35 Dynamic Cyber Defence Framework J Chen 46 Development of a Cyber-Threat Intelligence-Sharing M... more 35 Dynamic Cyber Defence Framework J Chen 46 Development of a Cyber-Threat Intelligence-Sharing Model from Big Data Sources J Mtsweni, M Mutemwa, N Mkhonto 56 Cross-Border Law Enforcement: Gathering of Stored Electronic Evidence Abstract: As data in cyberspace continues to grow because of the ubiquity of Information Communication Technologies (ICT), it is becoming challenging to obtain context-aware, actionable information from Big Data to timely detect and respond to cyberattacks that are increasing in severity, complexity, and frequency. In fact, cybercriminals are developing and sharing advanced techniques for their cyber espionage, reconnaissance missions, and ultimately devastating attacks. In order to reduce cybersecurity risks and strengthen cyber resilience, strategic cybersecurity information-sharing is a necessity. This article discusses one way of handling large volumes of unstructured data that have been generated by multiple sources across different sectors into a cyber...
11th International Conference on Cyber Warfare & Security, 17 - 18 March 2016, Boston University,... more 11th International Conference on Cyber Warfare & Security, 17 - 18 March 2016, Boston University, Boston, USA
Customers of Financial Service Institutions (FSIs) subscribe to different types of alerts occurri... more Customers of Financial Service Institutions (FSIs) subscribe to different types of alerts occurring on their accounts. The Single Channel Messaging (SCM) model is predominantly used by most Banks in Africa. However, the number of supported platforms and messaging formats limits the SCM Model and in the case where FSIs make use of multiple channels, these are not integrated. In addition, SCM does not provide a way of distinguishing between communication channels based on urgency or priority of the messages which need to be delivered to the customers. Consequently, this research work investigated and reviewed the existing approaches, publicly available platforms, web and mobile applications used by FSIs for interacting with their clients. Based on this, we derived the technical requirements for the implementation of a model for Multi-Channel Messaging (MCM) that addresses the weaknesses of SCM. Further, in this paper we present the proposed framework for the MCM model. The model was i...
The increase need for services to handle a plethora of business needs within the enterprise lands... more The increase need for services to handle a plethora of business needs within the enterprise landscape has yielded to an increase in the development of heterogeneous services across the digital world. In today’s digital economy, services are the key components for communication and collaboration amongst enterprises internally and externally. Since Internet has stimulated the use of services, different services have been developed for different purposes prompting those services to be heterogeneous due to incompatibles approaches relied upon at both conceptual and exploitation phases. The proliferation of developed heterogeneous services in the digital world therefore comes along with a range of challenges more precisely in the integration layer. Traditionally, integration is achieved by using gateways, which require considerable configuration effort. Many approaches and frameworks have been developed by different researchers to overcome these challenges, but up to date the challenges ...
Computer Science (CS) enrolments at higher education institutions across the globe remain low in ... more Computer Science (CS) enrolments at higher education institutions across the globe remain low in comparison to other disciplines. The low interest in CS is often attributed to students' misconceptions about the discipline, such as CS being construed as complex, asocial, and only for computer wizards. Consequently, hackathons, which are self-organised programmes that bring together different stakeholders to collaborate in rapidly building software prototypes, are emerging as one potential solution to address some of the students' misconceptions about the CS field. Using an exploratory case study and activity theory for data analysis; this research article presents substantive research findings that posit hackathons as an approach that could stimulate and maintain students' interest in CS. The key elements of the hackathon model are collaborations, networking, mentoring, hands-on engagement in socially-relevant computing projects, and community involvement. The model was e...
Big data is a term that describes data of huge volumes, variable speeds, and different structures... more Big data is a term that describes data of huge volumes, variable speeds, and different structures. Even though the rise of big data can yield positives, the nature of big data poses challenges as capturing, processing and storing becomes difficult. One of the challenges introduced by big data relates to its privacy and security. Privacy and security of big data is considered one of the most prominent challenges as it directly impacts on individuals. Through big data, individuals lose control over how their data is used and are unable to protect it. An invasion of privacy occurs when one’s data is used to infer aspects of one’s life without our consent. The prospect of data breaches in big data is also expected and can result in millions of records containing personal information being leaked. This paper aims to understand the privacy and security challenges that relate to big data. In order to gain this understanding, a systematic literature review is conducted to firstly identify t...
