The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
To determine the choice of information security solutions, the method based on entropy weight was given to compute the weights of indexes of the solutions. And then, the weights were used to evaluate the solutions by multi-attributes decision and ideal indexes method. The gray situation decision-making was introduced for solutions decision, and entropy weights were also used with gray solution decision...
A common misconception concerning Insider Threat is that the information infrastructure is at considerable risk from technical issues. In fact, Insider Threat is a multidisciplinary concept across many different fields, including personnel security, environment security and technology security. All aspects regarding Insider Threat must be addressed in a well-structured and holistic manner, failure...
There have been several studies on using computer technologies to improve elections and these studies lead to widespread adoption of ldquodirect recording electronicrdquo (DRE) voting systems in recent years. In an electronic-voting system, voters go to their voting places and prove that they are allowed to vote there by presenting an ID card with signet. After this, the voter is given a token that...
Efficient intrusion detection system (IDS) management is a prominent capability for distributed IDS solutions, which makes it possible to integrate and handle different types of sensors or collect and synthesize alerts generated from multiple hosts located in a loosely coupled environment. Extensibility is the main requirement for most of IDS management systems. The concept of virtualization has been...
Network security situation awareness (NSSA) is a hotspot in the network security research field, based on the security situation values, decision makers can be aware of the actual security situation of their networks and then make rational decision to make their networks safer. In this paper, we build a multi-level quantization model for NSSA firstly; this model is comprised of three levels, namely,...
In this article, we proposed an intrusion prevention system, named cumulative-sum-based intrusion prevention system (CSIPS) which detects malicious behaviors, attacks and distributed attacks launched to remote clients and local hosts based on the cumulative sum (CUSUM) algorithm. Experimental results show that CSIPSs in a united defense environment can carry out a higher security level for the environment.
In this paper, we propose an agent_based distributed intrusion detection architecture, which detects DoS/DDoS attacks by comparing source IP addresses' normal and current connection frequencies. First, we collect source IPs' packet statistics to obtain their normal packet distribution. When current statistics suddenly increase, very often it is an attack. Experimental results show that this approach...
This paper proposes a new method aiming at integrating the safety analysis in software design and development. Model Driven Architecture is used for the basic framework. By making use of UML extension, UMLsec models the Platform Independent Model of software safety, which achieves more safety requirements in the initial stage of the system design cycle. This approach reduces the risk and the cost...
Radio Frequency Identification (RFID) technologies have been standardized and commercialized, but privacy problem is a major challenge due to no ideal solution used in RFID system. We propose an efficient authentication protocol conforming to the EPCglobal standard for RFID security system to solve the privacy problem such as tracing and eavesdropping. Firstly we provide a comprehensive discussion...
Nowadays, the security of Web pages becomes very important. Zhao and Lu had proposed a PCA-based watermarking scheme for Web pages; their scheme is an effective tool for tamper-proof of Web pages. However, the PCA algorithm is time-consuming, especially when the size of Web page is too large. In this paper, we proposed two novel fragile Web page watermarking schemes, in which simple principal component...
A defense system against UDP flooding attack with artificial immune detection was put forward, and four sections detection with weight was proposed based on considering the uncontinuity of IP address. Eigenvalue matching was introduced based on analyzing the r-continuous bits matching rule. Using the new matching rule the negative selection algorithm was improved both in detector generation and "black...
To rapidly detect attack and properly do response , a lightweight and fast detection mechanism for traffic flooding attacks is proposed, which use SNMP MIB statistical data gathered from SNMP agents, instead of raw packet data from network links and a machine learning approach based on a support vector machine (SVM) for attack classification. The involved SNMP MIB variables are selected by an effective...
Analyzing distance-based and density-based outlier detection techniques, this paper introduces an idea based on gravity, which not only considers the distance between pairs of data points, but also pays attention to the density of a data object's neighbors. We apply it to the anomaly intrusion detection and a new detection method named gravity-based anomaly intrusion detection algorithm (GAIDA) is...
The recent era has witnessed tremendous increase in the usage of computer network applications. Users of any type and requirement are compelled to be on a network. Today, the computer has become a network machine rather than a standalone system. This has generated challenges to the network security devices in terms of accuracy and reliability.Intrusion Detection Systems (IDS) are designed for the...
Comparing with the common operating system, the secure operating system can provide the user with a more safe and reliable operating platform of the computer system. The testing to the security functions of the secure operating system has become the important measure to verify its security. On the basis of the standard on the evaluation of the security of the information technology made by China (GB/T18336-2001),...
Almost all of United Nations member countries are now operating government Web sites-called e-government. Its implementation is based on information technology which is now as important as tanks, ships, and aircraft in any nation's defense. So nowadays, with the fast development of information technology, e-government security is considered one of the crucial factors for achieving an advanced stage...
The link between security engineering and systems engineering exists at the earliest stage of systems development, and, as a whole, there is sufficient evidence to suggest the discipline of security engineering is sufficiently mature to support its implementation. However, there is little in the literature on the practical application of security engineering and even less empirical work grounded in...
With the development of technology, the interdependence of various infrastructures has increased, which also enhanced their vulnerabilities. The national information infrastructure security concerns the nation's stability and economic security. Risk assessment methodology was introduced into the safeguard of the information infrastructure that is the preference of terrorist attack. Through the analysis...
The purpose of this paper is to identify the threats that exist in Healthcare Information Systems (HIS). The study has been carried out in three different departments namely, Information Technology Department (ITD), Medical Record Department (MRD) and X-Ray Department in one of the leading government supported hospital in Malaysia. The hospital was equipped with Total Hospital Information System (THIS)...
With the development and wide application of WSN (Wireless Sensor Network), the information security becomes a serious problem, especially when the WSN applied in military field. Whereas the general WSN routing protocols focus on the transmission efficiency, reliability and energy-efficiency, not on the security. This paper integrates the international popular AES encryption standard, RSA public-key...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.