Authors: Denan Raj Naidu and Ts. Dr. Ahmad Anwar Zainuddin

Department: Computer Engineering and Computer Science (CECS)

Abstract: The Covid-19 pandemic has a significant impact on the way studies are organised in institutions of higher education (HEIs). Since March 2020, the only way to continue the educational process was through distance learning. Cloud computing, online learning platforms, and video conferencing apps, which were previously used infrequently at HEIs, have emerged as the primary assets for conducting online studies in the aftermath of the Covid-19 outbreak. As a result, the risk of DoS- denial-of-service / DDoS - distributed denial-of-service assaults, cross-site scripting, spoofing, unauthorised data access, and infection with malicious applications has increased significantly, as has the potential of personal data theft. The research focused on identifying the kind of assaults that have the most impact on assets, as well as giving recommendations for improving cyber security in e-learning environments. Frequently recommended practises include system updates and patch management, creating access controls at the application or resource level, categorising data, and utilising cryptographic protocols.

1 Introduction

With the growing use of modern technologies on a global level, the necessity for cyber security has increased exponentially over the previous two decades. However, this need became genuinely ground-breaking in 2020. with the epidemic of Covid-19. Today's reality is hyperconnected and complex, reliant on a variety of technology. The impact on cybersecurity is unknown now. Cyber Security can be described as the process of defending users against dangers. inextricably linked to the use of contemporary communication technologies. According to the Pomeron Institute's research [1], conducts cybersecurity research, the damages are expected to increase by 2020. A global data breach costs an average of $ 3.86 million. The health sector ($ 7.1 million) and the largest the United States ($ 8.64 million) is the country most impacted. The effect increases in distant work because of the Covid-19 epidemic. As a result of this, the average cost of a data breach has increased by $ 137,000. work from home. Thus, the average loss associated with a data breach is approximately 4 million dollars. Using the same research [1] data, in the field of education, the losses sustained as a result of a data breach in 2020 will cost $3.90 million. A high standard compared to, say, research where the loses data breaches cost $1.53 million in 2020. The statistics for 2020 are alarming.

Cyber criminals are interested in stealing the personal information of individuals. pupils and employees, as well as seizing device control. Considering resources, access is facilitated by the utilisation of a variety of remote access technology and online learning platforms.The primary objective is not to acquire access to the individual's personal account nonetheless, to launch fresh phishing or spam attacks using personal credentials not only for the initial attack, but also for subsequent efforts to steal money. By the spring of 2020, the field of education had expanded significantly. affected, as the offline study was halted because of epidemic caused by Covid-19, and a new reality had to be established and implemented. Online education has surpassed all other modes of instruction by carrying out research in schools and universities.

As a result of being prepared for such a situation, various issues are occurred which included:(1) The use of technologies whose flaws have not been disclosed. Teachers who have not been investigated or identified, unskilled professors for online classes. Courses and students who lacked the required technology (such as laptops) or a high-speed internet connection to access video streaming media. For example, there were no explicit cybersecurity policies. (2) Activities conducted online, in institutions that safeguard assets, and by workers as well as students. As a result, Microsoft Security Intelligence will launch in June 2020. [2] stated that the education sector accounted for 61% of total revenue of the 7.7 million malware samples discovered by organisations worldwide - more than any other sector in the last 30 days. Countries that have the highest infection rate is seen in Table 1 [3].

Table 1: Countries with higher infection rate

After the higher education institutions adopted an online teaching technique, or at the very least a hybrid strategy that included offline hours for low-attendance activities. For large-scale online courses for tens or hundreds of students. The possibility of a new Covid-19 wave persists, as does the imperative to enhance cyber security.  Securing the new reality is critical. The critical factor that are included into online education activities have been  identified in the article's first part, based on various  scientific papers that were recently published in the following journals:  International Journal of Scientific & Technical Publications, International Journal of Scientific & Technical Publications, International Journal of Scientific & Technical Publications  International Journal of Advanced Technology  Procedia Engineering and Computer Science, Procedia Economics and  Finance. The second section discussed the security risks associated with keys.  For instance, the assets, based on a thorough review of the scholarly literature examination of security assessments provided by firms specialising in cybersecurity firms, including IBM, the pomeron Institute, and Microsoft ENISA, Datanyze, and Kaspersky are all examples of security intelligence. Finally, this area was set aside for suggestions and discussion, to minimise the impact of security breaches associated with online education in HEIs.

