The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Web applications can leak confidential user information due to the presence of unintended side-channel vulnerabilities in code. One particularly subtle class of side-channel vulnerabilities arises due to resource usage imbalances along different execution paths of a program. Such side-channel vulnerabilities are especially severe if the resource usage imbalance is asymptotic. This paper formalizes...
With the growth of the known malware to more than 600 millions according to AVTest this year, every security solution developed different methods for detecting malicious content. Whether this method consists in signature based detection, emulation, heuristics or different techniques of machine learning, one thing remains a constant in this procedure: a need for a cleanset — a large collection of clean...
This paper proposes an attack pattern mining algorithm to extract attack pattern in massive security logs. The improved fuzzy clustering algorithm is used to generate sequence set. Then PrefixSpan is used to mine frequent sequence from the sequence set. The experimental results show that this algorithm can effectively mine the attack pattern, improve the accuracy and generate more valuable attack...
Nowadays, the attacks on the Internet are becoming more complex, advanced and concealed. A large number of security threats arise. The signature-based detection technology is efficient and simple which is widely used for malicious codes detection system. In this paper, we firstly focus on the principle of the method, and summarize the specific steps to implement it, especially feature extraction,...
We present a novel approach for detecting malicious user activity in databases. Specifically, we propose a new machine learning algorithm for detecting attacks such as a stolen user account or illegal use by a user. Our algorithm relies on two main components that examine the consistency of a user's activity and compare it with activity patterns learned from past access. The first component tests...
Content Security Policy (CSP) is powerful client-side security layer that helps in mitigating and detecting wide ranges of web attacks including cross-site scripting (XSS). However, utilizing CSP by site administrators is a fallible process and may require significant changes in web application code. In this paper, we propose an approach to help site administers to overcome these limitations in order...
Peer review has long been used in education to provide students more timely feedback and allow them to learn from each other's work. In large courses and MOOCs, there is also interest in having students determine, or help determine, their classmates' grades. This requires a way to tell which peer reviewers' scores are credible. This can be done by comparing scores assigned by different reviewers with...
The increasing use of networked sensor systems and networked databases has led to an increased interest in incorporating encryption directly into sensor algorithms and database analytics. Matlab is the dominant tool for rapid prototyping of sensor algorithms and has extensive database analytics capabilities. The advent of high level and high performance Galois Field mathematical environments allows...
Choosing and implementing technologies to extract value from big data are constant challenges for business and governments alike. This paper describes the design and implementation of a data mining tool to analyze the XML data of the U.S. university campus crimes. The main aim of this tool is to extract data stored in XML documents and to provide summarized information that can help students in determining...
The negative database (NDB) is a new technique for privacy preserving and information hiding. It hides information by storing the complementary set instead of the original data. In order to protect the hidden information, NDBs should be hard-to-reverse. In this paper, we propose the Khidden algorithm for generating hard-to-reverse NDBs (called Khidden-NDBs). The K-hidden algorithm could be controlled...
With the development of cloud computing, there is a growing number of virtual machines (VMs) in the IaaS cloud. The VM owners can install different kinds of software on demand. However, if the software is not updated in time, it would be a great threat to the security of the cloud. But for the VM owners, it is a tedious task to keep all of the installed software up to date. In this paper we present...
Privacy is an increasing concern as the number of databases containing personal information grows. Differential privacy algorithms can be used to provide safe database queries through the insertion of noise. Attackers cannot recover pieces of the initial data with certainty, but this comes at the cost of data utility. Noise insertion leads to errors, and signal to noise ratio can become an issue....
An important research issue in the design of web application is protecting the front end web application from unauthorized access. Normally the web application is in the front end and database is in the back end and can be accessible using web browser. The database contains valuable information and it is the target for the attackers. There are many security issues in the back end database and many...
Cloud computing has brought many advantages to companies and computer users. It allows different service providers to distribute many applications as services in an economical way. Therefore, many users and companies have begun using cloud computing. However, they are concerned about their data when they store it on a third party, the cloud. Fears of leakage of sensitive data or loss of privacy make...
To found security events from web logs has become an important aspect of network security. This paper proposes a website anomaly detection model based on security-log-analysis. After creating a anomaly feature sets of the model, C4.5 algorithm was used to improve feature sets, making the abnormal records in feature sets store hierarchically. Compared logs in website with the treated feature stes,...
The role of the intrusion detection system is to enforce the pattern matching policies decided for the network. Basically Proposed IDS executes on the KDD'99 Data set, this data set is used in international level for evaluating/calculating the performance of various intrusion detection systems (IDS). First step is association phase in which frequent item set are produced by apriori algorithm. The...
Hadoop has become the most used framework for data intensive processes such as mapreduce. Business intelligence and technology forecasting has played a big part in enhancing the popularity of Hadoop framework. In this paper we have proposed an improvement for apache Hadoop yarn (also known as Hadoop 2.0) architecture. Container nodes, application master, resource manager and the pool of resources...
In this paper, a secured web based online subjective image evaluation system has been proposed to assess different image processing algorithms. Since many image processing algorithms are designed to enhance the human perception of available image cues, subjective evaluation plays an important role in the assessment of the same. The proposed technique assesses several similar processes by accumulation...
Network vulnerability can be analyzed automatically by attack graph. Attack graph tools can generate attack paths in network and show users the network vulnerabilities analyzing process for network security risk analysis. There are some problems such as state space explosion, the high complexity of algorithms, being difficult to demonstrate graphically, and so on, for attack graph generation and visualization...
With the increasing demand and popularity in wireless mobile technologies, more and more applications have been developed in the market to use the technologies and to achieve higher work efficiency to facilitate client users to fetch and manage information anytime and anywhere. In this paper, an investigation and analysis report of NFC (Near Field Communication) technology in mHealthcare (mobile healthcare)...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.