Search results for: security management

Authors: François Chiocchio, Mahshid Gharibpour

Abstract:

Regardless of the extent to which succession management is implemented in the private sector, it is still overlooked in the public sector. Traditional succession management is evolving providing a better alignment between business strategies and HR strategies. Succession management brings sustainable effectiveness for succession programs through career path development, knowledge and skill transfer, job retention, as well as high-potential candidates’ empowerment for upcoming vacancies. By way of a systematic literature review, we bring into focus strategic succession management in public organizations and discuss best ways of implementation. 

Keywords: Succession management, strategic succession management, public organization, succession management model.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1631

Authors: Vinay Gautam, Vivek Gautam

Abstract:

With increase in the unauthorized users access, it is required to increase the security in the Near Field Communication (NFC). In the paper we propose a user behavior based enhanced protocol entitled ‘User Behavior based Enhanced Protocol (UBEP)’ to increase the security in NFC enabled devices. The UBEP works on the history of interaction of a user with system.The propose protocol considers four different factors (touch, time and distance & angle) of user behavior to know the authenticity or authorization of the users. These factors can be same for a user during interaction with the system. The UBEP uses two phase user verification system to authenticate a user. Firstly the acquisition phase is used to acquire and store the user interaction with NFC device and the same information is used in future to detect the authenticity of the user. The second phase (recognition) uses analysis of current and previous scenario of user interaction and digital signature verification system to finally authenticate user. The analysis of user based input makes a NFC transaction more advance and secure. This security is very tactical because it is completely depends on usage of the device.

Keywords: Security, Network Field communication, NFC Protocol.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2008

Authors: Noor Suhana Sulaiman, Rohani Abu Bakar, Norrozila Sulaiman

Abstract:

Intrusion Detection System is significant in network security. It detects and identifies intrusion behavior or intrusion attempts in a computer system by monitoring and analyzing the network packets in real time. In the recent year, intelligent algorithms applied in the intrusion detection system (IDS) have been an increasing concern with the rapid growth of the network security. IDS data deals with a huge amount of data which contains irrelevant and redundant features causing slow training and testing process, higher resource consumption as well as poor detection rate. Since the amount of audit data that an IDS needs to examine is very large even for a small network, classification by hand is impossible. Hence, the primary objective of this review is to review the techniques prior to classification process suit to IDS data.

Keywords: Intrusion Detection System, security, soft computing, classification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1864

Authors: A. Gandomkar, K. Fouladi

Abstract:

One of the efficient factors in comprehensive development of an area is to provide water sources and on the other hand the appropriate management of them. Population growth and nourishment security for such a population necessitate the achievement of constant development besides the reforming of traditional management in order to increase the profit of sources; In this case, the constant exploitation of sources for the next generations will be considered in this program. The achievement of this development without the consideration and possibility of water development will be too difficult. Zayanderood basin with 41500 areas in square kilometers contains 7 sub-basins and 20 units of hydrologic. In this basin area, from the entire environment descending, just a small part will enter into the river currents and the rest will be out of efficient usage by various ways. The most important surface current of this basin is Zayanderood River with 403 kilometers length which is originated from east slopes of Zagros mount and after draining of this basin area it will enter into Gaavkhooni pond. The existence of various sources and consumptions of water in Zayanderood basin, water transfer of the other basin areas into this basin, of course the contradiction between the upper and lower beneficiaries, the existence of worthwhile natural ecosystems such as Gaavkhooni swamp in this basin area and finally, the drought condition and lack of water in this area all necessitate the existence of comprehensive management of water sources in this central basin area of Iran as this method is a kind of management which considers the development and the management of water sources as an equilibrant way to increase the economical and social benefits. In this study, it is tried to survey the network of surface water sources of basin in upper and lower sections; at the most, according to the difficulties and deficiencies of an efficient management of water sources in this basin area, besides the difficulties of water draining and the destructive phenomenon of flood-water, the appropriate guidelines according to the region conditions are presented in order to prevent the deviation of water in upper sections and development of regions in lower sections of Zayanderood dam.

