Digital Privacy and Security

A special issue of Information (ISSN 2078-2489). This special issue belongs to the section "Information and Communications Technology".

Deadline for manuscript submissions: closed (19 November 2023) | Viewed by 52519

Printed Edition Available!
A printed edition of this Special Issue is available here.

Special Issue Editors


E-Mail Website
Guest Editor
COPELABS—Cognitive and People-Centric Computing, Lusófona University, 400098 Porto, Portugal
Interests: computer science; artificial intelligence; data science; knowledge management
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
COPELABS—Cognitive and People-Centric Computing, Lusófona University, 400098 Porto, Portugal
Interests: network security; cybersecurity; serious games; player adaptivity

E-Mail Website
Guest Editor
COPELABS—Cognitive and People-Centric Computing, Lusófona University, 400098 Porto, Portugal
Interests: computer science; databases; system control; data mining; decision support systems

Special Issue Information

Dear Colleagues,

This Special Issue will present extended versions of selected papers presented at the International Conference Digital Privacy and Security Conference (DPSC). Initiated in 2018, the annual Digital Privacy and Security Conference is a premier space for exchanging information and research results on Digital Privacy and Security and principles along with applications of system technology. The main objectives with regard to security, privacy, hacking, and cyber warfare are as follows: encouraging study, improving practice, and advancing knowledge; providing intended audiences with technological advancements; transferring knowledge; and encouraging applied research. The conference brings together academic and industrial researchers from all areas of Digital Privacy and Security to share their ideas and experiences and learn about the research in contemporary cybersecurity.

As its name indicates, the conference is dedicated to Digital Privacy and Security in its entirety. However, for DPSC 2022, we would like to emphasize emerging technologies and applications as it has been used successfully in many applications. Authors of invited papers should be aware that the final submitted manuscript must provide a minimum of 50% new content and not exceed 30% copy/paste from the proceedings paper.

Dr. José Braga de Vasconcelos
Dr. Hugo Hugo Barbosa
Dr. Carla Cordeiro
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • authorization, authentication and identity management
  • cloud computing security
  • computer forensics
  • cybercrime
  • cyber security
  • cyber warfare
  • cryptography
  • cryptanalysis
  • data mining security
  • database security
  • data encryption applications
  • digital contents copyright protection
  • electronic mail security
  • emerging technologies and applications
  • formal methods application in security and forensics
  • forensic analysis
  • games for cybersecurity training and awareness
  • hacking techniques
  • information security management
  • management in network equipment
  • mobile network security
  • multimedia content management
  • network security management
  • policiesy of trust in e-learning systems
  • privacy and trust
  • security algorithms
  • security in e-commerce and m-commerce
  • security in contents distribution networks
  • security protocols
  • system security management
  • social networks & web 2.0 trust management
  • storage area networks management
  • tracing techniques in on the internet
  • wired and wireless network security and investigation

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (16 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review, Other

17 pages, 1848 KiB  
Article
From Cybercrime to Digital Balance: How Human Development Shapes Digital Risk Cultures
by Răzvan Rughiniș, Emanuela Bran, Ana Rodica Stăiculescu and Alexandru Radovici
Information 2024, 15(1), 50; https://doi.org/10.3390/info15010050 - 17 Jan 2024
Cited by 5 | Viewed by 2313
Abstract
This article examines configurations of digital concerns within the European Union (EU27), a leading hub of innovation and policy development. The core objective is to uncover the social forces shaping technology acceptance and risk awareness, which are essential for fostering a resilient digital [...] Read more.
This article examines configurations of digital concerns within the European Union (EU27), a leading hub of innovation and policy development. The core objective is to uncover the social forces shaping technology acceptance and risk awareness, which are essential for fostering a resilient digital society in the EU. The study draws upon Bourdieu’s concept of capital to discuss technological capital and digital habitus and Beck’s risk society theory to frame the analysis of individual and national attitudes towards digital risks. Utilizing Eurobarometer data, the research operationalizes technological capital through proxy indicators of individual socioeconomic status and internet use, while country-level development indicators are used to predict aggregated national risk perception. Article contributions rely on individual- and country-level statistical analysis. Specifically, the study reveals that digital concerns are better predicted at a national level rather than individual level, being shaped by infrastructure, policy, and narrative rather than by personal technological capital. Key findings highlight a positive and a negative correlation between digital advancement with cybersecurity fears and digital literacy, respectively. HDI and DESI are relevant country-level predictors of public concerns, while CGI values are not. Using cluster analysis, we identify and interpret four digital risk cultures within the EU, each with varying foci and levels of concern, which correspond to economic, political, and cultural influences at the national level. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

