Journal & Conference Proceeding Publications

Critical National Information Infrastructure (CNII) is crucial to the survivability of a nation that the destruction or disruption of these systems and communication networks would significantly affect the economic strength, image, defense and security, government capabilities to function, and public health and safety. CNII would probably become an attractive target for terrorists. There is a need to have a strategy at the national level for the protection of CNII from cyber terrorism activities.

In this work, the randomness analysis of Grain-128 stream cipher algorithm by using NIST Statistical Test Suite is introduced. The NIST Statistical Test Suite is applied to determine the randomness of this algorithm. The Grain - 128 is based on LFSR, NLFSR and Boolean function with suitable for limited resources like gate count, power consumption and area chip. It uses 128-bit key and 96-bit initial value (IV). Based on our result of conducting the analysis, we obtained that this algorithm is not random at the 1% significance level.

Speck family of lightweight block cipher was publicly released by National Security Agency (NSA), USA in June 2013. Speck has been designed with ten instances which provides excellent performance in both hardware and software. Speck is optimized for performance on microcontrollers. This paper will present the result of randomness testing using NIST statistical test suite for SPECK cipher family, which are Speck128/128, Speck128/192, and Speck128/256. Nine data categories are applied to generate the input sequence (either plaintext or key) for each algorithm. Randomness is important for cryptography module to ensure that the cipher is unpredictable before it becomes available. From the analysis conducted, some failures were identified in some data categories.

Critical National Information Infrastructure (CNII) is crucial to the survivability of a nation. The destruction or disruption of these systems and communication networks would significantly affect the economic strength, image, defence and security, government capabilities to function, and public health and safety. CNII would probably become an attractive target for terrorists as the result of cyber attacks could leave the nation with difficult conditions due to the disruption of critical services. This paper provides an overview on the concept and fundamental elements of cyber terrorism. This paper also highlights the cyber security policy initiatives as a guideline for the development of the policy framework. This paper further recommends the need of policy development addressing the protection of CNII from cyber terrorism activities specifically for Malaysia.

The Internet’s implementation and reach over businesses, governments and individuals are ever-increasing. Thus, it is not at all an overreaction to anticipate for cyberattacks to be subsequently on the rise, which will in turn ultimately lead to data breaches. Malware and cyber-attacks intended to breach data will continue to evolve and organizations must take the necessary steps to secure their valuable assets and mitigate potential risks through appropriate data classification approaches. The SANS Institute’s six-step approach is recommended as a possible solution to secure classified data.