The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Due to the increasing complexity of web and client application's structure, security problem has become more and more critical. Among all the threats reported, SQL Injection Attacks (SQLIAs) have always been top-ranked in recent years, and network logs, which are very important for the detection of SQLIA, are often utilized to analyze the user's attacking behaviors. However, the collection of network...
The Big Data revolution has promised to build a data-driven ecosystem where better decisions are supported by enhanced analytics and data management. However, critical issues still need to be solved in the road that leads to commodization of Big Data Analytics, such as the management of Big Data complexity and the protection of data security and privacy. In this paper, we focus on the first issue...
A proper asset modeling is essential to develop an information security risk assessment in any corporation. A too complex model will take a long development time and may require parameter values difficult to get. On the contrary, a too simple model will provide inaccurate estimations of risks, although it could be developed fast. One of the characteristic that most influences the complexity of the...
This paper addresses the use of events within discrete-event systems modeling formalisms, presenting the concept of event life time when enclosed in the detection of a specific behavior defined by sequences of events. This concept defines the time interval during which a macro-event is valid (a macro-event is an event computed as the result of a pre-defined sequence of events). Two types of life times...
A key pre-distribution scheme (KPS) based on multiple codewords of block codes is presented for wireless sensor networks. The connectivity and security of the proposed KPS, quantified in terms of probabilities of sharing common keys for communications of pairs of nodes and their resilience against colluding nodes, are analytically assessed. The analysis is applicable to both linear and nonlinear codes...
Protecting network-accessible resources from unauthorized use requires understanding of network vulnerability. Building attack models as chains of vulnerability exploits by an attacker can help locate flaws to prevent attacks. This paper presents an approach to automatically analyzing security attack models called exploit-based analysis. By using knowledge about exploitability of network vulnerabilities...
The increased deployment of service centric systems in security critical application contexts poses new challenges to properly test such a system's security. If taking a closer look at the inherent complexity of such applications, sophisticated approaches to testing security are indispensable. In our paper we propose a novel model -- based methodology for the risk -- driven security testing of service...
Service composition is an important means for integrating the individual Web services to create new value added systems that can satisfy complex requirements. However, it is a challenge to analyze security requirements for those applications due to the uncertainty factors in distributive environment. This paper proposes an approach to modeling and analyzing security requirements of service composition...
Permanence of the assurance challenge in computer and communication systems is described and justified. Models and methods of meeting the assurance challenge are briefly outlined.
Computer networks are inevitably attacked as a result of their openness, while network attack usually actualized by exploiting vulnerability existing in network environment. Attack graph, consisted of lots of related atomic attacks, can fully display the exploitation and dependence relations among all of the vulnerabilities existed in network. Thus, it is a very useful tool for network vulnerability...
The impact of failing to develop a shared understanding of the requirements describing and constraining large, complex projects and programs with many, possibly distributed, stakeholders and suppliers is enormous. Traditional engineering methods provide little in the way of taming complexity when synthesising, analysing and communicating the requirements of such projects. The Behavior Engineering...
Large scale software model checking is a difficult problem in part because of the complexity created by inter-procedural function calling. Fastest current solution for this problem claim a polynomial time for only a partial resolution. Static analysis suffers of the same complexity but some work has observed linear time and space complexity for some specific problems. Our research describes how we...
This paper unpacks the relation between task conflict and relationship task by an exploratory research with a sample of 253 persons to, From which five escalation factors were extracted. They are mentality, relation, self-character, environment, psychological distance. An escalation model of task conflict into relationship conflict is built to show different effects of 5 accelerating factors in the...
Attack graphs can reveal the threat of sophisticated multi-step attacks by enumerating possible sequences of exploits leading to the compromise of given critical resources. In order to resolve the current emergence methods of generating attack graphs is difficult to apply to the large-scale complex network system; this paper presents a scalable, bidirectional-based search strategy to generate attack...
Traditional methods for evaluating network security neglect the correlation of network vulnerabilities. To solve this problem, a method based on Colored Petri Net (CPN) modeling is presented. Potential attack sequences are built according to the correlation of network vulnerabilities. The weakness and key paths can be found through analyzing the attack sequences. Simulation results show that the proposed...
As network components are often highly interdependent and interconnected,an adversary outside can take advantage of multiple vulnerabilities in unexpected ways, incrementally penetrate a network and compromise critical systems. Attack graph is commonly used for analyzing network security level for its capability in reflecting all network vulnerabilities and their inter relationships. However, attack...
Security modeling is an important part of software security, especially when it comes to making security knowledge more easily accessible. The purpose of this paper is to give an overview of some of the current approaches to graphical security modeling and present an initial study related to benefits of tool support.Our working hypothesis is that specialized security modeling tools will substantially...
Infrastructures are becoming more and more interoperable, while stakeholders are not aware of the overall behavior. In order achieve a global awareness, in this paper the need for cooperation is stressed; however, due to security and commercial issues, only few, very abstract data can be shared.In this paper a distributed interdependency estimation framework is provided, able to grant a minimal disclosure...
A quantitative risk evaluation method for network security is proposed based on analyzing the process that attackers intrude network. The analysis depends on modeling attack activities and attack processes by tracking the transferring of safety states. Three key factors of risk evaluation about assets, threats and vulnerabilities are identified and quantified. Especially the attack probability indexes...
A multilevel security (MLS) model with credibility characteristics, the credibility-based Bell-LaPadula (CBLP) security model, has been proposed to resolve the problem of trusted subjectspsila hidden security flaw and poor system usability in present MLS systems in the previous paper of the authors. A sampling statistics method is proposed in this paper to evaluate the availability of the CBLP model...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.