Search results for: security technology

Authors: G. T. Aigarinova

Abstract:

This article considers the legal issues of food security as a major component of national security of the republic. The problem of food security is the top priority of the economic policy strategy of any state, the effectiveness of this solution influences social, political, and ethnic stability in society. Food security and nutrition is everyone’s business. Food security exists when all people, at all times, have physical, social and economic access to sufficient safe and nutritious food that meets their dietary needs and food preferences for an active and healthy life. By analyzing the existing legislation in the area of food security, the author identifies weaknesses and gaps, suggesting ways to improve it.

Keywords: food security, national security, agriculture, public resources, economic security

Procedia PDF Downloads 389

Authors: Ku Aina Afiqah Ku Adzman, Manmeet Mahinderjit Singh, Zarul Fitri Zaaba

Abstract:

NFC operates on low-range 13.56 MHz frequency within a distance from 4cm to 10cm, and the applications can be categorized as touch and go, touch and confirm, touch and connect, and touch and explore. NFC applications are vulnerable to various security and privacy attacks such due to its physical nature; unprotected data stored in NFC tag and insecure communication between its applications. This paper aims to determine the likelihood of security risks happening in an NFC technology and application. We present an NFC technology taxonomy covering NFC standards, types of application and various security and privacy attack. Based on observations and the survey presented to evaluate the risk assessment within the touch and go application demonstrates two security attacks that are high risks namely data corruption and DOS attacks. After the risks are determined, risk countermeasures by using AHP is adopted. The guideline and solutions to these two high risks, attacks are later applied to a secure NFC-enabled Smartphone Attendance System.

Keywords: Near Field Communication (NFC), risk assessment, multi-criteria decision making, Analytical Hierarchy Process (AHP)

Procedia PDF Downloads 272

Authors: Haydar Teymourlouei

Abstract:

It is important to take security measures to protect your computer information, reduce identify theft, and prevent from malicious cyber-attacks. With cyber-attacks on the continuous rise, people need to understand and learn ways to prevent from these attacks. Cyber-attack is an important factor to be considered if one is to be able to protect oneself from malicious attacks. Without proper security measures, most computer technology would hinder home users more than such technologies would help. Knowledge of how cyber-attacks operate and protective steps that can be taken to reduce chances of its occurrence are key to increasing these security measures. The purpose of this paper is to inform home users on the importance of identifying and taking preventive steps to avoid cyberattacks. Throughout this paper, many aspects of cyber-attacks will be discuss: what a cyber-attack is, the affects of cyber-attack for home users, different types of cyber-attacks, methodology to prevent such attacks; home users can take to fortify security of their computer.

Keywords: cyber-attacks, home user, prevention, security, technology

Procedia PDF Downloads 365

Authors: Dicky R. Munaf, Ayu Bulan Tisna

Abstract:

Competitive intelligence (business intelligence) is the process of observing the external environment which often conducted by many organizations to get the relevant information which will be used to create the organization policy, whereas, security intelligence is related to the function of the officers who have the duties to protect the country and its people from every criminal actions that might harm the national and individual security. Therefore, the intelligence dimension of maritime security is associated with all the intelligence activities including the subject and the object that connected to the maritime issues. The concept of intelligence business regarding the maritime security perspective is the efforts to protect the maritime security using the analysis of economic movements as the basic strategic plan. Clearly, a weak maritime security will cause high operational cost to all the economic activities which uses the sea as its media. Thus, it affects the competitiveness of a country compared to the other countries that are able to maintain the maritime law enforcement and secure their marine territory. So, the intelligence business within the security intelligence is important to conduct as the beginning process of the identification against the opponent strategy that might happen in the present or in the future. Thereby, the scenario of the potential impact of all the illegal maritime activities, as well as the strategy in preventing the opponent maneuver can be made.

