Arash Habibi Lashkari

York University · School of Information Technology

During the past decade, the Internet of Things (IoT) has paved the way for the ongoing digitization of society in unique ways. Its penetration into enterprise and day-to-day lives improved the supply chain in numerous ways. Unfortunately, the profuse diversity of IoT devices has become an attractive target for malware authors who take advantage of...

Smart contracts are a modern version of the traditional paper-based legal agreements. It is an evolving concept which is reshaping the way legal contracts used to bind the involved parties to do business. Smart contracts are computer programmed by a software developer who codifies the terms and conditions of the paper-based legal agreement. Thus, s...

Is it possible to imagine a world without financial institutions? The answer is definitely “no.” Although traditional banking is not entirely replaced by contemporary decentralized finance, it has predominantly left a mark in shaping the financial world. Decentralized finance has the potential to innovate the architecture of our financial ecosystem...

Blockchain is used in various sectors including healthcare, finance, government, and commerce to build blockchain-based solutions for the customers. The main benefit of introducing blockchain in these applications is to provide security to digital transactions by leveraging cryptography, decentralization, and consensus. While the use of blockchain...

Finance is an inseparable part of modern civilization. Although there are some inefficiencies in the modern financial system, it is far better than that of the past. Modern financial system has not only adopted a paperless workflow, but it has also drifted toward a decentralized ecosystem where the entire control is not held with a central authorit...

Smart contracts have revolutionized the way in which legal contracts are facilitated and executed. However, they are equipped with potential vulnerabilities and security threats in their design. These vulnerabilities pave the way for hacking smart contracts, resulting in huge losses. The security vulnerabilities of smart contracts can be used to il...

Decentralized finance platforms allow users to lend or borrow funds from others, speculate on price changes using derivatives, trade cryptocurrencies, insure against risks, earn interests on crypto saving accounts, and play online games. DeFi does not rely on any intermediary parties such as banks, exchanges, or brokerages. It offers customers all...

The Internet of Things (IoT) has paved the way to a highly connected society where all things are interconnected and exchanging information has become more accessible through the internet. With the use of IoT devices, the threat of malware has increased rapidly. The increased number of existing and new malware variants has made protecting IoT devic...

Cloud computing is the next generation of on-demand information technology services and products that deliver various applications over the Internet. Cloud computing is often adopted as a superior alternative by data centers to replace their current system. However, cloud computing services are still accompanied by many issues which hinder their ad...

Quantum key distribution (QKD) protocols are unconditionally secure, providing that quantum devices are truthful. Device-independent quantum key distribution (DI-QKD) protocols offer the prospect of distributing secret keys with minimal assumptions. The DI-QKD protocols are hard to implement using the current technologies as they require all the qu...

Ranging from increased legislation, larger data vaults, and the seemingly endless accumulation of data by corporations to issues of access to the Internet, digital rights, and net neutrality, the challenges arising in digital law are many and often overlap. The complexities of the technological world in which we have found ourselves are unprecedent...

Governance has been defined to refer to structures and processes that are designed to ensure accountability, transparency, responsiveness, rule of law, stability, equity and inclusiveness, empowerment and broad-based participation. With respect to digital governance, it refers to the structures and processes which are designed to ensure accountabil...

As the international community has evolved to accommodate for the digital landscape, we have seen a variety of different strategies emerge between nations, which aim to address the dual-headed issue of data sovereignty and digital governance. Many jurisdictions are increasingly enacting laws and regulations governing how and where data must be stor...

At first glance, the legal concept of sovereignty can seem unnecessarily complex. This complexity becomes magnified when we apply the concept of sovereignty to the intangible concept of data. Data sovereignty is the idea that the laws and governance structures of a nation extend in application to the data collected within that nation. It is closely...

In an increasingly digital world, we are continuously being met with novel and unprecedented challenges, the likes of which we have never encountered in our human history. Not only are we engaged in the balancing act of protecting individual and personal rights and freedoms with respect to both positive and negative rights, but we are also working...

Conflict of laws—also called private international law—is the set of rules or laws a jurisdiction applies to a case, transaction or other occurrences that has connections to more than one jurisdiction, for example, when the parties involved in a dispute are from different legal jurisdictions, when parties from different jurisdictions are engaged in...

