School of Information Science and Technology

Permanent URI for this communityhttps://cris.hit.ac.zw/handle/123456789/2

Browse

Filter results by typing the first few letters
Now showing 1 - 20 of 31
  • Thumbnail Image
    Item
    ACCESS CONTROL USING ATTRIBUTE BASED ENCRYPTION IN CLOUD COMPUTING: A SURVEY
    (/International Journal of Pharmacy & Technology, 2016-11-02) Shashank, Joseph; Mugauri, Calvin; Anilkumar, Chunduru; Sumathy., S
    An efficient way of ensuring data security in the cloud is via access control which has however proven to be a challenge due to data outsourcing and entrusted cloud servers in cloud storage. Cloud storage systems are no longer trustworthy because they either produce several encrypted copies of the same data or require a fully trusted cloud server. Weighted attribute based encryption (WABE) is a capable technique for access control of encrypted data. Access of data in cloud should be strongly protected. The survey focuses to recognize the challenges faced in securing data and suggest solutions that allow organizations to benefit from hosting data in the cloud. They as well support fine grained and stretchy access control of shared data hosted in the cloud. Information about privacy and security issues with regard to storage of data in the cloud and access via the internet has been a great concern for many organizations in present day.
  • Thumbnail Image
    Item
    Analysis of NSL-KDD Dataset for Fuzzy Based Intrusion Detection System
    (International Journal of Science and Research (IJSR), 2012-01-08) Mukosera, Macdonald; Mpofu, Thabiso Peter; Masaiti, Budwell
    In a bid to provide useful information for intrusion detection, we focused on analyzing the NSL-KDD dataset. In this analysis, we seek to simplify the process of mining fuzzy rules by reducing the features and categorizing the dataset into various smaller clusters as smaller units of the dataset are easier to work with than the whole single large dataset. It is less complex to observe and discover sound fuzzy rules from a smaller dataset and this work serves as a foundation to a fuzzy logic based intrusion detection system. This paper presents a methodology for data preprocessing towards an intrusion detection system and Microsoft excel was used in the process.
  • Thumbnail Image
    Item
    Android Mobile Forensic Analyzer for Stegno Data
    (International Conference on Circuits, Power and Computing Technologies, 2015-01-30) Mambodza, Walter. T.; Nagoor, Meeran A.R
    The advancement of technology has led to better and improved service in mobile communication networks. Smartphones are being used by people for social networking, conducting business transactions as well as committing crime. Anti-Forensic compromises the availability of evidence to the forensic process causing problems to the investigator. The aim of this paper is to provide a solution to the anti-forensic technique of steganography by designing and implementation of an application that will scan, hash and analyze for any hidden information on an image, video or audio file on an android device and collect data for digital profiling or investigation.
  • Thumbnail Image
    Item
    Anti-forensic: Design and Implementation of an Android Forensic Analyzer
    (International Journal of Innovative Research in Science, Engineering and Technology, 2015-04-01) Mambodza, Walter. T.; Nagoor, M, A R
    In incident response the Computer Emergency Response Team (CERT) or Computer Incident Response Team (CIRT) investigates an incidence in order to have a detailed description on how a crime was conducted, who was responsible and ways of making sure that the incident will not happen in future. In order for an investigation to commence there is need for someone to report the incident. The forensic expert or investigator quarantines the crime scene, takes a photograph of the area and seizes the evidence in a forensically sound manner whilst preserving the integrity of data. The evidence media is taken to the forensic lab or workstation where an investigation is conducted. In most cases the investigator is qualified and skilled to perform the operation. The investigation process consists of two sub processes which are Data Collection and Data Analysis. Data collection is the process of acquiring the data that will assist in the investigation process for example through the use of Incident Response Toolkit. Data Analysis is the process of examining the collected data by using various forensic tools that follow the Association Chief of Police Officers (ACPO) principles in order to obtain results. The goals of information security are to protect the confidentiality, integrity and availability of data. Hackers compromise the information security and use anti- forensic techniques to make it difficult for investigators to detect and prove the existence and involvement in the crime. The aim of this paper is to design and implement an application that will provide a solution to some of the anti-forensic data hiding techniques.
  • Thumbnail Image
    Item
    Artificial Immune Systems:A Predictive Model for credit scoring
    (International Journal of Scientific & Engineering Research, 2014-08-01) Mpofu, Thabiso Peter; Reddy, G Venkata Rami
    With the advent of the global financial crisis which hit the global economy, credit scoring has become of the essence. The global financial crisis also known as the “credit crunch” was largely attributed to the issuance of credit to individuals with no capacity to return the money. Credit scoring has become a very important task in the credit industry. Various credit scoring methods such in areas as artificial neural networks (ANNs), statistical based methods and decision trees have been proposed to increase the accuracy of credit scoring models. The proposed Artificial Immune Systems (AIS) are an artificial intelligence technique modelled on natural immune system processes have been used to solve various kinds of real life processes with success. In this paper we compare the performance of current classifiers used in credit rating against Artificial Immune Systems. Artificial Immune Systems have various algorithms used to implement them. The algorithm under consideration is the negative selection algorithm. Artificial Immune Systems (AIS) are found to be produce competitive results very close to traditional artificial intelligent systems such as Neural Network
  • Thumbnail Image
    Item
    Cloud Based SecuritySolution For Android Smartphones.