Keywords: competitive intelligence, maritime security intelligence, intelligent systems, information technology

Procedia PDF Downloads 469

Authors: Rossouw De Bruin, Sebastiaan H. Von Solms

Abstract:

The state of national security is an evolving concern. Companies, organizations, governments, states and individuals are aware of the security of their information and their assets however, they may not always be aware of the risks present. These risks are not only limited to non-existence of security procedures. Existing security can be severely flawed, especially if there is non-conformance towards policies, practices and procedures. When looking at humanitarian actions, we can easily identify these flaws. Unfortunately, humanitarian aid has to compete with factors from within the states, countries and continents they are working in. Furthermore, as technology improves, so does our connectivity to the internet and the way in which we use the internet. However, there are times when security is overlooked and humanitarian agencies are some of the agencies that do not always take security into consideration. The purpose of this paper will be to introduce the importance of cybersecurity and cybersecurity governance with respect to humanitarian work. We will also introduce and briefly discuss a model that can be used by humanitarian agencies to assess, manage and maintain their cybersecurity efforts.

Keywords: humanities, cybersecurity, cybersecurity governance, maturity, cybersecurity maturity, maturity model

Procedia PDF Downloads 235

Authors: Malaw Ndiaye, Karim Konate

Abstract:

Smart contracts are computer protocols that facilitate, verify, and execute the negotiation or execution of a contract, or that render a contractual term unnecessary. Blockchain and smart contracts can be used to facilitate almost any financial transaction. Thanks to these smart contracts, the settlement of dividends and coupons could be automated. Smart contracts have become lucrative and profitable targets for attackers because they can hold a great amount of money. Smart contracts, although widely used in blockchain technology, are far from perfect due to security concerns. Since there are recent studies on smart contract security, none of them systematically study the strengths and weaknesses of smart contract security. Some have focused on an analysis of program-related vulnerabilities by providing a taxonomy of vulnerabilities. Other studies are responsible for listing the series of attacks linked to smart contracts. Although a series of attacks are listed, there is a lack of discussions and proposals on improving security. This survey takes stock of smart contract security from a more comprehensive perspective by correlating the level of vulnerability and systematic review of security levels in smart contracts.

Keywords: blockchain, Bitcoin, smart contract, criminal smart contract, security

Procedia PDF Downloads 136

Authors: Eithan Hourie, Miki Malul, Raphael Bar-El

Abstract:

To investigate the relationship between various welfare policies and the value of job security, we conducted a study with 201 people regarding their assessments of the value of job security with respect to three elements: income stability, assurance of continuity of employment, and security in the job. The experiment simulated different welfare policy scenarios, such as the amount and duration of unemployment benefits, workfare, and basic income. The participants evaluated the value of job security in various situations. We found that the value of job security is approximately 22% of the starting salary, which is distributed as follows: 13% reflects income security, 8.7% reflects job security, and about 0.3% is for being able to keep their current employment in the future. To the best of our knowledge, this article is one of the pioneers in trying to quantify the value of job security in different market scenarios and at varying levels of welfare policy. Our conclusions may help decision-makers when deciding on a welfare policy.

Keywords: job security value, employment protection legislation, status quo bias, expanding welfare policy

Procedia PDF Downloads 73

Authors: Mirko Sailio

Abstract:

Border crossing automatization reduces required human resources in handling people crossing borders. As technology replaces and augments the work done by border officers, new cyber threats arise to threaten border security. This research analyses the current cyber threat actors and their capabilities. The analysis is conducted by gathering the threat actor data from a wide range of public sources. A model for a general border automatization system is presented, and its most significant cyber-security attributes are then compared to threat actor activity and capabilities in order to predict priorities in securing such systems. Organized crime and nation-state actors present the clearest threat to border cyber-security, and additional focus is given to their motivations and activities.

Keywords: border automation, cyber-security, threat actors, border cyber-security

Procedia PDF Downloads 172

Authors: Ranbir Singh, Deepinder Kaur

Abstract:

Network security is an important aspect in every field like government offices, Educational Institute and any business organization. Network security consists of the policies adopted to prevent and monitor forbidden access, misuse, modification, or denial of a computer network. Network security is very complicated subject and deal by only well trained and experienced people. However, as more and more people become wired, an increasing number of people need to understand the basics of security in a networked world. The history of the network security included an introduction to the TCP/IP and interworking. Network security starts with authenticating, commonly with a username and a password. In this paper, we study about various types of attacks on network security and how to handle or prevent this attack.