A network intrusion detection system is an essential part of network security research. It detects intrusion behaviors through active defense technology and takes emergency measures such as alerting and terminating intrusions. To this end, with the rapid development of learning technology, various machine-learning-based and deep-learning-based appr...

Encrypted traffic tunnelled by Tor or VPN is referred to as darknet traffic. The ability to detect, identify, and characterize darknet traffic is critical for detecting network traffic generated by a cyber-attack. Darknet classification models based on Machine Learning / Deep Learning (ML/DL) usually demonstrate high False Positive Rate (FPR) and l...

This is my improved version of CIRA-CIC-DoHBrw2020. It contains no metadata features, no samples with N/A values, no duplicate samples and it has optimized data types to cut down significantly on storage and loading requirements. This upload mirrors my version of this dataset on Kaggle https://www.kaggle.com/datasets/dhoogla/cicdohbrw2020. CIRA-CIC...

This is my improved version of CIC-Bell-DNS-EXF2021. There are 2 versions, a minimalistically cleaned version and an opinionated cleaned version. The versions exist because the dataset is not usable in its base form. Besides very specific cleaning, none of the versions contain metadata features. They contain no samples with N/A values, no duplicate...

This is my improved version of CCCS-CIC-AndMal2020. It contains no metadata features, no samples with N/A values, no duplicate samples and it has optimized data types to cut down significantly on storage and loading requirements. This upload mirrors my version of this dataset on Kaggle https://www.kaggle.com/datasets/dhoogla/cccscicandmal2020. CCCS...

This is my improved version of CIC-Darknet2020. It contains no duplicate samples, no samples with missing values and it is stored with optimized data types, significantly cutting down on storage requirements. This upload mirrors my version of this dataset on https://www.kaggle.com/datasets/dhoogla/cicdarknet2020. CIC-Darknet2020 is an academic n...

This is my improved version of CIC-Evasive-PDFMal2022. It contains no duplicate samples, no samples with missing values and it is stored with optimized data types, significantly cutting down on storage requirements. This upload mirrors my version of this dataset on https://www.kaggle.com/datasets/dhoogla/cic-evasive-pdfmal2022. CIC-Evasive-PDFMal2...

This is my improved version of CIC-Malmem2022. It contains no duplicate samples, no samples with missing values and it is stored with optimized data types, significantly cutting down on storage requirements. This upload mirrors my version of this dataset on https://www.kaggle.com/datasets/dhoogla/cicmalmem2022 CIC-Malmem2022 is an academic datas...

As part of the incident response process, the memory forensics tools extract forensic artifacts and display them. Many memory forensics analysis tools are being developed to address the challenges of modern cybercrimes. Investigations are successful when they have an accurate analysis provided by a memory forensics tool that consumes resources reas...

A compromised Smart Grid, or its components, can have cascading effects that can affect lives. This has led to numerous cybersecurity-centric studies focusing on the Smart Grid in research areas such as encryption, intrusion detection and prevention, privacy and trust. Even though trust is an essential component of cybersecurity research; it has no...

This is my improved version of CIC-DDoS2019. I do recommend using my improved version of the full CIC-NIDS collection rather than this individual dataset. It contains no metadata features, no duplicate samples, no samples with missing values and it is stored with optimized data types, significantly cutting down on storage requirements. This upload...

This is my improved version of CIC-IDS2017. I do recommend using my improved version of the full CIC-NIDS collection rather than this individual dataset. It contains no metadata features, no duplicate samples, no samples with missing values and it is stored with optimized data types, significantly cutting down on storage requirements. This upload m...

In this chapter, we will explore the intersecting, albeit unique, concepts of ownership, property, and possession. We will distinguish between public, private, and personal data as seen in the eyes of the law, connecting those concepts to our foundational legal knowledge from the first chapter. At the end of this chapter, we will realize the inters...

In 2020, with the dawn of a new decade ahead of us—the 2020s—many of us looked back at the end of 2019 and the start of 2020 as a turning point; an opportunity for a fresh start. At that point in time, we had no idea of the dramatic social, educational, and occupational changes that this year would have in store for us all. While the new decade has...

