Serwis Infona wykorzystuje pliki cookies (ciasteczka). Są to wartości tekstowe, zapamiętywane przez przeglądarkę na urządzeniu użytkownika. Nasz serwis ma dostęp do tych wartości oraz wykorzystuje je do zapamiętania danych dotyczących użytkownika, takich jak np. ustawienia (typu widok ekranu, wybór języka interfejsu), zapamiętanie zalogowania. Korzystanie z serwisu Infona oznacza zgodę na zapis informacji i ich wykorzystanie dla celów korzytania z serwisu. Więcej informacji można znaleźć w Polityce prywatności oraz Regulaminie serwisu. Zamknięcie tego okienka potwierdza zapoznanie się z informacją o plikach cookies, akceptację polityki prywatności i regulaminu oraz sposobu wykorzystywania plików cookies w serwisie. Możesz zmienić ustawienia obsługi cookies w swojej przeglądarce.
The potential of full-duplex in communication design has been recently considered for emerging technologies such as 5G. Moreover, full-duplex can play a crucial role in upcoming secure communication scenarios too. However, results in the literature are limited and only explore scenarios, where the wireless channel is used either for key generation or for secure messaging. Our first contribution is...
Applications in computer network security, social media analysis, and other areas rely on analyzing a changing environment. The data is rich in relationships and lends itself to graph analysis. Traditional static graph analysis cannot keep pace with network security applications analyzing nearly one million events per second and social networks like Facebook collecting 500 thousand comments per second...
Recent examples have shown that sophisticated cyber attackers are capable of infiltrating the cyber defenses of major organizations and spreading stealthily through a network, potentially doing significant damage before exploited vulnerabilities can be identified or patches developed. Autonomous systems are particularly vulnerable because they are further removed from human intervention. One emerging...
The world is witnessing exploding interests in big data and its analytics, which makes data a critical and relevant asset more than ever for today's organizations. However, without a proper understanding to security and privacy requirements, data might hardly be used to its full power. Data owners and users can be in risk in terms of information security and privacy when sharing their data and running...
Scripts have been used in different disciplines to characterize how individuals conceptualize the conduct of goal-oriented tasks. Cornish introduced this modelling approach to the field of environmental criminology as a more systematic way to identify offenders’ decisions during the commission of crime. Despite the growing number of articles about crime scripts, there is limited information about...
This talk presents results recently published in Software Testing, Verification and Reliability. In recent years, important efforts have been made for offering a dedicated language for modelling and verifying/proving security protocols. However, verifying the security protocol model does not guarantee that the actual implementation of the protocol will fulfil these properties. In this talk we present...
RecDroid is a smartphone permission response recommendation system which utilizes the responses from expert users in the network to help inexperienced users. However, in such system, malicious users can mislead the recommendation system by providing untruthful responses. Although detection system can be deployed to detect the malicious users, and exclude them from recommendation system, there are...
This paper argues about a new conceptual modeling language for the White-Box (WB) security analysis. In the WB security domain, an attacker may have access to the inner structure of an application or even the entire binary code. It becomes pretty easy for attackers to inspect, reverse engineer, and tamper the application with the information they steal. The basis of this paper is the 14 patterns developed...
Increased use of unmanned systems in various tasks enables users to complete important missions without risking human lives. Nonetheless, these systems pose a huge threat if the operational cyber security is not handled properly, especially for the unmanned aerial vehicle systems (UAVS), which can cause catastrophic damages. Therefore, it is important to check the impact of various attack attempts...
Security management requires quantitative security metrics in order to effectively distribute limited resources and justify investments into security. The problem is not only to select the right security metrics but also to be sure that the selected metrics correctly represent security strength. In this paper, we tackle the problem of formal analysis of different quantitative security metrics. We...
This paper introduces a new method for analyzing Mass Violence Events, and then we make use of Intelligent Artificial and Agent-Based System to deal with them. In the meanwhile, we describe and defy three kinds of agents (cops, activists and civilians), what comes next is that we apply these theories to model and simulate such events. The simulation results show that the behaviors of activists can...
The operation of power systems has become very difficult due the fact that they are operated very close to their operating limits. In order to accurately take into account this uncertainty related to power system operation, component based load model parameters will be utilized to objectively conduct voltage stability studies. Eskom usually utilizes constant power models when conducting power system...
Cyber-Physical Systems (CPS) integrate computation with physical processes. By merging computing and communication with physical processes CPS allows computer systems to monitor and interact with the physical world. However, today's computing and networking abstractions do not adequately reflect the properties of the physical world. This shortcoming necessitates the development of effective methods...
Most network attack models have the problem of lacking ablility to describe all types of attack patterns in deltail, with no consideration of attacker's skill and policy. To address the problem, this paper proposes a well-structured model that abstracts the relation between attacker capability and victim vulnerability, the relation between knowledge, resource and capability of attacker. Both these...
We consider a simplest Markov decision process model for intrusion tolerance, assuming that (i) each attack proceeds through one or more steps before the system's security fails and (ii) defensive responses targeting these intermediate steps may only sometimes thwart the attack. Our analysis shows that, even in the ideal case of perfect detectors, it can be sub-optimal in the long run to employ defensive...
With the growing number of botnet attacks, the botnet detection is becoming increasingly important for the network security. Towards the deficiencies of integrating and analyzing the heterogeneous multi-sensor information in existing botnet detection techniques, a novel information fusion model is proposed. The model is designed to carry out information integration of temporal and spatial dimensions...
Traditional methods for evaluating network security neglect the correlation of network vulnerabilities. To solve this problem, a method based on Colored Petri Net (CPN) modeling is presented. Potential attack sequences are built according to the correlation of network vulnerabilities. The weakness and key paths can be found through analyzing the attack sequences. Simulation results show that the proposed...
Infrastructures are becoming more and more interoperable, while stakeholders are not aware of the overall behavior. In order achieve a global awareness, in this paper the need for cooperation is stressed; however, due to security and commercial issues, only few, very abstract data can be shared.In this paper a distributed interdependency estimation framework is provided, able to grant a minimal disclosure...
Almost every company needs to process invoices to either claim money from their customers or to pay for products or services. Although companies are allowed to electronically process their invoices, most of them still rely on the paper-based invoice process. Within this paper we built upon existing work to develop a methodology for defining a reference model for the electronic invoice based on security...
General network attack graph has a large state space. It affects the efficiency of network attack graph generation greatly. In order to solve this problem, a reverse search based network attack graph generation method is proposed. It starts from the target hosts that the goal of attackers, by analyzing the vulnerabilities and connectivity of them, finds all the middleman hosts, then repeats the search...
Podaj zakres dat dla filtrowania wyświetlonych wyników. Możesz podać datę początkową, końcową lub obie daty. Daty możesz wpisać ręcznie lub wybrać za pomocą kalendarza.