2 Technologies

In the aftermath of the Covid-19 pandemic, when social distance became required, a significant portion of the activities conducted in HEIs had to be conducted remotely to comply with the legal rules established by health commissions worldwide. Thus, a distant learning became the only option for ensuring the educational process's continuance. According to a recent global study conducted by Pearson Education, an academic publishing company, 90 percent of 7,000 respondents believe that online education would continue to play a critical role in the industry, even after the Covid-19 pandemic has ended. It is vital to identify technologies that enable remote study and work, as well as dangers to such technologies and methods to secure them, in this situation.

2.1.1 Could Computing

Cloud Computing (CC) [4] has numerous benefits for HEIs, ranging from data storage and organisation to migration of university network infrastructure and utilising cloud services. Under the pandemic conditions, the cloud became the de facto standard for accessing resources and storing data in the academic setting. Additionally, when online education was the sole option, CC services directly aided in ensuring the quality of education. The use of virtual laboratories and simulation settings has enabled the development of abilities that are no longer contingent upon students' actual attendance in institutions. The incorporation of CC into higher education benefits students' academic performance and efficiency [5] .CC services were widely introduced throughout HEIs until 2020. Typically, universities adopt the following cloud service models [5]:
1) Infrastructure as a Service (IaaS) enables the implementation and operation of software, including applications and operating systems [6]. This is especially true for those pursuing degrees in computer technology.
2) Platform as a Service (PaaS): this cloud service paradigm enables application development using programming languages, services, and tools provided by cloud platform providers. For instance, an instructor may utilise a PaaS to create a virtual tailored laboratory for students[6]; 3) Software as a Service (SaaS) enables educational institutions to access programmes via the Internet via a cloud platform. The benefits of SaaS include the elimination of licence, installation, and software maintenance costs [6].

2.1.2 Learning management system (LMS)

LMSs were introduced until the pandemic but were fully utilised during this time period. Complex courses with a variety of activities were established, including seminars, lessons, glossaries, practical exercises, and evaluation examinations. According to the LMS Market study [8], the leading LMSs at European HEIs are Moodle (65%), Blackboard (12%), Ilias (4%) and Sakai (3 %) as shown in Figure 1. 

Fig. 1: Learning management system (LMS) at European HEIs

According to Google Trends statistics for the period 2019-2020, there has been a significant surge in interest in various LMS platforms, both in Europe and abroad as depicted in Figure 2. Additionally, Moodle is the most widely used LMS.

Fig.2 Global interest level for Moodle 2019 2020 (by Google Trend)

2.1.3 Video conferring application (VCA)

VCA was the primary mode of communication in these circumstances. Numerous programmes exist for this purpose, including Zoom, GoToWebinar, Cisco WebEx, Livestorm, ON24, Adobe Connect, and Microsoft Teams as shown in Table 2. While the application concept is identical, the technology deployed are distinct. According to a report submitted by Datanyze [9], the global leader in technology, the top three VCAs used internationally in 2020 will be Zoom, GoToWebinar, and Cisco Webex.

Table 2 Use of VCAs globally

According to the report [9], the same video conferencing software are market leaders in Europe's following countries: Germany, Bulgaria, Italy, the Netherlands, Sweden, and Switzerland.

3. Methodology

The research process includes not only a review of various publications published between 2011 and 2020 in leading digital libraries such as IEEE Xplore, ScienceDirect, and SpringerLink, but also a detailed analysis of various security reports for the 2019-2020 fiscal years, produced by companies specialising in cyber security solutions. Threat analysis in HEIs is a critical topic of research; according to a report filed by ENISA [10], educational institutions will be targeted by cyberespionage campaigns in 2020 as a result of interest in the COVID-19 research results. Additional confirmation comes from Kaspersky [3], which claims a 350 percent spike in DoS / DDoS attacks targeting educational sites in 2019, with a large portion of the increase attributable to distance learning services as shown in Figure 3.

