The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Computer networks are typically a shared resource used by many applications for many different purposes. Sometimes the data transmitted between application processes is confidential, and the application users would prefer that others not be able to read it. A firewall is a specially programmed router that sits between a site and the rest of the network. It is a router in the sense that it is connected...
Database audit can strengthen the security of database. Logging database activities is usually the first step of implementing database audit. In this paper, we present a logging scheme for database audit. Unlike native database logging and auditing mechanism, our scheme is to monitor and log database activities through analyzing network traffic. The architecture of our scheme contains three principal...
The botnet construction mechanism (BCM) is one of the key technologies of the botnets and the most important issue to both the attackers and the defenders. To the best of our knowledge, although the BCM has been mentioned in many researching papers, it has not been systemically studied. In this paper, we attempt to discuss the BCM methodically. We first give both the definition and its formalized...
Computer networks are one of those unique gifts of modern science which enriched human life with the blessing of global connectivity. But as the network advanced, intrusions and misuses followed. Consequently, network security has come into issue. Now-a-days intrusion detection systems have become a standard component in security infrastructures. Intrusions typically start with intruders infiltrating...
For assessing the security and optimal strengthening of large enterprise networks, this paper proposes a new approach uses configuration information on firewalls and vulnerability information on all network devices to build defense graphs that show the attack and defense strategy. Some models including a defense graph model, attack-defense taxonomy and cost quantitative model, and Attack-Defense Game...
Exactly assessing the security risk of a network is the key to improving the security level of the network. The hidden Markov model based real time network security risk quantification method can get the risk value dynamically and in real-time, whose input is intrusion detection system alerts. The method is better than the traditional static assessment method. The paper resolves main fault of this...
Intrusion detection systems (IDS) and intrusion prevention systems (IPS) are now considered a mainstream security technology. IDS and IPS are designed to identify security breaches. However, one of the most important problems with current IDS and IPS is the lack of the ldquoenvironmental awarenessrdquo (i.e. security policy, network topology and software). This ignorance triggers many false positives...
This paper describes a forensic logging system that collects fine-grained evidence from target servers and networks. For the logging system, we developed a TCSEC-B1 level secure operating system and a dedicated network processor that collects network traffic. The logging system is also capable of protecting servers from malicious attacks as well as allowing security managers to obtain forensic evidences...
In modern Collaborative Manufacturing, different security mechanisms of systems bring usage complexities and security risks. Grid Security Infrastructure (GSI) enables secure authentication and communication over computer networks. It is designed and developed on the technology of Java GSS-API, JAAS, Kerberos. The key technologies such as integrating with application server are specially discussed...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.