    (International Conference on Circuit, Power and Computing Technologies [ICCPCT], 2015-01-13) Marengereke, Munyaradzi. T
    In this paper, we define SIEM and we discuss Android security monitoring as well as recent research in Android security systems. Then, we propose a cloud based security system for collection, visualization, analysis and correlation of application logs, statistics and determining abnormal application and network behavior on the device. If abnormal behavior is detected an appropriate alert is sent back to the device for remedial action. In the case of abnormal network traffic, then firewall rules to be updated on an implementation of an IPTABLES/ NETFILTER firewall to block unwarranted network traffic. Furthermore a web interface is created to enable visualization of logs and all data collected from the device. So it serves as an intrusion mitigation solution coupled with security information audit web portal. This paper highlights the architecture of the proposed system.
  • Thumbnail Image
    Item
    Clustering West Nile Virus Spatio-temporal data using ST-DBSCAN
    (Procedia Computer Science, 2018-06-13) Chimwayi, K.B; Anuradha, J
    Spatio-temporal data mining has been the talk of the day due to high availability of spatio-temporal data from varied sources in diverse fields. Through many tracking devices, huge amounts of spatio-temporal data are being generated. In epidemiology, diseases, patterns and trends attached can be explored taking advantage of methods such as spatio-temporal clustering to discover new knowledge. In this paper Spatio-Temporal Density Based Spatial Clustering of Applications with Noise (ST-DBSCAN) is implemented and analysed on a public health dataset. Upon the implementation, results are analysed, loopholes spotted and a fuzzy version of ST-DBSCAN is proposed. The method is successfully applied to find spatio-temporal clusters in Chicago West Nile Virus (WNV) surveillance data for the period 2007 to 2017.The drawbacks in the original ST-DBSCAN are identified and solutions are proposed. ST-DBSCAN is an extension of the original Density Based Spatial Clustering of Applications with Noise (DBSCAN).
  • No Thumbnail Available
    Item
  • Thumbnail Image
    Item
    Credit Scoring Techniques:A Survey
    (International Journal of Science and Research (IJSR), 2012-01-01) Mpofu, Thabiso Peter; Mukosera, Macdonald
    : Credit scoring is a numerical expression of the credit worthiness of an individual. A Value with a specific creditworthiness associated is assigned to an individual. Overall objective is to determine the creditworthiness of an individual. Ability of an individual to repay is determined in the credit scoring process. The credit scoring process looks at specific criteria such as income, credit history and many others. All this is done with the intent to reduce the overall default rate thereby decreasing the overall risk of financial institutions such as banks and micro lending institutions. Several credit scoring methodologies have been proposed and implemented and are varied from statistical based methods to Artificial Intelligence based techniques.
  • Thumbnail Image
    Item
    Design of Application to Detect Images Embedded with Malicious Programs
    (International Journal of Science and Research (IJSR), 2013-06-14) Shoniwa, Robert T. R; George, Geogen
    In today’s world, malware can be propagated to victim systems in an increasingly diverse number of ways. One of these methods involves the passive distribution of malware by embedding in JPEG images which goes on to highlight that even simple images can be manipulated maliciously by criminals. The aim of this paper is to design an application that partially acts as a steganalysis tool to scan, detect and notify the user of the presence of a payload in either one or a set of selected images.it will then proceed to analyze the payload and verify whether it is a malicious program or not. It will also give a brief summarized file analysis of the detected payload. Ultimately, this will help highlight the need to consider images as a potential attack vector and then also offer a corresponding solution to this problem
  • Thumbnail Image
    Item
    Designing of Android Mobile Based System Using QR Code
    (INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH & DEVELOPMENT, 2014-11-01) Muradzikwa, Gresham; Sarai, Noreen; Sibanda, Dumisani; Govere, Weston D.
    This paper explores a solution to create a cashless mobile payment system. The aim is to provide the most cost efficient and secure alternative to current systems. Current systems use SMS and USSD to process payments. These are not cost effective methods of communication. There is also no current method of processing credit payment on a mobile phone without the need for a specialized piece of hardware. The system is broken up into three parts, a visual QR code, Qpay Android application and a payment server. The identification of mobile phone is encoded in a QR Code allowing the built in camera on a mobile phone to scan a card. This was improved on by using a HTTPS connection between mobile phone and server. HTTPS provides an encrypted communication channel. This paper shows that a mobile phone is capable of processing QR code payments on a mobile phone. Time taken to process a payment was within an acceptable limit.