COVID-19 research results. Additional confirmation comes from Kaspersky [3], which claims a 350 percent spike in DoS / DDoS attacks targeting educational sites in 2019, with a large portion of the increase attributable to distance learning services as shown in Figure 3.

Fig. 3 Percent of the total number of DDoS attacks that affected educational resources: Q1 2019 vs Q1 2020 [3]

By analysing the figure above, one can compute the monthly increase rate of DDoS assaults in 2020 compared to 2019. Table 3 indicates the the percent growth in the number of attacks on educational resources when compared to the same month of the previous year.

3.1 Security threats of Cloud Computing (CC) Services

The primary security risks associated with CC can be divided into five categories [7] [8] :

1) Collaborative Technologies Vulnerabilities - as a result of cloud service providers' scalable infrastructure. All layers of shared technology, such as the CPU, RAM, hypervisors, and apps, can be attacked to gain unauthorised access to data. According to Navati et al. [9]attackers can acquire access to the physical host where other surrounding virtual machines (VMs) reside by exploiting hypervisor vulnerabilities.

2) Data Breach - Users' data may be compromised as a result of unintentional data loss or malicious intrusive acts. A type of such attack occurs when a virtual machine may access the data of another virtual machine running on the same physical host by utilising a shared component, such as the processor's cache.

3) Account or Service Traffic Hijacking - a user's account can be hijacked. This occurs as a result of utilising one-step authentication methods, such as password-based authentication.

4) Denial of Service (DoS) - this is a frequent type of assault in a cloud setting; attackers just need to consume all available CPU, RAM, disc space, and network bandwidth in order to disable a service. A significant disadvantage of cloud services in the event of a DoS attack is that the cloud environment will increase the number of allotted resources in response to resource requests. This indicates that while the cloud system mitigates the impact of the attack, it also aids the attacker in his evil deeds by giving him with additional resources [14].

5) Malicious Insiders - these might be both staff members and employees of the cloud service provider.

They may obtain sensitive information to which they would not normally have access.

3.2 Human interaction has a significant impact on cloud services.

Security threats can originate from the following [15]:

1) External users are capable of launching a variety of attacks against the  via the network, cloud infrastructure. They may have an effect. Confidentiality of data; integrity and accessibility of data The data centres of CP.

2) Internal users - a significant danger associated with adopting CC is multitenancy. since private data of a user can be accessed and viewed by unapproved individuals who share the same resources. These dangers apply to both PaaS and SaaS models[16].

3) The Cloud Provider may be an attacker as well. Employees may take use of their privileged position in order to steal. sensitive consumers' data via either physical or manipulation of the hardware platform logically [15].

3.3 Security Threats of LMS Platforms

Before delving into the risks posed by online learning platforms, it is vital to define the fundamental rules that govern the quality of online courses. This element will be discussed in detail in the considering the three information security principles: confidence, sincerity, and accessibility. When taking an online test or exam, as it is necessary to confirm that their material is accurate. available until the specified time of the student's examination, and that the student's examination will be inaccessible to his or her co-workers. LMS platforms contain a variety of technical and human risks, that the number of vulnerabilities discovered formally and listed on the Common Vulnerabilities and Exposure (CVE) list [17], of the most frequently used educational techniques. There are over 400 platforms. Management systems for education [18] are client or server web apps that include, but are not limited to, respond to user queries originating from clients such as the web. As a result, access to important security resources is restricted (databases and files) on the server are required for user authentication. demand. The most serious security vulnerabilities, as stated in literature, are divided into four categories: authentication, attacks on availability, secrecy, and integrity [19]:

1) Threats to authentication: - Insecure communications using an insecure programme protocol, such as HTTP, that enables the transmission of traffic that is not encrypted. Inadequate session management and inappropriate access Complex authentication is associated with authentication. mechanisms. The algorithm for authentication and various This procedure is highly sensitive due to its characteristics. The pivotal of following functions are available such as changing the password, forgetting the password, or remembrance of the password or account updates.

2) Threats to availability: Flooding denial-of-service attacks, which flood the server with packets to make the service inaccessible to authorised users. Logical attacks take advantage of existing LMS weaknesses to bring down remote server's performance substantially [19].

