The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Advanced Persistent Threats are increasingly becoming one of the major concerns to many industries and organizations. Currently, there exists numerous articles and industrial reports describing various case studies of recent notable Advanced Persistent Threat attacks. However, these documents are expressed in natural language. This limits the efficient reusability of the threat intelligence information...
Advanced Persistent Threat (APT) and traditional cyber attacks are different in kinds of aspects, which make the traditional defense is difficult to detect APT and protect the network. Therefore, an APT detection framework based on OpenIOC is established for the characteristics of APT system attack. Firstly, real-time attack data related to APT from massive fragmented threat data is output. Secondly,...
It is critical and foremost to come up with the corresponding security requirements first which the following implementations are based on. However, previous security requirement elicitation work based on Common Criteria (CC) rarely addresses the detailed elicitation process of threats from specific functional requirements, which thus results in the widen gap between specific functional requirements...
In this paper, we combine formal modeling and analysis of infrastructures of organizations with sociological explanation to provide a framework for insider threat analysis. We use the higher order logic (HOL) proof assistant Isabelle/HOL to support this framework. In the formal model, we exhibit and use a common trick from the formal verification of security protocols, showing that it is applicable...
As system of systems (SoS) models become increasingly complex and interconnected a new approach is needed to capture the effects of humans within the SoS. Many real-life events have shown the detrimental outcomes of failing to account for humans in the loop. This research introduces a novel and cross-disciplinary methodology for modeling humans interacting with technologies to perform tasks within...
As a member of the European Union, Hungary face different challenges, of which the most important are the transformation of the healthcare system, the Social Security and pension system and the system of taxation. These economic and social challenges require long-term governmental strategies, which should be modelled, tested, verified in some way. It is for this challenge that we find an efficient...
In this paper, a position has been taken to include the non-human active agents as insiders of an enterprise, as opposed to only human insiders as found in the literature. This eliminates the necessity of including the psycho-social and criminological behavioural traits to be incorporated in the management of insider threats. A framework of an Enterprise has been developed and it is shown that within...
The existing information system (IS) development methods do not meet the requirements to resolve security-related IS problems and they fail to provide for the successful integration of security and systems engineering during all development process stages. Security should be considered during all software development process and the requirements specifications should be identified. This paper aims...
A system-of-systems (SoS) is inherently open in configuration and evolutionary in lifecycle. For the next generation of cooperative cyber-physical system-of-systems, safety and security constitute two key issues of public concern that affect the deployment and acceptance. In engineering, the openness and evolutionary nature also entail radical paradigm shifts. This paper presents one novel approach...
We are currently observing a huge paradigm shift by different organizations moving their information technology services from enterprise-based data centers that run on different dedicated servers on their premises to cloud computing environment. Organizations are renting these services on demand basis from large cloud service providers that build and manage various large scaled data centers consisting...
Digital forensic investigation is the methodical restoration of evidences collected as a consequence of exploration of concrete happenings based on digital data. After analyzing all the historical approaches used in existing models, their merits and demerits are conferred and an Encapsulated Approach of Forensic (EAF) Model is proposed; which encapsulates all the phases of digital investigation. It...
Business process management (BPM) and accompanying systems allow organizations to react faster both to environmental and market changes. Therefore, BPM is widely applied in industry. Although organizations depend on the secure enactment of electronic business processes, existing BPM languages and techniques provide only little support for security. Several approaches have been proposed to close the...
This paper uses Analytic Hierarchy Process(AHP) to analyze the probability of individual appearing acts of violence by the influence of different roles in the crowd of Mass Violence Event, obtaining the weight of influence of organization leaders, agitators, general participants and bystanders to individuals. This paper also introduces spatial heterogeneity to reflect different roles' influence decaying...
According to the characteristics of trust in the alliance interoperable environment and the shortcomings of the existing trust model, we propose a recommendation trust model based on reputation — RBRTrust Model, the model took into account the subjective and objective factors which impact the trust: interactive scope, interactive time, interactive context, etc., through local trust, direct trust and...
Although the role of trust in partners of firm networks has been well established, less is known about its construction. This study is to identify and examine the influencing factors and their impact path to the trust construction of firm networks. Based on reviewing the literatures related, the conceptual framework of influencing factors of trust in partners is set up. 3 latent variables and 39 observed...
Security for conducting businesses online is vital and critical. Phishing is a security attack that seeks to trick people into revealing sensitive information about themselves and their Internet accounts. Countries around the world are working to reduce the impact of Phishing. In this paper, research was conducted to introduce and analyze a high level (a country-based) anti-phishing countermeasure...
A game-theory-based model of IT-security implementation in an organization was developed. The model consists of two players: an IT-security promotion section and an employee. The model is applied to an actual IT-security incident, the effect of the values of the model parameters on promotion of security implementation is analyzed, and what changes to the parameters are effective are determined. The...
The identification of Non-functional Requirements (NFRs) is, in general, performed ad-hoc, notwithstanding the organizational business needs of where the system will operate, further performed in the development process, and with incipient and low information sharing among different stakeholders. This work presents the results of case studies on the use of a method for NFRs identification, employed...
This paper unpacks the relation between task conflict and relationship task by an exploratory research with a sample of 253 persons to, From which five escalation factors were extracted. They are mentality, relation, self-character, environment, psychological distance. An escalation model of task conflict into relationship conflict is built to show different effects of 5 accelerating factors in the...
Trusted computing is an important research field in information security and trust evaluation for trust model is the key issue to be resolved. It is great significance for ensuring security of trust model for trusted computing to analyze normally and verify in design process of application model for trusted computing and analyze its trust in theory. In this paper the problems of security and trust...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.