The emergence of the Internet of Things (IoT) in Smart City allows mobile application developers to develop reporting services with an aim for local citizens to interact with municipalities regarding city issues in an efficient manner. However, the credibility of the messages sent rise as a great challenge when users intentionally send false reports through the application. In this research, an evidence detection framework is developed and divided into three parts that are a data source, IoT device’s false text classification engine and output. Text-oriented digital evidence from an IoT mobile reporting service is analyzed to identify suitable text classifier and to build this framework. The Agile model that consists of define, design, build and test is used for the development of the false text classification engine. Focus given on text-based data that does not include encrypted messages. Our proposed framework able to achieve 97% of accuracy and showed the highest detection rate using SVM compared to other classifiers. The result shows that the proposed framework is able to aid digital forensic evidence experts in their initial investigation on detecting false report of a mobile reporting service application in the IoT environment.

One of the most popular computing technologies is cloud computing. There are many benefits in adopting cloud computing such as high-performance, flexibility and availability ondemand, more focused on the business objective and low-cost. However, the characteristics of the cloud computing environment have created many difficulties and challenges for digital forensic investigation processes. Therefore, this paper focuses on the digital forensic investigation challenges based on cloud computing characteristics. � 2018 Authors.

Graph analysis approach was used to analyze a city bus network. The bus trip data were segregated into 4 smaller bus datasets (weekday-peak-hour, weekday-off-peak-hour, weekend-peak-hour, and weekend-off-peak-hour) with the main goal of studying and identifying the differences between peak hours and off-peak hours, as well as between weekdays and weekends. These differences are identified in terms of global characteristics and network evolution distinctions. Based on the analysis of the simplified network, we identified the relative shape of the networks and the centrality attributes. A comparative analysis is performed between the networks at different times to understand the impact of peak against off-peak and weekday against weekends. Significant differences are found in the analysis. In addition to the above, highly important routes and stops were also identified, where optimization initiative is planned for a more efficient bus transport network. The findings can serve as a starting point for future route optimization of the similar network. � Published under licence by IOP Publishing Ltd.

Cloud computing model brought many technical and economic benefits, however, there are many security issues. Most of the common traditional information security risk assessment methods such as ISO27005, NIST SP800-30 and AS/NZS 4360 are not fit for the cloud computing environment. Therefore, this study applies medical research approach to assess the information security threats in the cloud computing environment. This study has been conducted as a retrospective cohort study and the collected data has been analyzed by using the survival analysis method. The study has been conducted on the software as a service (SaaS) environment that has more than one thousand and seven hundred cloud customers. The survival analysis method is used to measure the significance of the risk factor level. The information security threats have been categorized into twenty-two categories. This study has proven that the medical research approach can be used to assess the security risk assessment in cloud computing environment to overcome the weaknesses that accompany the usage of the traditional information security risk assessment methods in cloud computing environment. � Springer Nature Switzerland AG 2019.

There are many challenges for the digital forensic process in the cloud computing due to the distinguished features of the cloud computing environment. Many of well-known digital forensic methods and tools are not suitable for cloud computing environment. The multitenancy, multistakeholder, Internet-based, dynamics expendability, and massive data, logs and datasets are examples of the cloud computing environment features that make conducting digital forensics in the cloud computing environment a very difficult task. Therefore, there is a need to develop an appropriate digital forensic approach for cloud computing environment. Thus, this paper proposed a proactive digital forensic approach for cloud computing environment. � 2018 Authors.

Risk assessment is an important part of a risk management process to secure information systems. The risk assessment activities helped organizations determine the acceptable level of risk. Understanding and assessing risk is an important process to improve information security in making decisions. Risk prediction is an important part of information security system. In order to security operation center understand their environment, risk prediction technique helped them to create a holistic understanding of the networks, systems, services and applications they are responsible for monitoring. In this research paper, we discussed past related research in doing a risk prediction in conducting a risk assessment activity at the campus network. We have selected 5 key databases in computer science area. We have refined the searching based on subject area, types of document, publication title, index terms, sub-keyword and source title. In doing the screening process, we exclude articles that did not meet research selection criteria based on keyword searching in the papers. From the comprehensive literature search databases searching, we have selected 15 articles related to subject risk prediction conducted in campus network. � 2020, World Academy of Research in Science and Engineering. All rights reserved.

The paper aims to identify behavioural theories that influence information security policies compliance behaviour. A systematic review of empirical studies from eleven online databases (ACM digital library, Emerald Insight, IEEE Xplore digital library, Springer link, Science direct, Scopus, Web of Science, Oxford academic journals, SAGE journals, Taylor & Francis and Wiley online library) are conducted. This review identified 29 studies met its criterion for inclusion. The investigated theories were extracted and analysed. Total of 19 theories have been identified and studied concerning to security policy compliance behaviour. The result indicated that the most established theories in information security compliance behaviour studies are the Theory of Planned Behavior and Protection Motivation theory. Meanwhile, General Deterrence Theory, Neutralization theory, Social Bond Theory / Social Control Theory are used moderately in this research area. Less explored theories are namely Self Determination Theory, Knowledge, Attitude, and Behavior, Social Cognitive Theory, Involvement Theory, Health belief model, Theory of Interpersonal Behavior, Extended Parallel Processing Model, Organisational Control Theory, Psychological Reactance Theory, Norm Activation Theory, Organizational Behaviour Theory, Cognitive Evaluation Theory and Extended Job Demands-Resources. The results from this review may guide the development and evaluation of theories promoting information security compliance behaviours. This will further contribute in the development of an integrated theory of information security compliance behaviour. � Published under licence by IOP Publishing Ltd.