Search results for: static application security testing

Authors: Yuhong Li, Luyu Mao

Abstract:

Globalization has led to an increasingly interconnected international community and transmitted risks to every corner of the world through the chain of globalization. Security risks arising from international conflicts seem inescapable. Some countries have begun to build their capacity to deal with the globalization of security risks. They establish disembedding security mechanisms that transcend spatial or temporal boundaries and promote security cooperation with countries or regions that are not geographically close. This paper proposes four hypotheses of the phenomenon of "risks and security disembedding" in the post-Cold War international society and uses them to explain The United Kingdom’s behavior in the Bosnian War and the Russo-Ukrainian War. In the Bosnian War, confident in its own security and focused on maintaining European stability, The UK has therefore chosen to be cautious in its use of force in international frameworks such as the EU and to maintain a very limited intervention in Bosnia and Herzegovina's affairs. In contrast, the failure of the EU and NATO’s security mechanism in the Russo-Ukrainian war heightened Britain's anxiety, and the volatile international situation led it to show a strong tendency towards security disembedding, choosing to conclude security communities with extra-territorial states. Analysis suggests that security mechanisms are also the starting point of conflict and that countries will rely more on disembedding mechanisms to counteract the global security risks. The current mechanism of security disembedding occurs as a result of the global proliferation of security perceptions as a symbolic token and the recognition of an expert system of security mechanisms formed by states with similar security perceptions.

Keywords: disembedding mechanism, bosnia war, the russian-ukrainian war, british security strategy

Procedia PDF Downloads 79

Authors: Mustapha Hedabou, Ali Azougaghe, Ahmed Bentajer, Hicham Boukhris, Mourad Eddiwani, Zakaria Igarramen

Abstract:

Software-as-a-service (SaaS) is emerging as a dominant approach to delivering software. It encompasses a range of business, technical opportunities, issue, and challenges. Trustiness in the cloud services regarding the security and the privacy of the delivered data is the most critical issue with the SaaS model. In this paper, we survey the security concerns related to the SaaS model, and we propose the design of a trusted SaaS model that gives users more confidence into SaaS services by leveraging a trust in a neutral source code certifying authority. The proposed design is based on the use of the multisignature mechanism for signing the source code of the application service. In our model, the cloud provider acts as a root of trust by ensuring the integrity of the application service when it was running on its platform. The proposed design prevents insider attacks from tampering with application service before and after it was launched in a cloud provider platform.

Keywords: cloud computing, SaaS Platform, TPM, trustiness, code source certification, multi-signature schemes

Procedia PDF Downloads 271

Authors: Yu Qin, Wanjiaman Li

Abstract:

The widespread use of mobile electronic devices increases the complexities of mobile security. This thesis aims to provide a secure communication environment for smartphone users. Some research proves that the one-time pad is one of the securest encryption methods, and that the key distribution problem can be solved by using the QKD (quantum key distribution). The objective of this project is to design an Android APP (application) to exchange several random keys between mobile phones. Inspired by QKD, the developed APP uses the quick response (QR) code as a carrier to dispatch large amounts of one-time keys. After evaluating the performance of APP, it allows the mobile phone to capture and decode 1800 bytes of random data in 600ms. The continuous scanning mode of APP is designed to improve the overall transmission performance and user experience, and the maximum transmission rate of this mode is around 2200 bytes/s. The omnidirectional readability and error correction capability of QR code gives it a better real-life application, and the features of adequate storage capacity and quick response optimize overall transmission efficiency. The security of this APP is guaranteed since QR code is exchanged face-to-face, eliminating the risk of being eavesdropped. Also, the id of QR code is the only message that would be transmitted through the whole communication. The experimental results show this project can achieve superior transmission performance, and the correlation between the transmission rate of the system and several parameters, such as the QR code size, has been analyzed. In addition, some existing technologies and the main findings in the context of the project are summarized and critically compared in detail.

