The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Peer to Peer (P2P) is a collection of peers in which each peer has their own power and responsibility. Peer communicates with other peers for accessing their services. This feature of P2P makes it vulnerable to different type of attacks. Trust and Reputation models can be used to minimize the impact of such threats. Maintaining trust in P2P network is required to enhance secure communication in peer...
Automatic detection of shout prosody in continuous speech signal involves examining changes in its production characteristics. Our recent study of electroglottograph signals highlighted that significant changes occur in the glottal excitation source characteristics during production of shouted speech, especially in the vowel contexts. But the differences between normal and shouted speech, in the production...
Cyber has been on NATO’s agenda since 2002, with clear mandates and taskings from Summits and Ministerials on how to develop its capacity in the area. Yet, despite an increasingly cyber-dependent world and visible progress on the Alliance’s civilian side, NATO has had no visible track record on how this change in the way the world does business has had an impact on its key military structure and enabler...
Trafile monitoring is a challenging task that has been addressed by various research studies in recent years, especially for large networks. However, fewer studies have been conducted on home networks. In this paper, we tackle trafile monitoring issue in home networks focusing on anomaly detection use case. In fact, home networks are observing a continuous increase of complexity lead by the introduction...
Conformance checking is a crucial challenge for modern inter-organizational business processes when critical security, privacy and workflow constraints must be satisfied to ensure the reliability of multi-party business procedures. Many of these constraints can be expressed in terms of causal dependencies, and verifying such dependencies can be fundamental to determine the correctness of transactions...
Performance and compliance objectives have become crucial for critical sites. Balancing security, energy and costs with operational objectives is the current main challenge for critical site administrators. While current systems are not integrated enough to provide an overall view of the site performances on such targets, the FUSE-IT project intend to propose a new paradigm: the convergence of monitoring...
Some open systems must address a standard resourceallocation problem: how to collectivise and distribute aset of common-pool resources, with respect to multiple criteriasuch as fairness, inclusivity and sustainability. Previous work inself-organising multi-agent systems formalised Nicholas Rescher'stheory of distributive justice so that agents could self-organise theallocation according to contextualised...
Cloud Security is still considered one of the main factors inhibiting the diffusion of the Cloud Computing paradigm. Potential Cloud Service Customers (CSCs) do not trust delegating every kind of resources and data to external Cloud Service Providers (CSPs). The problem grows in complexity due to the increasing adoption of complex supply chains: CSPs that offer Sofware-as-a-Service (SaaS) cloud services...
Utility networks are part of every nation's critical infrastructure, and their protection is now seen as a high priority objective. In this paper, we propose a threat awareness architecture for critical infrastructures, which we believe will raise security awareness and increase resilience in utility networks. We first describe an investigation of trends and threats that may impose security risks...
Various security-oriented static analysis tools are designed to detect potential input validation vulnerabilities early in the development process. To verify and resolve these vulnerabilities, developers must retrace problematic data flows through the source code. My thesis proposes that existing tools do not adequately support the navigation of these traces. In this work I will explore the strategies...
This paper introduces an approach allowing cloud application developers, service providers to consider security and privacy requirements across the application lifecycle. Specifically, a DevOps framework has been described that took into account several emerging technologies such as Network Functions Virtualization (NFV) and Microservice Pattern Design. As an illustration, a proof-of-concept application...
Recent developments under the term Smart Grid change how users consume electricity and interact with the power grid. Smart metering and energy management are developments that transform the yet passive energy consumer to a participant that is actively involved in the energy market by using variable energy tariffs or by demand-response services. But such functionality demands a platform that integrates...
Cloud federation is a group of aggregated providers, who are mutually cooperating and collaborating to share their resources in order to improve each other services. It has lured the attention of commercial industries towards itself for its effective utilization of cloud resources. Effective management of the resource is very much required in order to increase the profits of an individual service...
Social network connectivity data that is anonymized and publicized for academic or commercial purposes are often vulnerable to de-anonymization attacks from attackers utilizing side information in the form of a second, public or crawled social network. Correlation between the two networks is the key factor allowing this attack scheme to work successfully. In this work, the best attack strategy available...
The rapid growth of Social Commerce (s-commerce) fuels the need for delivering better quality of services. The existence of C2C social commerce on Facebook and other social media networks requires the use of electronic service quality (e-SQ) instruments. The aim of this paper is to apply the existing e-SQ measures to the context of C2C s-commerce in Thailand. A pilot test study was conducted on Facebook...
In this position paper, we present our interdisciplinary research into a unified account of profiling attackers for software-intensive systems. Our work draws on the principles from requirements engineering and criminology. Specifically, we show how a unified crime theory can be adapted to model the attackers and their degree of knowledge about the environment in which the software operates. We illustrate...
The security community has established a number of knowledge sources, including security catalogues and controls, that capture security expertise and can support elicitation of security requirements. Providing additional guidance on how and when to leverage the security information available in the existing knowledge sources in the context of the given system can support security requirements engineering...
There is no doubt that agile methods have become mainstream and with their increased use unanswered questions start to appear: How do we address cross-cutting concerns when software is developed vertically? Does value prioritization lead to increases in technical debt by promoting feature development over refactoring? Isn’t the reticence to write initial specifications on the premise of change an...
In this study we investigate malicious spam emails in the context of educational institutes. The goal of the study is two folds, first, is to explore spam types of attacks and what their malicious contents may include and secondly, to analyze if these attacks exhibit discriminative characteristics. This study offers an empirical analysis of spam emails dataset and provides a rich set of features that...
We are proposing the solution for unsupervised anomaly detection, which allows to detect unexpected activity of user or network equipment, based on the analysis of mutual dependencies of the separate slices of network activity. Proposed solution based on automation building of Fuzzy Logic Inference System, that describe general patterns of analyzed activity and is the development of Association Rules...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.