Background: The COVID-19 pandemic poses mental health challenges to frontline healthcare workers.... more Background: The COVID-19 pandemic poses mental health challenges to frontline healthcare workers. Eye care professionals may be especially susceptible to mental health problems due to high-risk exposures to patients. Yet, no prior research has studied mental health issues among eye care professionals during the COVID-19 pandemic. Objective: The purpose of this study was to identify risk factors for mental health problems during the COVID-19 pandemic among eye care professionals. Methods: We conducted a cross-sectional survey study among eye care professionals and students in the United States and Canada from June 23 to July 8, 2020 during the COVID-19 pandemic. A total of 8505 eye care professionals and students received email invitations to the survey and 2134 participated. We measured mental health outcomes including symptoms of depression, anxiety, and stress using validated scales, as well as potential risk factors including demographic characteristics, state-level COVID-19 case counts, participants' patient interactions, childcare responsibilities, and pre-pandemic stress levels. Linear multiple regression and logistic regression analyses were used to determine relationships between risk factors and mental health outcomes. Results: We found that 38.4% of eyecare professional participants in the survey met screening threshold as probable cases of anxiety, depression, or both during the COVID-19 pandemic. Controlling for self-reported prepandemic stress level and state COVID-19 case daily cases, significant risk factors for depression, anxiety, and psychological stress during the COVID-19 pandemic included: being female, younger age, and being Black or Asian. Interestingly, we found two somewhat surprising protective factors against depression symptoms: more frequent interactions with patients and having a greater proportion of childcare responsibilities at home.
2018 International Conference on Intelligent and Innovative Computing Applications (ICONIC), 2018
A Cybersecurity Operation Centre (SOC) is a centralized hub for network event monitoring and inci... more A Cybersecurity Operation Centre (SOC) is a centralized hub for network event monitoring and incident response. SOCs are critical when determining an organization’s cybersecurity posture because they can be used to detect, analyze and report on various malicious activities. For most organizations, a SOC is not part of the initial design and implementation of the Information Technology (IT) environment but rather an afterthought. As a result, it is not natively a plug and play component therefore there are integration challenges when a SOC is introduced into an organization. A SOC is an independent hub that needs to be integrated with existing procedures, policies and IT systems of an organization such as the service desk, ticket logging system, reporting, etc. This paper discussed the challenges of integrating a newly developed SOC to an organization’s existing IT environment. Firstly, the paper begins by looking at what data sources should be incorporated into the Security Information and Event Management (SIEM) such as which host machines, servers, network end points, software, applications, webservers, etc. for security posture monitoring. That is, which systems need to be monitored first and the order by which the rest of the systems follow. Secondly the paper also describes how to integrate the organization’s ticket logging system with the SOC SIEM. That is how the cybersecurity related incidents should be logged by both analysts and nontechnical employees of an organization. Also, the priority matrix for incident types and notifications of incidents. Thirdly the paper looks at how to communicate awareness campaigns from the SOC and also how to report on incidents that are found inside the SOC. Lastly the paper looks at how to show value for the large investments that are poured into designing, building and running an SOC.
2017 Conference on Information Communication Technology and Society (ICTAS), 2017
Cyberattacks are on the increase in severity, complexity and frequency, negatively affecting the ... more Cyberattacks are on the increase in severity, complexity and frequency, negatively affecting the citizens, government, and businesses. Adversely, the security and Defence role-players in developing countries, such as South Africa, are short of the required capacity and capability to adequately defend and protect the national cyberspace against these fast moving and persistent threats and attacks. Be that as it may, the South African cyberspace still requires national attention and protection by the mandated role-players, such as the Defence force and its industry partners. Thus, within the cyber domain, the various Defence force role-players can no longer rely on traditional solutions to detect, defend, and respond to the forever changing cyber threats and cyberattacks. In order to reduce cybersecurity risks and strengthen cyber resilience of the nation, strategic cybersecurity information sharing in the Defence environment is becoming a necessity. Thus, the contribution from this paper is a systematic discussion and demonstration of a conceptual cyber threat intelligence sharing model and platform that could stimulate and enable different stakeholders within the Defence environment to seamlessly and collaboratively aggregate, analyse, and timely share contextual and actionable cyber-threat intelligence that could lead to a resilient cybersecurity posture and better protection of the national cyberspace.
The significant growth of the Internet of Things (IoT) is revolutionizing the way people live by ... more The significant growth of the Internet of Things (IoT) is revolutionizing the way people live by transforming everyday Internet-enabled objects into an interconnected ecosystem of digital and personal information accessible anytime and anywhere. As more objects become Internet-enabled, the security and privacy of the personal information generated, processed and stored by IoT devices become complex and challenging to manage. This paper details the current security and privacy challenges presented by the increasing use of the IoT. Furthermore, investigate and analyze the limitations of the existing solutions with regard to addressing security and privacy challenges in IoT and propose a possible solution to address these challenges. The results of this proposed solution could be implemented during the IoT design, building, testing and deployment phases in the real-life environments to minimize the security and privacy challenges associated with IoT.