Keywords: one-time pad, QKD (quantum key distribution), QR code, application

Procedia PDF Downloads 143

Authors: Farhad Arian Far, Anjanette Q. Eleazar, Francis Aldrine A. Uy, Mary Joyce Anne V. Uy

Abstract:

The Unified Philippine Accident Reporting and Database System (UPARDS), is a newly developed system by Dr. Francis Aldrine Uy of the Mapua Institute of Technology. The main purpose is to provide an advanced road accident investigation tool, record keeping and analysis system for stakeholders such as Philippine National Police (PNP), Metro Manila Development Authority (MMDA), Department of Public Works and Highways (DPWH), Department of Health (DOH), and insurance companies. The system is composed of 2 components, the mobile application for road accident investigators that takes advantage of available technology to advance data gathering and the web application that integrates all accident data for the use of all stakeholders. The researchers with the cooperation of PNP’s Vehicle Traffic Investigation Sector of the City of Manila, conducted the field-testing of the application in fifteen (15) accident cases. Simultaneously, the researchers also distributed surveys to PNP, Manila Doctors Hospital, and Charter Ping An Insurance Company to gather their insights regarding the web application. The survey was designed on information systems theory called Technology Acceptance Model. The results of the surveys revealed that the respondents were greatly satisfied with the visualization and functions of the applications as it proved to be effective and far more efficient in comparison with the conventional pen-and-paper method. In conclusion, the pilot study was able to address the need for improvement of the current system.

Keywords: accident, database, investigation, mobile application, pilot testing

Procedia PDF Downloads 436

Authors: Yllka Hysaj, Ylberina Hysaj Arifi

Abstract:

Recently, with BREXIT taking place, organizations and employees have been affected in the way of job and employment security. Career-oriented human resources management (HRM) practices are likely to facilitate self-initiated expatriates’ adjustment to the host country. This was related to the career security (job security and employment security), which were missing in their home country and seemed to be important elements to adjust to the host country. The aim of this study is to assess whether the perception of career security by Frances self-initiated expatriates (SIEs) have changed in the wake of the referendum result. Quantitative research method will be used, and the data will be collected through electronic questionnaires. Data will be analyzed through Statistical Package for the Social Sciences (SPSS). The study variables will include an adjustment to the host country, HRM practices, employability, and job security. Predicted results consist that career-oriented HRM practices are positively related to the adjustment to the host country, employability, and job security. However, with Brexit, there might be a negative relationship between career-oriented HRM practices and job security.

Keywords: migration, self-initiated expatriates, Brexit, job security

Procedia PDF Downloads 165

Authors: Michael Stewart

Abstract:

Mutation testing is a type of software testing proposed in the 1970s where program statements are deliberately changed to introduce simple errors so that test cases can be validated to determine if they can detect the errors. Test cases are executed against the mutant code to determine if one fails, detects the error and ensures the program is correct. One major issue with this type of testing was it became intensive computationally to generate and test all possible mutations for complex programs. This paper used reinforcement learning and parallel processing within the context of mutation testing for the selection of mutation operators and test cases that reduced the computational cost of testing and improved test suite effectiveness. Experiments were conducted using sample programs to determine how well the reinforcement learning-based algorithm performed with one live mutation, multiple live mutations and no live mutations. The experiments, measured by mutation score, were used to update the algorithm and improved accuracy for predictions. The performance was then evaluated on multiple processor computers. With reinforcement learning, the mutation operators utilized were reduced by 50 – 100%.

Keywords: automated-testing, machine learning, mutation testing, parallel processing, reinforcement learning, software engineering, software testing

Procedia PDF Downloads 195

Authors: Shunpu Zhang

Abstract:

We propose a new multiple test called the minPOP test for testing multiple hypotheses simultaneously. Under the assumption that the test statistics are independent, we show that the minPOP test has higher global power than the existing multiple testing methods. We further propose a stepwise multiple-testing procedure based on the minPOP test and two of its modified versions (the Double Truncated and Left Truncated minPOP tests). We show that these multiple tests have strong control of the family-wise error rate (FWER). A method for finding the p-values of the proposed tests after adjusting for multiplicity is also developed. Simulation results show that the Double Truncated and Left Truncated minPOP tests, in general, have a higher number of rejections than the existing multiple testing procedures.