Keywords: Zayanderood Basin, Efficient Management, Hydrology Climate.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1612

Authors: Kyi Lin Lin Kyaw

Abstract:

Nowadays, we are facing with network threats that cause enormous damage to the Internet community day by day. In this situation, more and more people try to prevent their network security using some traditional mechanisms including firewall, Intrusion Detection System, etc. Among them honeypot is a versatile tool for a security practitioner, of course, they are tools that are meant to be attacked or interacted with to more information about attackers, their motives and tools. In this paper, we will describe usefulness of low-interaction honeypot and high-interaction honeypot and comparison between them. And then we propose hybrid honeypot architecture that combines low and high -interaction honeypot to mitigate the drawback. In this architecture, low-interaction honeypot is used as a traffic filter. Activities like port scanning can be effectively detected by low-interaction honeypot and stop there. Traffic that cannot be handled by low-interaction honeypot is handed over to high-interaction honeypot. In this case, low-interaction honeypot is used as proxy whereas high-interaction honeypot offers the optimal level realism. To prevent the high-interaction honeypot from infections, containment environment (VMware) is used.

Keywords: Low-interaction honeypot, High-interactionhoneypot, VMware, Proxy

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2953

Authors: Aabiah Nayeem, Fariha Shafiq, Mustabshra Aftab, Rabia Saman Pirzada, Samia Ghazala

Abstract:

In this modern era of technology, the concept of Internet of Things is very popular in every domain. It is a widely distributed system of things in which the data collected from sensory devices is transmitted, analyzed locally/collectively then broadcasted to network where action can be taken remotely via mobile/web apps. Today’s mobile computing is also gaining importance as the services are provided during mobility. Through mobile computing, data are transmitted via computer without physically connected to a fixed point. The challenge is to provide services with high speed and security. Also, the data gathered from the mobiles must be processed in a secured way. Mobile computing is strongly influenced by internet of things. In this paper, we have discussed security issues and challenges of internet of things and mobile computing and we have compared both of them on the basis of similarities and dissimilarities.

Keywords: Embedded computing, internet of things, mobile computing, and wireless technologies.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1320

Authors: Jay M. Joshi, Upena D. Dalal

Abstract:

Multimedia information availability has increased dramatically with the advent of video broadcasting on handheld devices. But with this availability comes problems of maintaining the security of information that is displayed in public. ISMA Encryption and Authentication (ISMACryp) is one of the chosen technologies for service protection in DVB-H (Digital Video Broadcasting- Handheld), the TV system for portable handheld devices. The ISMACryp is encoded with H.264/AVC (advanced video coding), while leaving all structural data as it is. Two modes of ISMACryp are available; the CTR mode (Counter type) and CBC mode (Cipher Block Chaining) mode. Both modes of ISMACryp are based on 128- bit AES algorithm. AES algorithms are more complex and require larger time for execution which is not suitable for real time application like live TV. The proposed system aims to gain a deep understanding of video data security on multimedia technologies and to provide security for real time video applications using selective encryption for H.264/AVC. Five level of security proposed in this paper based on the content of NAL unit in Baseline Constrain profile of H.264/AVC. The selective encryption in different levels provides encryption of intra-prediction mode, residue data, inter-prediction mode or motion vectors only. Experimental results shown in this paper described that fifth level which is ISMACryp provide higher level of security with more encryption time and the one level provide lower level of security by encrypting only motion vectors with lower execution time without compromise on compression and quality of visual content. This encryption scheme with compression process with low cost, and keeps the file format unchanged with some direct operations supported. Simulation was being carried out in Matlab.