Tuckman's model identified forming, storming, norming and performing as four fundamental stag... more Tuckman's model identified forming, storming, norming and performing as four fundamental stages of group development; a new community like an extended group will not achieve optimal effectiveness unless it attains the stage of performing and interdependence [1]; therein lies one of the challenges of metropolitan housing schemes in developing countries [2]. Concerted efforts by governments of Lagos state, Nigeria at meeting deficiency in housing needs has yielded little returns in the long-run because of inability of homeowners and residents of new housing estates to take responsibilities for shared facilities; especially when estates were built by government and sold out in mortgage schemes. This exploratory study looks into how a new community of 144 new apartments evolved over 18 months with WhatsApp as a collaborative messaging tool for 180days and its impact on shared facilities maintenance. Group WhatsApp conversation was extracted and analysed for themes consistent with Tuckman's model. The research outcome shows significant usefulness of WhatsApp towards establishing a performing community — a community with common focus where resources are allocated efficiently, communicates effectively with processes in place to ensure final objectives are achieved; a community with common sense of responsibilities towards sustaining shared facilities.
2016 11th International Conference for Internet Technology and Secured Transactions (ICITST), 2016
Crowdsourcing platforms have changed the assignment and completion of tasks from a known crowd to... more Crowdsourcing platforms have changed the assignment and completion of tasks from a known crowd to the anonymous crowd, which is the public. These crowdsourcing platforms allow organizations to focus on other tasks that need to be completed by a large crowd instead of the employees. However, many crowdsourcing platforms have not addressed challenges related to target audience with regards to task assignment, whereby the tasks are assigned to relevant people with appropriate core skills and qualifications. Our proposed microtasking platform from previous research is meant to address some of these challenges. This microtasking platform allows a micro-employer to design a task and assign it to be completed by a specific crowd of a specific skill and qualification. The purpose of this paper is thus to explore the proposed microtasking platform implementation, evaluating its task assignment improvements and task quality, as it was designed to improve the task assigning model and ensure better utilization of the crowd while preserving anonymity. The results obtained from this paper indicate the implementation concept from the proposed approach and revealed other shortcomings.
35 Dynamic Cyber Defence Framework J Chen 46 Development of a Cyber-Threat Intelligence-Sharing M... more 35 Dynamic Cyber Defence Framework J Chen 46 Development of a Cyber-Threat Intelligence-Sharing Model from Big Data Sources J Mtsweni, M Mutemwa, N Mkhonto 56 Cross-Border Law Enforcement: Gathering of Stored Electronic Evidence Abstract: As data in cyberspace continues to grow because of the ubiquity of Information Communication Technologies (ICT), it is becoming challenging to obtain context-aware, actionable information from Big Data to timely detect and respond to cyberattacks that are increasing in severity, complexity, and frequency. In fact, cybercriminals are developing and sharing advanced techniques for their cyber espionage, reconnaissance missions, and ultimately devastating attacks. In order to reduce cybersecurity risks and strengthen cyber resilience, strategic cybersecurity information-sharing is a necessity. This article discusses one way of handling large volumes of unstructured data that have been generated by multiple sources across different sectors into a cyber...
11th International Conference on Cyber Warfare & Security, 17 - 18 March 2016, Boston University,... more 11th International Conference on Cyber Warfare & Security, 17 - 18 March 2016, Boston University, Boston, USA
Customers of Financial Service Institutions (FSIs) subscribe to different types of alerts occurri... more Customers of Financial Service Institutions (FSIs) subscribe to different types of alerts occurring on their accounts. The Single Channel Messaging (SCM) model is predominantly used by most Banks in Africa. However, the number of supported platforms and messaging formats limits the SCM Model and in the case where FSIs make use of multiple channels, these are not integrated. In addition, SCM does not provide a way of distinguishing between communication channels based on urgency or priority of the messages which need to be delivered to the customers. Consequently, this research work investigated and reviewed the existing approaches, publicly available platforms, web and mobile applications used by FSIs for interacting with their clients. Based on this, we derived the technical requirements for the implementation of a model for Multi-Channel Messaging (MCM) that addresses the weaknesses of SCM. Further, in this paper we present the proposed framework for the MCM model. The model was i...