In this, our final chapter, we will discuss slime of the emergent, upcoming, and future issues in cybersecurity law, which include: globalization and determination of jurisdictional authority; digital marketplaces and consumer rights; anonymized DarkNet markets and the influx of cryptocurrencies; existing and anticipated challenges to law enforceme...

Cybersecurity law is not simply the application of legal systems to the protection of private data; it also includes using our legal systems to address criminal activity that is conducted using networked technologies—otherwise known as cybercrime. This chapter will outline the types of cybersecurity laws needed to address issues such as interperson...

In this chapter, we will create the necessary context for future chapters, by starting with the foundations of the law and the legal system. This chapter will be the base for everything that follows. To begin, we will discuss the origins and purpose of law, including the jurisprudential theories of law. We will outline the sources and systems which...

Cybersecurity, data privacy law, and the related legal implications overlap into a relevant and developing area in the legal field. However, many legal practitioners lack the foundational understanding of computer processes which are fundamental for applying existing and developing legal structures to the issue of cybersecurity and data privacy. At...

The intrusion detection systems are a critical component of any cybersecurity infrastructure. With the increase in speed and density of network traffic, the intrusion detection systems are incapable of efficiently detecting these attacks. During recent years, deep neural networks have demonstrated their performance and efficiency in several machine...

Quantum key distribution, in principle, provides information-theoretic security based on the laws of quantum mechanics. Entanglement swapping offers a unique ability to create entanglement between qubits that have not previously interacted. Entanglement-swapping setup helps in building a side-channel-free Quantum key distribution. A receiver-device...

In the past few years, there has been an exponential growth in network and Internet traffic. This trend will continue to increase due to digitalization and resulting in more inter-connectivity among the users. Due to this, more data has started being treated as streaming data. This data distribution, mostly non-stationary, high-speed, and infinite...

Malicious domains are one of the major threats that have jeopardized the viability of the Internet over the years. Threat actors usually abuse the Domain Name System (DNS) to lure users to be victims of malicious domains hosting drive-by-download malware, botnets, phishing websites, or spam messages. Each year, many large corporations are impacted...

Digital investigators need to evaluate their existing counter-anti-forensic tools to assess the reliability of their tools against attackers' anti-forensic tools. The evaluation enables them to choose more reliable defensive strategies against the attackers. Game-theoretic algorithms simulate the interactions that happen between an attacker and an...

The rise of digital information has given birth to cyber frauds such as fraudulent transactions, extortion, denial of service attacks, and credit card fraud. The number of cyber incidents is growing rapidly. In order to curb these incidents, it is imperative to understand what are the cyber threats and what motivations drive these cyber incidents....

This chapter summarizes the cybersecurity issues discussed in this book.

This chapter instigates cybersecurity vulnerabilities in FinTech. It discusses several general and specific cybersecurity vulnerabilities exploited in the past. Specific cybersecurity vulnerabilities consist of human, technology, and transaction vulnerabilities. The overall purpose of identifying different types of vulnerabilities is to understand...

This chapter introduces information security governance, various policies and standards used to profile information security governance, and available security governance models. It provides insight into the roles and responsibilities of individuals working at top-, middle-, and lower-level management. A security governance framework has two primar...

Financial market infrastructure is the worst affected part of FinTech institutions. It witnesses most of the cyberattacks that have a devastating impact on its essential components. The essential financial market infrastructure components such as payment systems, central securities depositories, securities settlement systems, central counterparties...

This chapter examines a thorough overview of FinTech and its significance in one’s day-to-day life. FinTech has revolutionized modern businesses by introducing digital technology. It has transformed traditional businesses into techno-savvy point-of-sale companies. With the big investments in essential financial sectors, including banks, e-commerce,...

This chapter provides the essential details to design a cybersecurity framework for FinTech institutions. The details are based on the fundamentals of protecting the FinTech ecosystem against cyberattacks. The chapter presents available cybersecurity frameworks for financial institutions. These frameworks guide identifying vulnerabilities, assets,...

Cybersecurity threats exploit cybersecurity vulnerabilities that pose cybersecurity risks. Cyber risks are combated with safeguards that are used to protect assets and finally, assets are prone to cybersecurity threats. The represents a cyber risk life cycle. This chapter provides a comprehensive introduction to cyber risks in FinTech institutions....

