Serwis Infona wykorzystuje pliki cookies (ciasteczka). Są to wartości tekstowe, zapamiętywane przez przeglądarkę na urządzeniu użytkownika. Nasz serwis ma dostęp do tych wartości oraz wykorzystuje je do zapamiętania danych dotyczących użytkownika, takich jak np. ustawienia (typu widok ekranu, wybór języka interfejsu), zapamiętanie zalogowania. Korzystanie z serwisu Infona oznacza zgodę na zapis informacji i ich wykorzystanie dla celów korzytania z serwisu. Więcej informacji można znaleźć w Polityce prywatności oraz Regulaminie serwisu. Zamknięcie tego okienka potwierdza zapoznanie się z informacją o plikach cookies, akceptację polityki prywatności i regulaminu oraz sposobu wykorzystywania plików cookies w serwisie. Możesz zmienić ustawienia obsługi cookies w swojej przeglądarce.
Customer Edge Switching (CES) is an experimental Internet architecture that provides reliable and resilient multi-domain communications. It provides resilience against security threats because domains negotiate inbound and outbound policies before admitting new traffic. As CES and its signalling protocols are being prototyped, there is a need for independent testing of the CES architecture. Hence,...
Wireless sensor networks commonly implemented in such areas like volcano, fire observing, remote sensing and in army etc. Communication cost as well as energy utilization is minimized by implementing strategy called as data aggregation in wireless sensor networks. At the time of data routing, partial outcomes are consolidated by the data aggregation method from lower layer nodes. Related work illustrates...
Internet technology today is not free from many problems or security holes. This security holes could be exploited by an unauthorized person to steal important data. The case of the attacks occurred because the party that was attacked also did not realize the importance of network security to be applied to the system. Honeypot is a system that is designed to resemble the original production system...
There is no doubt that agile methods have become mainstream and with their increased use unanswered questions start to appear: How do we address cross-cutting concerns when software is developed vertically? Does value prioritization lead to increases in technical debt by promoting feature development over refactoring? Isn’t the reticence to write initial specifications on the premise of change an...
When hiding messages in digital images, care needs to be exercised how the embedding changes are executed in or near saturated pixels. In this paper, we consider three different rules that are currently being used that adjust the embedding in saturated pixels and assess their impact on empirical steganographic security of four modern embedding algorithms. Surprisingly, the rules can have a major effect,...
Websites typically include many forms or web elements that allow users to enter and submit data. This data will be eventually executed in the back-end databases. Users can, intentionally or unintentionally enter improper input data that, if reach those back-end databases, may cause some serious security or damaging problems. For proper user interface design as well as for security reasons, it is important...
This talk presents results recently published in Software Testing, Verification and Reliability. In recent years, important efforts have been made for offering a dedicated language for modelling and verifying/proving security protocols. However, verifying the security protocol model does not guarantee that the actual implementation of the protocol will fulfil these properties. In this talk we present...
In this paper, we classify 75 analytic techniques interms of their primary function. We then highlight where acrossthe stages of the generic analytic workflow the techniques mightbe best applied. Importantly, most of the techniques have someshortcomings, and none guarantee an accurate or bias-freeanalytic conclusion. We discuss how the findings of the presentpaper can be used to develop criteria for...
Due to the still increasing interconnectedness of systems it is very much important to further strengthen activities towards assuring security requirements of those systems. Quality assurance methods like coding guidelines with a focus on security related issues, and static analysis tools are necessary but not sufficient because of the fact that security is a system property. Therefore, it is important...
Mobile malware has grown in scale and complexity, as a consequence of the unabated uptake of smartphones worldwide. Malware writers have been developing detection evasion techniques which are rapidly making anti-malware technologies uneffective. In particular, zero-days malware is able to easily pass signature based detection, while dynamic analysis based techniques, which could be more accurate and...
Issues related to verification and security are increasingly important in modern electronic systems. In particular, the huge complexity of electronic systems has led to growth in quality, reliability and security needs in several application domains as well as pressure for low cost products. There is a corresponding increasing demand for costeffective verification techniques and security solutions...
Where electronic equipment must achieve very low risks in Functional Safety or other applications, it is not practicable to rely solely on immunity testing, at whatever test levels, to demonstrate that risks caused by electromagnetic (EM) disturbances are low enough. However, immunity testing to the normal standards is an important part of such equipment's verification and validation, and using non-standardized...
Security and usability improvements in online banking are often made in academic proposals. Testing of these proposals could provide vital information for designing new systems and for proposing further improvements. A modular evaluation framework, presented as a virtual bank, could provide a common ground for testing and reduces the overhead of setting up experiments. We propose such a framework...
In this paper, we propose reversed taint analysis to dig out the root cause of the vulnerability leading to crash. In order to increase the efficiency, we propose that during the analysis process, we should only taint the EIP register when the crash happens and then trace back to analyze the data and operations, until we find out the influential inputs that can be controlled by the users. In addition,...
Through automatically checking whether cloud services satisfy customers' requirements, cloud service certification promises cloud providers competitive advantages, e.g. by attracting new customers. However, certification can increase costs of cloud providers, creating incentives for fraudulent providers to save costs by only pretending to satisfy customers' requirements. Opportunistic providers are...
A software defect that exposes a software system to a cyber security attack is known as a software vulnerability. A software security exploit is an engineered software solution that successfully exploits the vulnerability. Exploits are used to break into computer systems, but exploits are currently used also for security testing, security analytics, intrusion detection, consultation, and other legitimate...
Software Defined Networking (SDN) enables the use of programmable networking devices including switches and routers. As with other software, bugs are inevitable in SDN and ruin software quality. To ensure good quality SDN software, programmable devices and components in a SDN environment must be continuously checked and improved. To achieve this, the following SDN testing and debugging tools are available...
Hypervisors are the main components for managing virtual machines on cloud computing systems. Thus, the security of hypervisors is very crucial as the whole system could be compromised when just one vulnerability is exploited. In this paper, we assess the vulnerabilities of widely used hypervisors including VMware ESXi, Citrix XenServer and KVM using the NIST 800-115 security testing framework. We...
With the rapid growth of big-data applications, advanced data processing technologies, e.g., machine learning, are widely adopted in many industry fields. Although these technologies demonstrate powerful data analyzing and processing capability, there exist some security concerns that may potentially expose the user/owner of the services to information safety risk. In particular, the adoption of neuromorphic...
Podaj zakres dat dla filtrowania wyświetlonych wyników. Możesz podać datę początkową, końcową lub obie daty. Daty możesz wpisać ręcznie lub wybrać za pomocą kalendarza.