The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Our network infrastructure is exposed to persistent threats of DDoS and many unknown attacks. These threats threaten the availability of ISP's network and services. This paper proposes network-based anomalous traffic detection method and presents an anomalous traffic detection system, its architecture and main function blocks. Every five minutes, traffic information and security events are gathered...
The effect of advances in the fields of ubiquitous computing, wireless communications and embedded system design has seen a corresponding rapid improvement of wireless sensor technology. Sensor networks have emerged as a platform for deployment and sustenance of critical applications that require real-time sensing and data acquisition for decision-making purposes. A significant number of malicious...
Since automated fault localization can improve the efficiency of both the testing and debugging process, it comes to an indispensable part of high security and reliable software development for the computer networks. A novel software fault localization framework: Variable Stress Reaction (VSR) is proposed in this paper, which works well for data type overflow detection. The experimental results show...
Based on the analysis of the characteristics in the E-Commerce system and safety risk, the author has focused on the Fuzzy-ETA (event tree analyse)-FTA(fault tree analyse) method applied in the process risk management of R&D projects. The author has analyzed the possibility of an integration of EAT-FAT, and solved the problems in the integration of The Gray Synthetic Evaluation Theory by applying...
We present an optimization technique for model-based generation of test cases for firewalls. Starting from a formal model for firewall policies in higher-order logic, we derive a collection of semantics-preserving policy transformation rules and an algorithm that optimizes the specification with respect of the number of test cases required for path coverage. The correctness of the rules and the algorithm...
Computer networks are typically a shared resource used by many applications for many different purposes. Sometimes the data transmitted between application processes is confidential, and the application users would prefer that others not be able to read it. A firewall is a specially programmed router that sits between a site and the rest of the network. It is a router in the sense that it is connected...
Computer network operation (CNO) decision making activity includes three sub-activities: mission definition, scheme design and scheme evaluation. Scheme design produces many attack schemes of the same target. During scheme evaluation, attack schemes are evaluated and the comparatively optimal one is selected as course of action (COA) based on certain criterions. In this study, a multiple criteria...
A novel IDS model based on Bayesian fusion approach is studied in this paper. The model comprises several parts such as the pixel level fusion, feature level fusion, decision-making level fusion and so on. Experiments show that the model could result in a better recognition of attacks through processing procedures including noise reduction, feature extraction, inference and decision-making.
Malicious software is one of the most popular security threats of computer networks. It is difficult for traditional solutions to deal with dynamical and variable behaviors against malicious software. Danger model theory is a hypothesis of artificial immune systems. This hypothesis explains what is malicious from the trend of behaviors in a computer system. This paper presented a novel idea that malicious...
Computer networks are vulnerable to attacks, where the network infrastructure itself is targeted. Emerging router designs, which use software-programmable embedded processors, increase the vulnerability to such attacks. We present the design of a secure packet processing platform (SPPP) that can protect these router systems. We use an instruction-level monitoring system to detect deviations in processing...
This paper combines the results of research on social psychology, and has designed a trust model for rumor spreading. It is considered that when information exchanges between people, the trust of information is related to the interpersonal closeness. In addition, this paper uses Monte Carlo method to find the key source nodes in rumor spreading by comparing the total number of spread nodes and spreading...
This paper considers security requirements for automotive on-board networks and describes the processes used for identifying and prioritizing such requirements. The security engineering process starts from use cases for automotive onboard networks that require wireless communication interfaces and involves an investigation of security threat scenarios and the assessment of the relative risks associated...
Database audit can strengthen the security of database. Logging database activities is usually the first step of implementing database audit. In this paper, we present a logging scheme for database audit. Unlike native database logging and auditing mechanism, our scheme is to monitor and log database activities through analyzing network traffic. The architecture of our scheme contains three principal...
One of topical tasks of policy-based security management is checking that the security policy stated in organization corresponds to its implementation in the computer network. The paper considers an approach to proactive monitoring of security policy performance and security mechanisms functioning. This approach is based on different strategies of automatic imitation of possible users' actions in...
Under intrusion or abnormal attack, how to autonomously supply service, without being degraded, to users is the ultimate goal of network security technology. Based on Martingale Difference Approximation principle, a System Service Optimization Model (MDAO) is proposed. According to the prior self optimizing knowledge and parameter information of inner environment, MDAO searches the convergence trend...
At present, the focus of network security research mainly centers on the increase of detection ability of a single detection tool. For example, improve the accuracy and detection efficiency of firewall and intrusion detection system but despise the defense ability of the whole network system. This paper puts forward the concept of network active defense system and emphatically analyzes its architecture,...
We perform a game theoretic investigation of the effects of deception on the interactions between an attacker and a defender of a computer network. The defender can employ camouflage by either disguising a normal system as a honeypot, or by disguising a honeypot as a normal system. We model the interactions between defender and attacker using a signaling game, a non-cooperative two player dynamic...
To address the scalability problem in attack graphs generation, we propose a novel method to generate attack graphs automatically. Our approach constructs a two- tier attack graph framework, which includes a host access graph and some sub-attack graphs. A sub-attack graph describes concrete attack scenarios from one source host to one target host, while the host access graph describes the attacker's...
The botnet construction mechanism (BCM) is one of the key technologies of the botnets and the most important issue to both the attackers and the defenders. To the best of our knowledge, although the BCM has been mentioned in many researching papers, it has not been systemically studied. In this paper, we attempt to discuss the BCM methodically. We first give both the definition and its formalized...
The underpinning of situational awareness in computer networks is to identify adversaries, estimate impact of attacks, evaluate risks, understand situations and make sound decisions on how to protect valued assets swiftly and accurately. SA also underscores situation assessment in order to make accurate forecast in dynamic and complex environments. In this paper, situational awareness in computer...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.