Keywords: multiple test, single-step procedure, stepwise procedure, p-value for multiple testing

Procedia PDF Downloads 74

Authors: Hashem Dehghanniri

Abstract:

Crime scripting is a simple and effective crime modeling technique that aims to improve understanding of security analysts about security and crime incidents. Low-quality scripts provide a wrong, incomplete, or sophisticated understanding of the crime commission process, which oppose the purpose of their application, e.g., identifying effective and cost-efficient situational crime prevention (SCP) measures. One important and overlooked factor in generating quality scripts is the crime scripting method. This study investigates the problems within the existing crime scripting practices and proposes a crime scripting approach that contributes to generating quality crime scripts. It was validated by experienced crime scripters. This framework helps analysts develop better crime scripts and contributes to their effective application, e.g., SCP measures identification or policy-making.

Keywords: attack modelling, crime commission process, crime script, situational crime prevention

Procedia PDF Downloads 124

Authors: Moez Yeddes

Abstract:

The property of opacity is widely used in the formal verification of security in computer systems and protocols. Opacity is a general language-theoretic scheme of many security properties of systems. Opacity is parametrized with framework in which several security properties of a system can be expressed. A secret behaviour of a system is opaque if a passive attacker can never deduce its occurrence from the system observation. Instead of considering the case of static observability where the set of observable events is fixed off-line or dynamic observability where the set of observable events changes over time depending on the history of the trace, we introduce Orwellian partial observability where unobservable events are not revealed provided that downgrading events never occurs in the future of the trace. Orwellian partial observability is needed to model intransitive information flow. This Orwellian observability is knwon as ipurge function. We show in previous work how to verify opacity for regular secret is opaque for a regular language L w.r.t. an Orwellian projection is PSPACE-complete while it has been proved undecidable even for a regular language L w.r.t. a general Orwellian observation function. In this paper, we address two problems of opacification of a regular secret ϕ for a regular language L w.r.t. an Orwellian projection: Given L and a secret ϕ ∈ L, the first problem consist to compute some minimal regular super-language M of L, if it exists, such that ϕ is opaque for M and the second consists to compute the supremal sub-language M′ of L such that ϕ is opaque for M′. We derive both language-theoretic characterizations and algorithms to solve these two dual problems.

Keywords: security policies, opacity, formal verification, orwellian observation

Procedia PDF Downloads 222

Authors: Alisher Ikramov, Gayrat Juraev

Abstract:

The production of logic devices faces the occurrence of faults during manufacturing. This work analyses the complexity of testing a special type of logic device on inverse, adhesion, and constant input faults. The focus of this work is on devices that implement cryptographic functions. The complexity values for the general case faults and for some frequently occurring subsets were determined and proved in this work. For a special case, when the length of the text block is equal to the length of the key block, the complexity of testing is proven to be asymptotically half the complexity of testing all logic devices on the same types of input faults.

Keywords: complexity, cryptographic devices, input faults, testing

Procedia PDF Downloads 220

Authors: J. Hrabovský, M. Chabičovský, J. Horský

Abstract:

Water spray cooling is a technique typically used in heat treatment and other metallurgical processes where controlled temperature regimes are required. Water spray cooling is used in static (without movement) or dynamic (with movement of the steel plate) regimes. The static regime is notable for the fixed position of the hot steel plate and fixed spray nozzle. This regime is typical for quenching systems focused on heat treatment of the steel plate. The second application of spray cooling is the dynamic regime. The dynamic regime is notable for its static section cooling system and moving steel plate. This regime is used in rolling and finishing mills. The fixed position of cooling sections with nozzles and the movement of the steel plate produce nonhomogeneous water distribution on the steel plate. The length of cooling sections and placement of water nozzles in combination with the nonhomogeneity of water distribution leads to discontinued or interrupted cooling conditions. The impact of static and dynamic regimes on cooling intensity and the heat transfer coefficient during the cooling process of steel plates is an important issue. Heat treatment of steel is accompanied by oxide scale growth. The oxide scale layers can significantly modify the cooling properties and intensity during the cooling. The combination of the static and dynamic (section) regimes with the variable thickness of the oxide scale layer on the steel surface impact the final cooling intensity. The study of the influence of the oxide scale layers with different cooling regimes was carried out using experimental measurements and numerical analysis. The experimental measurements compared both types of cooling regimes and the cooling of scale-free surfaces and oxidized surfaces. A numerical analysis was prepared to simulate the cooling process with different conditions of the section and samples with different oxide scale layers.