27 pages, 820 KiB  
Article
Secure Genomic String Search with Parallel Homomorphic Encryption
by Md Momin Al Aziz, Md Toufique Morshed Tamal and Noman Mohammed
Information 2024, 15(1), 40; https://doi.org/10.3390/info15010040 - 11 Jan 2024
Cited by 1 | Viewed by 1673
Abstract
Fully homomorphic encryption (FHE) cryptographic systems enable limitless computations over encrypted data, providing solutions to many of today’s data security problems. While effective FHE platforms can address modern data security concerns in unsecure environments, the extended execution time for these platforms hinders their [...] Read more.
Fully homomorphic encryption (FHE) cryptographic systems enable limitless computations over encrypted data, providing solutions to many of today’s data security problems. While effective FHE platforms can address modern data security concerns in unsecure environments, the extended execution time for these platforms hinders their broader application. This project aims to enhance FHE systems through an efficient parallel framework, specifically building upon the existing torus FHE (TFHE) system chillotti2016faster. The TFHE system was chosen for its superior bootstrapping computations and precise results for countless Boolean gate evaluations, such as AND and XOR. Our first approach was to expand upon the gate operations within the current system, shifting towards algebraic circuits, and using graphics processing units (GPUs) to manage cryptographic operations in parallel. Then, we implemented this GPU-parallel FHE framework into a needed genomic data operation, specifically string search. We utilized popular string distance metrics (hamming distance, edit distance, set maximal matches) to ascertain the disparities between multiple genomic sequences in a secure context with all data and operations occurring under encryption. Our experimental data revealed that our GPU implementation vastly outperforms the former method, providing a 20-fold speedup for any 32-bit Boolean operation and a 14.5-fold increase for multiplications.This paper introduces unique enhancements to existing FHE cryptographic systems using GPUs and additional algorithms to quicken fundamental computations. Looking ahead, the presented framework can be further developed to accommodate more complex, real-world applications. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

25 pages, 2024 KiB  
Article
Explainable Machine Learning for Malware Detection on Android Applications
by Catarina Palma, Artur Ferreira and Mário Figueiredo
Information 2024, 15(1), 25; https://doi.org/10.3390/info15010025 - 1 Jan 2024
Cited by 1 | Viewed by 3258
Abstract
The presence of malicious software (malware), for example, in Android applications (apps), has harmful or irreparable consequences to the user and/or the device. Despite the protections app stores provide to avoid malware, it keeps growing in sophistication and diffusion. In this paper, we [...] Read more.
The presence of malicious software (malware), for example, in Android applications (apps), has harmful or irreparable consequences to the user and/or the device. Despite the protections app stores provide to avoid malware, it keeps growing in sophistication and diffusion. In this paper, we explore the use of machine learning (ML) techniques to detect malware in Android apps. The focus is on the study of different data pre-processing, dimensionality reduction, and classification techniques, assessing the generalization ability of the learned models using public domain datasets and specifically developed apps. We find that the classifiers that achieve better performance for this task are support vector machines (SVM) and random forests (RF). We emphasize the use of feature selection (FS) techniques to reduce the data dimensionality and to identify the most relevant features in Android malware classification, leading to explainability on this task. Our approach can identify the most relevant features to classify an app as malware. Namely, we conclude that permissions play a prominent role in Android malware detection. The proposed approach reduces the data dimensionality while achieving high accuracy in identifying malware in Android apps. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

