·         Table of Contents (Volume #2, Issue #4)

·         Cover Page (Volume #2, Issue #4)

·         Editorial (Volume #2, Issue #4)

Object Identification Based on the Automated Extraction of Spatial Semantics from Web3D Scenes

Konstantinos Kontakis, Athanasios G. Malamos, Malvina Steiakaki, Spyros Panagiotakis and J. Andrew Ware

Abstract: We present a web-based methodology for the extraction of semantic information and object identification in poorly annotated Web3D scenes. Our approach is based on a set of rules that mimic human spatial cognition, backed by an indexing mechanism for the automated spatial correlation between objects in terms of linguistic predicates. The proposed methodology is comprised of real-time techniques with broad application areas, ranging from CAD and 3D room planning tools based on architectural designs, to medical and e-learning environments where their objects’ relative position is closely associated with identification attributes.

Keywords: Spatial semantics; object identification; 3D model indexing; Web3D.

Download Full Text

Hardening CISCO Devices based on Cryptography and Security Protocols - Part II: Implementation and Evaluation

Faisal Waheed and Maaruf Ali

Abstract: This second part covers the implementation, testing, critical evaluation, conclusion and further study. It concentrates on the actual implementation details of hardening of network devices by referring to the hardware and software components, device operating system’s features, management controls, access-list restrictions, operational configurations and critically making sure that the data and credentials are not stored or transferred in ‘plaintext’ over the network by detailed testing and evaluation. It investigates the commands used to enable cryptography and network protocols based on encryption, in order to meet the need for essential security requirements. Substantial work is devoted to the command line details and testing of a router based on Cryptography and Security Protocols in the border router. A step-by-step hardening approach is detailed using the commands used to secure the proposed network framework’s border router. Encrypted services coupled with best practice configurations are explained and tested in an emulated environment. The use of protocol analysers, CISCO Configuration Professional’s Audit and penetration testing tools corroborated the success of the project.

Keywords: AAA; ACL; APT; ASA; CEF; Control Plane; Cryptography; DDoS; DES; DMVPN; DMZ; DoS; Data Plane; EIGRP; GRE; Hardening CISCO Devices; HSRP; ICMP; IDS; IKE; IOS; IPS; IPSec; Management Plane; NAT; NHRP; OSFP; OSI; PSM; RADIUS; RIP; RIPv2; RSA; Security Protocols; SNMP; SNMPv3; SSH; SSHv2; SSL; TACACS; TCP/IP; VPN; VLAN.

Download Full Text

Sensor Networks Attacks Classifications and Mitigation

Ahmed S. Abu Daia, Rabie A. Ramadan and Magda B. Fayek

Abstract: Wireless Sensor Networks (WSNs) are exposed to many security attacks, and it can be easily compromised. One of the main reasons for these vulnerabilities is the deployment nature, where sensor nodes are deployed without physical guarding duty. That makes the network susceptible to physical attacks. The communication nature between sensor nodes is another reason, where intruders can easily send/receive information if they are located in the network communication range. In this paper, most of the possible WSN attacks are discussed, different security services expected in WSN are explained, and trust-based solutions proposed in the literature are listed. Moreover, the state-of-the-art of the attacks’ mitigation and avoidance techniques are presented. Besides, this paper is enriched with a new classification of the WSNs attacks regarding attacks’ characteristics. It will be beneficial to researchers in the field of WSNs security if they can distinguish between different attacks that have common characteristics.

Keywords: Wireless sensor networks; WSN possible attacks; WSN attacks’ detecting features; WSN security services; WSN trust-based solutions; WSN attacks mitigation techniques; WSN attack avoidance techniques.

Download Full Text

Potentials of Internet of Things (IoT) in Malaysian Construction Industry

Syamsul H. Mahmud, Laromi Assan and Rashidul Islam

Abstract: IoT is a man-made technology conceptualized by intelligent virtual objects, which capable of knowing all things and allows the devices around themselves to interact automatically without human control. Every year, the number of IoT devices usage is exponentially increasing and estimated as much as 75.44 billion devices will be connected in IoT network. In line with the expansion of the IoT network, the construction industry should take into consideration as otherwise the construction industry will be left behind by other industries. This is because the construction industry should utilize the applications offered by IoT to ensure the smoothness of the construction industry in the project. Therefore, the objective of this study is to identify the types of IoT applications used in the construction industry in Malaysia. The research method used to identify the types of IoT applications used is through the questionnaire method. The questionnaire was analysed using nominal analysis. A study was conducted on construction industry players which comprising of government agencies, developers, architects, engineers, quantity surveyors and class G7 contractors covering all states in Malaysia. The findings show that among the many types of IoT applications used by construction industry players are social media such as WhatsApp, Telegram and Facebook for discussion and communication purposes, the use of email for information and communication exchange and website usage as a source of reference to obtain data on company profiles, acts and policy, price quotes and so on.

Keywords: Internet of Things; Construction Industry; Industrial Revolution 4.0; Augmented Reality; Waste Management.

Download Full Text

Inherent Flaws in Login Systems of Facebook and Twitter with Mobile Numbers

Jawaid A. Mangnejo, Arif R. Khuhawar, Muneer A. Kartio and Saima S. Soomro

Abstract: There are many social networking websites that provide online networking opportunities; all of these platforms require creating an account, then logging in and updating information to maintain a profile. Our research investigates mobile number based log in feature of both Facebook and Twitters - two exemplary social networking sites – for degree of seamlessness and other security features. Our research reveals that there are major dissimilarities as well as flaws in the deployment of mobile number based login on these two platforms. It has been observed that Twitter allows creation of multiple accounts using one single mobile number, however, logging out from one such account automatically logs out all other accounts associated with the same number. On the contrary, Facebook allows creation of multiple accounts using one single mobile number without deactivation of the previously created ones, however, if same password is used for more than one accounts associated with the same number, only one account can be accessed at any given time. This paper also provides probable solutions to address the security loopholes as identified by our research.

Keywords: Social Networking Platforms; Facebook; Twitter; Login System; Mobile Number; Password; Security.

Download Full Text