Keywords: heat transfer coefficient, numerical analysis, oxide layer, spray cooling

Procedia PDF Downloads 402

Authors: Yanchun Zuo, Yingao Liu, Wei Liu, Le Yu, Run Huang, Lixin Guo

Abstract:

Electric field detection is important in many application scenarios. The traditional strategy is measuring the electric field with a man walking around in the area under test. This strategy cannot provide a satisfactory measurement accuracy. To solve the mentioned problem, an autopilot measurement system is divided. A mini-car is produced, which can travel in the area under test according to respect to the program within the CPU. The electric field measurement platform (EFMP) carries a central computer, two horn antennas, and a vector network analyzer. The mini-car stop at the sampling points according to the preset. When the car stops, the EFMP probes the electric field and stores data on the hard disk. After all the sampling points are traversed, an electric field map can be plotted. The proposed system can give an accurate field distribution description of the chamber.

Keywords: autopilot mini-car measurement system, electric field detection, field map, static zone measurement

Procedia PDF Downloads 97

Authors: Vaibhav Rana, Nicholas Balaresque

Abstract:

The 3-cup anemometer is the most commonly used instrument for wind speed measurement and, consequently, for the wind resource assessment. Though the cup anemometer shows accurate measurement under quasi-static conditions, there is uncertainty in the measurement when subjected to field measurement. Sensitivity to the angle of attacks with respect to horizontal plane, dynamic response, and non-linear behavior in calibration due to friction. The presented work aimed to identify the sensitivity of anemometer to non-horizontal flow. The cup anemometer was investigated under low wind speed wind tunnel, first under the static flow direction changes and second under the dynamic direction changes, at a different angle of attacks, under the similar conditions of reference wind tunnel speeds. The cup anemometer response under both conditions was evaluated and compared. The results showed the anemometer under dynamic wind direction changes is highly sensitive compared to static conditions.

Keywords: wind energy, cup anemometer, directional sensitivity, dynamic behavior, wind tunnel

Procedia PDF Downloads 145

Authors: Mehdi Shekarbeigi

Abstract:

The consolidation of loose substrates as well as substrate layers through promoting stabilizing materials is one of the most commonly used road construction techniques. Cement, lime, and flax, as well as asphalt emulsion, are common materials used for soil stabilization to enhance the soil’s strength and durability properties. Cement could be simply used to stabilize permeable materials such as sand in a relatively short time threshold. In this research, typical Portland cement is selected for the stabilization of isotropic sand; the effect of static and cyclic loading on the behavior of these soils has been examined with various percentages of Portland cement. Thus, firstly, a soil’s general features are investigated, and then static tests, including direct cutting, density and single axis tests, and California Bearing Ratio, are performed on the samples. After that, the dynamic behavior of cement on silica sand with the same grain size is analyzed. These experiments are conducted on cement samples of 3, 6, and 9 of the same rates and ineffective limiting pressures of 0 to 1200 kPa with 200 kPa steps of the face according to American Society for Testing and Materials D 3999 standards. Also, to test the effect of temperature on molds and frost samples, 0, 5, 10, and 20 are carried out during 0, 5, 10, and 20-second periods. Results of the static tests showed that increasing the cement percentage increases the soil density and shear strength. The single-axis compressive strength increase is higher for samples with higher cement content and lower densities. The results also illustrate the relationship between single-axial compressive strength and cement weight parameters. Results of the dynamic experiments indicate that increasing the number of loading cycles and melting and freezing cycles enhances permeability and decreases the applied pressure. According to the results of this research, it could be stated that samples containing 9% cement have the highest amount of shear modulus and, therefore, decrease the permeability of soil. This amount could be considered as the optimal amount. Also, the enhancement of effective limited pressure from 400 to 800kPa increased the shear modulus of the sample by an average of 20 to 30 percent in small strains.