Keywords: network security, attacks, denial, authenticating

Procedia PDF Downloads 371

Authors: Ahmadu Girgiri, Lawan Gana Ali, Mamman M. Baba

Abstract:

Environmental security clearly articulates the perfections and developments of various communities around the world irrespective of the region, culture, religion or social inclination. Although, the present state of insecurity has become serious issue devastating the peace, unity, stability and progress of man and his physical environment particularly in developing countries. Recently, measure of security and it management in Nigeria has been a bottle-neck to the effectiveness and advancement of various sectors that include; business, education, social relations, politics and above all an economy. Several measures have been considered on mitigating environment insecurity such as surveillance, demarcation, security personnel empowerment and the likes, but still the issue remains disturbing. In this paper, we present the application of new technology that contributes to the improvement of security surveillance known as “Wireless Sensor Network (WSN)”. The system is new, smart and emerging technology that provides monitoring, detection and aggregation of information using sensor nodes and wireless network. WSN detects, monitors and stores information or activities in the deployed area such as schools, environment, business centers, public squares, industries, and outskirts and transmit to end users. This will reduce the cost of security funding and eases security surveillance depending on the nature and the requirement of the deployment.

Keywords: application, environment, insecurity, sensor, wireless sensor network

Procedia PDF Downloads 217

Authors: John Ayoade

Abstract:

Radio Frequency Identification (RFID) has gained a lot of popularity in all walks of life due to its usefulness and diverse use of the technology in almost every application. However, there have been some security concerns most especially in regards to how authentic readers and tags can confirm their authenticity before confidential data is exchanged between them. In this paper, Kerberos protocol is adopted for the mutual authentication of RFID system components in order to ensure the secure communication between those components and to realize the authenticity of the communicating components.

Keywords: RFID, security, mutual authentication, Kerberos

Procedia PDF Downloads 434

Authors: Liwen Wang, Yuting Chen, Tong Wu, Shaolei Hu

Abstract:

In order to enhance the security of critical financial infrastructure, this study carries out a transformation of the architecture of a financial trading terminal to a zero trust architecture (ZTA), constructs an active defense system for cybersecurity, improves the security level of trading services in the Internet environment, enhances the ability to prevent network attacks and unknown risks, and reduces the industry and security risks brought about by cybersecurity risks. This study introduces the SDP technology of ZTA, adapts and applies it to a financial trading terminal to achieve security optimization and fine-grained business grading control. The upgraded architecture of the trading terminal moves security protection forward to the user access layer, replaces VPN to optimize remote access, and significantly improves the security protection capability of Internet transactions. The study achieves 1. deep integration with the access control architecture of the transaction system; 2. no impact on the performance of terminals and gateways, and no perception of application system upgrades; 3. customized checklist and policy configuration; 4. introduction of industry-leading security technology such as single-packet authorization (SPA) and secondary authentication. This study carries out a successful application of ZTA in the field of financial trading and provides transformation ideas for other similar systems while improving the security level of financial transaction services in the Internet environment.

Keywords: zero trust, trading terminal, architecture, network security, cybersecurity

Procedia PDF Downloads 125

Authors: Vahid Bayrami Rad

Abstract:

Ever since humans developed a collective way of life to the development of urbanization, the concern of security has always been considered one of the most important challenges of life. To protect property, locks have always been a practical tool. With the advancement of technology, the form of locks has changed from mechanical to electric. One of the most widely used fields of using artificial intelligence is its application in the technology of surveillance security systems. Currently, the technologies used in smart anti-theft door handles are one of the most potential fields for using artificial intelligence. Artificial intelligence has the possibility to learn, calculate, interpret and process by analyzing data with the help of algorithms and mathematical models and make smart decisions. We will use Arduino board to process data.

Keywords: arduino board, artificial intelligence, image processing, solenoid lock

Procedia PDF Downloads 30

Authors: Ivan Župan

Abstract:

Critical infrastructure is essential for the functioning of a country and is designated for special protection by governments worldwide. Due to the increase in smart technology usage in every facet of the industry, including critical infrastructure, the exposure to malicious cyber-physical attacks has grown in the last few years. Proper security measures must be undertaken in order to defend against cyber-physical threats that can disrupt the normal functioning of critical infrastructure and, consequently the functioning of the country. This paper provides a review of the scientific literature of models, methods and technologies used to protect from cyber-physical threats in industries. The focus of the literature was observed from three aspects. The first aspect, resilience, concerns itself with the robustness of the system’s defense against threats, as well as preparation and education about potential future threats. The second aspect concerns security risk management for systems with cyber-physical aspects, and the third aspect investigates available testbed environments for testing developed models on scaled models of vulnerable infrastructure.