Keywords: AES-128, CAVLC, H.264, ISMACryp

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2049

Authors: Alfonso Bahillo, Juan Blas, Santiago Mazuelas, Patricia Fernanadez, Ruben Mateo Lorenzo, Evaristo Jose Abril

Abstract:

The wide increase and diffusion on telecommunication technologies have caused a huge spread of electromagnetic sources in most European Countries. Since the public is continuously being exposed to electromagnetic radiation the possible health effects have become the focus of population concerns. As a result, electromagnetic field monitoring stations which control field strength in commercial frequency bands are being placed on the flat roof of many buildings. However there is no guidance on where to place them. This paper presents an analysis of frequency, polarization and angles of incidence of a plane wave which impinges on a flat roof security wall and its dependence on electromagnetic field strength meters placement.

Keywords: EM field exposition, EM field strength meter, FDTD method, flat roof security wall, plane wave propagation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1315

Authors: C. Mallada Fernández

Abstract:

Economic development and globalization of international markets have created a favourable atmosphere for the emergence of new forms of crime such as money laundering or financing of terrorism, which may contribute to destabilized and damage economic systems. In particular, money laundering have acquired great importance since the 11S attacks, what has caused on the one hand, the establishment and development of preventive measures and, on the other hand, a progressive hardening of penal measures. Since then, the regulations imposed to fight against money laundering have been viewed as key components also in the fight against terrorist financing. Terrorism, at the beginning, was a “national” crime connected with internal problems of the State (for instance the RAF in Germany or ETA in Spain) but in the last 20 years has started to be an international problem that is connected with the defence and security of the States. Therefore, the new strategic concept for the defense and security of NATO has a comprehensive list of security threats to the Alliance, such as terrorism, international instability, money laundering or attacks on cyberspace, among others. With this new concept, money laundering and terrorism has become a priority in the national defense.

In this work we will analyze the methods to combat these new threats to the national security. We will study the preventive legislations to combat money laundering and financing of terrorism, the UIF that exchange information between States, and the hawala-Banking.

Keywords: Control of financial flows, money laundering, terrorism, financing of terrorism.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2882

Authors: Sang Su Lee, Sang Woo Lee, Yong Sung Jeon, Ki Young Kim

Abstract:

IPsec protocol[1] is a set of security extensions developed by the IETF and it provides privacy and authentication services at the IP layer by using modern cryptography. In this paper, we describe both of H/W and S/W architectures of our router system, SRS-10. The system is designed to support high performance routing and IPsec VPN. Especially, we used Cavium-s CN2560 processor to implement IPsec processing in inline-mode.

Keywords: IP, router, VPN, IPsec.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2034

Authors: Mohammad Reza Ayatollahzadeh Shirazi, Pooya Jaferian, Golnaz Elahi, Hamid Baghi, Babak Sadeghian

Abstract:

The world is moving rapidly toward the deployment of information and communication systems. Nowadays, computing systems with their fast growth are found everywhere and one of the main challenges for these systems is increasing attacks and security threats against them. Thus, capturing, analyzing and verifying security requirements becomes a very important activity in development process of computing systems, specially in developing systems such as banking, military and e-business systems. For developing every system, a process model which includes a process, methods and tools is chosen. The Rational Unified Process (RUP) is one of the most popular and complete process models which is used by developers in recent years. This process model should be extended to be used in developing secure software systems. In this paper, the Requirement Discipline of RUP is extended to improve RUP for developing secure software systems. These proposed extensions are adding and integrating a number of Activities, Roles, and Artifacts to RUP in order to capture, document and model threats and security requirements of system. These extensions introduce a group of clear and stepwise activities to developers. By following these activities, developers assure that security requirements are captured and modeled. These models are used in design, implementation and test activitie

Keywords:

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2811

Authors: K. Amudha, C. Nelson Kennedy Babu, S. Balu

Abstract:

The security of the medical images and its related data is the major research area which is to be concentrated in today’s era. Security in the medical image indicates that the physician may hide patients’ related data in the medical image and transfer it safely to a defined location using reversible watermarking. Many reversible watermarking methods had proposed over the decade. This paper enhances the security level in brain tumor images to hide the patient’s detail, which has to be conferred with other physician’s suggestions. The details or the information will be hidden in Non-ROI area of the image by using the block cipher algorithm. The block cipher uses different keys to extract the details that are difficult for the intruder to detect all the keys and to spot the details, which are the key advantage of this method. The ROI is the tumor area and Non-ROI is the area rest of ROI. The Non-ROI should not be spoiled in any cause and the details in the Non-ROI should be extracted correctly. The reversible watermarking method proposed in this paper performs well when compared to existing methods in the process of extraction of an original image and providing information security.