23 pages, 1654 KiB  
Article
Efficient and Expressive Search Scheme over Encrypted Electronic Medical Records
by Xiaopei Yang, Yu Zhang, Yifan Wang and Yin Li
Information 2023, 14(12), 643; https://doi.org/10.3390/info14120643 - 30 Nov 2023
Cited by 1 | Viewed by 1637
Abstract
In recent years, there has been rapid development in computer technology, leading to an increasing number of medical systems utilizing electronic medical records (EMRs) to store their clinical data. Because EMRs are very private, healthcare institutions usually encrypt these data before transferring them [...] Read more.
In recent years, there has been rapid development in computer technology, leading to an increasing number of medical systems utilizing electronic medical records (EMRs) to store their clinical data. Because EMRs are very private, healthcare institutions usually encrypt these data before transferring them to cloud servers. A technique known as searchable encryption (SE) can be used by healthcare institutions to encrypt EMR data. This technique enables searching within the encrypted data without the need for decryption. However, most existing SE schemes only support keyword or range searches, which are highly inadequate for EMR data as they contain both textual and digital content. To address this issue, we have developed a novel searchable symmetric encryption scheme called SSE-RK, which is specifically designed to support both range and keyword searches, and it is easily applicable to EMR data. We accomplish this by creating a conversion technique that turns keywords and ranges into vectors. These vectors are then used to construct index tree building and search algorithms that enable simultaneous range and keyword searches. We encrypt the index tree using a secure K-Nearest Neighbor technique, which results in an effective SSE-RK approach with a search complexity that is quicker than a linear approach. Theoretical and experimental study further demonstrates that our proposed scheme surpasses previous similar schemes in terms of efficiency. Formal security analysis demonstrates that SSE-RK protects privacy for both data and queries during the search process. Consequently, it holds significant potential for a wide range of applications in EMR data. Overall, our SSE-RK scheme, which offers improved functionality and efficiency while protecting the privacy of EMR data, generally solves the shortcomings of the current SE schemes. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

24 pages, 767 KiB  
Article
Securing the Network: A Red and Blue Cybersecurity Competition Case Study
by Cristian Chindrus and Constantin-Florin Caruntu
Information 2023, 14(11), 587; https://doi.org/10.3390/info14110587 - 26 Oct 2023
Cited by 5 | Viewed by 5812
Abstract
In today’s dynamic and evolving digital landscape, safeguarding network infrastructure against cyber threats has become a paramount concern for organizations worldwide. This paper presents a novel and practical approach to enhancing cybersecurity readiness. The competition, designed as a simulated cyber battleground, involves a [...] Read more.
In today’s dynamic and evolving digital landscape, safeguarding network infrastructure against cyber threats has become a paramount concern for organizations worldwide. This paper presents a novel and practical approach to enhancing cybersecurity readiness. The competition, designed as a simulated cyber battleground, involves a Red Team emulating attackers and a Blue Team defending against their orchestrated assaults. Over two days, multiple teams engage in strategic maneuvers to breach and fortify digital defenses. The core objective of this study is to assess the efficacy of the Red and Blue cybersecurity competition in fostering real-world incident response capabilities and honing the skills of cybersecurity practitioners. This paper delves into the competition’s structural framework, including the intricate network architecture and the roles of the participating teams. This study gauges the competition’s impact on enhancing teamwork and incident response strategies by analyzing participant performance data and outcomes. The findings underscore the significance of immersive training experiences in cultivating proactive cybersecurity mindsets. Participants not only showcase heightened proficiency in countering cyber threats but also develop a profound understanding of attacker methodologies. Furthermore, the competition fosters an environment of continuous learning and knowledge exchange, propelling participants toward heightened cyber resilience. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

31 pages, 1068 KiB  
Article
Boosting Holistic Cybersecurity Awareness with Outsourced Wide-Scope CyberSOC: A Generalization from a Spanish Public Organization Study
by Manuel Domínguez-Dorado, Francisco J. Rodríguez-Pérez, Javier Carmona-Murillo, David Cortés-Polo and Jesús Calle-Cancho
Information 2023, 14(11), 586; https://doi.org/10.3390/info14110586 - 25 Oct 2023
Cited by 3 | Viewed by 2516
Abstract
Public sector organizations are facing an escalating challenge with the increasing volume and complexity of cyberattacks, which disrupt essential public services and jeopardize citizen data and privacy. Effective cybersecurity management has become an urgent necessity. To combat these threats comprehensively, the active involvement [...] Read more.
Public sector organizations are facing an escalating challenge with the increasing volume and complexity of cyberattacks, which disrupt essential public services and jeopardize citizen data and privacy. Effective cybersecurity management has become an urgent necessity. To combat these threats comprehensively, the active involvement of all functional areas is crucial, necessitating a heightened holistic cybersecurity awareness among tactical and operational teams responsible for implementing security measures. Public entities face various challenges in maintaining this awareness, including difficulties in building a skilled cybersecurity workforce, coordinating mixed internal and external teams, and adapting to the outsourcing trend, which includes cybersecurity operations centers (CyberSOCs). Our research began with an extensive literature analysis to expand our insights derived from previous works, followed by a Spanish case study in collaboration with a digitization-focused public organization. The study revealed common features shared by public organizations globally. Collaborating with this public entity, we developed strategies tailored to its characteristics and transferrable to other public organizations. As a result, we propose the “Wide-Scope CyberSOC” as an innovative outsourced solution to enhance holistic awareness among the cross-functional cybersecurity team and facilitate comprehensive cybersecurity adoption within public organizations. We have also documented essential requirements for public entities when contracting Wide-Scope CyberSOC services to ensure alignment with their specific needs, accompanied by a management framework for seamless operation. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