Keywords: critical infrastructure, cyber-physical security, smart industry, security methodology, security technology

Procedia PDF Downloads 49

Authors: Ying Zhu

Abstract:

Recent years have witnessed a boom of foreign investments in the field of artificial intelligence (AI). Foreign investments provide critical capital for AI development but also trigger national security concerns of host states. A notable example is an increasing number of cases in which the Committee on Foreign Investment in the United States (CFIUS) has denied Chinese acquisitions of US technology companies on national security grounds. On July 19, 2018, the Congress has reached a deal on the final draft of a new provision to strengthen CFIUS’s authority to review overseas transactions involving sensitive US technology. The question is: how to reconcile the emerging tension between, on the one hand, foreign AI investors’ expectations of a predictable investment environment, and on the other hand, host states’ regulatory power on national security? This paper provides a methodology to reconcile this tension under international investment law. Based on an examination, the national security exception clauses in international investment treaties and the application of national security justification in investor-state arbitration jurisprudence, the paper argues that a traditional interpretation of the national security exception, based on the necessity concept in customary international law, fails to take into account new risks faced by countries, including security concerns over strategic industries such as AI. To overcome this shortage, the paper proposes to incorporate an integrated national security clause in international investment treaties, which includes a two-tier test: a ‘self-judging’ test in the pre-establishment period and a ‘proportionality’ test in the post-establishment period. At the end, the paper drafts a model national security clause for future treaty-drafting practice.

Keywords: foreign investment, artificial intelligence, international investment law, national security exception

Procedia PDF Downloads 122

Authors: Geuna Kim, Sanghyun Kim

Abstract:

This study investigates various factors that may influence the ISM process, including the organization’s internal needs and external pressure, and examines the role of regulatory pressure in ISM development and performance. The 105 sets of data collected in a survey were tested against the research model using SEM. The results indicate that NP and TP had positive effects on the ISM process, except for perceived benefits. Regulatory pressure had a positive effect on the relationship between ISM awareness and ISM development and performance.

Keywords: information security management, need pull, technology push, regulatory pressure

Procedia PDF Downloads 268

Authors: Karima Maazouz, Habib Benlahmer, Naceur Achtaich

Abstract:

The realization of mobile payments will make possible new and unforeseen ways of convenience and m-commerce. Mobile payment today benefit from technology and trends. NFC technology is creating a new era of contactless mobile payment. the “M-check” is a mobile payment system provides a new way facilitating transaction with high valued payment and enable new m-commerce. The objective of the paper is to propose a new solution for m-payment. The proposed combination of m-check system and NFC offers acceptable security for payment mobile, client’s satisfaction, and simplifies the process payment between clients and merchants.

Keywords: M-payment, NFC, M-check, M-commerce, security

Procedia PDF Downloads 565

Authors: Bala Adamu Malami

Abstract:

The necessity of low-cost electronic vehicle/car security designed in coordination with other security measures is always there in our society to reduce the risk of vehicle intrusion. Keeping this problem in mind, we are designing an automatic GPS system which is technology to build an integrated and fully customized vehicle to detect the movement of the vehicle and also serve as a security system at a reasonable cost. Users can locate the vehicle's position via GPS by using the Google Maps application to show vehicle coordinates on a smartphone. The tracking system uses a Global System for Mobile Communication (GSM) modem for communication between the mobile station and the microcontroller to send and receive commands. Further design can be improved to capture the vehicle movement range and alert the vehicle owner when the vehicle is out of range.