Keywords: Brain tumor images, Block Cipher, Reversible watermarking, ROI.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1337

Authors: Poramet Saeng-On

Abstract:

This research aims to develop ways of lodging business management of Bang Khonthi community in Samut Songkram province that are appropriate with the cultural context of the Bang Khonthi community. Eight lodging business owners were interviewed. It was found that lodging business that are family business must be done with passion, correct understanding of self, culture, nature, Thai way of life, thorough, professional development, environmentally concerned, building partnerships with various networks both community level, and public sector and business cohorts. Public relations should be done through media both traditional and modern outlets, such as websites and social networks to provide customers convenience, security, happiness, knowledge, love and value when travel to Bang Khonthi. This will also help them achieve sustainability in business, in line with the 10 Home Stay Standard Thailand. Suggestions for operators are as follows: Operators need to improve their public relations work. They need to use technology in public relations such as the internet. Management standards must be improved. Souvenir and local products shops should be arranged in the compound. Product pricing must be set accordingly. They need to join hands to help each other. Quality of the business operation should be raised to meet the standards. Educational measures to reduce the impact caused by tourism on the community such as efforts to reduce energy consumption.

Keywords: Homestay, lodging business, management, standard.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1116

Authors: Emin Islam Tatlı, Dirk Stegemann, Stefan Lucks

Abstract:

Encryption protects communication partners from disclosure of their secret messages but cannot prevent traffic analysis and the leakage of information about “who communicates with whom". In the presence of collaborating adversaries, this linkability of actions can danger anonymity. However, reliably providing anonymity is crucial in many applications. Especially in contextaware mobile business, where mobile users equipped with PDAs request and receive services from service providers, providing anonymous communication is mission-critical and challenging at the same time. Firstly, the limited performance of mobile devices does not allow for heavy use of expensive public-key operations which are commonly used in anonymity protocols. Moreover, the demands for security depend on the application (e.g., mobile dating vs. pizza delivery service), but different users (e.g., a celebrity vs. a normal person) may even require different security levels for the same application. Considering both hardware limitations of mobile devices and different sensitivity of users, we propose an anonymity framework that is dynamically configurable according to user and application preferences. Our framework is based on Chaum-s mixnet. We explain the proposed framework, its configuration parameters for the dynamic behavior and the algorithm to enforce dynamic anonymity.

Keywords: Anonymity, context-awareness, mix-net, mobile business, policy management

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1709

Authors: Manuel J. Gazapo Lapayese

Abstract:

It is a well-established fact that terrorism is one of the foremost threats to present-day international security. The creation of tools or mechanisms for confronting it in an effective and efficient manner will only be possible by way of an objective assessment of the phenomenon. In order to achieve this, this paper has the following three main objectives: Firstly, setting out to find the reasons that have prevented the establishment of a universally accepted definition of terrorism, and consequently trying to outline the main features defining the face of the terrorist threat in order to discover the fundamental goals of what is now a serious blight on world society. Secondly, trying to explain the differences between a terrorist movement and a terrorist organisation, and the reasons for which a terrorist movement can be led to transform itself into an organisation. After analysing these motivations and the characteristics of a terrorist organisation, an example of the latter will be succinctly analysed to help the reader understand the ideas expressed. Lastly, discovering and exposing the factors that can lead to the appearance of terrorist tendencies, and discussing the most efficient and effective responses that can be given to this global security threat.

