The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Large numbers of Internet of Things (IoT) devices are increasingly deployed in many aspects of modern life. Given their limited resources and computational power, verifying program integrity in such devices is a challenging issue. In this paper, we design MTRA, a Multiple-Tier Remote Attestation protocol, by exploiting differences in resources and computational power among various types of networked...
Security threats such as jamming and route manipulation can have significant consequences on the performance of modern wireless networks. To increase the efficacy and stealthiness of such threats, a number of extremely challenging, next-generation cross-layer attacks have been recently unveiled. Although existing research has thoroughly addressed many single-layer attacks, the problem of detecting...
A major limitation of mobile Crowd Sourcing (CS) applications is the generation of false (or spam) contributions due to selfish and malicious behaviors of users, or wrong perception of an event. Such false contributions induce loss of revenue through disbursement of undue incentives and also negatively affects the application's operational reliability. In this work, we propose a reputation model,...
This paper addresses the attack frequency estimation for networked control systems suffering from denial of service (DoS) attacks. First, the networked control systems (NCSs) subjecting to DoS attacks are modeled as switched systems between normal systems and attacked systems. Secondly, by considering the worst scenario of DoS attacks with energy constraints, the maximum allowable update interval...
In recent years, medicine has seen how technology was going day by day more present to become necessary. At the same time, security became a critical aspect, since private patient medical data are handled. In this field in which gather mobile technologies with medicine, security has great importance. Therefore, it is essential to conduct security audits to mobile applications which deal with private...
As threat detection systems become critical for protecting modern organizations, visualization has emerged as an essential tool for security analysts to understand network threats. However, there is currently little research in designing and evaluating effective network threat analysis visualizations. To address this problem, we take a user-centered approach, starting with designing an open source...
In this paper, we present a novel model and visualization approach for heterogeneous sources of data. We represent our data by using a model inspired by STIX. Then, we use clustering algorithms to select interesting information to explore in a visualization panel. The visualization is based on a 3D graph representation that highlights the link between malicious event and allows to focus on relevant...
In this paper, we introduce a new visualization tool for network-wide intrusion detection. It is based in multivariate anomaly detection with a combination between Principal Component Analysis (PCA) and a new variant called Group-wise PCA (GPCA). Combining these methodologies with the capabilities of interactive visualization, the resulting tool is a highly flexible and intuitive interface that allows...
Recent studies have shown that attackers can force deep learning models to misclassify so-called “adversarial examples:” maliciously generated images formed by making imperceptible modifications to pixel values. With growing interest in deep learning for security applications, it is important for security experts and users of machine learning to recognize how learning systems may be attacked. Due...
With the omnipresence of the Internet of Things and poorly secured devices with it in combination with high bandwidth networks, Distributed Denial of Service (DDoS) attacks have become one of the biggest threats for network security. With high bandwidth attacks flooding network infrastructure, the pressure to secure the attack targets shifts more and more to the network operators. Often without direct...
The reports from last years outline the fact that the web crawlers (robots, bots) activities generate more than a half of web traffic on Internet. Web robots can be good (used for example by search engines) or bad (for bypassing security solutions, scraping, spamming or hacking), but usually all take up the internet bandwidth and can cause damage to businesses that rely on web traffic or content....
Software-defined networking (SDN) is a key emerging technology that enables networks to be programmed and dynamically reconfigured through software-based network applications. This programability also significantly increases the exposure of these networks to software application faults, which can compromise or crash the underlying SDN network. It is thus imperative to detect subtle faulty or malicious...
Home automation has become increasingly popular, with new interconnected products being introduced on a regular basis. While the benefits of these devices are tantalizing, end users may not fully understand the complexities of setting up these devices, become frustrated with the process, or have incorrect installations. We performed an exploratory study to understand the barriers that they face in...
As the number and variety of cyber threats increase, it becomes more critical to share intelligence information in a fast and efficient manner. However, current cyber threat intelligence data do not contain sufficient information about how to specify countermeasures or how institutions should apply countermeasures automatically on their networks. A flexible and agile network architecture is required...
In this paper, a user-authentication scheme that is designed to ensure privacy and security of health-information exchange in cloud computing is proposed. The proposed system will allow health care centers and doctors to securely and efficiently monitor patients' health at their homes using secure integration of medical devices and healthcare systems such as: body sensor networks, wearable devices,...
In world one out of two people is using a smart device. These devices those protect the personal data, those have people do their payments are targeted by attackers. Mobile applications include so many security threats all over inside the web traffic and the server that they communicate. Threats created by attackers can be divided to two titles which are direct attacks and indirect attacks. In this...
It is normally hard to believe in software security claim if we do not know what is meant exactly by "secure" and the reasons to support the claim are not sufficiently provided. Security cases—which document the rationale for believing that a system is adequately secure—are intended to address both these issues. However, due to lack of practical construction method...
In this paper, we introduce a defensive cybersecurity framework called Cybergrenade automating various penetration testing tools to sequentially exploit machines connected to a single local network, all underneath a single application running on a Single-Board Computer (SBC). This takes advantage of the SBC's unique capabilities in a way that manual exploitation simply cannot match. Currently, while...
This paper reviews digital forensic phases and problems in evidence analysis phase and smart methods in this area. Among these phases, studies on the evidence analysis phase are examined. In the analysis of electronic evidences, use of smart methods and their development will contribute to information technology law and improvement of digital forensic devices. Effective evidence analysis both provides...
For a long time, the sensitivity and criticality of data storage, processing, and transmission have hindered the wide utilization of IT and networks in the health care systems. Recently, the high availability, reachability, reliability, efficiency, usability and automation provided by the different cloud computing models paved the way to integrate the e-health systems with these cloud services to...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.