The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
With growing popularity of online services, the amount of information on web increases dramatically, which has resulted in increasingly concerns on web application security. Subject knowledge is in desperate need to guide security testing against advanced attacks. Unlike common software security weakness study pattern, a combination analysis method based on Colored Petri Net is presented in this paper...
Web application has got a remarkable change in the past few years, many new technologies are reshaping the pattern of Web applications. Since many manufacturers' promotion on HTML5 technology, more and more websites are using HTML5 gradually. The new technology provides users with a variety of Internet applications, but introduces new security problems at the same time. Currently, most Web application...
Current Security Pattern evaluation techniques are demonstrated to be incomplete with respect to quantitative measurement and comparison. A proposal for a dynamic testbed system is presented as a potential mechanism for evaluating patterns within a constrained environment.
In a Peer-To-Peer (P2P) systems, establishing trust among the peers help to minimize the malicious attack made by other peers. Peer creates the trusted relationship with other peers based on past interaction. In a self-organizing trust model that uses distributed algorithm to reason about the peers that deserve the trust and services. However, the formation of trustworthy relationship and confidence...
Network protocols are the basis of network communication, and security concerns about protocol aspects are always important and useful in network systems. For the past two decades, the methods of protocol testing have been used to verify the functional conformance between the network specifications and the implementations. In this paper, we extend protocol testing methods by considering the robustness...
A novel way of pooling designs is proposed by using a Dn-matrix. The capabilities of error-correcting and error-detecting are analyzed by calculating the Hamming distance of the d-disjunct matrix. Furthermore, the range of the value is estimated by Kautz-singleton theorem.
From its inception in 1999 to its fifteenth anniversary in 2013, the Web Systems Evolution (WSE) series of events have provided a forum for researchers and practitioners to present original work on subjects related to the disciplined evolution of large-scale Web sites and the development and deployment of Web applications. This paper summarizes the central themes of WSE over the years, with a brief...
The purpose of this article is to describe a new method which is proposed to be the best practice for creating a very effective password candidate lists for specified language, which could be then also used to test the security level of wireless networks protected by WPA/WPA2 PSK standards. The main principle of this technique is to create the statistical model of the new target language which could...
Nowadays, the online exam is become popular because the examination often have multiple-choice questions that can be quickly automated evaluation and graded by automated test scoring machines known as online exams. This paper proposed the secure online exams on thin client. The client in this system can be used older computer to reduced total cost of ownership. The proposed system used the Ubuntu...
Software vulnerabilities are the root cause of computer security problem. How people can quickly discover vulnerabilities existing in a certain software has always been the focus of information security field. This paper has done research on software vulnerability techniques, including static analysis, Fuzzing, penetration testing. Besides, the authors also take vulnerability discovery models as an...
Security of web-based systems still remains a key challenge for most IT executives, for software is vulnerable at various stages and most severely weakened in the operational environment. In the past, models and tools or even design techniques have been devised to tackle this challenge. But we still see the reemergence of the same security issues that afflict both traditional and modern web-based...
Intrusion detection technology has developed over more than 30 years from the host-based to network-based and has become the indispensable security technology of information systems. On the basis of the study of the existing intrusion detection systems, this paper reviews the history of intrusion detection technology, and sum up the recent hot-spot problems researched. Then, six technical difficulties...
after analyzing the present title assessment a system is designed and implemented, this is suitable for city-region. The system is designed based on the ideology of software component, so the encapsulated function can be reused and the system possesses good extensibility and maintainability. The system can meet the requirement of title assessment management and is beneficial to the improvement of...
During the multi-dimensional Fuzzing technique, how to construct the influencing relationships between input elements and vulnerable statements is a key problem. This paper applies the virtual machine based taint analysis technique on multi-dimensional Fuzzing, gives detailed design and the experiment result shows the method is feasible.
Electronic commerce for tourism has a trend of rapid development. The operation mode for Caissa China Travel Agency official web site is analyzed, and the advantages and disadvantages of network marketing operation mode for Caissa Travel Agency in electronic commerce are studied by SWOT analysis method. The convenience and satisfaction of Caissa Travel Agency web site for network group is analyzed...
This paper refers the first results of the pilot study. Students at two foreign universities (the Peoples' Friendship University of Russia, Moscow, and the Aristotle University of Thessaloniki, Greece) were asked to fill in our questionnaires. The main goal of this pilot search was to test the understandableness of the questionnaire and to perform some first simple statistical testing. The aim of...
With the rapid development of Chinese ports, the automation of port crane is improving all the time, which makes higher request on safety performance of port crane. Practice has proved that security evaluation based on testing with related theory analysis is practical and effective. This article takes portal crane as an example to introduce the testing for metal structure of port crane, including...
An important difference among approaches to software requirements specification is the degree of formality of the specification process itself. In this paper we explore 12 approaches to security requirements specification. We divide the 12 approaches into two distinct groups, those that follow a formal specification process and those that follow an informal one. We evaluate and compare the benefits...
Input manipulation attacks are becoming one of the most common attacks against Web applications and Web services security. As the use of firewalls and other security mechanisms are not effective against application-level attacks, new means of defense are needed. This paper presents a framework proposal to solve this problem, securing applications against input manipulation attacks. The proposed mechanism...
We have investigated a technique for recognising faces invariant of facial expressions. We apply multi-linear tensor algebra, which subsumes linear algebra, to analyse and recognise 3D face surfaces. This potent framework possesses a remarkable ability to deal with the shortcomings of principle component analysis in less constrained situations. A set of vector spaces can be used to represent the variation...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.