3) Threats to confidentiality: Cryptographic storage that is insecure is based on the fact that sensitive data is not adequately encrypted [18]. - Typically, an insecure direct object reference happens when an LMS is used.  Direct object references in web interfaces without permission checks are being carried out. Object referred to Files, database entries, and primary keys can all be used as references. They are specified via URL or form parameter [19]. Data leaking and inefficient error handling inadvertent disclosure of private information and unnecessary using error messages. LMS has the potential to expose critical information. details on its logic, configuration, and other internal components particulars (e.g., SQL syntax, source code, etc.). Not all LMS systems frequently make effective use of cryptographic mechanisms to safeguard data and may employ insecure encryption techniques. In certain circumstances, valuable data is quite easy to obtain by attacker capable of committing identity theft and other related crimes [19].

4) Threats to integrity: When an LMS module (e.g., drivers, server components) tries to save data to and without confirming its size by introducing a larger one values that are more than predicted. Cross-Site Request Forgery attack attempting to execute commands under the name of a properly authenticated user [20]. When a user logs in into LMS, the attacker can trick his browser into performing a request to one of the LMS task URLs, resulting in a change. In the server's behalf [19], cross site scripting, which allows a remote attacker to inject and execute arbitrary HTML code and scripts in the user's browser.  Within the context of the susceptible website's browser. Successfully By exploiting this flaw, a remote attacker can gain potentially sensitive information, alter the appearance of attacks on websites, phishing, and downloading.  Inadequate URL access restriction. Several LMS resources are available. confined to a select group of privileged users (e.g., administrators). This vulnerability enables an attacker to retrieve URLs by guessing the address and committing criminal acts on invulnerable LMS data [19]. Injection issues, where user-supplied data (e.g., in form fields) is submitted to routines for content verification as part of the command or the query. In such attacks, the interpreter is incapable of detecting or respond to potentially interpreted character sequences incorrectly, resulting in the execution of malicious code by LMS. Finally, an attacker may be able to create, modify, read, or delete files. Delete all data that is accessible to the LMS [19]. Malicious file execution is based on an oversight by the LMS. exercise control over or prohibition of the execution of uploaded files (homework or (image, document) [19].

3.4 Security Threats of VCAs

The applications for teleconferencing saw a significant surge in use during the pandemic with Covid-19, owing to the fact that the great majority of activities and events were organised offline. Thus, it is shifted to the internet environment as a result of the changing conditions of activity. Thus, if the ZOOM programme had 10 million daily users in December 2019, it would have around 200 million daily users in March 2020 [21]. When a video conference is held, cyber security is critical, beginning with the theft of personal data, such as email addresses, used to connect users and ending with the data being communicated or the security of end-user devices and control over them. Thus, the essential components of a conference Security can be classified into three distinct categories [23]:

1) Pre-call policies configure apps prior to the start of the conference, establishing access rules (e.g. via email).

2) Data transmission policies are critical for video conferencing security, as data is transported over both private and public networks. It may include regulations prohibiting access to the conference after it has begun, notifying the user who initiated it when the conference is being seen, and prohibiting unauthorised re-broadcasting of the conference.

3) Post-call rules are concerned with the preservation of various types of metadata, such as shared presentations, video, and audio recordings. The following dangers can be provided [24] based on an analysis of the threats discovered in 2019-2020 by the most widely used VCAs worldwide [9].

Decrypt video and audio calls on business servers, which are not necessarily located in the sellers' place of origin. While programmes are said to use end-to-end (E2E) encryption, it is used to encrypt only correspondence and documents. TCP connections are encrypted with TLS for the ZOOM programme, which employs a combination of TCP and UDP. UDP connections are encrypted with AES using a key established through a TLS connection. This sort of encryption is referred to as transport encryption since it occurs when the HTTPS protocol is used rather than E2E [25]. As justification for not using E2E encryption, we cite Matthew Green, cryptographer, and professor of computer science at Johns Hopkins University, who highlights that: group video conferencing is difficult to encrypt using E2E. This is because the service provider must detect who is speaking to act as a switchboard, transmitting a high-resolution video stream from the person currently speaking or selected by the user to the rest of the group, while sending low-resolution video streams to the remaining participants. This form of optimization is significantly easier if the service provider has complete visibility into the data because it is unencrypted [25]. However, in this situation, the records on the company's servers are not encrypted, and the applications have access to the content, which they can subsequently use to send data to governments, for example. Of course, businesses assert their commitment to protecting this data, but the potential of misuse continues anyway.