Keywords: electronic, GPS, GSM modem, communication, vehicle

Procedia PDF Downloads 72

Authors: Ari S. Prabowo, Nia Febriyanti, Haryono B. Santosa

Abstract:

Security function that is called as Physical Protection Systems (PPS) has functions to detect, delay and response. Physical Protection Systems (PPS) in Detection and Radiation Measurement Laboratory needs to be improved continually by using internal resources. The nuclear security culture provides some potentials to support this research. The study starts by identifying the security function’s weaknesses and its strengths of security culture as a purpose. Secondly, the strengths of security culture are implemented in the laboratory management. Finally, a simulation was done to measure its effectiveness. Some changes were happened in laboratory personnel behaviors and procedures. All became more prudent. The results showed a good influence of nuclear security culture in laboratory security functions.

Keywords: laboratory, physical protection system, security culture, security function

Procedia PDF Downloads 145

Authors: Jared Oluoch

Abstract:

Connected vehicles are equipped with wireless sensors that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication. These vehicles will in the near future provide road safety, improve transport efficiency, and reduce traffic congestion. One of the challenges for connected vehicles is how to ensure that information sent across the network is secure. If security of the network is not guaranteed, several attacks can occur, thereby compromising the robustness, reliability, and efficiency of the network. This paper discusses existing security mechanisms and unique properties of connected vehicles. The methodology employed in this work is exploratory. The paper reviews existing security solutions for connected vehicles. More concretely, it discusses various cryptographic mechanisms available, and suggests areas of improvement. The study proposes a combination of symmetric key encryption and public key cryptography to improve security. The study further proposes message aggregation as a technique to overcome message redundancy. This paper offers a comprehensive overview of connected vehicles technology, its applications, its security mechanisms, open challenges, and potential areas of future research.

Keywords: VANET, connected vehicles, 802.11p, WAVE, DSRC, trust, security, cryptography

Procedia PDF Downloads 274

Authors: Samuel Mwangi, Josephine K. Mule

Abstract:

Access control as a security technique regulates who or what can access resources. It is a fundamental concept in security that minimizes risks to the institutions that use access control. Regulating access to institutions of higher learning is key to ensure only authorized personnel and students are allowed into the institutions. The use of biometrics has been criticized due to the setup and maintenance costs, hygiene concerns, and trepidations regarding data privacy, among other apprehensions. Facial recognition is arguably a fast and accurate way of validating identity in order to guard protected areas. It guarantees that only authorized individuals gain access to secure locations while requiring far less personal information whilst providing an additional layer of security beyond keys, fobs, or identity cards. This exploratory study sought to investigate the use of facial recognition in controlling access in institutions of higher learning in Kenya. The sample population was drawn from both private and public higher learning institutions. The data is based on responses from staff and students. Questionnaires were used for data collection and follow up interviews conducted to understand responses from the questionnaires. 80% of the sampled population indicated that there were many security breaches by unauthorized people, with some resulting in terror attacks. These security breaches were attributed to stolen identity cases, where staff or student identity cards were stolen and used by criminals to access the institutions. These unauthorized accesses have resulted in losses to the institutions, including reputational damages. The findings indicate that security breaches are a major problem in institutions of higher learning in Kenya. Consequently, access control would be beneficial if employed to curb security breaches. We suggest the use of facial recognition technology, given its uniqueness in identifying users and its non-repudiation capabilities.

Keywords: facial recognition, access control, technology, learning

Procedia PDF Downloads 95

Authors: Mustafa Kamoona, Mohamed El-Sharkawy

Abstract:

Although the latest Wireless Local Area Network technology Wi-Fi 802.11i standard addresses many of the security weaknesses of the antecedent Wired Equivalent Privacy (WEP) protocol, there are still scenarios where the network security are still vulnerable. The first security model that 802.11i offers is the Personal model which is very cheap and simple to install and maintain, yet it uses a Pre Shared Key (PSK) and thus has a low to medium security level. The second model that 802.11i provide is the Enterprise model which is highly secured but much more expensive and difficult to install/maintain and requires the installation and maintenance of an authentication server that will handle the authentication and key management for the wireless network. A central issue with the personal model is that the PSK needs to be shared with all the devices that are connected to the specific Wi-Fi network. This pre-shared key, unless changed regularly, can be cracked using offline dictionary attacks within a matter of hours. The key is burdensome to change in all the connected devices manually unless there is some kind of algorithm that coordinate this PSK update. The key idea of this paper is to propose a new algorithm that proactively and effectively coordinates the pre-shared key generation, management, and distribution in the cheap WPA/WPA2 personal security model using only a DD-WRT router.

