The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
With the development of internet, network is playing an increasingly important part in people's lives, but it is bringing a variety of problems, especially computer security, which has become a serious practical trouble now days. Security audit system is an essential component of computer security mechanisms underlying the firewall and intrusion detection system for computer security. Due to the fact...
Exponential growth of the internet provided new ways of propagating and sharing digital video data. Thus ownership protection of the video data is critical and important in this era. Though there are many standards and technologies available to efficiently share the digital video, almost all of them lack ownership protection mechanism. This paper proposes new compressed domain secure digital watermarking...
This work extends our proposed property-based vulnerability model (VPRG and VPRM) to score the impact of vulnerabilities by: (1) using the model to distinguish the cause- and consequence- factors that later affect the impact score of vulnerabilities and (2) using the scoring algorithm that considers the relationship of properties evolving in the cause- and consequence-set. We use this scoring framework...
k-anonymity is a well-researched mechanism for protecting private information released in Web. It requires that each tuple of a public released table must be indistinguishable from at least other k - 1 tuples. Subject to this constraint, how to release data as useful as possible is challenge. Most previous works try to develop flexible anonymization method to reduce information loss, however, utility...
As the Internet prevails, people access web services directly via web browsers over the network. However, most websites are not developed with sufficient security consideration. Hackers have taken the advantage of web application vulnerabilities to inject malicious codes into web pages. A victim who visits such a malicious web page will be compromised. Therefore, an efficient malicious web detection...
A novel security network storage system based on internet is put forward in this paper. First, the hierarchical model is presented consists of storage client, storage middleware and storage network. Second, two key technologies are proposed in detail including ISCSI protocol and distributed storage network; last experimental results prove that the system can improve the security of network storage...
In the last few years, the number and impact of security attacks over the Internet have been continuously increasing. Since it seems impossible to guarantee complete protection to a system by means of the "classical" prevention mechanisms, the use of Intrusion Detection Systems has emerged as a key element in network security. In this paper we address the problem considering some techniques...
The ability of setting up a covert channel, which allows any two nodes with Internet connections to engage in secretive communication, clearly causes a very serious security concern. A number of recent studies have indeed shown that setting up such covert channels is possible by exploiting the protocol fields in the IP, TCP, or application layer. However, the quality of these covert channels is susceptible...
Data compression algorithms are used to reduce the redundancy and storage requirement for data. Data compression is also an efficient approach to reduce communication costs by using available bandwidth effectively. Over the last decade we have seen an unprecedented explosion in the amount of digital data transmitted via the Internet in the form of text, images, video, sound, computer programs, etc...
Security of Web servers has become a sensitive subject today. Prediction of normal and abnormal request is problematic due to large number of false alarms in many anomaly based intrusion detection systems (IDS). SS-IDS derives automatically the parameter profiles from the analyzed data thereby generating the statistical signatures. Statistical signatures are based on modeling of normal requests and...
Cross-site scripting (XSS) has emerged to one of the most prevalent type of security vulnerabilities. While the reason for the vulnerability primarily lies on the server-side, the actual exploitation is within the victim's Web browser on the client-side. Therefore, an operator of a Web application has only very limited evidence of XSS issues. In this paper, we propose a passive detection system to...
The defense against Distributed Denial of Service (DDoS) attacks is one of the primary concerns on the Internet today. IP spoofing makes it difficult for the victim to determine the packet's true origin. There is a need for a mechanism that could rapidly trace back to the attacks' origins for the victim. This paper presents a two-step traceback scheme to track DDoS attack source by dividing the tracing...
This paper proposes a fractional-step algorithm based on autonomous system(AS) to trace distributed denial of service(DDoS) attack source by dividing the tracing process into two steps. In the first step, Deterministic Packet Marking based on AS(ASDPM) is adopted to determine the attack-originating AS. In the second step, non-repeated probabilistic packet marking(NRPPM) is used to identify the exact...
This paper proposes a novel deterministic packet marking (NDPM) scheme for IP traceback. It mainly marks packets with IP addresses and the number of current autonomous system (AS) through border gateway protocol (BGP) routers. According to the marked information in the packets, victims can not only trace the attack source to the original AS, but also can filter the malicious packets, hence making...
The wide spread use of computer networks in today's society, especially the sudden surge in importance of the World Wide Web, has made computer network security an international priority. Since it is not technically feasible to build a system with no vulnerabilities, intrusion detection (ID) has become an important area for researches. An intrusion that deviates only slightly from a pattern derived...
Software security testing tools and methodologies are presently abundant, and the question no longer seems to be "if to test" for security, but rather "where and when to test" and "then what?". In this paper we present a review of security testing literature, and propose a software security testing scheme that exploits an intra-organisational repository of discovered...
The probabilistic packet marking (PPM) algorithm is a promising way to discover the Internet map or an attack graph that the attack packets traversed during a distributed denial-of-service attack. However, the PPM algorithm is not perfect, as its termination condition is not well defined in the literature. More importantly, without a proper termination condition, the attack graph constructed by the...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.