The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
At present, Thai e-Tailer discover a chance for operating their business in popularly type of virtual merchant via internet channel. Unfortunately, Thai e-Tailer faces to a problem concerning to the low level of trust for making an internet activity in view point of customer. Therefore, this document studied to e-Tailer: virtual merchant regarding to common threat and technological solution on e-Tailer...
The exponentially increasing cyber threats with the expansion of web applications have become the biggest security concern for e-business and information sharing communities. Current survey shows that application layer is more prone to web attacks. Recent survey carried out by Nation Vulnerability Database shows that, on average 15 new vulnerabilities are released per day, thus proved that existing...
Alerts correlation techniques have been widely used to provide intelligent and stateful detection methodologies. This is to understand attack steps and predict the expected sequence of events. However, most of the proposed systems are based on rule - based mechanisms which are tedious and error prone. Other methods are based on statistical modeling, these are unable to identify causal relationships...
In this paper we propose a new method to help managing and supervising security in large networks. We use Fuzzy Description Logics (FDL) to model a composite Intrusion Detection system (CIDS). We show that this hybrid method is more efficient than crisp ones in complex environments.
Does every organization need to reinvent the wheel when it comes to IT security? Not if the IT community can develop a formal knowledge base for sharing and applying IT security management knowledge. Corporate IT security managers have a difficult time staying on top of the endless tide of new technologies and security threats sweeping into their organizations and information systems. The effectiveness...
Today most managing network security systems, especially Intrusion Detection System (IDS), play a significant role in computer societies and due to the evolution of threats, the use of traditional crisp methods are not efficient. It is also clear that high level conceptual modeling eases the complex attack detection process. This paper proposes a new approach in which the benefits of both fuzzy and...
Alerts correlation techniques have been widely used to provide intelligent and stateful detection methodologies. This is to understand attack steps and predict the expected sequence of events. However, most of the proposed systems are based on rule-based mechanisms which are tedious and error prone. Other methods are based on statistical modeling; these are unable to identify causal relationships...
Detecting and identifying security events to provide cyber situation awareness has become an increasingly important task within the network research and development community. We propose a graph similarity-based approach to event detection and identification that integrates a number of techniques to collect time-varying situation information, extract correlations between event attributes, and characterize...
The following topics are dealt with: still and video cameras; analog and digital audio; 3D video; mobile broadband; mobile TV; handheld and wearable computers; personal multimedia devices; advanced DVD and CD; AV streaming to handheld devices; driver assistance; Web services; grid services and service-oriented computing; semantic Web and ontology; Web intelligence; agents and personalization; mobile...
This paper presents a semantic web-based architecture to share alerts among Security Information Management Systems (SIMS). Such architecture is useful if two or more SIMS from different domains need to know information about alerts happening in the other domains, which is of vital importance for an early response to network incidents. For this, each SIMS has a knowledge base that contains the security...
Non Functional Requirements (NFRs) are relative, so are the conflicts among them. In our previously developed catalogue of NFRs conflicts it can be observed that a number of specific pairs of NFRs are claimed to be in conflicts in some cases but they are also claimed not to be in conflict in the other cases. These relative conflicts occur because the positive or negative relationships among NFRs are...
This paper describes how software is able to autonomously adapt its security mechanisms based on knowledge from security ontology. Security adaptation is required because a software's environment changes during run-time. Thus, all security requirements cannot be defined beforehand. To achieve security adaptation, we have combined a security ontology that defines security mechanisms, security objectives,...
This paper demonstrates how to mitigate insider threat in relational databases. Basically, it shows how the execution of the same operations in different orders poses different levels of threat. The model presented in this paper organizes accesses to data items in some sequence so that the expected threat is minimized to the lowest level. In addition, it increases the availability of data items. That...
We address the problem of combining information from diversified sources in a coherent fashion. A generalized evidence processing theory and an architecture for data fusion that accommodates diversified sources of information are presented. Different levels at which data fusion may take place such as the level of dynamics, the level of attributes, and the level of evidence are discussed. A multi-level...
Service composition is a new paradigm for efficient and cost-effective IT service provisioning over the network. To safely and effectively deploy composed services within an organization or among multiple domains, one must be able to specify and enforce a variety of constraints such as those derived from legal regulations, Quality of Service (QoS) requirements and privacy and security policies. In...
Developing effective suspicious activity detection models has drawn more and more interests for supervision agencies and financial institutions in their efforts to combat money laundering. Most previous AML systems were mainly rule-based which suffered from low efficiency and also could be easily learned and evaded by money launders. While most machine learning models for AML were focused on individual...
Water environment monitor is an important component of environmental monitoring system. In this paper, the authors discuss that the solar energy technology, the wireless GPRS network transmission technology, VPN agent technology, sensor technology and information security technology could be employed in the field of hydrology intelligent on-line monitoring to solve the on-site monitoring of power...
Artificial immune systems have recently been implemented in the field of computer security system particularly in intrusion detection and prevention systems. In this paper researchers present an approach to an intrusion prevention system (IPS) which is inspired by the Danger model of immunology. This novel approach used a multi immune agent system that implements a non-linear classification method...
Social networking services that enhance communications at the personal level have recently proliferated to the point of explosive use. Individuals in all society and cultural settings naturally and routinely use Web 2.0 tools such as wikis, blogs and social networking services such as Facebook or LinkedIn, for personal purposes. The penetration of these technologies into the popular culture has been...
Network Intrusion Detection Systems (NIDS) are considered as essential mechanisms to ensure reliable security. Intrusive model is used in signature-based NIDS by defining attack patterns and applying signature-matching on incoming traffic packets. Thousands of signatures and rules are created to specify different attacks and variations of a single attack. As a result, enormous data with less efficiency...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.