Keywords: cement, isotropic sands, static load, three-axis cycle, melting and freezing cycles

Procedia PDF Downloads 72

Authors: Umesh Kumar Singh, Abhishek Raghuvanshi, Suyash Kumar Singh

Abstract:

As IoT networks gain popularity, they are more susceptible to security breaches. As a result, it is crucial to analyze the IoT platform as a whole from the standpoint of core security concepts. The Internet of Things relies heavily on wireless networks, which are well-known for being susceptible to a wide variety of attacks. This article provides an analysis of many techniques that may be used to identify vulnerabilities in the software and hardware associated with the Internet of Things (IoT). In the current investigation, an experimental setup is built with the assistance of server computers, client PCs, Internet of Things development boards, sensors, and cloud subscriptions. Through the use of network host scanning methods and vulnerability scanning tools, raw data relating to IoT-based applications and devices may be collected. Shodan is a tool that is used for scanning, and it is also used for effective vulnerability discovery in IoT devices as well as penetration testing. This article presents an efficient mitigation plan for encountering vulnerabilities in the Internet of Things.

Keywords: internet of things, security, privacy, vulnerability identification, mitigation plan

Procedia PDF Downloads 37

Authors: Homa Parmoon, Narges Hamzeh

Abstract:

Since today's urban spaces are disposed towards behavioral disorders and lack of security, both qualitative and quantitative aspects of security especially social and physical security are considered as basic necessities in urban planning. This research focused on the variable of place of living, examined social security in the old and new textures, and investigated the amount of residents’ social security in Shiraz including safety, financial, emotional and moral security. To this end, two neighborhoods in region 1 of Shiraz- Qasr-Al-Dasht (old texture) and Moalem (new texture)- were examined through a comparative study of 60 samples lived in two neighborhoods. Data were gathered through two-way ANOVA between the variables of residential context and internal and external security. This analysis represents the significance or insignificance of the model as well as the individual effects of each independent variable on the dependent variable. It was tested by ANCOVA and F-test. Research findings indicated place of living has a significant effect on families’ social security. The safety, financial, emotional, and moral security also represented a great impact on social security. As a result, it can be concluded that social security changes with the changing in place of living.

Keywords: social security, damaged area, two-way ANOVA, Shiraz

Procedia PDF Downloads 134

Authors: Ji Lian Yap

Abstract:

This paper will critically consider developments in 2014 in relation to the law relating to security over personal property in Hong Kong. The rules governing the registration of charges under the Hong Kong Companies Ordinance will be examined. Case law relating to personal property security will also be discussed. The transplantation of the floating charge into China’s Property Law will also be considered.

Keywords: personal property, security law, reform of the law, law

Procedia PDF Downloads 421

Authors: Bambang Novianto, Rizal Aditya Herdianto, Raphael Bianco Huwae, Afifah, Alfonso Brolin Sihite, Rudi Lumanto

Abstract:

The mobile banking application is a type of mobile application that is growing rapidly. This is caused by the ease of service and time savings in making transactions. On the other hand, this certainly provides a challenge in security issues. The use of mobile banking can not be separated from cyberattacks that may occur which can result the theft of sensitive information or financial loss. The financial loss and the theft of sensitive information is the most avoided thing because besides harming the user, it can also cause a loss of customer trust in a bank. Cyberattacks that are often carried out against mobile applications are phishing, hacking, theft, misuse of data, etc. Cyberattack can occur when a vulnerability is successfully exploited. OWASP mobile Top 10 has recorded as many as 10 vulnerabilities that are most commonly found in mobile applications. In the others, android permissions also have the potential to cause vulnerabilities. Therefore, an overview of the profile of the mobile banking application becomes an urgency that needs to be known. So that it is expected to be a consideration of the parties involved for improving security. In this study, an experiment has been conducted to capture the profile of the mobile banking applications in Indonesia based on android permission and OWASP mobile top 10 2016. The results show that there are six basic vulnerabilities based on OWASP Mobile Top 10 that are most commonly found in mobile banking applications in Indonesia, i.e. M1:Improper Platform Usage, M2:Insecure Data Storage, M3:Insecure Communication, M5:Insufficient Cryptography, M7:Client Code Quality, and M9:Reverse Engineering. The most permitted android permissions are the internet, status network access, and telephone read status.

