The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Background Researchers paid little attention to understanding the association of organizational and human factors with patients’ perceived security in the context of health organizations. This study aims to address numerous gaps in this context. Patients’ perceptions about employees’ training on security issues, monitoring on security issues, ethics, physical & technical protection and trust in...
Industrial Control System (ICS) is used to monitor and control critical infrastructures. Programmable logic controllers (PLCs) are major components of ICS, which are used to form automation system. It is important to protect PLCs from any attacks and undesired incidents. However, it is not easy to apply traditional tools and techniques to PLCs for security protection and forensics because of its unique...
Attacks in Wireless Sensor Networks (WSNs) aim in limiting or even eliminating the ability of the network to perform its expected function. WSNs are networks with limited resources and often deployed in uncontrollable environments that an intruder can easily access. WSN attacks target specific network layer's vulnerabilities but normally affect other layers as well. Local sensor activity at multiple...
The vast attack surface of clouds presents a challenge in deploying scalable and effective defenses. Traditional security mechanisms, which work from inside the VM fail to provide strong protection as attackers can bypass them easily. The only available option is to provide security from the layer below the VM i.e., the hypervisor. Previous works that attempt to secure VMs from "outside"...
As security incidents continue to impact organisations, there is a growing demand for systems to be ‘forensic-ready’ - to maximise the potential use of evidence whilst minimising the costs of an investigation. Researchers have supported organisational forensic readiness efforts by proposing the use of policies and processes, aligning systems with forensics objectives and training employees. However,...
Industrial control systems (ICS) used in industrial plants are vulnerable to cyber-attacks that can cause fatal damage to the plants. Intrusion detection systems (IDSs) monitor ICS network traffic and detect suspicious activities. However, many IDSs overlook sophisticated cyber-attacks because it is hard to make a complete database of cyber-attacks and distinguish operational anomalies when compared...
The number of malicious applications, their diversity and complexity is continuously growing. To provide the best protection against these advanced threats, there is a need to develop proactive detection solutions, that are able to detect malware based on their behavior. One of the essential concerns when developing such solutions is identifying specific actions based on which malicious applications...
Organisations increasingly perceive their employees as a great asset that needs to be cared for; however, at the same time, they view employees as one of the biggest potential threats to their cyber security. Employees are widely acknowledged to be responsible for security breaches in organisations, and it is important that these are given as much attention as are technical issues. A significant number...
The Cloud Security Alliance lists data theft and insider attacks as critical threats to cloud security. Our work puts forth an approach using a train, monitor, detect pattern which leverages a stateful rule based k-nearest neighbors anomaly detection technique and system state data to detect inside attacker data theft on Infrastructure as a Service (IaaS) nodes. We posit, instantiate, and demonstrate...
After a software system is compromised, it can be difficult to understand what vulnerabilities attackers exploited. Any information residing on that machine cannot be trusted as attackers may have tampered with it to cover their tracks. Moreover, even after an exploit is known, it can be difficult to determine whether it has been used to compromise a given machine. Aviation has long-used black boxes...
Ensuring correctness and enforcing security are growing concerns given the complexity of modern connected devices and safety-critical systems. A promising approach is non-intrusive runtime monitoring through reconstruction of program execution traces from power consumption measurements. This can be used for verification, validation, debugging, and security purposes. In this paper, we propose a framework...
Support Vector Machines (SVM) have been considered for real-life machine learning applications in various fields. Security concerns in modern industrial networks, also used in critical infrastructures, require novel monitoring techniques applicable for these constrained, real-time environments. Characteristics of these networks' traffic indicate that SVM can be a powerful tool for realizing a self-configuring...
The susceptibility of WiFi networks to Rogue Access Point attacks derives from the lack of identity for 802.11 devices. The most common means of detecting these attacks in current research is through tracking the credentials or the location of unauthorised and possibly malicious APs. In this paper, the authors outline a method of distinguishing WiFi Access Points using 802.11 MAC layer management...
Managing and optimising cloud services is one of the main challenges faced by industry and academia. A possible solution is resorting to self-management, as fostered by autonomic computing. However, the abstraction layer provided by cloud computing obfuscates several details of the provided services, which, in turn, hinders the effectiveness of autonomic managers. Data-driven approaches, particularly...
In this paper, we present our analysis using four different systems on two different one-way network traffic data sets. Specifically, we have explored the usage of two network traffic analyzers, namely Corsaro and Cisco ASA 5515-X, and two machine learning based systems, namely the C4.5 Decision Tree classifier and the AdaBoost.M1 classifier. We have employed these four systems on two publicly available...
Advanced networking technology and increasing information services have led to extensive interconnection between Building Automation and Control (BAC) networks and Internet. The connection to Internet and public networks massively elevates the risk of the BAC networks being attacked. In this paper, we present a framework for a rule based anomaly detection of Building Automation and Control networks...
Hammer throw has a long-standing history in track and field, but unlike other events, hammer throw has not seen a new world record since 1986. One reason for this stagnation is the lack of scientifically based training. In this paper, we propose to establish scientifically described training targets and routes, which in turn require tools that can measure and quantify characteristics of effective...
Security is still a major concern in Cloud computing, especially the detection of nefarious use or abuse of cloud instances. One reason for this, is the ever-growing complexity and dynamic of the underlying system design and architecture. To be able to detect misuse of cloud instances, this work presents an anomaly detection system for Infrastructure as a Service Clouds. It is based on Cloud customers'...
Below are a number of specific weaknesses inherent to contemporary ATM devices including the ones with biometric checks or with other advanced applications. Reasons are considered that lead to applications of intelligent, logic-based methods aiming at reduction of risk factors to ATMs. Special attention is paid to applications of Puzzle method in ATMs. To make a more independently functioning ATM,...
The multi-source data fusion model has been established via organically combining Fuzzy neural network and Particle swarm optimization, to ensure safety monitoring of oil depot in complex environments. The method to pretreat the data collected has been given to eliminate the interference. Multi-source data fusion algorithm based on fuzzy neural network, which embeds the fuzzy reasoning rule into fuzzy...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.