In the tourism business, there is an urgent need to provide better information accuracy levels. The information accuracy gaps and issues are affecting the tourism stakeholders from making informed decisions. The proposed Tourism Information Accuracy Assessment (TIAA) framework strongly underscores the need for accurate tourism information. The proposed framework is adapted from the ISO/IEC 9126 standard for tourism information resource, environment, assessment and quality process identification and the existing methodologies of information quality assessment in determining the framework information accuracy dimensions, accuracy characteristics and indicator identification. In this article, we will explain the proposed framework in terms of the information accuracy factors, sub-factors, dimensions, accuracy characteristics and accuracy assessments. The framework will be evaluated by tourism experts. The tourism experts� reviews and findings will be discussed in the analysis and results presentation sections. � Springer Nature Switzerland AG 2019.

This research develop a computer aided diagnosis prototype for early detection of kidney stone. Once a kidney stone is diagnosed accurately, this will be useful for the patients to change their diet condition. The proposed approach is based on five stages which includes kidney image acquisition, preprocessing, segmentation, feature extraction and classification. The enhanced seed region growing segmentation depends on the extracted feature granularities. Noise may be visible and more prevalent in certain dimensions of an image, where this particular specific portion will be extracted. The segmentation process is based on the thresholds of the identified renal stone regions. The segmented stone size portion is classified based on rules; if the size is greater than 2mm, then the stone is at benign stage; if the size is greater than 5mm, then it is in malignant stage; if the size is lesser than 2mm, then this leads to absence of stone. The proposed work is implemented in MATLAB with the development of an initial prototype with the detection of stone accuracy of 92%. Based on the experimental analysis, texture feature, threshold intensity values and stone sizes are evaluated. This study will help the urologist to take decision whether there is a presence or absence of stone in early stage diagnosis and clinical decision-making. � 2018 Authors.

Companies who are implementing the cloud solutions have increased numerous advantages in the recent years. Cloud solutions provide a very few preferences, for example, portability, adaptability and costs funds. Alongside the numerous advantages that distributed computing offers the security challenges that it presents are similarly striking. The two essential capacities for secure cloud administration are character administration and access control in distributed computing, the current methodologies for client confirmation depend on accreditation that are put together by the client. These accreditations incorporate passwords, tokens and computerized authentications. Most of the cases unapproved access by outsiders, for example, programmers likewise exist and simple for information control and abuse. In any case, the most serious issue with this methodology is that the presence of such many secret phrase account pairings for each individual client prompts either overlooked passwords or utilizing a similar mix for different locales. Security issue is significant concern, region of research in versatile distributed computing and clients. Shielding the remote information and applications from any ill-conceived get to remain an essential security worry in portable distributed computing. This paper explains about secure bio metric and face recognized based authentication protocol which is best suited for the public cloud environment to improve the safer and secure user authentication process. The above strategy will anchor approved clients as well as keep the cloud suppliers can't get in to the information and data access. �BEIESP.

The Android Forensic software grows in numbers, and increased awareness of the data they process have also grown day to day basis, but much of the interest from cybercriminal to successfully attack the device and also the careless of the human being itself have placed the android phone content at the risk. Forensic examiner have always gone for an expensive forensic toolkit to meet the industry standards, but normal people have been always tent to lose the direction when they experience this type of attack or the data lost as it may cost a few thousand to fix it back. Therefore, the purpose of this paper is suggesting a reliable open source mobile forensic tool based on experiments conducted to retrieve deleted data and also extract other important content from android mobile phone. � 2017 American Scientific Publishers All rights reserved.

The emergence of the Internet of Things (IoT) in Smart City allows mobile application developers to develop reporting services with an aim for local citizens to interact with municipalities regarding city issues in an efficient manner. However, the credibility of the messages sent rise as a great challenge when users intentionally send false reports through the application. In this research, an evidence detection framework is developed and divided into three parts that are a data source, IoT device’s false text classification engine and output. Text-oriented digital evidence from an IoT mobile reporting service is analyzed to identify suitable text classifier and to build this framework. The Agile model that consists of define, design, build and test is used for the development of the false text classification engine. Focus given on text-based data that does not include encrypted messages. Our proposed framework able to achieve 97% of accuracy and showed the highest detection rate using SVM compared to other classifiers. The result shows that the proposed framework is able to aid digital forensic evidence experts in their initial investigation on detecting false report of a mobile reporting service application in the IoT environment.