14 pages, 438 KiB  
Article
Assessing the Security and Privacy of Android Official ID Wallet Apps
by Vasileios Kouliaridis, Georgios Karopoulos and Georgios Kambourakis
Information 2023, 14(8), 457; https://doi.org/10.3390/info14080457 - 13 Aug 2023
Cited by 2 | Viewed by 2476
Abstract
With the increasing use of smartphones for a wide variety of online services, states and countries are issuing official applications to store government-issued documents that can be used for identification (e.g., electronic identity cards), health (e.g., vaccination certificates), and transport (e.g., driver’s licenses). [...] Read more.
With the increasing use of smartphones for a wide variety of online services, states and countries are issuing official applications to store government-issued documents that can be used for identification (e.g., electronic identity cards), health (e.g., vaccination certificates), and transport (e.g., driver’s licenses). However, the privacy and security risks associated with the storage of sensitive personal information on such apps are a major concern. This work presents a thorough analysis of official Android wallet apps, focusing mainly on apps used to store identification documents and/or driver’s licenses. Specifically, we examine the security and privacy level of such apps using three analysis tools and discuss the key findings and the risks involved. We additionally explore Android app security best practices and various security measures that can be employed to mitigate these risks, such as updating deprecated components and libraries. Altogether, our findings demonstrate that, while there are various security measures available, there is still a need for more comprehensive solutions to address the privacy and security risks associated with the use of Android wallet apps. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

13 pages, 488 KiB  
Article
Blockchain Data Availability Scheme with Strong Data Privacy Protection
by Xinyu Liu, Shan Ji, Xiaowan Wang, Liang Liu and Yongjun Ren
Information 2023, 14(2), 88; https://doi.org/10.3390/info14020088 - 2 Feb 2023
Cited by 2 | Viewed by 2435
Abstract
Blockchain, with its characteristics of non-tamperability and decentralization, has had a profound impact on various fields of society and has set off a boom in the research and application of blockchain technology. However, blockchain technology faces the problem of data availability attacks during [...] Read more.
Blockchain, with its characteristics of non-tamperability and decentralization, has had a profound impact on various fields of society and has set off a boom in the research and application of blockchain technology. However, blockchain technology faces the problem of data availability attacks during its application, which greatly limits the scope and domain of blockchain applications. One of the most advantageous researches to address this problem is the scalable data availability solution that integrates coding theory design into the Merkle tree promise. Based on this scheme, this paper combines a zero-knowledge accumulator with higher efficiency and security with local repair coding, and proposes a data availability scheme with strong dataset privacy protection. The scheme first encodes the data block information on the blockchain to ensure tamper-proof data, and then uses a zero-knowledge accumulator to store the encoded data block information. Its main purpose is to use zero-knowledge property to protect the accumulation set information stored in the accumulator from being leaked and to ensure that no other information about the accumulation set is revealed during the data transmission. It fundamentally reduces the possibility of attackers generating fraudulent information by imitating block data and further resists data availability attacks. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

75 pages, 41040 KiB  
Article
Analysis of the Impact of Age, Education and Gender on Individuals’ Perception of Label Efficacy for Online Content
by Matthew Spradling and Jeremy Straub
Information 2022, 13(11), 516; https://doi.org/10.3390/info13110516 - 28 Oct 2022
Cited by 1 | Viewed by 2348
Abstract
Online content is consumed by most Americans and is a primary source of their news information. It impacts millions’ perception of the world around them. Problematically, individuals who seek to deceive or manipulate the public can use targeted online content to do so [...] Read more.
Online content is consumed by most Americans and is a primary source of their news information. It impacts millions’ perception of the world around them. Problematically, individuals who seek to deceive or manipulate the public can use targeted online content to do so and this content is readily consumed and believed by many. The use of labeling as a way to alert consumers of potential deceptive content has been proposed. This paper looks at factors which impact its perceived trustworthiness and, thus, potential use by Americans and analyzes these factors based on age, education level and gender. This analysis shows that, while labeling and all label types enjoy broad support, the level of support and uncertainty about labeling varies by age and education level with different labels outperforming for given age and education levels. Gender, alternately, was not shown to have a tremendous impact on respondents’ perspectives regarding labeling; however, females where shown to support labeling more, on average, but also report more uncertainty. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

