The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Critical infrastructure such as power plants, oil refineries, and sewage are at the core of modern society. Supervisory Control and Data Acquisition (SCADA) systems were designed to allow human operators supervise, maintain, and control critical infrastructure. Recent years has seen an increase in connectivity of SCADA systems to the Internet. While this connectivity provides an increased level of...
Customer Edge Switching (CES) is an experimental Internet architecture that provides reliable and resilient multi-domain communications. It provides resilience against security threats because domains negotiate inbound and outbound policies before admitting new traffic. As CES and its signalling protocols are being prototyped, there is a need for independent testing of the CES architecture. Hence,...
Malware is one of the most serious security threats on the Internet today, it has been seen that malware authors employ variety of techniques to evade security detection but most of their techniques are discovered and blocked by antivirus programs. Still there are some evasion techniques which are not exploited in wild and are effective against antivirus programs. This paper studies the working of...
Wi-Fi is a local area wireless networking technology that is widely used for different purposes such as data transmission and wireless communication. Wi-Fi connection will most often result in faster, more reliable internet access and it is cheap. A penetration test on Wi-Fi is a proactive and authorized attempt to evaluate the security of an IT infrastructure by safely attempting to exploit system...
With the rapid growth of Internet traffic, new emerging network architectures are under deployment. Those architectures will substitute the current IP/TCP network only if they can ensure better security. Currently, the most advanced proposal for future Internet architecture is Named Data Networking (NDN). However, new computer network architectures bring new types of attacks. This paper focuses on...
Network traffic generation was the subject of many research projects in the past, but none of them could generate network data which has the same nature as a traffic from human or machine behavior. In this paper we introduce a related work in this field of area focusing on advantages and disadvantages, such as authenticity, inaccuracy, wrong timings and real-time generation. Further, we propose a...
This paper compares and contrasts the most widely used network security datasets, evaluating their efficacy in providing a benchmark for intrusion and anomaly detection systems. The antiquated nature of some of the most widely used datasets along with their inadequacies is examined and used as a basis for discussion of a new approach to analyzing network traffic data. Live network traffic is collected...
Research shows that Twitter is being misused as a platform for online radicalization and contains several hate and extremism promoting users and tweets violating the community guidelines of the website. Manual identification of such tweets is practically impossible due to millions of tweets posted every day and hence solutions to automate the task of tweet classification is required for Twitter moderators...
The role of the intrusion detection system is to enforce the pattern matching policies decided for the network. Basically Proposed IDS executes on the KDD'99 Data set, this data set is used in international level for evaluating/calculating the performance of various intrusion detection systems (IDS). First step is association phase in which frequent item set are produced by apriori algorithm. The...
We describe the SPaCIoS project, illustrating its main objectives, the results obtained so far and those that we expect to achieve, in particular, the development of the SPaCIoS Tool, an integrated platform that takes as input a formal description of the system under validation, the expected security goals, and a description of the capabilities of the attacker, and automatically generates and executes...
The Internet Protocol version 6 (IPv6) is being adopted in networks around the world as the Internet Protocol version 4 (IPv4) address space is nearing maximum capacity. Security needs are changing because of various new aspects of IPv6, such as the way addresses are determined. There are security applications that are being developed to meet these needs; however, there are not many production IPv6...
Crawling is a necessary step for testing web applications for security. An important concept that impacts the efficiency of crawling is state equivalence. This paper proposes two techniques to improve any state equivalence mechanism. The first technique detects parts of the pages that are unimportant for crawling. The second technique helps identifying session parameters. We also present a summary...
This study uses an ‘adoption model’ to assess airline passengers' intention to use an online e-ticketing system in Thailand. The study also integrates constructs from “United Theory of Acceptance”, “Use of Technology model”, “Transaction Cost Saving Model”, “Perceived Security Model” and “Perceived Enjoyment Theory”. The “survey” was conducted at Suvarnabhumi International Airport in Thailand (Domestic...
Protocol plays a profound role among networked computers in security issues. With the development of computer network engineering, protocol has become increasingly intricate in both data format and interaction behavior, which means that more potential defects exist in protocol software implementations. These factors make protocol vulnerable to malicious attacks and raise the security requirements...
By the accounting information system under internet environment, the enterprise group realizes accountant resources sharing, accounting information real-time processing and high integration of finance and business. But it brings up the security question. Base on this, this paper discusses how to guard against security question of accounting information system under internet environment from internet...
The growing use of Wireless Sensor Networks (WSNs) to accomplish tasks with strict requirements in terms of secrecy and reliability is increasingly attracting the interest of malicious users, thus incrementing the demand for more secure and dependable WSN implementations. Such necessity is directly reflected in the growing need for tools and techniques to ease the design, assessment and validation...
The current practice of password based security for PLEs in general and the Internet in particular is inadequate. The widespread authentication mechanism of username and password is out-dated, and does not meet current needs. Intruders and hackers have also learnt, and become more tech savvy. Besides, remembering a plethora of long passwords and passphrases, sometimes as many as 15 or 20, is cumbersome...
User input validation is a technique to counter attacks on web applications. In typical client-server architectures, this validation is performed on the client side. This is inefficient because hackers bypass these checks and directly send malicious data to the server. User input validation thus has to be duplicated from the client-side (HTML pages) to the server-side (PHP or JSP etc.). We present...
As the popularity of the web increases and web applications become tools of everyday use, the role of web security has been gaining importance as well. The last years have shown a significant increase in the number of web-based attacks. Too many nouns web application security vulnerabilities result from generic input validation problems. Examples of such vulnerabilities are SQL injection and Cross-Site...
In the process of software production, testing is the premise to guarantee the quality of software. With the extensive application of network software, Web security test has become a key point that can not neglect. Based on the Analytic Hierarchy Process (AHP) algorithm, a new kind of Web security testing programme was introduced in this paper. According to which it realized the Web Security auto-Testing...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.