Keywords: mobile banking application, OWASP mobile top 10 2016, android permission, sensitive information, financial loss

Procedia PDF Downloads 137

Authors: Elena A. Troubitsyna

Abstract:

Designers of modern safety-critical control systems are increasingly relying on networking to provide the systems with advanced functionality and satisfy customer’s needs. However, networking nature of modern control systems also brings new technological challenges associated with ensuring system safety in the presence of openness and hence, potential security threats. In this paper, we propose a methodology that relies on systems-theoretic analysis to enable an integrated analysis of safety and security requirements of controlling software. We demonstrate how to create a safety case – a structured argument about system safety – with explicit representation of both safety and security goals. Our approach provides the designers with a systematic approach to analysing safety and security interdependencies while designing safety-critical control systems.

Keywords: controlling software, integrated analysis, security, safety-security co-engineering

Procedia PDF Downloads 492

Authors: R. Ziaie Moayed, B. Mohammadi-Haji

Abstract:

Stone columns have been widely employed to improve the load-settlement characteristics of soft soils. The results of two small scale displacement control loading tests on stone columns were used in order to validate numerical finite element simulations. Additionally, a series of numerical calculations of static loading have been performed on strengthened raft footing to investigate the effects of using stone columns on bearing capacity of footings. The bearing capacity of single and group of stone columns under static loading compares with unimproved ground.

Keywords: circular raft footing, numerical analysis, validation, vertically encased stone column

Procedia PDF Downloads 302

Authors: Da Eun Sung

Abstract:

In today’s world, cyber security has become an important international agenda. As the information age has arrived, the need for cyber defense against cyber attacks is mounting, and the significance of cyber cooperation in the international community is drawing attention. Through the course, international society has agreed that the institutionalization of international norms dealing with cyber space and cyber security is crucial ever. Nevertheless, the West, led by the United States of America, and 'the East', composed of Russia and China, have shown conflicting views on forming international norms and principles which would regulate and ward off the possible threats in cyber space. Thus, the international community hasn’t yet to reach an agreement on cyber security. In other words, the difference between both sides on the approach and understanding of principles, objects, and the definition has rendered such. Firstly, this dissertation will cover the Russia’s perception, strategy, and definition on cyber security through analyzing primary source. Then, it will delve into the two contrasting cyber security strategy between Russia and the US by comparing them. And in the conclusion, it will seek the possible solution for the cooperation in the field of cyber security. It is quite worthwhile to look into Russia’s views, which is the main counterpart to the US in this field, especially when the efforts to institutionalize cyber security by the US-led international community have met with their boundaries, and when the legitimacy of them have been challenged.

Keywords: cyber security, cyber security strategic, international relation in cyberspace, Russia

Procedia PDF Downloads 318

Authors: Francis Zerd, Brian E. Moore, Atuganile E. Malango, Patrick W. Hosokawa, Kevin O. Lillehei, Laurence Lemery Mchome, D. Ryan Ormond

Abstract:

Introduction: Since neuropathologic diagnosis in the developing world is hampered by limitations in technical infrastructure, trained laboratory personnel, and subspecialty-trained pathologists, the use of telepathology for diagnostic support, second-opinion consultations, and ongoing training holds promise as a means of addressing these challenges. This research aims to assess the utility of static teleneuropathology in improving neuropathologic diagnoses in low- and middle-income countries. Methods: Consecutive neurosurgical biopsy and resection specimens obtained at Muhimbili National Hospital in Tanzania between July 1, 2018, and June 30, 2019, were selected for retrospective, blinded static-image neuropathologic review followed by on-site review by an expert neuropathologist. Results: A total of 75 neuropathologic cases were reviewed. The agreement of static images and on-site glass diagnosis was 71% with strict criteria and 88% with less stringent criteria. This represents an overall improvement in diagnostic accuracy from 36% by general pathologists to 71% by a neuropathologist using static telepathology (or 76% to 88% with less stringent criteria). Conclusions: Telepathology offers a suitable means of providing diagnostic support, second-opinion consultations, and ongoing training to pathologists practicing in resource-limited countries. Moreover, static digital teleneuropathology is an uncomplicated, cost-effective, and reliable way to achieve these goals.

