The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The open medium, dynamic topology, and multi-hop cooperative routing of vehicular ad hoc networks (VANETs) make it facing more security challenge than wired networks. In this paper, a hierarchical VANETs intrusion detection system based on BUSNet is present. BUSNet is basically a virtual mobile backbone infrastructure that is constructed using public buses. We use the bus nodes as the cluster-heads...
Security is emerging as an important concern in embedded system design. Security of an embedded system is compromised when software that can be trusted is resulting in unintended behaviour such as leakage of sensitive data and execution of spiteful code. Several counter measures have been proposed to counteract these sorts of intrusions. The general idea behind most of the methods is to define the...
Internet is facilitating numerous services while being the most commonly attacked environment. Hackers attack the vulnerabilities in the protocols used and there is a serious need to prevent, detect, mitigate and identify the source of the attacks. Network forensics involves monitoring network traffic and determining if the anomaly in the traffic indicates an attack. The network forensic techniques...
Security policy specification can be difficult to get right. Electronic systems often fail to provide an easy route to encode requirements that would be simple to enforce through controlling how physical principals interact. This paper presents a means to ameliorate potential policy mismatches through the use of location awareness systems allowing changes in the physical world to be mapped to electronic...
Even though trust plays a significant role during decision-making in open collaborative environments, still end-user trust mechanisms have not be deployed in the EGEE grid computing setting. In this paper, we conduct a preliminary investigation on the integration of the trust paradigm in that environment, with a special focus on achieving end-user trust in an intuitive and practical manner.
The online detection of anomalies is a vital task in data centers, potentially incurring high personnel costs. Causes of anomalies range from hardware/software failures, to resource over- or under-provisioning, to application misbehaviors. This paper develops new methods and an associated utility for online anomaly detection, termed EbAT, entropy based anomaly tester, which can efficiently detect...
Research literature has argued the need for a methodology to measure security assurance levels of a system as vital in order to maintain and improve the overall system security. Building on our close examination of the existing approaches for IT Information assurance, this paper proposes a risk-based security assurance metrics and aggregation techniques to be incorporated in a methodology for the...
It is hard to judge whether one subject is to be trusted where federation identity management only focuses on identity trust achieved by credentials the subject hold. So we propose a behavior trust-based federation identity management mechanism. The trust value was modified according to the subjectpsilas behavior and it will be employed in identity management procedure including identity mapping and...
The promise of formal verification of system-of-systems is in harnessing the power and accuracy of modern day computers to create trust-worthy systems. The success of formal verification techniques depends, to large degree, on the existence of a sound and complete collection of formally written requirements. To date, there is no known methodology for assuring that a collection of requirements, formal...
Cluster system can be considered as a solution when high performance system is deployed because cluster system can provide the high performance, mass storage, scalability and so on with relative low cost in comparison with super computer system. For the trusted service against various malicious attacks, the trusted operational environment is very critical in order to guarantee that their services...
Distributed denial of service (DDoS) attacks have become a major threat to organizations and especially to Internet and intranet. In DDoS attacks targets are overwhelmed by sending an enormous amount of traffic from a number of attack sites. The major tasks of any defense system are to detect these attacks accurately and early on, before it causes an unrecoverable loss. Most of the research in this...
Policy Enforcer is an online monitoring tool for detecting security violations in a multi domain environment where the network, system and service are the multiple domains. One can ensure security for a network service by protecting the sensitive resources at these three domains. This paper presents the various design issues of policy enforcer, which have the performance impact in terms of detection-rate,...
Due to the rapid growth of the network application, new kinds of network attacks are emerging endlessly. So it is critical to protect the networks from attackers and the intrusion detection technology becomes popular. On the basis of analyzing the defect of a kind of modern distributed intrusion detection system this article proposes a distributed intrusion detection system model based on agents....
Since storage systems can see changes to persistent data on them, some types of intrusions can be detected by storage systems. Storage-based intrusion detection system (SIDS) has become a valuable tool in monitoring for the intrusion. However, the traditional storage device works on the block-level while intrusion always happens on the file-level, this gap has to be erased by detection software, which...
Being a novel P2P system, P2P E-commerce faces all network security issues as ordinary P2P systems do. One of the most severe threats is the imminent worm attacks aiming at P2P systems. Simple definition and taxonomy of P2P worm are presented and characteristics of different types of P2P worm are discussed. The possibility of using P2P system to contain P2P worm is explored, and preliminary countermeasures...
The 3 most important issues for anomaly detection based intrusion detection systems by using data mining methods are: feature selection, data value normalization, and the choice of data mining algorithms. In this paper, we study primarily the feature selection of network traffic and its impact on the detection rates. We use KDD CUP 1999 dataset as the sample for the study. We group the features of...
We present a method for (1) specifying high-level security policies using UML sequence diagrams and (2) transforming high-level sequence diagram policies into low-level state machine policies that can be enforced by monitoring mechanisms. We believe that the method is both easy to use and useful since it automates much of the policy formalization process.
Unlike other diversity-based approaches, N-variant systems thwart attacks without requiring secrets. Instead, they use redundancy (to require an attacker to simultaneously compromise multiple variants with the same input) and tailored diversity (to make it impossible to compromise all the variants with the same input for given attack classes). In this work, we develop a method for using data diversity...
This position paper proposes a research agenda for the field of security testing. It gives a critical account of the state of the art as seen by a practitioner and identifies questions that research failed to answer so far, or failed to answer in such a way that it would have had an impact in the real world. Three categories of research problems are proposed: theory of vulnerabilities, theory of security...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.