The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Due to the increasing complexity of web and client application's structure, security problem has become more and more critical. Among all the threats reported, SQL Injection Attacks (SQLIAs) have always been top-ranked in recent years, and network logs, which are very important for the detection of SQLIA, are often utilized to analyze the user's attacking behaviors. However, the collection of network...
Based on fresh random challenge response authentication and key agreement, access control, priority control mechanisms, this paper puts forward a security protection communication protocol to guarantee the data transmission security of electricity acquisition terminal and the acquisition host. From the angle of attack detection, this proposed protocol was proved that can resists replay attack, counterfeit...
SQL Injection Vulnerability (SQLIV) has been the top-ranked threat to the Web security consistently for many years. Penetration tests, which are a most widely adopted technique to detect SQLIV, are usually affected by testing inaccuracy. This problem is even worse in inferencebased, blind penetration tests for online Web sites, where Web page variations (such as those caused by inbuilt dynamic modules...
Recent analysis shows that the callback sequences are of great importance in the analysis of Android applications (apps for short), due to the app's event-driven nature. However, existing works only extract a part of the callback sequences, depending on the need for their specific properties. We propose App Genome sequencing, an automatic fine-grained callback extraction, covering lifecycle and non-lifecycle,...
Based on role-based access control, the conception of Hierarchical role is proposed. For the dynamics of Cloud computing environment, we divided the trusted level of the users and updated the trusted value of the users in real time. Then we allocated the corresponding role according to the trusted value. In the traditional access control model, system's security control strength was fixed. Once the...
Secret key generation by extracting the shared randomness in wireless fading channel is a promising way to ensure wireless communication security. Previous works only consider key generation in static networks, but real-world key establishments are usually dynamic. In this work, for the first time we investigate the pairwise key generation in dynamic wireless networks with a center node (eg. access...
The penetration test is a crucial way to enhance the security of web applications. Improving accuracy is the core issue of the penetration test research. The test case is an important factor affecting the penetration test accuracy. In this paper, we discuss how to generate more effective penetration test case inputs to detect the SQL injection vulnerability hidden behind the inadequate blacklist filter...
The article firstly discusses the design purpose and method of the data communication system based on the Delphi, secondly, utilized the typical Client /Server model, a point-to-point messaging platform in LAN has been achieved, which utilized the core of the program in Socket components(TcpServer and TcpClient)for the bottom of Communication network based on Delphi. The platform has achieved the...
Trust quantification is an important issue of dynamic trust management. Trust is fuzzy and dynamic, if exact math tools are used to calculate trust, there is information missing in the calculation. In this paper, we use fuzzy comprehensive evaluation method to quantify trust and propose a trust quantification algorithm. Simulation results show that the trust quantification algorithm can effectively...
Privacy is one of the most important issues in providing high-quality ubiquitous network services to users over the Internet. Although several privacy aware access control models have been proposed in recent years, these models still rely mostly on the traditional access control models designed primarily for security. When privacy becomes a main concern, these models are no longer adequate. In this...
Password authentication has been adopted as one of the most commonly used solutions in a network environment to protect resources from unauthorized access. Recently, Shieh et al. and Yoon et al. respectively proposed a smart card based password authentication scheme. We show that these two schemes are both subject to forgery attacks provided that the information stored in the smart card is disclosed...
Password authentication has been adopted as one of the most commonly used solutions in network environments to protect resources from unauthorized access. Recently, Khan et al. proposed an efficient fingerprint-based remote user authentication scheme with smart cards, in which a password/verification table is not required on the remote server, and users are allowed to choose and update their passwords...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.