One of the most popular computing technologies is cloud computing. There are many benefits in adopting cloud computing such as high-performance, flexibility and availability ondemand, more focused on the business objective and low-cost. However, the characteristics of the cloud computing environment have created many difficulties and challenges for digital forensic investigation processes. Therefore, this paper focuses on the digital forensic investigation challenges based on cloud computing characteristics. � 2018 Authors.

Graph analysis approach was used to analyze a city bus network. The bus trip data were segregated into 4 smaller bus datasets (weekday-peak-hour, weekday-off-peak-hour, weekend-peak-hour, and weekend-off-peak-hour) with the main goal of studying and identifying the differences between peak hours and off-peak hours, as well as between weekdays and weekends. These differences are identified in terms of global characteristics and network evolution distinctions. Based on the analysis of the simplified network, we identified the relative shape of the networks and the centrality attributes. A comparative analysis is performed between the networks at different times to understand the impact of peak against off-peak and weekday against weekends. Significant differences are found in the analysis. In addition to the above, highly important routes and stops were also identified, where optimization initiative is planned for a more efficient bus transport network. The findings can serve as a starting point for future route optimization of the similar network. � Published under licence by IOP Publishing Ltd.

With the proliferation of the digital crime around the world, numerous digital forensic investigation models are already being developed. In fact, many of the digital forensic investigation models focus on technical implementation of the investigation process as most of it were developed by traditional forensic expert and technologist. As an outcome of this problem, most of the digital forensic practitioners focus on technical aspect and forget the core concept of digital forensic investigation model. In this paper, we are introducing a new digital forensic investigation model which will capture a full scope of an investigation process based on Malaysian cyber law. The proposed model is also compared with the existing model which is currently available and being applied in the investigation process.

The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure. Typically, internet of things (IoT) is expected to offer advanced connectivity of devices, systems, and services that goes beyond machine-to-machine communications (M2M) and covers a variety of protocols, domains, and applications. The interconnection of these embedded devices including smart objects, is expected to usher in automation in nearly all fields, while also enabling advanced applications like a Smart Grid. The main research challenge in Internet of things (IoT) for the forensic investigators is based size of the objects of forensic interest, relevancy, blurry network boundaries and edgeless networks, especially on method for conducting the investigation. The aim of this paper is to identify the best approach by designing a novel model to conduct the investigation situations for digital forensic professionals and experts. There was existing research works which introduce models for identifying the objects of forensics interest in investigations, but there were no rigorous testing for accepting the approach. Currently in this work, an integrated model is designed based on triage model and 1-2-3 zone model for volatile based data preservation. � 2015 IEEE.

This paper provides an enhanced technique for improving the security and protecting the privacy of the cloud computing users by encrypting the data before it reached to server's storage. Encrypting means the process of converting information or data into unreadable language to prevent unauthorized access. This paper will propose a mobile application design, which will allow the user to encrypt and decrypt the data hence maintaining security and privacy. In the proposed system design, the AES Algorithm will handle the encryption of the data using a keyword which will be defined by the user during the creation of the account. The encryption keyword will be hashed by the system using MD5 Algorithm. The keys will remain in encrypted form, while they are on the server side. Both encrypted data, encryption and decryption keys will be saved on the server in secured form. The idea behind hashing the encryption keys is to protect the keys while they are stored on the server, therefore, any unauthorized access to the server will gain no advantages since every bit of data on the server is encrypted including the private keys. The proposed system design will participate by improving the security and privacy of the users by giving them the capability to encrypt and decrypt data in enhanced way using AES as a data encryption method and MD5 hash algorithm for encrypting the encryption keys.

Cloud computing model brought many technical and economic benefits, however, there are many security issues. Most of the common traditional information security risk assessment methods such as ISO27005, NIST SP800-30 and AS/NZS 4360 are not fit for the cloud computing environment. Therefore, this study applies medical research approach to assess the information security threats in the cloud computing environment. This study has been conducted as a retrospective cohort study and the collected data has been analyzed by using the survival analysis method. The study has been conducted on the software as a service (SaaS) environment that has more than one thousand and seven hundred cloud customers. The survival analysis method is used to measure the significance of the risk factor level. The information security threats have been categorized into twenty-two categories. This study has proven that the medical research approach can be used to assess the security risk assessment in cloud computing environment to overcome the weaknesses that accompany the usage of the traditional information security risk assessment methods in cloud computing environment. � Springer Nature Switzerland AG 2019.

