What are the best techniques to test network security vulnerabilities.

The 2nd International Conference on Science of Cyber Security - SciSec 2019 will be held on our school, Nanjing University of Posts & Telecommunications, a lot of cyber security related project ideas/topics will be presented in this conference, if you have some related research achievements, welcome your contributions and academic communication. You can go to this website http://www.sci-cs.net/ to know information about this international conference on cyber security.

You may wish to assess Deep threat scenario for ensuring cyber security in information systems.

I am working on Steganography.

Our project is fairly interesting.

https://www.researchgate.net/project/IDaaS-with-secure-data-at-rest?_sg=Mu5-G0_BKoA5MCgLCqroNcJRLP1N8A1_yq2pBd0UKjQkpLtLQvRYrOPdW4IUbJTvkwRBsu-P_xAkg-J_eE9KjOYmsld69isJFXfK

Does anyone has any Cyber Security related project idea/topic?

You can also consider the following:

what are the various attacks that can be performed against a wireless network?

How sharing data on social networks can make users to be target of Social Engineering attacks

There are a lot in medical field such as how only patient and doctor share information without encryption. I hope this is going to help you.

How to control DDOS attack for sensitive data??? A topic of cyber security need much attention, start work on it

An article I read a few days ago reminded me how the shipping industry is still vulnerable to cyber attacks.

https://threatpost.com/shipping-industry-cybersecurity-a-shipwreck-waiting-to-happen/132625/

I suggest the following questions and research problems in the above topic:

Antivirus programs signal this, but are the new attacks appearing, or maybe the companies that produce antivirus software use this kind of alerts mainly to stimulate consumers to buy these applications?

Is the information about the growing threat from the activities of cybercriminals also partly a result of marketing activities of antivirus software vendors?

Cybercriminal attacks involving various types of viruses occur on a daily basis in various places around the globe.

However, large-scale attacks on the global scale and publicized in the media are probably much rarer.

An example was the type of cybercriminals, which was carried out on a large scale in mid-2017, which was mainly targeted at large public and financial institutions and corporations operating in Ukraine, but quickly spread over the world through capital and business links between companies.

Then ransomware viruses known only often in the environments of security specialists, among computer scientists analyzing cybercriminal attacks, has been publicized in the media in many countries and has become a global and public problem.

In this situation, sales revenues and profits of companies producing antivirus software are growing significantly.

Recently, some of these antivirus programs inform that the threat of cybercriminal attacks involving ransomware is growing.

In some countries, rumors of cybercriminals with Ransomware are reportedly again being reported again. These viruses spread via e-mails that automatically send themselves out of infected e-mail accounts and send out infected e-mails to all e-mail contacts of a virus mailbox infected with a virus. The virus is very dangerous because after opening a fake e-mail, the virus installs itself deeply into the computer and encrypts access to the disks by blocking access to the contents of the disks. I wrote scientific publications on this subject.

In connection with the development of cybercrime on the Internet, the security systems for transfer and processing of data, financial transactions, electronic banking, etc. carried out on the Internet are improved. In addition to electronic banking, the key information security in the internal IT systems of central state institutions is protected. Cybercriminal attacks on cyber-banking systems and hacker attacks aimed at companies to extort ransom for decrypting data encrypted by computer viruses on disks (cybercriminal ransomware attacks) and hack attacks from abroad on key central institutions, ministries and other institutions of the public administration sector and enterprises of strategic branches of the national economy.

In addition, I suggest the following questions and research problems in the above topic:

Which cybercrime techniques in online banking do you consider the most dangerous?

Are fishing, malware (spyware, trojans, ransomware, keyloggers, ...) sending cybercriminals false e-mails with links to fake websites or viruses reading passwords for online banking accounts or other techniques used by cybercriminals as the most dangerous?

Some users use antivirus software, farewall, precautionary methods in using e-mail, etc., but this has not prevented, for example, attacks from cybercriminals using ransomware that encrypt and block access to disks on the computer. In connection with the above, the techniques of data transfer security at the Interenet are constantly improved. IT tools are being developed and improved, including antivirus software to protect a computer, laptop, tablet or smartphone against cybercrime and viruses sent, for example, in e-mails by hackers?

I propose the following proposal for a research topic in this area: How can the use of social media portals change people's social behavior, what new opportunities and what new risks it generates? Social media can affect the personal lives of individual people. The sociological behavior of people is changing. Some people exchange traditional contacts with other people for contacts via social media portals. It changes the sociology of people's behavior, it affects sociological behavior, it generates new types of problems that also affect behavioral economics and the behavior of entire communities. In addition, there is the issue of the risk of losing personal data that may be stolen from social media portals. This risk also shapes the potential discomfort of using social media portals, if it turns out that some part of personal data has been mistakenly made public or stolen by cybercriminals. Unfortunately, despite the assurances of companies that run social media portals, information on these websites is not always fully secured and can be stolen by cybercriminals. In addition, the issue of downloading data from social media portals by large companies to Big Data database systems should be added in order to process them for marketing purposes. The issue of privacy in social media is very important and is related to the security of personal information. Privacy is at risk in terms of information posted on social media portals.

