The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Alerts correlation techniques have been widely used to provide intelligent and stateful detection methodologies. This is to understand attack steps and predict the expected sequence of events. However, most of the proposed systems are based on rule - based mechanisms which are tedious and error prone. Other methods are based on statistical modeling, these are unable to identify causal relationships...
This paper represents a method for generating a fingerprint template for smart card. Especially, to enhance the security of the stored template, we propose a new approach for adding chaff features using real minutiae information.
Log event correlation is an effective means of detecting system faults and security breaches encountered in information technology environments. Centralized, database-driven log event correlation is common, but suffers from flaws such as high network bandwidth utilization, significant requirements for system resources, and difficulty in detecting certain suspicious behaviors. Distributed event correlation...
Security people are constantly presented with circumstances in which causation is rather unclear, and our desire to discover it is irresistible. Code-complexity measures do seem to be highest in applications that have rather a lot to do. Having massive numbers of code paths does make security hard because massive numbers of code paths means a large attack surface, but massive numbers of code paths...
In the e-commerce transaction process, varieties of network fraud problems occurred frequently. A C2C service reputation evaluation model under Cloud computing is Proposed. Firstly, the paper analyzes the four factors impact reputation evaluation under the cloud computing environment, and analysis the weights of each factor quantitatively. Secondly, a method to calculate the long-time reputation,...
With the growing and developing of internet technology, it also brings in the popularity of online group buying. This study aims to investigate the reason and motivation that make consumers enthusiastic about online group buying. Several factors are examined, including price, community trust, conformity, involvement and perceived risk. We collected 497 questionnaire surveys and received 411 effective...
Security Information Fusion System has recently become one of the major topics in the research area of information security. A great deal of security devices and components have been deployed in network information systems. While improving the systems security performance, they produced lots of redundant or unreliable information. Through the technologies of alert fusion and correlation analysis,...
The advent of digital forensic techniques imposes great challenges to the security of image disguise where tampering is involved to conceal the existence of sensitive objects in the source image. As a consequence, image interpolation that is a prerequisite step in image disguise should be adapted to be forensic resistant. This paper proposes a novel and secure interpolation method to facilitate image...
As the undergraduate are the prosperous consumers in future, their consumption behaviours are important for the success of the online retailers. Recently the B2C and C2C of e-commerce has brought great benefits to the consumer and merchant. According to the theory of reasoned action(TRA) developed by Martin Fishbein and the theory of planned behavior (TPB) proposed by Icek Ajzen, a widely survey are...
Intrusion Detection Systems (IDS) have been used widely to detect malicious behavior in network communication and hosts. IDS management is an important capability for distributed IDS solutions, which makes it possible to integrate and handle different types of sensors or collect and synthesize alerts generated from multiple hosts located in the distributed environment. Sophisticated attacks are difficult...
In the open distributed environment, the knowledge of belief is absent for the entity with which we will contact, so the recommendation trust is very important for the distributed system. In this paper a recommendation trust model is proposed based on encouragement and punishment. In the model, the trust value of any entity consists of trading reputation value and recommendation reputation value,...
This paper proposes a novel hierarchical mobile-agent-based Security Operation Center (HMSOC) to overcome traditional SOC vulnerability in a fixed location suffering single point of failure attack. Furthermore, each division has its own alert and aggregation methodology. By IDMEF, session and timer methods, data from various divisions are fused and correlated efficiently in our proposed HMSOC. A prototype...
Index partitioning techniques-where indexes are broken into multiple distinct sub-indexes-are a proven way to improve metadata search speeds and scalability for large file systems, permitting early triage of the file system. A partitioned metadata index can rule out irrelevant files and quickly focus on files that are more likely to match the search criteria. Also, in a large file system that contains...
Although event recording on a computer system (also known as logging) is of utmost importance for reconstructing and detecting security relevant events, currently no adequate and sophisticated solution for complex environments, such as Grid and Cloud Computing, exist. Current LOG file formats lack of several important factors, hindering automatic evaluation needed for distributed systems to comply...
Many factors are believed to increase the vulnerability of software system; for example, the more widely deployed or popular is a software system the more likely it is to be attacked. Early identification of defects has been a widely investigated topic in software engineering research. Early identification of software vulnerabilities can help mitigate these attacks to a large degree by focusing better...
A security situation assessment model is proposed in this paper. One of the math function and the rectification function are used to design the experience function in the theory of evidence. Then the theory of evidence is brought into the security situation assessment. From correlating and fusing the data which is provided by the sensors deployed in network to depicting the curve of security situation,...
A common challenge for applications requiring information and knowledge fusion is the conversion of data streams into knowledge adapted to the context of usage. In the context of the project Integrated Mobile Security Kit, this paper focuses on the knowledge fusion sub-system. It integrates different fusion aspects based on a common domain model and embedded into a distributed and mobile infrastructure...
Government computer systems and networks are under increasing attack from foreign governments, organized crime, and other malicious attackers. Security best practice checklists are commonly used to ensure the protection of government computer systems. However, experimental validation of the recommended security measures is lacking. Additionally, administrators have no way to compare the effectiveness...
In 2008, 90 million citizens in the United States used electronic tax filing to submit their federal tax returns. Yet these adopters represent only a subset of the population. Citizen concerns regarding the security of this electronic option still serve as a barrier to e-file adoption. In this study, we propose a model of e-file adoption that integrates technology acceptance, optimism bias, reputation...
In the past few years, IRC bots, malicious programs which are remotely controlled by attackers through IRC servers, have become a major threat to the Internet and for users. These bots can be used in different malicious ways such as issuing distributed denial of services attacks to shut down other networks and services, keystrokes logging, spamming, traffic sniffing cause serious disruption on networks...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.