Keywords: Responses, resilience, security, terrorism.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2581

Authors: James A. Nelson

Abstract:

The history of technology and banking is examined as it relates to risk and technological determinism. It is proposed that the services that banks offer are determined by technology and that banks must adopt new technologies to be competitive. The adoption of technologies paradoxically forces the adoption of other new technologies to protect the bank from the increased risk of technology. This cycle will lead to bank examiners and regulators to focus on human behavior, not on the ever changing technology.

Keywords: Banking, information security, risk, technologicaldeterminism.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1686

Authors: Qiang Fu, Md. Abu Saleh

Abstract:

Research studies are highly fragmented when an Innovation Management Framework is being discussed. With the aim to identify an Innovation Management Framework/Assessment Tool suitable for Small & Medium Enterprises (SMEs) in the service industry, this researcher critically reviewed existing innovation management frameworks and assessment models/tools and discovered a number of literature gaps. It is established that the existing literature lacks generally agreed innovation management dimensions, commonly accepted knowledge creation through empirical studies on innovation management in SMEs, effective innovation management performance measurements, suitable innovation management framework in SMEs, and studies on innovation management in the service industry, in particular in retail SMEs. As such, there is a dire need to develop an appropriate firm-level innovation management framework suitable for SMEs in the service industry for future research projects and further studies. In addition, this researcher also discussed the significance of establishing such an innovation management framework.

Keywords: innovation management, innovation management framework, innovation management assessment tools, SMEs, service industry

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 744

Authors: Sulaiman Al Amro

Abstract:

There are currently considerable challenges concerning data security and privacy, particularly in relation to modern technologies. This includes the virtual world known as the Metaverse, which consists of a virtual space that integrates various technologies, and therefore susceptible to cyber threats such as malware, phishing, and identity theft. This has led recent studies to propose the development of Metaverse forensic frameworks and the integration of advanced technologies, including machine learning for intrusion detection and security. In this context, the application of first-order logic offers a formal and systematic approach to defining the conditions of cyberattacks, thereby contributing to the development of effective detection mechanisms. In addition, formalizing the rules and patterns of cyber threats has the potential to enhance the overall security posture of the Metaverse and thus the integrity and safety of this virtual environment. The current paper focuses on the primary actions employed by avatars for potential attacks, including Interval Temporal Logic (ITL) and behavior-based detection to detect an avatar’s abnormal activities within the Metaverse. The research established that the proposed framework attained an accuracy of 92.307%, resulting in the experimental results demonstrating the efficacy of ITL, including its superior performance in addressing the threats posed by avatars within the Metaverse domain.

Keywords: Cyberattacks, detection, first-order logic, Metaverse, privacy, security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 68

Authors: Vishal Awasthi, Tanya Soni, Vigya Awasthi, Swati Singh, Shivali Verma

Abstract:

There is a growing demand for a network that grants a high level of data security and confidentiality. For this reason, the semantic web was introduced, which allows data to be shared and reused across applications while safeguarding users privacy and user’s will grab back control of their data. The earlier Web 1.0 and Web 2.0 versions were built on client-server architecture, in  which there was the risk of data theft and unconsented sale of user data. A decentralized version, Known as Web 3.0, that is mostly built on blockchain technology was interjected to resolve these issues. The recent research focuses on blockchain technology, deals with privacy, security, transparency, and innovation of decentralized applications (DApps), e.g. a Twitter Clone, Whatsapp clone. In this paper the Twitter Alike built on the Ethereum blockchain will replace traditional techniques with improved latency, throughput, and data ownership. The central principle of this DApp is smart contract implemented using Solidity which is an object- oriented and highlevel language. Consequently, this will provide a better Quality Services, high data security, and integrity for both present and future internet technologies.

Keywords: Blockchain, DApps, Ethereum, Semantic Web, Smart Contract, Solidity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 334

Authors: A. Jalal, S. Kim

Abstract:

Different methods containing biometric algorithms are presented for the representation of eigenfaces detection including face recognition, are identification and verification. Our theme of this research is to manage the critical processing stages (accuracy, speed, security and monitoring) of face activities with the flexibility of searching and edit the secure authorized database. In this paper we implement different techniques such as eigenfaces vector reduction by using texture and shape vector phenomenon for complexity removal, while density matching score with Face Boundary Fixation (FBF) extracted the most likelihood characteristics in this media processing contents. We examine the development and performance efficiency of the database by applying our creative algorithms in both recognition and detection phenomenon. Our results show the performance accuracy and security gain with better achievement than a number of previous approaches in all the above processes in an encouraging mode.

