The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this paper, an Automatic Repeat Request (ARQ)-aided secure polar coding scheme for the wiretap channel is proposed, where the frozen bits of the codes are obtained through the feedback of the legitimate recipient. Then, security of the proposed scheme is investigated, and analytical work proves that, both the reliability condition and security condition can be satisfied, specifically for the non-degraded...
Nowadays, the Internet of Things (IoT) is receiving more attention in commercial and academic research, especially about its security property. However, current protocols cannot satisfy the requirement of various IoT applications and introduce some problems. There are three typical problems: traditional public key infrastructure (PKI) apply in IoT will incur great overhead, wireless sensor network...
With the development of internet, the network connection between Industrial Control System (ICS) and public internet has been becoming more and more closely. What's more, the traditional IT system attacks have been spread to ICS and become more frequently. However, the traditional security analysis of IT system is not enough to be applied to ICS. In this paper, we present a tool called Attack Path...
The Internet of Things (IoT) is a vision for interconnecting all of the world's "things" -- from vehicles to diet scales, smart homes and electrical grids -- through a common set of networking technologies. Realizing this vision using a host-to-host communication paradigm, such as that of the Internet Protocol (IP), is challenging in the context of highly heterogeneous, constrained devices...
In this paper, we analyze both BMH algorithm and QS algorithm, focus on the improvement of QS, and present FQS algorithm which can apply to HTTP data reduction. For building this algorithm, we considered character features of pattern strings in HTTP application data, improved the collating sequence of characters in matching process, and had the bad characters jumping strategy improved for increasing...
With the rapid adoption of Service Oriented Architecture (SOA), increasingly more application-level services are developed through composing service components offered by different service providers. While such application development mode offers advantages in terms of cost-effectiveness and flexibility, application developers cannot understand or deal with risks potentially resulting from vulnerabilities...
LLRP is an interface protocol between RFID Readers and Client. Nowadays, due to the growing number of its adoption and lack of security-related research, this paper proposes an enhanced secure mechanism of Low Level Reader Protocol (LLRP) V1.1 to protect RFID systems from various attacks. This paper first makes an introduction to LLRP and the latest related research, discusses the security vulnerabilities...
In 2012, Guo and Chang proposed a chaotic maps-based password-authenticated key agreement scheme. Their scheme uses smart cards and Chebyshev chaotic maps to enhance the security. After analyzing Guo and Chang's protocol, we find that their scheme does not provide forward secrecy and integrity is absent in password change phase. In this paper, details of the found flaws and some further suggestions...
Due to the unique characteristics of disruption-tolerant networks (DTNs), such as sporadic and unpredictable connectivity, routing protocols in DTNs are facing many challenges. Message propagation follows the manner of store-carry-and-forward and the existing opportunistic data forwards routings under the hypothesis that each individual node is ready to forward packets for others. This hypothesis...
For the information system, Database acts an important role in it. How to find a way to audit the operation of the database is becoming more and more important. An effective database auditing system can not only reduce the potential security risk, also make it possible to trace the source when errors happen. In this paper, we design and implement an effective audit framework. To avoid causing any...
Nowadays networking is secure because we encrypt the confidential messages with the underlying assumption that adversaries in the network are computationally bounded. For traditional routing or network coding, routers know the contents of the packets they receive. Networking is not secure any more if there are eavesdroppers with infinite computational power at routers. Our concern is whether we can...
The connection between PROFIBUS network and Internet can realize remote real-time monitoring device on the fieldbus. This paper conducts detailed analysis and research advance on network security based on the interconnection methods between PROFIBUS and Internet, and proposes a PROFIBUS industrial network security model. An embedded gateway is developed especially for meeting the security requirement...
The roaming service enables mobile subscribers to access the internet service anytime and anywhere, which can fulfill the requirement of ubiquitous access for the emerging paradigm of networking, e.g., the Internet of Things (IoT). In this paper, we propose a conditional privacy-preserving authentication with access linkability (CPAL) for roaming service, to provide universal secure roaming service...
Symbolic Execution based defect discovery techniques for binary programs are now widely applied. However, because of the path explosion problem, it's still not applicable for security analysis on large programs. A great many infeasible paths in the target program also reduce the performance. To fast generate test cases reaching the potentially vulnerable program points, this paper introduces constraints...
Cloud computing, which has emerged as one of the most influential paradigms in the IT industry in recent years, is powered by the concept of virtualization technology. For achieving energy efficiency, load balancing and high availability of physical server in Cloud Data Center, the virtual machines should be migrated from one physical server to another. During the migration process, some steps should...
Radio Frequency Identification (RFID) is one of the key technologies for Internet of Things (IoT). Due to the limitations of processing capability, storage space and power supply of RFID tag, the traditional security mechanisms cannot be used directly. In addition, the existing security threats become more severe towards RFID authentication scheme. In this paper, we propose an Efficient Secure Lightweight...
Network protocol vulnerability detection is paramount to network security. Formalization provides an important way for vulnerability detection. In this paper, we apply TLA, which is a powerful tool for formal analysis, to analyze network protocols. An approach is proposed that aims to detect vulnerabilities of a protocol effectively with the TLA, with the Kerberos protocol being taken as an example...
With the increasing capability of today's smart devices such as smart phones, tablets, TV Set-top-boxes, along the growing Cloud service offers, we see the rising opportunity to bring ubiquitous services to consumers. A device framework that aims to ease the inter-connectivity of local devices and make them aware of surrounding resources is proposed to bring better user experience within physical...
One of the most important benefits of virtualization is Virtual Machine (VM) migration. While the performance of live VM migration is well explored, the security aspects have received very little attention. The extension of trusted computing to virtual systems using vTPMs allows applications in the VM to use the vTPM for secure storage and reporting platform integrity. In this paper, we propose an...
In order to set up universal criteria for measuring and evaluating network security and survivability, this paper presents a novel index system. This index system was built according to the Protection-Detection-Response (PDR) security model and the Resistance-Recognition-Recovery (R3) survivability principle of network in the presence of attacks, failures, or accidents. And all the 24 metrics in the...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.