The increase need for services to handle a plethora of business needs within the enterprise lands... more The increase need for services to handle a plethora of business needs within the enterprise landscape has yielded to an increase in the development of heterogeneous services across the digital world. In today’s digital economy, services are the key components for communication and collaboration amongst enterprises internally and externally. Since Internet has stimulated the use of services, different services have been developed for different purposes prompting those services to be heterogeneous due to incompatibles approaches relied upon at both conceptual and exploitation phases. The proliferation of developed heterogeneous services in the digital world therefore comes along with a range of challenges more precisely in the integration layer. Traditionally, integration is achieved by using gateways, which require considerable configuration effort. Many approaches and frameworks have been developed by different researchers to overcome these challenges, but up to date the challenges ...
Computer Science (CS) enrolments at higher education institutions across the globe remain low in ... more Computer Science (CS) enrolments at higher education institutions across the globe remain low in comparison to other disciplines. The low interest in CS is often attributed to students' misconceptions about the discipline, such as CS being construed as complex, asocial, and only for computer wizards. Consequently, hackathons, which are self-organised programmes that bring together different stakeholders to collaborate in rapidly building software prototypes, are emerging as one potential solution to address some of the students' misconceptions about the CS field. Using an exploratory case study and activity theory for data analysis; this research article presents substantive research findings that posit hackathons as an approach that could stimulate and maintain students' interest in CS. The key elements of the hackathon model are collaborations, networking, mentoring, hands-on engagement in socially-relevant computing projects, and community involvement. The model was e...
Big data is a term that describes data of huge volumes, variable speeds, and different structures... more Big data is a term that describes data of huge volumes, variable speeds, and different structures. Even though the rise of big data can yield positives, the nature of big data poses challenges as capturing, processing and storing becomes difficult. One of the challenges introduced by big data relates to its privacy and security. Privacy and security of big data is considered one of the most prominent challenges as it directly impacts on individuals. Through big data, individuals lose control over how their data is used and are unable to protect it. An invasion of privacy occurs when one’s data is used to infer aspects of one’s life without our consent. The prospect of data breaches in big data is also expected and can result in millions of records containing personal information being leaked. This paper aims to understand the privacy and security challenges that relate to big data. In order to gain this understanding, a systematic literature review is conducted to firstly identify t...
Background: The COVID-19 pandemic poses mental health challenges to frontline healthcare workers.... more Background: The COVID-19 pandemic poses mental health challenges to frontline healthcare workers. Eye care professionals may be especially susceptible to mental health problems due to high-risk exposures to patients. Yet, no prior research has studied mental health issues among eye care professionals during the COVID-19 pandemic. Objective: The purpose of this study was to identify risk factors for mental health problems during the COVID-19 pandemic among eye care professionals. Methods: We conducted a cross-sectional survey study among eye care professionals and students in the United States and Canada from June 23 to July 8, 2020 during the COVID-19 pandemic. A total of 8505 eye care professionals and students received email invitations to the survey and 2134 participated. We measured mental health outcomes including symptoms of depression, anxiety, and stress using validated scales, as well as potential risk factors including demographic characteristics, state-level COVID-19 case counts, participants' patient interactions, childcare responsibilities, and pre-pandemic stress levels. Linear multiple regression and logistic regression analyses were used to determine relationships between risk factors and mental health outcomes. Results: We found that 38.4% of eyecare professional participants in the survey met screening threshold as probable cases of anxiety, depression, or both during the COVID-19 pandemic. Controlling for self-reported prepandemic stress level and state COVID-19 case daily cases, significant risk factors for depression, anxiety, and psychological stress during the COVID-19 pandemic included: being female, younger age, and being Black or Asian. Interestingly, we found two somewhat surprising protective factors against depression symptoms: more frequent interactions with patients and having a greater proportion of childcare responsibilities at home.
2018 International Conference on Intelligent and Innovative Computing Applications (ICONIC), 2018
A Cybersecurity Operation Centre (SOC) is a centralized hub for network event monitoring and inci... more A Cybersecurity Operation Centre (SOC) is a centralized hub for network event monitoring and incident response. SOCs are critical when determining an organization’s cybersecurity posture because they can be used to detect, analyze and report on various malicious activities. For most organizations, a SOC is not part of the initial design and implementation of the Information Technology (IT) environment but rather an afterthought. As a result, it is not natively a plug and play component therefore there are integration challenges when a SOC is introduced into an organization. A SOC is an independent hub that needs to be integrated with existing procedures, policies and IT systems of an organization such as the service desk, ticket logging system, reporting, etc. This paper discussed the challenges of integrating a newly developed SOC to an organization’s existing IT environment. Firstly, the paper begins by looking at what data sources should be incorporated into the Security Information and Event Management (SIEM) such as which host machines, servers, network end points, software, applications, webservers, etc. for security posture monitoring. That is, which systems need to be monitored first and the order by which the rest of the systems follow. Secondly the paper also describes how to integrate the organization’s ticket logging system with the SOC SIEM. That is how the cybersecurity related incidents should be logged by both analysts and nontechnical employees of an organization. Also, the priority matrix for incident types and notifications of incidents. Thirdly the paper looks at how to communicate awareness campaigns from the SOC and also how to report on incidents that are found inside the SOC. Lastly the paper looks at how to show value for the large investments that are poured into designing, building and running an SOC.