Keywords: Wi-Fi, WPS, TLS, DD-WRT

Procedia PDF Downloads 206

Authors: Juan Jimenez, Erika Yambay, Dayana Pilco, Brayan Parra

Abstract:

This paper presents an investigation of voice signal processing and coding using MATLAB, with the objective of generating a plasma signal on a Tesla coil within a security system. The approach focuses on using advanced voice signal processing techniques to encode and modulate the audio signal, which is then amplified and applied to a Tesla coil. The result is the creation of a striking visual effect of voice-controlled plasma with specific applications in security systems. The article explores the technical aspects of voice signal processing, the generation of the plasma signal, and its relationship to security. The implications and creative potential of this technology are discussed, highlighting its relevance at the forefront of research in signal processing and visual effect generation in the field of security systems.

Keywords: voice signal processing, voice signal coding, MATLAB, plasma signal, Tesla coil, security system, visual effects, audiovisual interaction

Procedia PDF Downloads 53

Authors: Lindelwa Mngomezulu, Tonderai Muchenje

Abstract:

Over the decades, E-mails provide easy, fast and timely communication enabling businesses and state owned agencies to communicate with their stakeholders and with their own employees in real-time. Moreover, since the launch of Microsoft office 365 and many other clouds based E-mail services, many businesses have been migrating from the on premises E-mail services to the cloud and more precisely since the beginning of the Covid-19 pandemic, there has been a significant increase of E-mails utilization, which then leads to the increase of cyber-attacks. In that regard, E-mail security has become very important in the E-mail transportation to ensure that the E-mail gets to the recipient without the data integrity being compromised. The classification of the features to enhance E-mail security for further from the enhanced cyber-attacks as we are aware that since the technology is advancing so at the cyber-attacks. Therefore, in order to maximize the data integrity we need to also maximize security of the E-mails such as enhanced E-mail authentication. The successful enhancement of E-mail security in the future may lessen the frequency of information thefts via E-mails, resulting in the data of South African State-owned agencies not being compromised.

Keywords: e-mail security, cyber-attacks, data integrity, authentication

Procedia PDF Downloads 103

Authors: Sana Abusin

Abstract:

Food security in Qatar is a research priority of Qatar University (2021-2025) and all national strategies, including the Qatar National Vision 2030 and food security strategy (2018-2023). Achieving food security requires three actions: 1) transforming surplus food to those who are insecure; 2) reducing food loss and waste by recycling food into valuable resources such as compost (“green fertilizer”) that can be used in growing food; and, finally, 3) establishing strong enforcement agencies to protect consumers from outdated food and promote healthy food. Currently, these objectives are approached separately and not in a sustainable fashion. Food security in Qatar is a research priority of Qatar University (2021-2025) and all national strategies, including the Qatar National Vision 2030 and food security strategy (2018-2023). The study aims to develop an innovative mobile application that supports a sustainable solution to food insecurity and food waste in Qatar. The application will provide a common solution for many different users. For producers, it will facilitate easy disposal of excess food. For charities, it will notify them about surplus food ready for redistribution. The application will also benefit the second layer of end-users in the form of food recycling companies, who will receive information about available food waste that is unable to be consumed. We will use self-exoplanetary diagrams and digital pictures to show all the steps to the final stage. The aim is to motivate the young generation toward innovation and creation, and to encourage public-private collaboration in this sector.

Keywords: food security, innovative technology, sustainability, food waste, Qatar

Procedia PDF Downloads 86

Authors: Mehdi Ghaemi

Abstract:

In principle, foreign investment security is enshrined in International Investment Agreements (IIAs) and Bilateral Investment Treaties (BITs) in the form of protection standards such as the Full Protection and Security Standard (FPS). Accordingly, the host countries undertake to provide the necessary security for the economic activities of foreign investment. With the outbreak of coronavirus, the international community called COVID-19 a threat to international peace security, as well as to the public interest and national security of nations; and to deal with, they proposed several solutions, generally including quarantine, creating social distances, and restricting businesses. This article first studies the security of foreign investment in international investment law. In the following, it analyzes the consequences of the COVID-19 pandemic for foreign investment security so that if there is a threat to that security, solutions could be offered to reduce it.