28 pages, 5900 KiB  
Article
SMS-I: Intelligent Security for Cyber–Physical Systems
by Eva Maia, Norberto Sousa, Nuno Oliveira, Sinan Wannous, Orlando Sousa and Isabel Praça
Information 2022, 13(9), 403; https://doi.org/10.3390/info13090403 - 25 Aug 2022
Cited by 3 | Viewed by 2692
Abstract
Critical infrastructures are an attractive target for attackers, mainly due to the catastrophic impact of these attacks on society. In addition, the cyber–physical nature of these infrastructures makes them more vulnerable to cyber–physical threats and makes the detection, investigation, and remediation of security [...] Read more.
Critical infrastructures are an attractive target for attackers, mainly due to the catastrophic impact of these attacks on society. In addition, the cyber–physical nature of these infrastructures makes them more vulnerable to cyber–physical threats and makes the detection, investigation, and remediation of security attacks more difficult. Therefore, improving cyber–physical correlations, forensics investigations, and Incident response tasks is of paramount importance. This work describes the SMS-I tool that allows the improvement of these security aspects in critical infrastructures. Data from heterogeneous systems, over different time frames, are received and correlated. Both physical and logical security are unified and additional security details are analysed to find attack evidence. Different Artificial Intelligence (AI) methodologies are used to process and analyse the multi-dimensional data exploring the temporal correlation between cyber and physical Alerts and going beyond traditional techniques to detect unusual Events, and then find evidence of attacks. SMS-I’s Intelligent Dashboard supports decision makers in a deep analysis of how the breaches and the assets were explored and compromised. It assists and facilitates the security analysts using graphical dashboards and Alert classification suggestions. Therefore, they can more easily identify anomalous situations that can be related to possible Incident occurrences. Users can also explore information, with different levels of detail, including logical information and technical specifications. SMS-I also integrates with a scalable and open Security Incident Response Platform (TheHive) that enables the sharing of information about security Incidents and helps different organizations better understand threats and proactively defend their systems and networks. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

72 pages, 17102 KiB  
Article
Assessment of Consumer Perception of Online Content Label Efficacy by Income Level, Party Affiliation and Online Use Levels
by Jeremy Straub, Matthew Spradling and Bob Fedor
Information 2022, 13(5), 252; https://doi.org/10.3390/info13050252 - 13 May 2022
Cited by 2 | Viewed by 2434
Abstract
Deceptive online content represents a potentially severe threat to society. This content has shown to have the capability to manipulate individuals’ beliefs, voting and activities. It is a demonstrably effective way for foreign adversaries to create domestic strife in open societies. It is [...] Read more.
Deceptive online content represents a potentially severe threat to society. This content has shown to have the capability to manipulate individuals’ beliefs, voting and activities. It is a demonstrably effective way for foreign adversaries to create domestic strife in open societies. It is also, by virtue of the magnitude of content, very difficult to combat. Solutions ranging from censorship to inaction have been proposed. One solution that has been suggested is labeling content to indicate its accuracy or characteristics. This would provide an indication or even warning regarding content that may be deceptive in nature, helping content consumers make informed decisions. If successful, this approach would avoid limitations on content creators’ freedom of speech while also mitigating the problems caused by deceptive content. To determine whether this approach could be effective, this paper presents the results of a national survey aimed at understanding how content labeling impacts online content consumption decision making. To ascertain the impact of potential labeling techniques on different portions of the population, it analyzes labels’ efficacy in terms of income level, political party affiliation and online usage time. This, thus, facilitates determining whether the labeling may be effective and also aids in understating whether its effectiveness may vary by demographic group. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

