The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Autonomic communications aim to provide the quality-of-service in networks using self-management mechanisms. It inherits many characteristics from autonomic computing, in particular, when communication systems are running as specialized applications in software-defined networking (SDN) and network function virtualization (NFV)-enabled cloud environments. This paper surveys autonomic computing and...
Software startups can be subject to extreme money and time constraints while hoping for delivering reliable software. In a harsh startup environment, software may face quality downgrade either by improper process management or incapable human resources. Among the many, security is a fragile software quality characteristic responsible for severe negative consequences such as jeopardizing a startup's...
One of the primary concerns that the developers of mobile banking applications should strive to is to ensure the security of user information originating from any of these applications. However, implementing even basic security features, like performing encryption on user data or using HTTPS while connection establishment, on such mobile applications, is often found to be absent either due to the...
Soft keyboard is perhaps the most common human input device on smartphone. This study designed and implemented a proof-of-concept soft keyboard keylogger in Android. The soft keyboard app was designed to have the capability to capture keystrokes from user and save it. It also can record the GPS location of user at the time of typing and sent it to a remote server. From our testing, the app was capable...
The intent mechanism is a powerful feature of the Android platform that helps compose existing components together to build a Mobile application. However, hackers can leverage the intent messaging to extract personal data or to call components without credentials by sending malicious intents to components. This paper tackles this issue by proposing a security testing method which aims at detecting...
Currently, there is a lack of tools or techniques which can clearly handle the complexity related to inter-component communication while developing Android applications. We propose a conceptual model which represents the inter-component communication at a higher abstraction level. We also propose a technique to derive test case from the model. The model can be useful in handling complexity at various...
This paper proposes an automated virtual security testing platform for Android mobile apps. The testing platform includes three key components: customizing Android OS to include mobile app trace information, creating a virtual testing platform using the customized OS, and developing static and dynamic analyzing techniques for mobile malware detection. The proposed testing platform is a server-side...
The intelligent device and mobile applications has been the growth rapidly. The mobile device and related applications has widely used increasingly. The security and compatibility concern for mobile application is mounting as well. This paper analyzed attributes of security and compatibility corresponding to mobile software testing. The software quality features for security and compatibility is given...
After several decades of circuit switched technology, mobile telephony is moving towards all-IP network architecture. The convergence to IP, on a one hand, brings many advantages, but makes mobile networks easier to be attacked. In this paper, a security framework is discussed addressing two security challenges: DIAMETER-related threats and subscriber malicious activities. The former is taken into...
With the advancement in technology and availability of internet access and smart mobile systems, there has been an increasing interest in eHealth related research activities due to the attractive and important benefits that eHealth systems can offer to many. However, the security of the eHealth systems has been a great concern. In this paper, we discuss the pilot design experience and results of a...
Increasingly, attention is being paid to security vulnerabilities of mobile apps, and with good reason. Such vulnerabilities, if exploited, could be used to wreak havoc on users by stealing their information or controlling their mobile device. Given the billions of mobile apps in use today, security breaches threaten to occur on a very large scale. Fortunately, efforts have been made to address these...
One of the major threats against web applications is Cross-Site Scripting (XSS). The final target of XSS attacks is the client running a particular web browser. During this last decade, several competing web browsers (IE, Netscape, Chrome, Firefox) have evolved to support new features. In this paper, we explore whether the evolution of web browsers is done using systematic security regression testing...
In the very near future, the vast majority of mobile phones will be NFC-enabled. The NFC technology, other than adding extra features to mobile devices, adds a new way for attackers to break into these. To be sure that attackers will go after this technology, it is enough to think that the killer feature foreseen for this technology it will be the possibility for the user to pay on the fly with his...
As the Technical Direction Agent for the Department of Defense's Explosive Detection Equipment Program, the Naval Explosive Ordnance Disposal Technology Division provides leadership in the pursuit of effective and suitable technology for concealed threat device detection. This program seeks explosive detection equipment that will effectively and economically confirm the presence or absence of energetic...
Flash has a number of security defects even though Flash Player is installed on most of world's PC. Protection using sandbox has limitation to protect a user from vulnerabilities of Flash application because an attacker can attack a vulnerable Flash application when a sandbox can't work if an engineer or a web administrator set sandbox permission wrongly. Another way to solve it is testing. As a testing,...
Quantum communication networks need to securely transmit a quantum frame from source to destination. In the wireless communication network, source and destination have two types of connection: direct or indirect communication. In the direct connected mode, the transmission security can be achieved by using a quantum key distribution. In the indirect connected mode, it is a difficult problem to deal...
Wireless transmission module PTR6000M based on nRF24L01 module constitutes the wireless network with multi-way data synchronization testing in the rugged electromagnetic environment of the armored vehicles characteristic parameter testing. This program is successfully used in real vehicle testing, providing a reliable information source for running armored vehicles monitoring, security and optimal...
The security of mobile operating systems becomes more and more important with the increasing number and increasing use of mobile devices. With the advances in operating systems security new concepts are introduced for increasing the security of current mobile operating systems. This paper introduces a testing system for the platform security architecture (PSA) of the mobile operating system Symbian...
Anticipating and mitigating security threats is critical during software development. This work investigates security vulnerabilities and mitigation strategies to help software developers build secure applications. The work examines common vulnerabilities, and relevant mitigation strategies, from several perspectives, including the input environment used to supply the software with needed data, the...
In order to quickly generate secret key in low-power held-hand devices, Modadugu et al. propose two server-aided RSA key generation protocol, along with Chen et al. sequentially propose four improved protocol. However, one drawback of these protocols is they can??t resist collusion attack. In this paper, we implement a new server-aided RSA key generation protocol, which can resist collusion attack...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.