Healthcare organisations are particularly vulnerable to information security threats and breaches due to the highly confidential nature of their patients� medical information. Now, with the emergence of the Internet of Things (IoT) in healthcare that can vary from diagnostic devices to medical wearables, the industry has indeed become more vulnerable to malicious exploitation. One of the reasons that malicious attacks continue to occur at an alarming rate is due to the poor compliance of information security policies. This study investigates the issues that are associated with the causes for poor compliance within the private healthcare organisations in Malaysia. Data was collected through interviews from various healthcare respondents and findings have revealed that often, poor security compliance is mainly caused by behaviour issues and the severe lack of security awareness which requires immediate attention and mitigation. Potential measures to cultivate information security awareness and to safeguard the IoT-based medical devices are proposed to achieve compliance. � Springer Nature Switzerland AG 2019.

Today's contemporary business world has incorporated Web Services and Web Applications in its core of operating cycle nowadays and security plays a major role in the amalgamation of such services and applications with the business needs worldwide. OWASP (Open Web Application Security Project) states that the effectiveness of security mechanisms in a Web Application can be estimated by evaluating the degree of vulnerability against any of the nominated top ten vulnerabilities, nominated by the OWASP. This paper sheds light on a number of existing tools that can be used to test for the CSRF vulnerability. The main objective of the research is to identify the available solutions to prevent CSRF attacks. By analyzing the techniques employed in each of the solutions, the optimal tool can be identified. Tests against the exploitation of the vulnerabilities were conducted after implementing the solutions into the web application to check the efficacy of each of the solutions. The research also proposes a combined solution that integrates the passing of an unpredictable token through a hidden field and validating it on the server side with the passing of token through URL. � 2018 Authors.

There are many challenges for the digital forensic process in the cloud computing due to the distinguished features of the cloud computing environment. Many of well-known digital forensic methods and tools are not suitable for cloud computing environment. The multitenancy, multistakeholder, Internet-based, dynamics expendability, and massive data, logs and datasets are examples of the cloud computing environment features that make conducting digital forensics in the cloud computing environment a very difficult task. Therefore, there is a need to develop an appropriate digital forensic approach for cloud computing environment. Thus, this paper proposed a proactive digital forensic approach for cloud computing environment. � 2018 Authors.

The paper aims to identify behavioural theories that influence information security policies compliance behaviour. A systematic review of empirical studies from eleven online databases (ACM digital library, Emerald Insight, IEEE Xplore digital library, Springer link, Science direct, Scopus, Web of Science, Oxford academic journals, SAGE journals, Taylor & Francis and Wiley online library) are conducted. This review identified 29 studies met its criterion for inclusion. The investigated theories were extracted and analysed. Total of 19 theories have been identified and studied concerning to security policy compliance behaviour. The result indicated that the most established theories in information security compliance behaviour studies are the Theory of Planned Behavior and Protection Motivation theory. Meanwhile, General Deterrence Theory, Neutralization theory, Social Bond Theory / Social Control Theory are used moderately in this research area. Less explored theories are namely Self Determination Theory, Knowledge, Attitude, and Behavior, Social Cognitive Theory, Involvement Theory, Health belief model, Theory of Interpersonal Behavior, Extended Parallel Processing Model, Organisational Control Theory, Psychological Reactance Theory, Norm Activation Theory, Organizational Behaviour Theory, Cognitive Evaluation Theory and Extended Job Demands-Resources. The results from this review may guide the development and evaluation of theories promoting information security compliance behaviours. This will further contribute in the development of an integrated theory of information security compliance behaviour. � Published under licence by IOP Publishing Ltd.

The growth of cyberspace world has uprising government agencies in a new way to serve citizen in a proactive, efficient and productive manner. To have an open, stable and vibrant cyberspace, governments should be more resilient to cyber-attacks and able to protect all government agency's interest in cyberspace. Therefore, the government needs a transformative cyber governance security model to protect valuable government agencies' information. The model should be able to detect, defend and deter the vulnerabilities, threats and risks that will emerge in the day to day government administration operation. This paper has introduced a study for some existing cyber governance security models. Thus, it helps in determining the main features of the required model. � 2018 Authors.