The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Security is one of the top concerns of any enterprise. Most security practitioners in enterprises rely on correlation rules to detect potential threats. While the rules are intuitive to design, each rule is independently defined per log source, unable to collectively address heterogeneity of data from a myriad of enterprise networking and security logs. Furthermore, correlation rules do not look for...
In this paper we propose a new method to anonymize (share relevant and detailed information while not naming names) and protect data sets (minimize the utility loss) based on Factor Analysis. The method basically consists of obtaining the factors, which are uncorrelated, protecting them and undoing the transformation in order to get interpretable protected variables. We first show how to proceed when...
Detecting software security vulnerabilities and distinguishing vulnerable from non-vulnerable code is anything but simple. Most of the time, vulnerabilities remain undisclosed until they are exposed, for instance, by an attack during the software operational phase. Software metrics are widely-used indicators of software quality, but the question is whether they can be used to distinguish vulnerable...
The wireless boundaries of networks are becoming increasingly important from a security standpoint as the proliferation of 802.11 WiFi technology increases. Concurrently, the complexity of 802.11 access point implementation is rapidly outpacing the standardization process. The result is that nascent wireless functionality management is left up to the individual provider's implementation, which creates...
The paper demonstrates improved power side channel attack (PSCA) resistance of a 128-bit AES engine in 130nm CMOS using random fast voltage dithering (RFVD) enabled by integrated inductive voltage regulator (IVR) and all-digital clock modulation (ADCM). The measured power signatures at AES and IVR supply nodes show 9× reduction in peak test vector leakage assessment (TVLA) metric while also protecting...
Organizations face the issue of how to best allocate their security resources. Thus, they need an accurate method for assessing how many new vulnerabilities will be reported for the operating systems (OSs) they use in a given time period. Our approach consists of clustering vulnerabilities by leveraging the text information within vulnerability records, and then simulating the mean value function...
Softw are quality attributes are specialized requirements derived based on the requirements of the stakeholders during requirement engineering. The software system requires fulfilling the derived set of qualities to achieve high-quality software system. However, achieving a set of quality attributes can be tricky because of the underlying correlation impact among the quality attributes. Most of the...
Latest developments in wireless communication networks push the limits of conventional security methods. Security can be improved with a secret key that is dynamically generated based on the surrounding physical environment. With this objective, physical layer security approaches can be implemented by means of simple signal processing methods. In this paper, we propose novel key extraction approaches...
A wireless sensor network (WSN) can provide a low cost and flexible solution to sensing and monitoring for large distributed applications. To save energy and prolong the network lifetime, the WSN is often partitioned into a set of spatial clusters. Each cluster includes sensor nodes with similar sensing data, and only a few sensor nodes (samplers) report their sensing data to a base node. Then the...
Because of the phenomenon that various support equipment reduce the security system deployment and economy, this paper analyzed the cost and efficiency of intensive security equipment that made by some similar function equipment. The measurement costs were taken into account in the cost model. To sort out the parameter values of the initial support devices, make them dimensionless, and select parameters...
Given a collection of event-related documents, event ranking generates a list of ranked events based on the input query. Ranking news events, which takes event related news documents for the generation of ranked events, is both an essential research issue and important component for many security oriented applications, such as public event monitoring, retrieval, detection and mining. Previous related...
This paper makes an empirical test on the correlation between financial restatement and audit report lag (ARL) using data of non-financial listed companies in China during the period 2009–2012. The empirical results show that there is a significant positive correlation between financial restatement and ARL. The longer the ARL is, the more likely it is for the company to perform a financial restatement...
Supercomputers are widely applied in various domains, which have advantage of high processing capability and mass storage. With growing supercomputing users, the system security receives comprehensive attentions, and becomes more and more important. In this paper, according to the characteristics of supercomputing environment, we perform an in-depth analysis of existing security problems in the process...
The Internet of Things (IoT) is the latest Internet evolution that interconnects billions of devices, such as cameras, sensors, RFIDs, smart phones, wearable devices, ODBII dongles, etc. Federations of such IoT devices (or things) provides the information needed to solve many important problems that have been too difficult to harness before. Despite these great benefits, privacy in IoT remains a great...
The synchronization of stock price in recent years is the hot topic of corporate finance. In this paper, we use the data of A share listed companies in China in 2010–2015 to study the barrier of separation of two rights (control right and cash flow right) to market information transmission characterized by stock price synchronization. The results show that: firstly, the separation of the two powers...
Wearables are small and have limited user interfaces, so they often wirelessly interface with a personal smartphone/computer to relay information from the wearable for display or other interactions. In this paper, we envision a new method, LightTouch, by which a wearable can establish a secure connection to an ambient display, such as a television or a computer monitor, while ensuring the user's intention...
In this paper, we study the correlation between passwords across different datasets which quantitatively explains the success of existing training-based password cracking techniques. We also study the correlation between a user's password and his/her social profile. This enabled us to develop the first social profile-aware password strength meter, namely SociaLShield. Our quantification techniques...
In this paper we investigated the security of the proposed pseudorandom numbers generator based on fuzzy logic techniques (FRNG) against correlation attacks. The correlation attack is a divide-and-conquer attack. The goal of this attack is to find the initial condition of the targeted LFSR which is used in a random sequence generator. The FRNG's general structure involves several LFSR registers, buffers,...
In this paper, an innovative idea of secure and energy efficient electrocardiogram steganography based on Discrete Wavelet Transform (DWT) is proposed, in which different important ECG data are steganographed with variable embedding strengths so that the reconstructed ECG signal quality is preserved. Incorporating the proposed Unequal Steganography Embedding (USE) with Unequal Error Protection (UEP),...
Mobile devices are used for communication and for tasks that are sensitive and subject to tampering. Indeed, attacks can be performed on the users' devices without user awareness, this represents additional risk in mission critical scenarios, such as Public Protection and Disaster Relief (PPDR). Intrusion Detection Systems are important for scenarios where information leakage is of crucial importance,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.