Take control of Windows and MacOS computers, as well as the webcam and microphone, or share pornographic content. These kinds of acts have occurred in both the United States and Europe. - Bringing physical space's subtleties to light. In comparison to email or computer hacking, a video application can analyse and investigate its environment. Users are responsible for the physical security of their space. Any detail that may be utilised to determine certain characteristics about the user can then be used for social engineering. Social engineering is a very common type of attack. Attackers can monitor their targets' speech patterns and mannerisms, which can be utilised for impersonation and identity theft.

Recommendation & Discussion

Recommendations for safeguarding distance learning and devices in higher education institutions will be classified according to the assets involved and their weaknesses. The recommendations are the result of an in-depth examination of the cyber security risks and dangers posed by the remote research assets. To ensure the security of CC services, it is prudent to consider the procedures outlined in Table 4.

Table 5 details the steps that must be followed to secure LMS platforms.

In 2020, when studies in HEIs began to be conducted online, remote video conferencing became the new norm. The security risks associated with remote VCA were discussed previously, and it is now required to assess the preventative measures that may be performed to avoid security breaches. As a result, acts and arguments were highlighted in Table 6.

To maintain the security of online platforms and applications, it is required to adhere to the OWASP (Open Web Application Security Project) guidelines [26], which provide a complete framework for ensuring web application security.

Conclusion

In 2020, the academic environment faced significant challenges because of the pandemic with Covid-19. A persistent issue has been ensuring cyber security during remote activity. Addressing security, both in terms of the unique characteristics of distant activities and in terms of recognising security assets and risks in HEI, is a critical step toward ensuring cyber security. Additionally, financial losses in schooling grew this year as a result of internet activities. The move of locally stored data to the cloud introduces additional security issues, yet this is unavoidable for the convenience of users and easy access to required information.

The following conclusions can be derived as a result of the research:

1) Continuously updating information systems and applications, patch management, and automating these activities will provide a constant degree of security.

2) Because controlling access to information is critical, it is important to define access controls for apps and stored data in order to minimise unwanted access or data compromise. Classifying data for restricted access is a critical first step.

3) Through the deployment of secure protocols, end users will be able to safeguard their home networks, while institutions will be able to protect their corporate networks. Protected and encrypted data will be transmitted.

4) Educating workers and students in the field of information security reduces the effort required of the IT team and increases cyber security through distributed efforts.

Securing HEIs is a complicated procedure, owing to distributed systems and many problems, and the study in this area is extensive. Covid-19 has fundamentally altered the way studies are organised in higher education institutions; new assets must be safeguarded.

REFERENCES

[1] IBM, “IBM Security.” [Online]. Available: https://www.ibm.com/security/digit al assets/cost data breach report/#/.

[2] OWASP Foundation, Inc, “Main News and Events Acknowledgements Glossary ASVS Users OWASP Application Security Verification Standard.” [Online]. Available: https://owasp.org/www-project-application-security-verification-standard/

[3] Kaspersky, “Digital Education: The cyberrisks of the, “Kaspersky, ‘Digital Education: The cyberrisks of the classroom,’ 2020. Accessed: Dec. 06, 202.” [Online]. Available: https://media.kasperskycontenthub.com/wp content/uploads/sites/43/2020/09/04113558/education _ 04092020_2.pdf.

[4] Sally Adam, “"Coronavirus and remote working: what you need know.”.” [Online]. Available: https://news.sophos.com/en us/2020/03/12/coro navirus and remote working what you need to know/

[5] A. Elgelany and W. Gaoud, “Cloud Computing: Empirical Studies in Higher Education A Literature Review,” ijacsa, vol. 8, no. 10, 2017, doi: 10.14569/IJACSA.2017.081017.

[6] Ananthi Claral Mary.T and Dr.Arul Leena Rose.P.J, “Implications, Risks And Challenges Of Cloud Computing In Academic Field A State Of Art”.