Keywords: Ubiquitous architecture, verification, Identification, recognition

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1336

Authors: Deepthi P.P., P.S. Sathidevi

Abstract:

Proposal for a secure stream cipher based on Linear Feedback Shift Registers (LFSR) is presented here. In this method, shift register structure used for polynomial modular division is combined with LFSR keystream generator to yield a new keystream generator with much higher periodicity. Security is brought into this structure by using the Boolean function to combine state bits of the LFSR keystream generator and taking the output through the Boolean function. This introduces non-linearity and security into the structure in a way similar to the Non-linear filter generator. The security and throughput of the suggested stream cipher is found to be much greater than the known LFSR based structures for the same key length.

Keywords: Linear Feedback Shift Register, Stream Cipher, Filter generator, Keystream generator, Modular division circuit

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2727

Authors: Jandot Aurélia

Abstract:

In France, in the main media, the concern about nuclear safety and security has not really appeared before the beginning of the 1970s. The gradual changes in its perception are studied here through the arguments given in the main French news magazines, linked with several parameters. As this represents a considerable amount of copies and thus of information, are selected here the main articles as well as the main “mental images” aiming to persuade the readers and which have led the public awareness to evolve. Indeed, in the 1970s, in France, these evolutions were not made in one day. Indeed, over the period, many articles were still in favor of nuclear power plants and promoted the technological advances that were made in this field. They had to be taken into account. But, gradually, grew up arguments and mental images discrediting the perception of nuclear technology. Among these were the environmental impacts of this industry, as the question of pollution progressively appeared. So, between 1970 and 1979, the language has changed, as the perceptible objectives of the communication, allowing to discern the deepest intentions of the editorial staffs of the French news magazines. This is all these changes that are emphasized here, over a period when the safety and security concern linked to the nuclear technology, to there a field for specialists, has become progressively a social issue seemingly open to all.

Keywords: French media discourse, nuclear safety and security, public awareness, persuasion.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1248

Authors: Joo-Hyung Oh, Dongwan Kang, JunHyung Cho, Chaetae Im

Abstract:

As the mobile Internet has become widespread in recent years, communication based on mobile networks is increasing. As a result, security threats have been posed with regard to the abnormal traffic of mobile networks, but mobile security has been handled with focus on threats posed by mobile malicious codes, and researches on security threats to the mobile network itself have not attracted much attention. In mobile networks, the IP address of the data packet is a very important factor for billing purposes. If one mobile terminal use an incorrect IP address that either does not exist or could be assigned to another mobile terminal, billing policy will cause problems. We monitor and analyze 3G mobile data networks traffics for a period of time and finds some abnormal IP packets. In this paper, we analyze the reason for abnormal IP packets on 3G Mobile Data Networks. And we also propose an algorithm based on IP address table that contains addresses currently in use within the mobile data network to detect abnormal IP packets.

Keywords: WCDMA, 3G, Abnormal IP address, Mobile Data Network Attack

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2337

Authors: Fangfang Chen, Chunlu Wang, Zhihong Tian, Shuyuan Jin, Tianle Zhang

Abstract:

Attack graph is an integral part of modeling the overview of network security. System administrators use attack graphs to determine how vulnerable their systems are and to determine what security measures to deploy to defend their systems. Previous methods on AGG(attack graphs generation) are aiming at the whole network, which makes the process of AGG complex and non-scalable. In this paper, we propose a new approach which is simple and scalable to AGG by decomposing the whole network into atomic domains. Each atomic domain represents a host with a specific privilege. Then the process for AGG is achieved by communications among all the atomic domains. Our approach simplifies the process of design for the whole network, and can gives the attack graphs including each attack path for each host, and when the network changes we just carry on the operations of corresponding atomic domains which makes the process of AGG scalable.