  • Thumbnail Image
    Item
    Digital Currency:The Emergence of Bitcoins
    (International Journal of Science and Research (IJSR), 2014-06-06) Mpofu, Thabiso Peter; Masaiti, Budwell; Mukosera, Macdonald
    : Bitcoins are a crypto currency whose concept was developed in 2009 by Satoshi Nakamoto. Bitcoins are digital currencies which operate on a peer to peer system. The system is decentralized as there is no central regulatory authority as with fiat currency. For an individual to transact you need a bitcoin wallet which has one or more private and public keys associated with it. Unlike fiat currency and electronic payment methods such as Visa and MasterCard which are based on trust, Bitcoin usage is based on cryptographic proof. Bitcoin usage has been on the increase and they can be converted into fiat currency through bitcoin exchange
  • Thumbnail Image
    Item
    Enhancing Security in Electronic Health Records using AES and PBKDF2: A case study of Zimbabwe e-health system
    (IST-Africa, 2018-01-28) Mutandavari, Mainford; Matema, Chantel; Gotora, Tatenda; Mukosera, Macdonald; Manjoro, Wellington
    As health IT is evolving, the use of traditional methods of storing patient information is being phased out. Notably Zimbabwe has begun digitalizing its medical records in most private and public health centres but limited internet connectivity and patient data harmonisation is still an issue. The viable solution lies in adopting Electronic Health Records (EHRs) which promote data sharing across healthcare providers while also ensuring data integrity and availability. Despite the many efforts by various researchers in suggesting strong encryption and biometric techniques to circumvent data loss or hacks, cyber criminals are getting more experienced due to the availability of more exploitation tools. This technical research presents an analysis of some of the widely implemented security techniques used in securing EHRs and proposes an enhanced hybrid mechanism for EHRs using AES and PBKDF2 within the Zimbabwe health care context. Observations made indicate the enhancement of data integrity, authentication and improved service delivery within the private and public health set up. Furthermore if scaled the e-health platform requires rigorous health personnel training in usage and changing mentality towards user acceptance.
  • Thumbnail Image
    Item
    Farmer’s Resource Flow Decisions on Farm-Level Interventions on Livestock Water Productivity: A Conceptual Model Approach
    (International Journal of Mathematical Archive-3(4), 2012-03-18) Sisito, Givious; Chinofunga, , Peter; Sikosana, , Joseph; Govere, , Weston; VaRooyen, , Andre; Charumbira, Wellington
    Across sub-saharan Africa water related poverty occurs because farmers lack dependable water resources and capacity to use them. Improvement in agricultural water management offer opportunities in poverty alleviation at farm-level. An integrated framework was developed to identify sets of options as interventions for different farmer profiles in mixed croplivestock systems. A combination of participatory rural appraisal (PRAs), household survey and gap analysis tools were used in Nkayi district, Zimbabwe to quantify the current crop and livestock production levels. The tools used identified gapsn animal health management, improved feeding, livestock sales and poor crop yields between different farmer wealth profiles in terms of mortalities, poor crop yield, reduced crop and livestock sales, poor feed quality and quantity.Interventions in terms of improved feed sourcing, improved animal health, soil fertility management and access to markets are possible solutions to the challenges faced by the different farmer profiles. If farmers’ different levels and capacities in terms of resources available are taken into consideration, there is a chance to improve the livestock water productivity at farm-level in semi-arid Zimbabwe.
  • Thumbnail Image
    Item
    The Heartbleed Bug: An Open Secure Sockets Layer Vulnerability
    (International Journal of Science and Research (IJSR), 2012-05-17) Mpofu, Thabiso Peter; Noe, Elisa; Gati, Nicholaus
    The Open Secure Sockets Layer (OpenSSL) is used to provide a secure platform for transactions that happen over theinternet. About two thirds of the servers on the internet use the OpenSSL platform to provide secure transaction over the internet. The OpenSSL is a widely used open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Transactions such as online shopping, emails and online banking are carried out on the internet through the OpenSSL and other platforms which provide a security. Vulnerabilities have however been found in the OpenSSL that has resulted in a wide public outcry all over the world. A vulnerability referred to as the Heartbleed Bug has sent shockwaves all over the internet. From the study we conducted, the scope of the data that has been potentially compromised is astronomical and includes usernames, passwords, bank account and credit card numbers, medical data, documents in online cloud storage. Not only has all of this user data been directly compromised, but, what are worse, the private keys of the servers running the vulnerable versions of OpenSSL were also almost certainly compromised. We recommend patching of affected applications or/and upgrade to versions that are not vulnerable in order to mitigate the risks identified.