Review

Jump to: Research, Other

15 pages, 1161 KiB  
Review
Emerging Digital Technologies in Healthcare with a Spotlight on Cybersecurity: A Narrative Review
by Ahmed Arafa, Haytham A. Sheerah and Shada Alsalamah
Information 2023, 14(12), 640; https://doi.org/10.3390/info14120640 - 29 Nov 2023
Cited by 7 | Viewed by 6697
Abstract
Emerging digital technologies, such as telemedicine, artificial intelligence, the Internet of Medical Things, blockchain, and visual and augmented reality, have revolutionized the delivery of and access to healthcare services. Such technologies allow for real-time health monitoring, disease diagnosis, chronic disease management, outbreak surveillance, [...] Read more.
Emerging digital technologies, such as telemedicine, artificial intelligence, the Internet of Medical Things, blockchain, and visual and augmented reality, have revolutionized the delivery of and access to healthcare services. Such technologies allow for real-time health monitoring, disease diagnosis, chronic disease management, outbreak surveillance, and rehabilitation. They help personalize treatment plans, identify trends, contribute to drug development, and enhance public health management. While emerging digital technologies have numerous benefits, they may also introduce new risks and vulnerabilities that can compromise the confidentiality, integrity, and availability of sensitive healthcare information. This review article discussed, in brief, the key emerging digital technologies in the health sector and the unique threats introduced by these technologies. We also highlighted the risks relevant to digital health cybersecurity, such as data breaches, medical device vulnerabilities, phishing, insider and third-party risks, and ransomware attacks. We suggest that the cybersecurity framework should include developing a comprehensive cybersecurity strategy, conducting regular risk assessments, implementing strong access control, encrypting data, educating staff, implementing secure network segmentation, backing up data regularly, monitoring and detecting anomalies, establishing an incident response plan, sharing threat intelligence, and auditing third-party vendors. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

36 pages, 725 KiB  
Review
A Comprehensive Survey on Artifact Recovery from Social Media Platforms: Approaches and Future Research Directions
by Khushi Gupta, Damilola Oladimeji, Cihan Varol, Amar Rasheed and Narasimha Shahshidhar
Information 2023, 14(12), 629; https://doi.org/10.3390/info14120629 - 24 Nov 2023
Cited by 3 | Viewed by 3700
Abstract
Social media applications have been ubiquitous in modern society, and their usage has grown exponentially over the years. With the widespread adoption of these platforms, social media has evolved into a significant origin of digital evidence in the domain of digital forensics. The [...] Read more.
Social media applications have been ubiquitous in modern society, and their usage has grown exponentially over the years. With the widespread adoption of these platforms, social media has evolved into a significant origin of digital evidence in the domain of digital forensics. The increasing utilization of social media has caused an increase in the number of studies focusing on artifact (digital remnants of data) recovery from these platforms. As a result, we aim to present a comprehensive survey of the existing literature from the past 15 years on artifact recovery from social media applications in digital forensics. We analyze various approaches and techniques employed for artifact recovery, structuring our review on well-defined analysis focus categories, which are memory, disk, and network. By scrutinizing the available literature, we determine the trends and commonalities in existing research and further identify gaps in existing literature and areas of opportunity for future research in this field. The survey is expected to provide a valuable resource for academicians, digital forensics professionals, and researchers by enhancing their comprehension of the current state of the art in artifact recovery from social media applications. Additionally, it highlights the need for continued research to keep up with social media’s constantly evolving nature and its consequent impact on digital forensics. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

34 pages, 2720 KiB  
Review
Anonymization Procedures for Tabular Data: An Explanatory Technical and Legal Synthesis
by Robert Aufschläger, Jakob Folz, Elena März, Johann Guggumos, Michael Heigl, Benedikt Buchner and Martin Schramm
Information 2023, 14(9), 487; https://doi.org/10.3390/info14090487 - 1 Sep 2023
Cited by 2 | Viewed by 3889
Abstract
In the European Union, Data Controllers and Data Processors, who work with personal data, have to comply with the General Data Protection Regulation and other applicable laws. This affects the storing and processing of personal data. But some data processing in data mining [...] Read more.
In the European Union, Data Controllers and Data Processors, who work with personal data, have to comply with the General Data Protection Regulation and other applicable laws. This affects the storing and processing of personal data. But some data processing in data mining or statistical analyses does not require any personal reference to the data. Thus, personal context can be removed. For these use cases, to comply with applicable laws, any existing personal information has to be removed by applying the so-called anonymization. However, anonymization should maintain data utility. Therefore, the concept of anonymization is a double-edged sword with an intrinsic trade-off: privacy enforcement vs. utility preservation. The former might not be entirely guaranteed when anonymized data are published as Open Data. In theory and practice, there exist diverse approaches to conduct and score anonymization. This explanatory synthesis discusses the technical perspectives on the anonymization of tabular data with a special emphasis on the European Union’s legal base. The studied methods for conducting anonymization, and scoring the anonymization procedure and the resulting anonymity are explained in unifying terminology. The examined methods and scores cover both categorical and numerical data. The examined scores involve data utility, information preservation, and privacy models. In practice-relevant examples, methods and scores are experimentally tested on records from the UCI Machine Learning Repository’s “Census Income (Adult)” dataset. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