[7] D. A. B. Fernandes, L. F. B. Soares, J. V. Gomes, M. M. Freire, and P. R. M. Inácio, “Security issues in cloud environments: a survey,” Int. J. Inf. Secur., vol. 13, no. 2, pp. 113–170, Apr. 2014, doi: 10.1007/s10207-013-0208-7.

[8] W. J. Timothy Grance, “Guidelines on Security and Privacy in Public Cloud Computing.” [Online]. Available: https://www.nist.gov/publications/guidelines security and privacy public cloud computing

[10] K. Odhaib, M. Alallawee, and Z. AL-Mousawi, “https://www.anbarjvs.edu.iq/wp-content/uploads/2021/06/1.pdf,” AJVS, vol. 14, no. 1, Jun. 2021, doi: 10.37940/AJVS.2021.14.1.2.

[11] Phil Hill, “e-Literate European LMS Market Dynamics Fall 2016.”

[12] E. U. A. for C. Enisa, “Sectoral/ thematic threat, “E. U. A. for C. Enisa, ‘Sectoral/ thematic threat analysis,’ 2020.”.

[13] R. V. Deshmukh and K. K. Devadkar, “Understanding DDoS Attack & its Effect in Cloud Environment,” Procedia Computer Science, vol. 49, pp. 202–210, 2015, doi: 10.1016/j.procs.2015.04.245.

[14] Gina M. Vitiello and Chamberlain Hrdlicka, “Video Conferencing and Recording: Know the Risks Before You Connect.‖.”

[15] SCOTT GODE, “Video Conferencing Security Issues and Opportunities.” [Online]. Available: https://www.unifysquare.com/blog/video-conferencing-security-issues-and-opportunities/ (accessed Dec. 02, 2020).

[16] Kaspersky, “The problems with videoconferencing apps,‖ 2020.” [Online]. Available: https://www.kaspersky.com/blog/videoconference-software-security/35196/.

[17] Micah Lee and Yael Grauer, “ZOOM MEETINGS AREN’T END-TO-END ENCRYPTED, DESPITE MISLEADING MARKETING.”

[18] M. V. Eekelen, R. Moussa, Engelbert Hubbers, and Roel Verdult, “Blackboard Security Assessment,‖ CTIT technical report series, 2013.”

[19] C.-J. Huang, C.-R. Chu, T.-M. Tien, H.-Y. Yin, and P.-S. Chen, “Calibration and deployment of a fiber-optic sensing system for monitoring debris flows,” Sensors (Basel), vol. 12, no. 5, pp. 5835–5849, 2012, doi: 10.3390/s120505835.

[20] Vaishali H., “Cloud Computing for Higher Education Institutes: Architecture, Strategy and Recommendations for Effective Adaptation,” Procedia Economics and Finance, vol. 11, pp. 589–599, 2014, doi: 10.1016/S2212-5671(14)00224-X.

[21] Datanyze, “Datanyze, ‘MARKET SH ARE: Web Conferencing,.’”

[22] MITRE Corporation, “Moodle: Vulnerability Statistics.” [Online]. Available: https://www.cvedetails.com/product/3590/?q=moodle

[23] OWASP, “OWASP Application Security Verification Standard.” [Online]. Available: https://owasp.org/www-project-application-security-verification-standard/

[24] S. Kumar and K. Dutta, “INVESTIGATION ON SECURITY IN LMS MOODLE,‖ International Journal of Information Technology and Knowledge Management, vol. 4, no. 1, pp. 233–238, 2011.”.

[25] L. Coppolino, S. D’Antonio, G. Mazzeo, and L. Romano, “Cloud security: Emerging threats and current solutions,” Computers & Electrical Engineering, vol. 59, pp. 126–140, Apr. 2017, doi: 10.1016/j.compeleceng.2016.03.004.

[26] Z. R. Alashhab, M. Anbar, M. M. Singh, Y.-B. Leau, Z. A. Al-Sai, and S. Abu Alhayja’a, “Impact of coronavirus pandemic crisis on technologies and cloud computing applications,” Journal of Electronic Science and Technology, vol. 19, no. 1, p. 100059, Mar. 2021, doi: 10.1016/j.jnlest.2020.100059.