Keywords: foreign investment, FPS standard, host country, public health, COVID-19

Procedia PDF Downloads 72

Authors: John Ayoade

Abstract:

Cloud computing is a model that enables the delivery of on-demand computing resources such as networks, servers, storage, applications and services over the internet. Cloud Computing is a relatively growing concept that presents a good number of benefits for its users; however, it also raises some security challenges which may slow down its use. In this paper, we identify some of those security issues that can serve as barriers to realizing the full benefits that cloud computing can bring. One of the key security problems is security trust. A security trust model is proposed that can enhance the confidence that users need to fully trust the use of public and mobile cloud computing and maximize the potential benefits that they offer.

Keywords: cloud computing, trust, security, certificate authority, PKI

Procedia PDF Downloads 452

Authors: Cao Jiayu, Lan Ximing, Huang Jingjia, Burra Venkata Durga Kumar

Abstract:

The first virus to attack personal computers was born in early 1986, called C-Brain, written by a pair of Pakistani brothers. In those days, people still used dos systems, manipulating computers with the most basic command lines. In the 21st century today, computer performance has grown geometrically. But computer viruses are also evolving and escalating. We never stop fighting against security problems. Stack overflow is one of the most common security vulnerabilities in operating systems. It may result in serious security issues for an operating system if a program in it has a vulnerability with administrator privileges. Certain viruses change the value of specific memory through a stack overflow, allowing computers to run harmful programs. This study developed a mechanism to detect and respond to time whenever a stack overflow occurs. We demonstrate the effectiveness of standard machine learning algorithms and control flow enforcement techniques in predicting computer OS security using generating suspicious vulnerability functions (SVFS) and associated suspect areas (SAS). The method can minimize the possibility of stack overflow attacks occurring.

Keywords: operating system, security, stack overflow, buffer overflow, machine learning, control-flow enforcement technology

Procedia PDF Downloads 90

Authors: Amirhossein Safi

Abstract:

Internet of things (IOT) is a kind of advanced information technology which has drawn societies’ attention. Sensors and stimulators are usually recognized as smart devices of our environment. Simultaneously, IOT security brings up new issues. Internet connection and possibility of interaction with smart devices cause those devices to involve more in human life. Therefore, safety is a fundamental requirement in designing IOT. IOT has three remarkable features: overall perception, reliable transmission, and intelligent processing. Because of IOT span, security of conveying data is an essential factor for system security. Hybrid encryption technique is a new model that can be used in IOT. This type of encryption generates strong security and low computation. In this paper, we have proposed a hybrid encryption algorithm which has been conducted in order to reduce safety risks and enhancing encryption's speed and less computational complexity. The purpose of this hybrid algorithm is information integrity, confidentiality, non-repudiation in data exchange for IOT. Eventually, the suggested encryption algorithm has been simulated by MATLAB software, and its speed and safety efficiency were evaluated in comparison with conventional encryption algorithm.

Keywords: internet of things, security, hybrid algorithm, privacy

Procedia PDF Downloads 429

Authors: Umesh Kumar Singh, Chanchala Joshi

Abstract:

With increasing dependency on IT infrastructure, the main objective of a system administrator is to maintain a stable and secure network, with ensuring that the network is robust enough against malicious network users like attackers and intruders. Security risk management provides a way to manage the growing threats to infrastructures or system. This paper proposes a framework for risk level estimation which uses vulnerability database National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS). The proposed framework measures the frequency of vulnerability exploitation; converges this measured frequency with standard CVSS score and estimates the security risk level which helps in automated and reasonable security management. In this paper equation for the Temporal score calculation with respect to availability of remediation plan is derived and further, frequency of exploitation is calculated with determined temporal score. The frequency of exploitation along with CVSS score is used to calculate the security risk level of the system. The proposed framework uses the CVSS vectors for risk level estimation and measures the security level of specific network environment, which assists system administrator for assessment of security risks and making decision related to mitigation of security risks.

Keywords: CVSS score, risk level, security measurement, vulnerability category

Procedia PDF Downloads 295