In this chapter, cybersecurity principles to protect digital information against cyber threats and cyber threat actors are discussed. Three fundamental principles to protect data include confidentiality, integrity, and availability. These principles are extended by adding two more principles of accountability and authenticity. The main motivations...

The problem of cybersecurity is not limited to a particular department or section, but it is an enterprise-wide problem. It requires an interdisciplinary approach to address various cybersecurity issues arising from different sources in the organization. A comprehensive cybersecurity policy and strategy ensures healthy cybersecurity practices in th...

This chapter examines the importance of information technology risk management and summarizes the prominent risk management frameworks used to mitigate risks in information technology systems. It explores the risk management life cycle, starting from the threat identification to the quantitative and qualitative risk analysis and moving toward the r...

This chapter examines the importance of security operations in cybersecurity and elaborates five prominent actions performed by a security operations team. It explores the generation of security operations over four decades, starting from malicious code injections to sophisticated destruction of service. With the paramount data being generated from...

This book uncovers the idea of understanding cybersecurity management in FinTech. It commences with introducing fundamentals of FinTech and cybersecurity to readers. It emphasizes on the importance of cybersecurity for financial institutions by illustrating recent cyber breaches, attacks, and financial losses. The book delves into understanding cyb...

Darknet traffic classification is significantly important to categorize real-time applications. Although there are notable efforts to classify darknet traffic which rely heavily on existing datasets and machine learning classifiers, there are extremely few efforts to detect and characterize darknet traffic using deep learning. This work proposes a...

The unrivaled threat of android malware is the root cause of various security problems on the internet. Although there are remarkable efforts in detection and classification of android malware based on machine learning techniques, a small number of attempts are made to classify and characterize it using deep learning. Detecting android malware in s...

While encryption is powerful at protecting information, it critically relies upon the mystery/private cryptographic key’s security. Poor key management would compromise any robust encryption algorithm. In this way, securing information is reduced to the issue of securing such keys from unauthorized access. In this work, KeyShield is proposed, a sca...

Systems and methods are provided for determining the security risk associated with one or more users of a computer network. Users are monitored over time to build security related profiles which are employed to assess the risk they impose on the network. The user profiles , which may be computed as online and network user profiles for each user , a...

Digital forensic investigators’ aim is identifying, collecting and presenting reliable, accurate, and admissible evidence in court. However, anti-forensics manipulate, obfuscate, hide, and remove the remaining piece of evidence in a compromised system. Anti-forensics interrupt investigation procedures; thus, the investigators require specific defen...

Malicious online advertisement detection has attracted increasing attention in recent years in both academia and industry. The existing advertising blocking systems are vulnerable to the evolution of new attacks and can cause time latency issues by analyzing web content or querying remote servers. This article proposes a lightweight detection syste...

Forensic science aims to present evidence in the courtroom, in a forensically sound manner. Therefore, forensic procedures must guarantee the provability, admissibility, accuracy, and authenticity of the case's evidence. However, anti-forensics threaten forensic procedures by forging, hiding, and even modifying remaining evidence in a crime scene....

Over the recent years, cyber security has become a significant aspect for more and more businesses, which highly depend on online services and managements. With the help of cyber risk assessment, companies can design appropriate risk control systems, manage potential cyber losses, and leverage effective technical solutions. However, due to the limi...

The likelihood of suffering damage from an attack is obvious with the exponential growth in the size of computer networks and the internet. Meanwhile, intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) are one of the most important defensive tools against the ever more sophisticated and ever-growing frequency of network atta...

Visualization helps to comprehend and analyse large amounts of data, a fundamental necessity for network security due to the large volume of audits traces produced each day. In this paper, we dissect the majority of recent work conducted in network security visualization and offer a taxonomy that provides a basis for classifying recently published...

Malware detection is one of the most important factors in the security of smartphones. Academic researchers have extensively studied Android malware detection problems. Machine learning methods proposed in previous work typically reported high detection performance and fast prediction times on fixed and defective datasets. Therefore, based on these...

In the face of escalating global Cybersecurity threats, having an automated forewarning system that can find suspicious user profiles is paramount. It can work as a prevention technique for planned attacks or ultimate security brea