2017 Conference on Information Communication Technology and Society (ICTAS), 2017
Cyberattacks are on the increase in severity, complexity and frequency, negatively affecting the ... more Cyberattacks are on the increase in severity, complexity and frequency, negatively affecting the citizens, government, and businesses. Adversely, the security and Defence role-players in developing countries, such as South Africa, are short of the required capacity and capability to adequately defend and protect the national cyberspace against these fast moving and persistent threats and attacks. Be that as it may, the South African cyberspace still requires national attention and protection by the mandated role-players, such as the Defence force and its industry partners. Thus, within the cyber domain, the various Defence force role-players can no longer rely on traditional solutions to detect, defend, and respond to the forever changing cyber threats and cyberattacks. In order to reduce cybersecurity risks and strengthen cyber resilience of the nation, strategic cybersecurity information sharing in the Defence environment is becoming a necessity. Thus, the contribution from this paper is a systematic discussion and demonstration of a conceptual cyber threat intelligence sharing model and platform that could stimulate and enable different stakeholders within the Defence environment to seamlessly and collaboratively aggregate, analyse, and timely share contextual and actionable cyber-threat intelligence that could lead to a resilient cybersecurity posture and better protection of the national cyberspace.
The significant growth of the Internet of Things (IoT) is revolutionizing the way people live by ... more The significant growth of the Internet of Things (IoT) is revolutionizing the way people live by transforming everyday Internet-enabled objects into an interconnected ecosystem of digital and personal information accessible anytime and anywhere. As more objects become Internet-enabled, the security and privacy of the personal information generated, processed and stored by IoT devices become complex and challenging to manage. This paper details the current security and privacy challenges presented by the increasing use of the IoT. Furthermore, investigate and analyze the limitations of the existing solutions with regard to addressing security and privacy challenges in IoT and propose a possible solution to address these challenges. The results of this proposed solution could be implemented during the IoT design, building, testing and deployment phases in the real-life environments to minimize the security and privacy challenges associated with IoT.
Tuckman's model identified forming, storming, norming and performing as four fundamental stag... more Tuckman's model identified forming, storming, norming and performing as four fundamental stages of group development; a new community like an extended group will not achieve optimal effectiveness unless it attains the stage of performing and interdependence [1]; therein lies one of the challenges of metropolitan housing schemes in developing countries [2]. Concerted efforts by governments of Lagos state, Nigeria at meeting deficiency in housing needs has yielded little returns in the long-run because of inability of homeowners and residents of new housing estates to take responsibilities for shared facilities; especially when estates were built by government and sold out in mortgage schemes. This exploratory study looks into how a new community of 144 new apartments evolved over 18 months with WhatsApp as a collaborative messaging tool for 180days and its impact on shared facilities maintenance. Group WhatsApp conversation was extracted and analysed for themes consistent with Tuckman's model. The research outcome shows significant usefulness of WhatsApp towards establishing a performing community — a community with common focus where resources are allocated efficiently, communicates effectively with processes in place to ensure final objectives are achieved; a community with common sense of responsibilities towards sustaining shared facilities.
2016 11th International Conference for Internet Technology and Secured Transactions (ICITST), 2016
Crowdsourcing platforms have changed the assignment and completion of tasks from a known crowd to... more Crowdsourcing platforms have changed the assignment and completion of tasks from a known crowd to the anonymous crowd, which is the public. These crowdsourcing platforms allow organizations to focus on other tasks that need to be completed by a large crowd instead of the employees. However, many crowdsourcing platforms have not addressed challenges related to target audience with regards to task assignment, whereby the tasks are assigned to relevant people with appropriate core skills and qualifications. Our proposed microtasking platform from previous research is meant to address some of these challenges. This microtasking platform allows a micro-employer to design a task and assign it to be completed by a specific crowd of a specific skill and qualification. The purpose of this paper is thus to explore the proposed microtasking platform implementation, evaluating its task assignment improvements and task quality, as it was designed to improve the task assigning model and ensure better utilization of the crowd while preserving anonymity. The results obtained from this paper indicate the implementation concept from the proposed approach and revealed other shortcomings.
Uploads
Papers by Jabu Mtsweni