The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Information and communication technologies have been widely adopted in most of educational institutions to support e-Learning through different learning methodologies such as computer supported collaborative learning, which has become one of the most influencing learning paradigms. In this context, e-Learning stakeholders, are increasingly demanding new requirements, among them, information security...
Along with the wide use of web application, XSS vulnerability has become one of the most common security problems and caused many serious losses. In this paper, on the basis of database query language technique, we put forward a static analysis method of XSS defect detection of java web application by analyzing data flow reversely. This method first converts the JSP file to a Servlet file, and then...
Network security analysts presently lack tools for routinely screening large collections of network traffic for structures of interest. This is particularly the case when the structures of interest are embodied as summaries of sets of related traffic, essentially behaviour descriptions. This paper sketches a methodology to provide such capability, in the context of flow data. The methodology generates...
Analyzing the role of target-related information in a security attack is an understudied topic in the behavioral information security research field. This paper presents an empirical investigation of the effect of adding information about the target in phishing attacks. Data was collected by conducting two phishing experiments using a sample of 158 employees at five Swedish organizations. The first...
The intensive growth of processing power, data storage and transmission capabilities has revolutionized many aspects of science. These resources are essential to achieve high-quality results in many application areas. In this context, the University of Luxembourg (UL) operates since 2007 an High Performance Computing (HPC) facility and the related storage by a very small team. The aspect of bridging...
We collected social media network data from the site Twitter to explore the ‘language of the wire’ and how users of digital environments conceptualise trust. Our underlying aim is to gather insights that can inform the design of an interface that assists users to negotiate trust. From our pilot study exploring and developing new methods, we found that the words ‘love’, ‘faith’, ‘god’ and ‘believe’...
Opacity is an important security property dealing with the hiding and keeping secret, a subset of a system's behaviour from external observers. A system is characterised as "opaque" if it can effectively hide specific actions from an intruder or attacker. As the need for opacity, and similar fundamental secrecy properties may arise in a wide range of applications and sectors, like health...
This paper proposes a trustworthiness model for the design of secure learning assessment in on-line collaborative learning groups. Although computer supported collaborative learning has been widely adopted in many educational institutions over the last decade, there exist still drawbacks which limit their potential in collaborative learning activities. Among these limitations, we investigate information...
The threat that insiders pose to businesses, institutions and governmental organisations continues to be of serious concern. Recent industry surveys and academic literature provide unequivocal evidence to support the significance of this threat and its prevalence. Despite this, however, there is still no unifying framework to fully characterise insider attacks and to facilitate an understanding of...
Organizations often suffer harm from individuals who bear no malice against them but whose actions unintentionally expose the organizations to risk-the unintentional insider threat (UIT). In this paper we examine UIT cases that derive from social engineering exploits. We report on our efforts to collect and analyze data from UIT social engineering incidents to identify possible behavioral and technical...
In this paper, we introduce a simulation-based, evolutionary approach for analyzing and improving the security of complex information systems. Rather than following a purely technical approach, we bring in a social and behavioral perspective through a combination of conceptual security knowledge modeling, behavioral modeling of threat agents, simulation of attacks, and evolutionary optimization. Based...
The cloud offers attractive options to migrate corporate applications, without any implication for the corporate security manager to manage or to secure physical resources. While this ease of migration is appealing, several security issues arise: can the validity of corporate legal compliance regulations still be ensured for remote data storage? How is it possible to assess the Cloud Service Provider...
Although Quality of Experience (QoE) is pushed forward as a crucial concept in the context of the migration of services to the cloud, only a few studies so far have investigated cloud QoE from a users' point of view. This paper shares insights from an exploratory study on use- and QoE-related aspects of personal cloud services and applications. More concretely, we conducted an online survey (N= 349)...
Traffic safety through inter-vehicular communication is one of the most promising and challenging applications of Vehicular Ad-hoc Networks. In this context, information such as position, direction, and speed, is often broadcast by vehicles so as to facilitate fast multi-hop propagation of possible alert messages. Unfortunately, a malicious vehicle can inject bogus information or cheat about its position...
In this paper we investigate the application of Software Aging and Rejuvenation in the context of Critical Infrastructures and Systems-of-Systems. Explained are the characteristics of Systems-of-Systems and classes of Critical Systems, attributes which define their dependability as a high priority requirement. In addition we survey Software Aging and Rejuvenation establishing founding research and...
3D virtual worlds and game-based simulations are to an increasing degree used for military training. However, there is a lack of research-based methods for using game-based simulations and developing scenarios for educational role-plays in a military context, especially in the area of cultural awareness. The CAMO project (Cultural Awareness in Military Operations) seeks to address these challenges...
Serious games show to have positive impact on training results. Advantages of simulation games lay in the provision of a safe training environment, where users are able to play, test and probe without serious consequences. At the same time, it is important to engage learners by providing a motivating, challenging environment, which becomes meaningful to the player when skills and knowledge acquired...
The cloud computing landscape has recently developed into a spectrum of cloud architectures, leading to a broad range of management tools for similar operations but specialized for certain deployment scenarios. This both hinders the efficient reuse of algorithmic innovations within cloud management operations and increases the heterogeneity between different management systems. Our overarching goal...
Rapid screening requires identifying individuals concealing information promptly and noninvasively. The standard Concealed Information Test (CIT) is not conducive to a rapid screening context, however, researchers are investigating the ability to conduct adaptations of the CIT using noninvasive sensors. The purpose of this paper is to propose a study that will investigate and compare the accuracy...
Online dating is one domain, which would benefit from the application of computational trust. One of the problems with the application of traditional computational trust models, as identified in our previous work, is authenticity of information provided by parties which helps other users ascertain whether they want to go on dates. In this position paper, we suggest a solution: a concordance based...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.