The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This article presents a new method of steganographic keys generation for secret key visual steganography, when there is a need of embedding many secret messages in one container. The main assumptions which such algorithm has to meet are such that there should be no conflicts in generated keys, in other words keys cannot indicate the same positions (determining the way of secret image distribution...
Nowadays, by spreading the usage of the Internet, having a secure communication channels for providing a safe network, is needed. Firewalls are not sufficient enough to prevent attacks among computer networks, because internal attacks are incontrollable. For prevention of these internal attacks, unauthorized intrusion detection systems will be used to secure the network. In this paper, firstly, we...
The following topics are dealt with: information systems; software engineering; database; data mining; networking; security; privacy; image processing; information processing; computer networks performance analysis; education and teaching informatics.
Computer network operation (CNO) decision making activity includes three sub-activities: mission definition, scheme design and scheme evaluation. Scheme design produces many attack schemes of the same target. During scheme evaluation, attack schemes are evaluated and the comparatively optimal one is selected as course of action (COA) based on certain criterions. In this study, a multiple criteria...
Intrusion detection systems (IDS) as a part of today's networks raise millions of low-level alerts every day. Consequently, it is difficult for human to analyze them. Alert correlation techniques have been developed during recent years to decrease the number of alerts and provide a high-level abstraction of them for a network administrator. In this paper, we suggest a new method for correlating alerts...
Computer networks are vulnerable to attacks, where the network infrastructure itself is targeted. Emerging router designs, which use software-programmable embedded processors, increase the vulnerability to such attacks. We present the design of a secure packet processing platform (SPPP) that can protect these router systems. We use an instruction-level monitoring system to detect deviations in processing...
Network vulnerability assessment has carried out a certain degree of research work in relative field. The common method for vulnerability assessment is hierarchical asset vulnerability assessment, in which vulnerability value is fixed and the weight of service is subjective. Thus the accuracy of calculation depends on experience and judgment. In this paper, according to CVSS (Common Vulnerability...
This paper combines the results of research on social psychology, and has designed a trust model for rumor spreading. It is considered that when information exchanges between people, the trust of information is related to the interpersonal closeness. In addition, this paper uses Monte Carlo method to find the key source nodes in rumor spreading by comparing the total number of spread nodes and spreading...
Under intrusion or abnormal attack, how to autonomously supply service, without being degraded, to users is the ultimate goal of network security technology. Based on Martingale Difference Approximation principle, a System Service Optimization Model (MDAO) is proposed. According to the prior self optimizing knowledge and parameter information of inner environment, MDAO searches the convergence trend...
Firewalls enforce a security policy by inspecting packets arriving or departing a network. This is often accomplished by sequentially comparing the policy rules with the header of an arriving packet until the first match is found. This process becomes time consuming as policies become larger and more complex. Therefore determining the appropriate action for arriving packets must be done as quickly...
We perform a game theoretic investigation of the effects of deception on the interactions between an attacker and a defender of a computer network. The defender can employ camouflage by either disguising a normal system as a honeypot, or by disguising a honeypot as a normal system. We model the interactions between defender and attacker using a signaling game, a non-cooperative two player dynamic...
To address the scalability problem in attack graphs generation, we propose a novel method to generate attack graphs automatically. Our approach constructs a two- tier attack graph framework, which includes a host access graph and some sub-attack graphs. A sub-attack graph describes concrete attack scenarios from one source host to one target host, while the host access graph describes the attacker's...
The botnet construction mechanism (BCM) is one of the key technologies of the botnets and the most important issue to both the attackers and the defenders. To the best of our knowledge, although the BCM has been mentioned in many researching papers, it has not been systemically studied. In this paper, we attempt to discuss the BCM methodically. We first give both the definition and its formalized...
With the rapid development of computer network, the network is confronting a growing number of threats. Therefore, it is very important to assess the risks for the network information system. This paper draws data mining technology based on association rules into the field of risk assessment, demonstrating a network security risk assessment model based on association rules. The model mines data from...
The configuration of firewalls is highly error prone and automated solution are needed in order to analyze its correctness. We propose a formal and automatic method for checking whether a firewall reacts correctly with respect to a security policy given in an high level declarative language. When errors are detected, some feedback is returned to the user in order to correct the firewall configuration...
Network security situation is a hot research realm in the area of network security, which helps security analysts to solve the challenges they encounter. This paper presents the evaluation index, and the characteristic attributes to describe the state of network situation, discusses the grey model includes grey correlation model and grey forecast algorithm to get the evaluation index and predication...
Node behavior profiling is a promising tool for many aspects in network security. In our research, our goal is to couple node behavior profiles with statistical tests with a focus on enterprise security. Limited work has been done in the literature. In this paper, we first propose a correlation based node behavior profiling approach to study node behaviors in enterprise network environments. We then...
When there is a need to compare the characteristics of several similar global communications systems, security is often an important factor to consider in the comparison. However, in most situations it is difficult to deduce whether a system is more secure than other; and it is even more difficult to deduce how much more secure a system is compared to another. This paper presents a method based on...
Threats against computer networks evolve very fast and require more and more complex measures. We argue that teams respectively groups with a common purpose for intrusion detection and prevention improve the measures against rapid propagating attacks similar to the concept of teams solving complex tasks known from field of work sociology. Collaboration in this sense is not easy task especially for...
In 2008, Zhu-Wu showed that the redefined Liawpsilas broadcasting cryptosystem is still insecure in that an unauthorized user is able to obtain the shared secret, which is only intended for certain privileged users. However, Zhu-Wu did not provide an improvement of the redefined Liawpsilas broadcasting cryptosystem. In addition, we found that the redefined Liawpsilas broadcasting cryptosystem has...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.