Conveners
ISSA: Cybersecurity
- Chair: Jan Eloff (University of Pretoria)
ISSA: Cybersecurity
- Chair: Reinhardt Botha (Noroff University College & Nelson Mandela University)
ISSA
- Chair: Brett van Niekerk ()
ISSA
- Chair: Marijke Coetzee (North-West University)
ISSA
- Chair: Lynette Drevin (NWU | North-West University)
Abstract: Ransomware remains a significant cyber threat, yet research is often hampered by a lack of modern, balanced datasets. This study proposed CerebRAN, a new dataset made from dynamic analysis of ransomware (400 samples) and goodware (399 samples). We provide a detailed methodology from the sample collection to the extraction of features using Cuckoo Sandbox on a Windows 7 operating...
Peer-to-peer energy markets rely on trust to enable secure participation; however, existing trust models often address only isolated trust concerns. This fragmented approach leaves significant gaps in ensuring holistic trust across the peer-to-peer energy market, exposing participants to market-related threats. To address this, the paper proposes a trust framework grounded in the Trust over IP...
This study is an exploratory study to understand the role of gender, home ar-ea, and high school area in Willingness to disclose information, Benefits, Privacy Risks, Subjective Norms, and Perceived Behavioural Control. This study used Privacy Calculus and the Theory of Planned Behaviour to formu-late a five-construct questionnaire. An empirical data sample of 133 first-year IT students at...
The increasing reliance on the Internet has exposed the triad of cybersecurity, namely, people, processes, and technology, to various cyberattacks. Moreover, factors such as the Coronavirus Disease 2019 (COVID-19) pandemic have con-tributed to the rise in these attacks. Students, who are heavy Internet users, are not immune to these cyberattacks. Several studies have identified students as...
South Africa faces a critical shortage of cybersecurity professionals, with both industry and academia recognising the gap as a driver of national cyber risk. This paper examines the nature of the cybersecurity skills gaps by reviewing recent studies and presenting the findings of a recent survey. Findings confirm that employers expect graduates to transition seamlessly into the workforce,...
Organisations in developing countries face uneven cybersecurity readiness shaped by national laws, institutional capacity and market conditions. This paper proposes a Holistic Cybersecurity Readiness Assessment (CSRA) that links an External Cybersecurity Environment Assessment (Tier 1) with an Internal Readiness Self-Assessment (Tier 2) across governance, people, pro-cess and technology. The...
This paper explores the ethical boundaries of plagiarism detection in the age of artificial intelligence (AI), focusing on the rise of AI-generated text and its implications for academic integrity. While plagiarism detection has traditionally relied on string-matching and authorship attribution, the emergence of generative models like GPT-4 challenges these methods. Institutions now face a...
Generative Artificial Intelligence has rapidly evolved, transforming numerous sectors. While its potential benefits are widely acknowledged, there are growing concerns about its ethical and societal implications. This paper presents a semi-systematic literature review aimed at identifying ethical principles and the social impacts of generative AI. This article synthesises key themes related to...
Cybercrime poses a significant threat that presents a unique challenge to law enforcement agencies. The transnational nature and technical complexity are some of the challenges that create difficulties in investigating cybercrime, despite the advancements in legislation. An Interpol 2025 African Cyberthreat Assessment Report highlights that cyber-related offences continue to increase, while...
Due to the exponential growth of the internet, cyber fraud has become an increasingly prevalent issue globally, and South Africa is no exception. While several studies address cyber fraud victims, limited research has specifically examined students, particularly those from disadvantaged backgrounds receiving the National Student Financial Aid Scheme (NSFAS), as victims of cyber fraud....
In recent years, cybercrimes have become more prevalent and impactful for all users of modern technology. Consequently, various artificial-intelligence-driven intrusion detection software have been implemented to detect and prevent such cyberattacks. Some well-known tools include Microsoft's Security Copilot and SentinelOne's Singularity. However, such AI tools are of-ten difficult to train...
In the modern digital era, cybersecurity has emerged as a critical domain, shaping the security landscape of organisations worldwide. As technological advancements redefine how businesses and individuals operate and interact, the need for robust cybersecurity measures becomes increasingly apparent. The purpose of this research study is to explain the effect of cybersecurity fatigue on...