Keywords: neuropathology, resource-limited settings, static image, Tanzania, teleneuropathology

Procedia PDF Downloads 101

Authors: Emad Askar, Eldesoky Elsoaly, Mohamed Kamel, Hisham Kamel

Abstract:

The objective of this article is to improve the passive vibration damping of solar array (SA) used in space structures, by the effective application of numerical optimization. A case study of a SA is used for demonstration. A finite element (FE) model was created and verified by experimental testing. Optimization was then conducted by implementing the FE model with the genetic algorithm, to find the optimal placement of aluminum circular patches, to suppress the first two bending mode shapes. The results were verified using experimental testing. Finally, a parametric study was conducted using the FE model where patch locations, material type, and shape were varied one at a time, and the results were compared with the optimal ones. The results clearly show that through the proper application of FE modeling and numerical optimization, passive vibration damping of space structures has been successfully achieved.

Keywords: damping optimization, genetic algorithm optimization, passive vibration damping, solar array vibration damping

Procedia PDF Downloads 446

Authors: Lauren Provost

Abstract:

The digital world remains increasingly vulnerable, making the development of effective cybersecurity approaches even more critical in supporting the success of the digital economy and national security. Although approaches to cybersecurity have shifted and improved in the last decade with new models, especially with cloud computing and mobility, a record number of high severity vulnerabilities were recorded in the National Institute of Standards and Technology (NIST), and its National Vulnerability Database (NVD) in 2020. This is due, in part, to the increasing complexity of cyber ecosystems. Security must be approached with a more comprehensive, multi-tool strategy that addresses the complexity of cyber ecosystems, including the human factor. Ethical hacking has emerged as such an approach: a more effective, multi-strategy, comprehensive approach to cyber security's most pressing needs, especially understanding the human factor. Research on ethical hacking, however, is limited in scope. The two main objectives of this work are to (1) provide highlights of case studies in ethical hacking, (2) provide a conceptual framework for research in ethical hacking that embraces and addresses both technical and nontechnical security measures. Recommendations include an improved conceptual framework for research centered on ethical hacking that addresses many factors and attributes of significant attacks that threaten computer security; a more robust, integrative multi-layered framework embracing the complexity of cybersecurity ecosystems.

Keywords: ethical hacking, literature review, penetration testing, social engineering

Procedia PDF Downloads 212

Authors: Somayeh Sobati Moghadam

Abstract:

Business processes are crucial for organizations and help businesses to evaluate and optimize their performance and processes against current and future-state business goals. Outsourcing business processes to the cloud becomes popular due to a wide varsity of benefits and cost-saving. However, cloud outsourcing raises enterprise data security concerns, which must be incorporated in Business Process Model and Notation (BPMN). This paper, presents SeCloudBPMN, a lightweight extension for BPMN which extends the BPMN to explicitly support the security threats in the cloud as an outsourcing environment. SeCloudBPMN helps business’s security experts to outsource business processes to the cloud considering different threats from inside and outside the cloud. In this way, appropriate security countermeasures could be considered to preserve data security in business processes outsourcing to the cloud.

Keywords: BPMN, security threats, cloud computing, business processes outsourcing, privacy

Procedia PDF Downloads 265

Authors: Ritsuko Kawasaki (Aiba), Takeshi Hiromatsu

Abstract:

Management is required to understand all information security risks within an organization, and to make decisions on which information security risks should be treated in what level by allocating how much amount of cost. However, such decision-making is not usually easy, because various measures for risk treatment must be selected with the suitable application levels. In addition, some measures may have objectives conflicting with each other. It also makes the selection difficult. Moreover, risks generally have trends and it also should be considered in risk treatment. Therefore, this paper provides the extension of the model proposed in the previous study. The original model supports the selection of measures by applying a combination of weighted average method and goal programming method for multi-objective analysis to find an optimal solution. The extended model includes the notion of weights to the risks, and the larger weight means the priority of the risk.

