
Date: 10/6/2021
Subject: 500-word summary on Cyber-attacks and Countermeasures. 

Cyber-attacks are becoming more frequent and sophisticated due to human error, which are not being accounted for properly by current cyber security protocols. There are three main types of protection tools that are being used in the fight against cybercrimes such as, blacklisting, heuristics, and a hybrid of the two techniques. Cyber protection tools are not fool proof, and users need to learn how to identify a potential attack and how to identify what measures to take to prevent said attack by learning cyber-attack taxonomy and classifications. [1, p. 37]

The author argues that this article is trying to contribute to the advancement of helping users identify and assess potential cyber security threats online. Cyber-attacks are a type of attack that targets the users’ vulnerabilities, these attacks including phishing, drive-by downloads, and social engineering. There are technical and non-technical tools that are being used to help fight against cybercrimes. One of the non-technical tools being implemented is the legislative tool which passes laws against illegal cyber activities. Another non-technical tool that is being used is training and education tools, one of the tools being used is the Cybersecurity Nexus by ISACA.  

Anti-virus software is the most common approach in dealing with cyber security threats, but as the threats get more sophisticated, it could take upwards of hundreds of days before the software can provide adequate protection from a new attack. According to the author, “It is important to educate users, to improve awareness of threats, risks, and what security warnings are about”. More measures need to be taken to help educate people on potential risks. In the meantime, there are web browser filters that utilize the blacklisting technique which compares the requested web page with a database of currently known fake web pages, but this method comes with a drawback of having to constantly update and maintain an increasingly large amount of fake web pages. Google uses a tool called safe browsing, that has two flaws in which users can potentially be tracked and websites will not get filtered if users do not synchronize their accounts.


Mozilla Thunderbird and Internet Explorer use a protection tool called CANTINA which uses the heuristic technique, the drawback to this is the protection will sometimes block legitimate sites and label them fraudulent. Fuzzy data mining technique is heuristic based and tries to determine the legitimacy of websites through associating the pages URL and domain identity. The Neuro-Fuzzy model attempts to decide a webpage legitimacy by going through a list of five inputs that would make it possible to determine the legitimacy in real time. There are three protections tools called Anti-phishing Phil, CyberCIEGE and BigAmbition, which the goal is to help educate users and increase awareness in potential cyber security risks. Smart Protection Tools would include artificial intelligence and machine-learning to be able to filter out illegitimate websites with much better accuracy. 

Reference:

[1] A. M. Shabut, K. T. Lwin and M. A. Hossain, “Cyber attacks, countermeasures, and protection schemes — A state of the art survey,” 2016 10th International Conference on Software, Knowledge, Information Management & Applications (SKIMA), 2016, pp. 37-44, doi: 10.1109/SKIMA.2016.7916194. 

500-word Summary of Article About Cyber Attacks

To: Prof.Ellis

From: Muztahid Sakif

Date: Oct. 6, 2021

Subject: 500-word Summary of Article About Cyber Attacks

The following 500-word summary of the article “Covid-19 Pandemic: A New Era of Cyber Security Threat and Holistic Approach to Overcome” by Jabber Ahmed highlights the increased threat of cyber-attacks during the Covid 19 pandemic. With countries across the world going into lockdown, the usage of computers and internet has increased significantly, making cyber criminals more active. The attacks are more prevalent with the lack of personal safety precautions in using the internet. Cyber criminals have found multiple ways to access data causing many banking, government, and non-government organizations to suffer cyber-attacks. This article focuses on safety precautions to protect personal and organization data from cyber criminals.

2020 was the year of pandemic that led to a “New Normal” by forcing many to work and learn from home. Cyber attackers are capitalizing off the pandemic by launching their cyber-attacks across the continents, especially in developing countries. Ahmed supports this using a bar graph which shows the percentage of attacks faced by the different continents. Europe faced 42% of the attacks, America faced 12%, Asia Pacific with 19%, Africa with 17% and the Middle East facing 10% of the attacks. Due to the lack of awareness in developing countries, many sites have been visited by people without security precautions.

Ahmed mentions specific sectors that were attacked during the pandemic including, healthcare and medical sectors, financial sectors, and educational sectors. With the health care system already weakened by the pandemic, attacks saw this sector as the ideal place to attack. With the increase of the remote care system, the hackers were active in getting to the healthcare system around the world. Financial sectors have suffered the attacks with the increased use of online support. Most employees were working from home with an unsecured network which exposed them to attacks. Educational sectors were also affected with students from all levels being dependent on e-learning with the use of independent applications like Zoom which was vulnerable to malware attacks. 

Common types of cyber-attack include DDoS Attack, phishing, malware, and ransomware. DDoS attacks are used to make an online service unavailable for the user by increasing traffic. According to the author, “ In the first quarter of the year 2020, the total number of reported DDoS attacks was 242, and in the second quarter, the number was increased to 300 [12] [13]” [1, p. 14]. Phishing hackers send emails to individuals with fake web pages that can capture details of an individual. Attacks spread malware in devices of the users during the pandemic. Malware can create a “backdoor” in the user’s device, allowing criminals to take all personal credentials/ passwords. 

Ahmed highlights some ways of preventing these attacks. Ransomware can be prevented with an Updated OS that provides an updated patch file for prevention. To prevent DDos Attacks, users can keep the firewall on which can detect the source of IP address range to control the overflow. Phishing attacks can be prevented by having adequate knowledge of phishing emails, not clicking phishing links, and not providing credentials to unsecured websites.

Reference: [1] J. Ahmed and Q. Tushar, “Covid-19 Pandemic: A New Era Of Cyber Security Threat And Holistic Approach To Overcome,” 2020 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE), 2020, pp. 1-5, doi: 10.1109/CSDE50874.2020.9411533.

The OpenLab at City Tech:A place to learn, work, and share

The OpenLab is an open-source, digital platform designed to support teaching and learning at City Tech (New York City College of Technology), and to promote student and faculty engagement in the intellectual and social life of the college community.

Support

Help | Contact Us | Privacy Policy | Terms of Use | Credits

Accessibility

Our goal is to make the OpenLab accessible for all users.

Learn more about accessibility on the OpenLab

Copyright

Creative Commons

  • - Attribution
  • - NonCommercial
  • - ShareAlike
Creative Commons

top