Keywords: atomic domain, vulnerability, attack graphs, generation, computer security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1655

Authors: Song Han, Wanquan Liu, Elizabeth Chang

Abstract:

Deniable authentication is a new protocol which not only enables a receiver to identify the source of a received message but also prevents a third party from identifying the source of the message. The proposed protocol in this paper makes use of bilinear pairings over elliptic curves, as well as the Diffie-Hellman key exchange protocol. Besides the security properties shared with previous authentication protocols, the proposed protocol provides the same level of security with smaller public key sizes.

Keywords: Deniable Authentication, Man-in-the-middleAttack, Cryptography, Elliptic Curves.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1616

Authors: M. Moslehpour, S. Khorsandi

Abstract:

As transition to widespread use of IPv6 addresses has gained momentum, it has been shown to be vulnerable to certain security attacks such as those targeting Neighbor Discovery Protocol (NDP) which provides the address resolution functionality in IPv6. To protect this protocol, Secure Neighbor Discovery (SEND) is introduced. This protocol uses Cryptographically Generated Address (CGA) and asymmetric cryptography as a defense against threats on integrity and identity of NDP. Although SEND protects NDP against attacks, it is computationally intensive due to Hash2 condition in CGA. To improve the CGA computation speed, we parallelized CGA generation process and used the available resources in a trusted network. Furthermore, we focused on the influence of the existence of malicious nodes on the overall load of un-malicious ones in the network. According to the evaluation results, malicious nodes have adverse impacts on the average CGA generation time and on the average number of tries. We utilized a Trust Management that is capable of detecting and isolating the malicious node to remove possible incentives for malicious behavior. We have demonstrated the effectiveness of the Trust Management System in detecting the malicious nodes and hence improving the overall system performance.

Keywords: NDP, SEND, CGA, modifier, malicious node.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1206

Authors: Haythem Yahyaoui, Samir Moalla, Mounir Bouden, Skander Ghorbel

Abstract:

Nowadays, cloud environments are becoming a need for companies, this new technology gives the opportunities to access to the data anywhere and anytime. It also provides an optimized and secured access to the resources and gives more security for the data which is stored in the platform. However, some companies do not trust Cloud providers, they think that providers can access and modify some confidential data such as bank accounts. Many works have been done in this context, they conclude that encryption methods realized by providers ensure the confidentiality, but, they forgot that Cloud providers can decrypt the confidential resources. The best solution here is to apply some operations on the data before sending them to the provider Cloud in the objective to make them unreadable. The principal idea is to allow user how it can protect his data with his own methods. In this paper, we are going to demonstrate our approach and prove that is more efficient in term of execution time than some existing methods. This work aims at enhancing the quality of service of providers and ensuring the trust of the customers. 

Keywords: Confidentiality, cryptography, security issues, trust issues.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1474

Authors: J. H. Boonzaaier, A. C. Brent

Abstract:

South Africa, a water scarce country, experiences the phenomenon that its life supporting natural water resources is seriously threatened by the users that are totally dependent on it. South Africa is globally applauded to have of the best and most progressive water laws and policies. There are however growing concerns regarding natural water resource quality deterioration and a critical void in the management of natural resources and compliance to policies due to increasing institutional uncertainties and failures. These are in accordance with concerns of many South African researchers and practitioners that call for a change in paradigm from talk to practice and a more constructive, practical approach to governance challenges in the management of water resources. A qualitative theory-building case study through longitudinal action research was conducted from 2014 to 2017. The research assessed whether a strategic positioned institutional agent can be parlayed to facilitate and execute WRM on catchment level by engaging multiple stakeholders in a polycentric setting. Through a critical realist approach a distinction was made between ex ante self-deterministic human behaviour in the realist realm, and ex post governance-management in the constructivist realm. A congruence analysis, including Toulmin’s method of argumentation analysis, was utilised. The study evaluated the unique case of a self-steering local water management institution, the Impala Water Users Association (WUA) in the Pongola River catchment in the northern part of the KwaZulu-Natal Province of South Africa. Exploiting prevailing water resource threats, it expanded its ancillary functions from 20,000 to 300,000 ha. Embarking on WRM activities, it addressed natural water system quality assessments, social awareness, knowledge support, and threats, such as: soil erosion, waste and effluent into water systems, coal mining, and water security dimensions; through structured engagement with 21 different catchment stakeholders. By implementing a proposed polycentric governance-management model on a catchment scale, the WUA achieved to fill the void. It developed a foundation and capacity to protect the resilience of the natural environment that is critical for freshwater resources to ensure long-term water security of the Pongola River basin. Further work is recommended on appropriate statutory delegations, mechanisms of sustainable funding, sufficient penetration of knowledge to local levels to catalyse behaviour change, incentivised support from professionals, back-to-back expansion of WUAs to alleviate scale and cost burdens, and the creation of catchment data monitoring and compilation centres.

Keywords: Institutional agent, water governance, polycentric water resource management, water resource management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 747

Authors: Mikhail V. Khachaturyan, Inga A. Koryagina, Maria Nikishova

Abstract:

The study investigates the impact of the ongoing financial crisis, started in the 2^nd half of 2014, on marketing budgets spent by Fast-moving consumer goods companies. In these conditions, special importance is given to efficient possessory risk management systems. The main objective for establishing and developing possessory risk management systems for FMCG companies in a crisis is to analyze the data relating to the external environment and consumer behavior in a crisis. Another important objective for possessory risk management systems of FMCG companies is to develop measures and mechanisms to maintain and stimulate sales. In this regard, analysis of risks and threats which consumers define as the main reasons affecting their level of consumption become important. It is obvious that in crisis conditions the effective risk management systems responsible for development and implementation of strategies for consumer demand stimulation, as well as the identification, analysis, assessment and management of other types of risks of economic security will be the key to sustainability of a company. In terms of financial and economic crisis, the problem of forming and developing possessory risk management systems becomes critical not only in the context of management models of FMCG companies, but for all the companies operating in other sectors of the Russian economy. This study attempts to analyze the specifics of formation and development of company possessory risk management systems. In the modern economy, special importance among all the types of owner’s risks has the risk of reduction in consumer activity. This type of risk is common not only for the consumer goods trade. Study of consumer activity decline is especially important for Russia due to domestic market of consumer goods being still in the development stage, despite its significant growth. In this regard, it is especially important to form and develop possessory risk management systems for FMCG companies. The authors offer their own interpretation of the process of forming and developing possessory risk management systems within owner’s management models of FMCG companies as well as in Russian economy in general. Proposed methods and mechanisms of problem analysis of formation and development of possessory risk management systems in FMCG companies and the results received can be helpful for researchers interested in problems of consumer goods market development in Russia and overseas.

Keywords: FMCG companies, marketing budget, risk management, owner, Russian economy, organization, formation, development, system.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1101

Authors: Seongsoo Park, Mun-Kyu Lee, Dong Kyue Kim, Kunsoo Park, Yousung Kang, Sokjoon Lee, Howon Kim, Kyoil Chung

Abstract:

Electronic seal is an electronic device to check the authenticity and integrity of freight containers at the point of arrival. While RFID-based eSeals are gaining more acceptances and there are also some standardization processes for these devices, a recent research revealed that the current RFID-based eSeals are vulnerable to various attacks. In this paper, we provide a feasible solution to enhance the security of active RFID-based eSeals. Our approach is to use an authentication and key agreement protocol between eSeal and reader device, enabling data encryption and integrity check. Our protocol is based on the use of block cipher AES, which is reasonable since a block cipher can also be used for many other security purposes including data encryption and pseudo-random number generation. Our protocol is very simple, and it is applicable to low-end active RFID eSeals.

Keywords: Authentication, Container Security, Electronic seal, RFID

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1901