Keywords: information security risk treatment, selection of risk measures, risk acceptance, multi-objective optimization

Procedia PDF Downloads 460

Authors: Hsiang-Wen Tang, Cheng-Ying Lo

Abstract:

In this study, the static behavior of super elliptical Winkler plate is analyzed by applying the double side approach method. The lack of information about super elliptical Winkler plates is the motivation of this study and we use the double side approach method to solve this problem because of its superior ability on efficiently treating problems with complex boundary shape. The double side approach method has the advantages of high accuracy, easy calculation procedure and less calculation load required. Most important of all, it can give the error bound of the approximate solution. The numerical results not only show that the double side approach method works well on this problem but also provide us the knowledge of static behavior of super elliptical Winkler plate in practical use.

Keywords: super elliptical winkler plate, double side approach method, error bound, mechanic

Procedia PDF Downloads 350

Authors: Tala Toonsi, Marah Alagha, Lina Alnowaiser, Hala Rajab

Abstract:

This report is about the Photomath app, which is an AI application that uses image recognition technology, specifically optical character recognition (OCR) algorithms. The (OCR) algorithm translates the images into a mathematical equation, and the app automatically provides a step-by-step solution. The application supports decimals, basic arithmetic, fractions, linear equations, and multiple functions such as logarithms. Testing was conducted to examine the usage of this app, and results were collected by surveying ten participants. Later, the results were analyzed. This paper seeks to answer the question: To what level the artificial intelligence features are accurate and the speed of process in this app. It is hoped this study will inform about the efficiency of AI in Photomath to the users.

Keywords: photomath, image recognition, app, OCR, artificial intelligence, mathematical equations.

Procedia PDF Downloads 169

Authors: Hakan Erol, Altan Elibol, Ömer Eryılmaz, Mehmet Şimşek

Abstract:

Organizations aim to manage information in a most possible effective way for sustainment and development. In doing so, they apply various procedures and methods. The very same situation is valid for each service of Armed Forces. During long-lasting endeavors such as shaping and maintaining security environment, supporting and securing peace, knowledge management is a crucial asset. Optimum Balance Model aims to promote the system from a decisive point to a higher decisive point. In this context, this paper analyses the application of optimum balance model to knowledge management in Armed Forces and tries to find answer to the question how Optimum Balance Model is integrated in knowledge management.

Keywords: optimum balance model, knowledge management, security environment, supporting peace

Procedia PDF Downloads 390

Authors: Muneera Abdul Haleem Bukhari, Maryam I. Alshirawi, Elsayed S. Elkhamisi

Abstract:

This study aimed at understanding the relationship between psychological security and self-esteem among Adolescent with Mild Intellectual Disability, exploring the levels of psychological security and self-esteem, as well as determining the differences between genders in psychological security and self-esteem. The sample of the study contained (60) Adolescent with Mild Intellectual Disability, (34) males and (26) females who are enrolled in the Vocational and Social Rehabilitation Center and Hope Institute in the Kingdom of Bahrain. Their ages are between (15-23) years old. The Psychological Security Scale and self-Esteem Scale (prepared by James Battle) were used by the researcher. Results showed that levels of psychological security and self-esteem among Adolescents with Mild Intellectual Disability was above average; results also showed the order of the psychological security dimensions in the following manner (future outlook – mood - family security – social security) and the order of the dimensions of self-esteem in the following manner (social self-esteem – personal self-esteem – general self-esteem) among Adolescent with Mild Intellectual Disability; as for the differences between genders, the study showed that there was an increased level of psychological security among males. However, there was no difference in self-esteem between both sexes.

Keywords: psychological security, self-esteem, adolescent, intellectual disability, the Kingdom of Bahrain

Procedia PDF Downloads 389