The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Remote attestation is an important characteristic of trusted computing technology which provides reliable evidence that a trusted environment actually exists. In this paper, we present a new paradigm that leverages software attack graph for dynamic remote attestation. The major contributions of this paper are two-folds: (1) From the angle of attack, we propose a method to reduce the number of objects...
We propose a Cloud Advisor framework that couples two salient features: trustworthiness and transparency measurement. It provides a mechanism to measure trustworthiness based on the history of the cloud provider taking into account evidence support and to measure transparency based on the Cloud Controls Matrix (CCM) framework. The selection process is based on a set of assurance requirements that...
Malicious program or malware is a computer program which was written intentionally to harm computing system. Malware protection involves several sub-tasks namely Monitoring, Prevention, Analysis, Detection, Removal and Recovery. This paper proposes a static heuristic based scoring system that gives a maliciousness score to portable executable files. Malicious score can be used at different stage of...
Opportunistic networks (OppNets) are an interesting topic that are seen to have a promising future. Many protocols have been developed to accommodate the features of OppNets such as frequent partitions, long delays, and no end-to-end path between the source and destination nodes. Embedding security into these protocols is challenging and has taken a lot of attention in research. One of the attacks...
MANETs (Mobile Ad hoc Networks) are self organized networks with mobile and collaborating nodes without any pre-established infrastructure. Because of these characteristics, securing MANETs constitute a hard and challenging task. Consequently, new mechanisms may be of interest to secure such networks. To this end, we have found that trust management can be a support for MANET security. In fact, the...
Network security analysts presently lack tools for routinely screening large collections of network traffic for structures of interest. This is particularly the case when the structures of interest are embodied as summaries of sets of related traffic, essentially behaviour descriptions. This paper sketches a methodology to provide such capability, in the context of flow data. The methodology generates...
We present a comprehensive framework for automatic phishing incident processing and work in progress concerning automatic phishing detection and reporting. Our work is based upon the automatic phishing incident processing tool PhiGARo which locates users responding to phishing attack attempts and prevents access to phishing sites from the protected network. Although PhiGARo processes the phishing...
Even though online education is a very important pillar of lifelong education, institutions are still reluctant to wager for a fully online educational model. At the end, they keep relying on on-site assessment systems, mainly because fully virtual alternatives do not have the deserved social recognition or credibility. Thus, the design of virtual assessment systems that are able to provide effective...
Recently, Electronic Health Record (EHR) systems have gained a great attention in industry, research and public sectors in order to enhance the quality of healthcare. Security and privacy, however, are still major issues that require further investigations. The recognition of the significance of various security aspects in the adaptation of EHR solutions has been accompanied with an increasing research...
FTP protocol is the application layer protocol which is to control two-way transmission of files between two computers on the Internet, It's a common approach to copy the file from the client to server within the enterprise network. However, traditional audit work is facing enormous challenges, though FTP protocol brings convenience to the operator, it may exist ultravires during the operation and...
Evaluation indicator related to Smart Cities has been researched in the International Electro technical Commission, International Intelligent Community Forum, Vienna University of Technology and China Electronics Standardization Institute. This paper proposes an evaluation model for Smart Cities informationalization applications and services according to the concept of leveraging ICT to make a better...
Detection of high risk network flows and high risk hosts is becoming ever more important and more challenging. In order to selectively apply deep packet inspection (DPI) one has to isolate in real time high risk network activities within a huge number of monitored network flows. To help address this problem, we propose an iterative methodology for a simultaneous assessment of risk scores for both...
The agents used in the intrusion detection architectures have multiple characteristics namely delegation, cooperation and communication. However, an important property of agents: learning is not used. The concept of learning in existing IDSs used in general to learn the normal behavior of the system to secure. For this, normal profiles are built in a dedicated training phase, these profiles are then...
DHCP starvation attack is one of problems that has occured over the network communication. A number of researches have been proposed to solve this problem. However, traditional solutions had some limitation which can lead to denial of service to legitimate users. This paper proposed the solution for detecting the abnormal DHCPREQUEST originated by malicious users in a period of time in order to prevent...
Nowadays we need more services and more security in hi-tech environment for accessing the data from DW because data which is stored in Data Warehouse is crucial and sensitive. These sensitive data is used by decision maker to make the strategies decision to analyze the status and development of an origination. The data of Data Warehouse can easily access by an unauthorized user through unfair means...
We have presented a scheme for faster replication of data on cloud storage to mobile devices named as ERCD. In this the mobile devices with limited bandwidth can easily get the latest versions of files from the cloud storage and in similar way the user changes from the mobile devices could be updated in cloud storage fast. The motivation behind this scheme is the fact that the mobile devices are slow...
Wireless sensor networks are currently being employed in a variety of applications ranging from medical to military and from home to industry. In military areas highly confidential information are being exchanged between the sensor nodes. Wireless Sensor Networks being mobile in nature are prone to various kinds of attacks. An open problem today is to design a secured routing. This paper aims in providing...
In our proposed model we implement Rate Auditing Tool (RAT) to monitor each and every rating manipulation. It checks whether the time logged in and logged out matches the stipulated time for viewing any videos or messages and giving appropriate rating. It monitors either the video provided is fully or atleast partly viewed thus accordingly their ratings given. It also checks whether the login in network...
Trust service is a very important issue in cloud computing, and a cloud user needs a trust mechanism in selecting a reliable cloud service provider. Many trust technologies such as SLA, cloud audit, self-assessment questionnaire, accreditation, and so on, are proposed by some research organizations like CSA. However, all of these just provide a initial trust and have many limitations. A hybrid trust...
A traceback attack was recently developed on Freenet, which can identify the originating machine of a content request message, even if a single content request message has been issued by a content retriever. The traceback attack exploited a few fine-grained design and development decisions made in Freenet, including the unique identifier (UID) based mechanism to prevent routing loops of content request...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.