انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 9 2 2021 2 1 Determining the appropriate methodology for the security evaluation of equipment related to information and communication technology in the power industry 3 12 FA Sofia Ahanj Niroo research institute sofia_ahanj@yahoo.com Y Mahsa Rahmani Niroo research institute rahmani.m87@gmail.com N Zahra Sadeghigole Niroo research institute sadeghigol@ gmail.com N Veda Nobakht Niroo research institute nobakhtvida@yahoo.com N Providing security in the vital infrastructures of the country, is one of the essential operations that must be taken in order to improve the security of the country. Resistant security strategies need to be regularly implemented as a dynamic process to improve security, and security evaluation is one of the most important steps in this process. Methodology in the field of evaluation in both technical and managerial dimensions is discussed in the laboratory. There are various standards in the field of general ICT technical-security evaluation. The most important are ISO / IEC 15408, ISO / IEC 27001 and NIST SP 800-53. In the present paper, these standards are first examined. Then, the standards and reports in the industrial field have been reviewed and compared, and finally, based on the results and special considerations of information and communication technology equipment in the electricity industry, the appropriate methodology has been presented. ISO/IEC 15408, ISO/IEC 27001 series, NIST SP 800-53, NISTIR 7628 , NIST 800-82, ISO/IEC 27019, ISA/IEC 62443 series. http://monadi.isc.org.ir/article-1-176-en.html http://monadi.isc.org.ir/article-1-176-en.pdf

انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 9 2 2021 2 1 13 22 FA r_salarifard@sbu.ac.ir Y alireza.javaheri1376@gmail.com N http://monadi.isc.org.ir/article-1-188-en.html http://monadi.isc.org.ir/article-1-188-en.pdf

انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 9 2 2021 2 1 Analysis of Cybercrime and Cyber Attacks during the COVID-19 Pandemic 23 42 FA elnaz katanchi - e.katanchi20@gmail.com N babak porghahramani - b.pourghahramani@yahoo.com Y The COVID-19 pandemic was a remarkable and unprecedented event that changed the lives of billions of citizens around the world and resulted in what is known as a new term in terms of social norms and lifestyles. In addition to the tremendous impact on society and business in general, the epidemic created a unique set of cybercrime circumstances that also affected society and business. Increased anxiety due to this epidemic increases the probability of success of cyber attacks by increasing the number and scope of cyber attacks. This article analyzes the COVID-19 epidemic from the perspective of cybercrime and highlights the wide range of cyberattacks experienced worldwide during the epidemic. Cyberattacks are analyzed in the context of major global events to reveal how cyberattacks work. This analysis shows how, following what appears to be a large gap between the outbreak in China and the first COVID-19-related cyberattack, attacks are steadily becoming more prevalent than in some on days, 3 or 4 unique cyber attacks were reported. This analysis uses surveys in the UK as a case study to show how cybercriminals use key events and government announcements to build and design cybercrime campaigns. Cyber Security, Cyber Attacks, Cybercrime, Epidemics, COVID-19 http://monadi.isc.org.ir/article-1-185-en.html http://monadi.isc.org.ir/article-1-185-en.pdf

انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 9 2 2021 2 1 Browse searchable encryption schemes: Classification, methods and recent developments 43 68 FA Mohammad Hossein Noorallahzadeh Qom univ. mh.noorallahzadeh@stu.qom.ac.ir N Ahmad Gholami Qom univ. Y Reza Alimoradi Qom univ. N With the advent of cloud computing, data owners tend to submit their data to cloud servers and allow users to access data when needed. However, outsourcing sensitive data will lead to privacy issues. Encrypting data before outsourcing solves privacy issues, but in this case, we will lose the ability to search the data. Searchable encryption (SE) schemes have been proposed to achieve this feature of searching encrypted data without compromising privacy. This method will protect both the user's sensitive information and the ability to search for encrypted data. In this article, we review the various SE designs. In this review, we present the classification of SE designs: symmetric searchable encryption, public key searchable encryption, and search attribute-based encryption schemes, and then a detailed discussion of SE designs in terms of index structure. And provide search functionality. There is also a comparison of SE design analysis in terms of security, performance and security. In addition, we talked about the challenges, leading directions and applications of SE schemes. Cloud storagei· Searchable encryptioni· Privacy preservingi· Search  functionalityi· Security http://monadi.isc.org.ir/article-1-184-en.html http://monadi.isc.org.ir/article-1-184-en.pdf

انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 9 2 2021 2 1 Provide a New Way to Detect emails\'s Spam and Phishing and Bank Phishing Using Genetic Algorithms and Prohibited Search 69 80 FA Majid Fani Assistant Professor, Department of Business Management, Islamic Azad University - Babol - Iran Fani@baboliau.ac.ir N MohammadAmin Torabi PhD Student in Business Management, Faculty of Management, University of Tehran, Tehran, Iran torabi628@gmail.com Y Matineh Moghaddam PhD in Business Management, Department of Business Management, Faculty of Management, Economics and Accounting, Payame Noor University, Tehran, Iran Matineh_moghaddam@yahoo.com N Not all phishing attacks are always done in the form of website forgery and telephone phishing. Emails and messages that appear to be sent by the bank and receive information from the user can also be a phishing attack. Feature selection and sample selection are two very important issues in the data processing stage in detecting malicious emails. In particular, identifying spam without data reduction will not be nearly as accurate in the results. Most articles and research have focused on one of these issues, and there are few articles that have worked in combination to detect malicious emails. Therefore, the purpose of the present study is to provide a method to reduce the data in identifying emails by selecting features and samples simultaneously. In the proposed method in this paper, the forbidden search algorithm and the genetic algorithm are used in combination and simultaneously. For the suitability of this method, the evaluation vector machine evaluation function was used. The results showed that the detection rate of spam and e-mails in LineSpam and UCI datasets was 97.28, which was the highest possible value compared to other algorithms proposed in previous studies. Banking Phishing, Spam Detection, Genetic Algorithms, Prohibited Search http://monadi.isc.org.ir/article-1-189-en.html http://monadi.isc.org.ir/article-1-189-en.pdf

انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 9 2 2021 2 1 overview of ways to enhance the security of video surveillance networks using blockchain 81 97 FA Ali Samouti Islamic Azad university- Sabzevar ali.samouti@gmail.com Y Yaser Elmi sola Islamic Azad university- Sabzevar N In recent decades, video surveillance systems have an increasing development that are used to prevent crime and manage facilities with rapid diffusion of  (CCTV)cameras to prevent crime and manage facilities. The video stored in the video surveillance system should be managed comfortably, but sometimes the movies are leaking out to unauthorized people or by unauthorized people, thus violating individual boundaries . CCTV cameras and video surveillance systems are needed today because of the increasing number of crimes, These cameras and video surveillance systems. but because of unsafe storage and data sharing methods, access to movies saved by unauthorized people is possible. The use of existing protocols and security techniques has already been defeated several times by the attackers. It requires an alternative system that should not only be highly secure but not changeable. Video stream generated by surveillance cameras play a crucial role in preventing crime in smart cities. CCTV cameras are necessary for a range of public applications in a smart city; they can become smart sensors that help ensure safety and safety. in this paper, we review the methods and articles presented in the context of blockchain application in visual surveillance systems and compare them. Block chain, surveillance system , privacy, access control http://monadi.isc.org.ir/article-1-190-en.html http://monadi.isc.org.ir/article-1-190-en.pdf