30 pages, 1105 KiB  
Review
A Systematic Literature Review on Human Ear Biometrics: Approaches, Algorithms, and Trend in the Last Decade
by Oyediran George Oyebiyi, Adebayo Abayomi-Alli, Oluwasefunmi ‘Tale Arogundade, Atika Qazi, Agbotiname Lucky Imoize and Joseph Bamidele Awotunde
Information 2023, 14(3), 192; https://doi.org/10.3390/info14030192 - 17 Mar 2023
Cited by 13 | Viewed by 3808
Abstract
Biometric technology is fast gaining pace as a veritable developmental tool. So far, biometric procedures have been predominantly used to ensure identity and ear recognition techniques continue to provide very robust research prospects. This paper proposes to identify and review present techniques for [...] Read more.
Biometric technology is fast gaining pace as a veritable developmental tool. So far, biometric procedures have been predominantly used to ensure identity and ear recognition techniques continue to provide very robust research prospects. This paper proposes to identify and review present techniques for ear biometrics using certain parameters: machine learning methods, and procedures and provide directions for future research. Ten databases were accessed, including ACM, Wiley, IEEE, Springer, Emerald, Elsevier, Sage, MIT, Taylor & Francis, and Science Direct, and 1121 publications were retrieved. In order to obtain relevant materials, some articles were excused using certain criteria such as abstract eligibility, duplicity, and uncertainty (indeterminate method). As a result, 73 papers were selected for in-depth assessment and significance. A quantitative analysis was carried out on the identified works using search strategies: source, technique, datasets, status, and architecture. A Quantitative Analysis (QA) of feature extraction methods was carried out on the selected studies with a geometric approach indicating the highest value at 36%, followed by the local method at 27%. Several architectures, such as Convolutional Neural Network, restricted Boltzmann machine, auto-encoder, deep belief network, and other unspecified architectures, showed 38%, 28%, 21%, 5%, and 4%, respectively. Essentially, this survey also provides the various status of existing methods used in classifying related studies. A taxonomy of the current methodologies of ear recognition system was presented along with a publicly available occlussion and pose sensitive black ear image dataset of 970 images. The study concludes with the need for researchers to consider improvements in the speed and security of available feature extraction algorithms. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

Other

Jump to: Research, Review

15 pages, 400 KiB  
Systematic Review
How Do Public Perceptions Affect the Security of Connected Places? A Systematic Literature Review
by Agnieszka Dutkowska-Zuk, Joe Bourne, Chengyuan An, Xuan Gao, Oktay Cetinkaya, Peter Novitzky, Gideon Ogunniye, Rachel Cooper, David De Roure, Julie McCann, Jeremy Watson, Tim Watson and Eleri Jones
Information 2024, 15(2), 80; https://doi.org/10.3390/info15020080 - 31 Jan 2024
Viewed by 1708
Abstract
This systematic literature review explores the scholarly debate around public perceptions and behaviors in the context of cybersecurity in connected places. It reveals that, while many articles highlight the importance of public perceptions and behaviors during a cyberattack, there is no unified consensus [...] Read more.
This systematic literature review explores the scholarly debate around public perceptions and behaviors in the context of cybersecurity in connected places. It reveals that, while many articles highlight the importance of public perceptions and behaviors during a cyberattack, there is no unified consensus on how to influence them in order to minimize the attack’s impact and expedite recovery. Public perceptions can affect the success and sustainability of connected places; however, exactly how and to what extent remains unknown. We argue that more research is needed on the mechanisms to assess the influence of public perceptions and associated behaviors on threats to security in connected places. Furthermore, there is a need to investigate the models and tools currently being deployed by connected place design and management to understand and influence public perceptions and behaviors. Lastly, we identify the requirements to investigate the complex relationship between the public and connected place managers, define all stakeholders clearly, and explore the patterns between specific connected place cybersecurity incidents and the methods used to transform public perceptions. Full article
(This article belongs to the Special Issue Digital Privacy and Security)
Show Figures

Figure 1

Back to TopTop