This paper presents a qualitative review on the integration of Zero-Knowledge Proofs (ZKPs) and biometrics in Decentralized Identity (DID) systems. It explores how these technologies address key challenges in digital identity management, including privacy preservation, security enhancement, and regulatory compliance. Guided by three research questions, the study systematically reviews recent...
Databases are an important source of digital evidence, but most forensic methods and tools are focused on relational database systems. In-memory NoSQL databases, such as Redis are harder to investigate because persistence files and logs record only part of the activity, and volatile evidence exists in memory. This paper presents a technique and parser to bring multiple Redis sources: memory...
Recent Artificial Intelligence(AI) advancements, notably in Large Language Models(LLMs), have enhanced Natural Language Processing(NLP) capabilities like Text-to-SQL. Businesses are increasingly using LLMs for domain-specific applications such as chatbots, but this raises security concerns including data access control. This research addresses these concerns by developing a secure access...
This paper presents the design, implementation, and comprehensive evaluation of a decentralized blockchain-based voting system aimed at revolutionizing electronic voting (e-voting). Leveraging blockchain technology, the system offers a transparent, secure, and publicly verifiable voting platform, addressing key limitations found in traditional e-voting approaches. The systememploys Proof of...
This paper conducts a rapid review using the adapted SVOT
(Strengths, Vulnerabilities, Opportunities, Threats) framework to synthesize current literature on cybersecurity in higher education institutions (HEIs). The review addresses (1) inherent strengths that enable HEIs to adopt robust cybersecurity measures, (2) specific vulnerabilities exposing HEIs to cyber threats, (3) opportunities to...
The increase in cybersecurity incidents is a growing concern for governments worldwide, especially in developing countries. Government institutions are among the top targets of cyberattacks. To address cybersecurity issues, various tools and frameworks have been developed to assess the level of cybersecurity maturity and commitments. Despite the calls on governments to develop and implement...
The development of secure mobile applications is a crucial and complex task. This research focuses on threat modelling techniques to enhance mobile application security. A technique is proposed to analyse mobile application vulnerabilities, categorised by mobile application architectural layers, and classify vulnerabilities using STRIDE and DREAD. By identifying and scrutinising...
In the contemporary digital landscape, organisations are increasingly undertaking complex Digital Transformation initiatives to enhance, among other aspects, operational efficiency and drive innovation. However, these transformations expose organisations to heightened risks related to digital crimes. Traditional Digital Forensic Readiness frameworks fail to effectively integrate within the...
The current digital age has resulted in a surge in the use of Information and Communication Technology (ICT) tools that collect, store, and transmit huge volumes of sensitive data. Thus, sensitive data protection is a critical issue for all organisations in South Africa, including public schools. The problem is that schools often prioritize the benefits of using these ICT tools while...
Cyber security is now commonly encountered as a focal topic for ac- ademic degrees. However, the presence and level of representation of relevant sub-topics within such degrees can vary significantly, and as a consequence the resulting student experience and graduate perception of what cyber security is and what it involves can be similarly varied. This paper examines the situation, based upon...
In the modern era, the understanding of ransomware should not be limited to its technical aspects. Still, it must also incorporate an understanding of the covert and malicious practices of the ransomware threat actors behind it. By drawing from the strategic wisdom of Sun Tsu, the necessity of understanding the motivations and strategies of one’s adversaries to better defend oneself has become...
In recent years, the rising issue of burnout and the new phenomenon of quiet quitting have emerged as major concerns within the workforce, espe-cially among cybersecurity professionals. These phenomena not only undermine employee well-being, but also the security of information systems. Addressing the challenges of these phenomena requires an understanding of the un-underlying organisational...
Visualisation techniques to aid in email forensic investigations was proposed in the literature, often social
network graphs. Current literature does not deal with the interpretation and insights that can be gained from
the graphs. When many nodes are depicted in such a graph, it becomes difficult to extract useful insights
from social network graphs. The research that will be presented at...
The Effect of Cybersecurity Fatigue on Employees’ Compliance with Cybersecurity Measures.