In addition, I propose the following research question in this area: Is the risk of cybercriminal attacks on Big Data database systems containing personal data of social media portal users growing? The field of research and business applications in the field of obtaining, archiving, analyzing and processing data in Big Data database systems has been developing strongly for several years. There were hacking theft of personal, sensitive and secret data regarding users of social networks. Are the results of research known, or are you familiar with publications describing risk management processes in the area of obtaining, archiving, analyzing and processing data in Big Data systems run by technological internet companies such as Google, Facebook, etc. Technological internet companies such as Google, Facebook, etc. have the ability to obtain classified, sensitive and personal data from the Internet about the users of websites, including search engines and social media portals, who use these information services. For the needs of these considerations, the issue of the security of classified data stored in Big Data database systems run by internet technology companies managing social media portals should be added. There have been frequent thefts made by cybercriminals who, from these Big Data systems, stole classified and sensitive information about hundreds of thousands or millions of users of particular social media portals. The development of social media portals therefore generates an increased risk of theft of data on users of social media portals. Therefore, technological internet companies that run social media portals but also other companies that collect large amounts of data about users of specific, information services should continually develop and improve risk management systems for potential data loss from Big Data information resources. Due to the above, in many companies, especially in large corporations, integrated risk management systems are built and improved. Integrated risk management systems combine risk management processes in various areas of a company, institution or other organization. One of the areas of risk management, the importance of which in many companies is growing, is risk management in the area of obtaining, archiving, analyzing and processing data in Big Data database systems.

In the context of the above considerations, I also propose the following research problem: Security of data transfer on the Internet as a key factor in the development of online mobile banking In the area of electronic banking, including mobile banking, commercial banks improve technological solutions for the use of smartphones for the purpose of conducting financial transactions by clients. Commercial banks spend the most resources on developing security systems, reducing gaps in online banking systems used by cybercriminals and improving IT systems risk management procedures. The changes taking place in online banking, including mobile banking, are currently determined primarily by the technological progress related to telecommunications and IT devices.

Accordingly, I propose the following research question in this area: Security of information systems of state institutions? The issue of information security in information systems of key state institutions? Has the level of information security in information systems of key state institutions been falling in recent years? Is the level of information security transferred via the Internet going down? In recent years, the number of spectacular hacking burdens for internal IT systems of key, central state institutions and large enterprises in various countries has been increasing. An interesting point is that some of these hacker intrusions are made not by cybercriminals planning to steal information only by adolescents who are not IT specialists and have obtained knowledge about hacking from various websites available on the Internet. How should information security systems, data transfer on the Internet and security instruments of information systems of key state institutions be improved to limit the ability to make and reduce the effectiveness of this type of spectacular hacker attacks?

In my opinion, interesting questions and research thesis in the field of cybepepanek issues may also concern the following issues:

What do you think about the security of data transfer due to the development of Internet of Things technology?

Is technology corporations strengthening their dominance over entire communities of users of technological devices through technology development?

Will the risk of hackers taking control of various information technology devices, including smart city, increase in the future?

Will the risk of public and state security increase if the hackers take control over the majority of devices connected to the Internet?

Will cybercrime and cyber security change its character in connection with the development of smart city information technologies, including smart home, smart devices?

Best wishes

I propose the following proposal for a research topic in this area:

How should risk management and information security systems be improved on social media portals?

In my opinion, sensitive personal data concerning individual users who set up profiles, collected on social media portals, are not fully secure. This is confirmed by the occurrence of data leaks, data theft by cybercriminals. In connection with the above, the issue of information security on the Internet is becoming an increasingly global problem and therefore, in the global approach, institutions and security systems for the transfer of information on the Internet should be developed. The security of information on the Internet can refer to many aspects of data security both at the level of central state institutions and international organizations as well as the security of personal data of individual citizens, sensitive data of citizens collected on various websites, including social media portals. The improvement of risk management and information security systems at the supranational level is also a key issue. Technological companies managing social media portals on the one hand try to improve data security systems about users setting up accounts on social media portals. On the other hand, it is also important to cooperate with key, central data security institutions on the Internet that operate transnational. This is important from the point of view of improving information security systems on the Internet in order to limit the possibility of using social media portals by cybercriminals operating transnational, using various social engineering techniques.

Another proposal for a research topic in this field:

What are the main determinants of the process of integrated risk management of cybercrime and the security of information transferred on the Internet?

In my opinion, the processes of integrated cyber risk management and security of information transferred via the Internet should include the following issues:

- Modern organization management

- Innovations related to information security

- Big Data logistic management in the organization

- IT systems risk management

- Security of information posted on the company's websites

- Good practices in information security management

- Methods for estimating losses as a result of teleinformatic attacks

- Economic aspects of building an IT security team in an organization

- Security of IT infrastructure and Operation Technology

- Information security management standards

- Cloud Computing and information security

- Incident and crisis management

- Business Continuity Planning (BCM)

- Personal data protection

- Technical solutions in the field of information security management

- Cryptography and security mechanisms

- Equipment security and network management

sure ... sorry this is comming late ....

TCP/IP Attacks and mitigation

There isn't much work on the area of 5G network security. So, there is a lot to contribute in this sector.

Cyber attacks on SWIFT systems of financial institutions.

ML and AI implementation in either white hat offensive or defensive cybersecurity

I would recommend looking into digital forensics in the cloud enviroment