  • Thumbnail Image
    Item
    The Impact and Application of 3D Printing Technology
    (International Journal of Science and Research (IJSR), 2014-06-12) Mukosera, Macdonald; Mawere, Cephas; Mpofu, Thabiso Peter
    3D printing also known as Additive manufacturing technology has been dubbed the next big thing and be as equally wide spread as cellular telephone industry. 3D printers print objects from a digital template to a physical 3-dimensional physical object. The printing is done layer by layer (Additive manufacturing) using plastic, metal, nylon, and over a hundred other materials. 3D printing has been found to be useful in sectors such as manufacturing, industrial design, jewellery, footwear, architecture, engineering and construction, automotive, aerospace, dental and medical industries, education, geographic information systems, civil engineering, and many others. It has been found to be a fast and cost effective solution in whichever field of use. The applications of 3D printing are ever increasing and it’s proving to be a very exciting technology to look out for. In this paper we seek to explore how it works and the current and future applications of 3D printing.
  • Thumbnail Image
    Item
    Impact of Object Oriented Design Patterns on Software Development
    (International Journal of Scientific & Engineering Research, 2015-02-02) Subburaj, R.; Jekese, G; Hwata, C
    —Software design patterns are a bonanza for building large Object Oriented (OO) software systems. They provide well-tested and proven solutions to recurring problems that developers address. There are several benefits of using patterns. They can speed up the software development process. Design patterns consolidate learning with an aim to make it easier for designers to use well-known and successful designs developed from expert experience. At the same time software design patterns are too abstract and remain an art that has to be mastered over time with experience. This paper seeks to evaluate the advantages and disadvantages of design patterns.
  • Thumbnail Image
    Item
    Multi-Processor Based Intelligent Industrial Monitoring and Control System Based on µCOS-II and Wireless Sensor Networks
    (International Journal of Science and Research (IJSR), 2014-07-01) Zvarevashe, Tinotenda; Vasumuthi, D
    This paper is based on my M Tech project which shares the same title as this paper. It presents a model which illustrates how we can incorporate a Real Time Operating System (RTOS) into an Industrial setup whereby a sensor node resides in the field where processing is carried out and a Master or Control station resides in a control room and the two communicate using a wireless protocol. The RTOS is meant to provide predictability, faster time response and high performance among other wide provisions. The RTOS used to implement this model is µCOS-II (Microcontroller Operating System) from J Labrosse. It is a pre-emptive kernel where the highest priority task in the ready queue is executed first. Thus faster processing of control commands and real time logging of data channeled by sensor node to control station is expected as a result of incorporating the operating system rather than use of a super loop.
  • Thumbnail Image
    Item
    Network traffic intelligence using a low interaction honeypot
    (Proceedings of International Conference On Science, Engineering and Technology, 2017-05-02) Nyamugudza, Tendai; Rajaseka, Venktesh; Sen, Prasad; Viswanathan, Madhu
    Advancements in networking technology have seen more and more devices becoming connected day by day. This has given organizations capacity to extend their networks beyond their boundaries to remote offices and remote employees. However as the network grows security becomes a major challenge since the attack surface also increases. There is need to guard the network against different types of attacks like intrusion and malware through using different tools at different networking levels. This paper describes how network intelligence can be acquired through implementing a lowinteraction honeypot which detects and track network intrusion. Honeypot allows an organization to interact and gather information about an attack earlier before it compromises the network. This process is important because it allows the organization to learn about future attacks of the same nature and allows them to develop counter measures. The paper further shows how honeypot- honey net based model for interruption detection system (IDS) can be used to get the best valuable information about the attacker and prevent unexpected harm to the networ
  • Thumbnail Image
    Item
    Profile Impostoring:A Use Case on the Rising Social Engineering Attack on Facebook Users
    (International Journal of Science and Research (IJSR), 2014-06-06) Mawere, Cephas; Mpofu, Thabiso Peter
    Social engineering attacks have taken a new twist as a growing number of people use online social networking sites to foster social relationships among each other and market products. Of interest is Facebook whose users have exponentially increased; some of these users are prominent individuals with high influence in various communities like celebrities, philanthropists, religious ministers and non- profit organizations. Data retrieval from Facebook profiles is thus becoming a major tool for business which has led to most unsuspecting users being victims of deception. Profile impostoring, also known as identity theft, is increasingly on the rise and becoming an underlying threat to information security. The cyber perpetrators are creating fake Facebook profiles of prominent individuals who have a large following. Ordinary individuals are also not at their mercy. With such high pending risk of identity theft there is need to develop methods that help Facebook fans to automatically detect deception, identify imposters and get them arrested.