Search results for: Information Security agreement
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 5189

Search results for: Information Security agreement

4739 Phishing Attacks Facilitated by Open-Source Intelligence

Authors: Urva Maryam

Abstract:

Private data are more often breached by clever social engineering rather than exploiting technical vulnerabilities in the systems. Complete information security requires good data safety practices to go along with technical solutions. Hackers often begin their operation by simply sending spoofed emails or fraudulent URLs to their targets and trick them into providing sensitive information such as passwords or bank account details. This technique is called phishing. Phishing attacks can be launched on email addresses, open ports and unsecured web browsers. This study uses quantitative method of research to execute phishing experiments on the participants to test their response to the phishing emails. These experiments were run on Kali Linux distribution which came bundled with multiple open-source intelligence (OSINT) tools that were used in the study. The aim of this research is to see how successful phishing attacks can be launched using OSINT and to test the response of people to spoofed emails.

Keywords: OSINT, phishing, spear phishing, email spoofing, theHarvester, Maltego.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 189
4738 Information Resource Management Maturity Model

Authors: Afshari H., Khosravi Sh.

Abstract:

Nowadays there are more than thirty maturity models in different knowledge areas. Maturity model is an area of interest that contributes organizations to find out where they are in a specific knowledge area and how to improve it. As Information Resource Management (IRM) is the concept that information is a major corporate resource and must be managed using the same basic principles used to manage other assets, assessment of the current IRM status and reveal the improvement points can play a critical role in developing an appropriate information structure in organizations. In this paper we proposed a framework for information resource management maturity model (IRM3) that includes ten best practices for the maturity assessment of the organizations' IRM.

Keywords: Information resource management (IRM), information resource management maturity model (IRM3), maturity model, best practice.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2384
4737 Climate Change and Food Security: The Legal Aspects with Special Focus on the European Union

Authors: M. Adamczak-Retecka, O. Hołub-Śniadach

Abstract:

Dangerous of climate change is now global problem and as such has a strategic priority also for the European Union. Europe and European citizens try to do their best to cut greenhouse gas emissions, moreover they substantially encourage other nations and regions to follow the same way. The European Commission and a number of Member States have developed adaptation strategies in order to help strengthen EU's resilience to the inevitable impacts of climate change. The EU has long been a driving force in international negotiations on climate change and was instrumental in the development of the UN Framework Convention on Climate Change. As the world's leading donor of development aid, the EU also provides substantial funding to help developing countries tackle climate change problem. Global warming influences human health, biodiversity, ecosystems but also many social and economic sectors. The aim of this paper is to focus on impact of claimant change on for food security. Food security challenges are directly related to globalization, climate change. It means that current and future food policy is exposed to all cross-cutting and that must be linked with environmental and climate targets, which supposed to be achieved. In the 7th EAP —The new general Union Environment Action Program to 2020, called “Living well, within the limits of our planet” EU has agreed to step up its efforts to protect natural capital, stimulate resource efficient, low carbon growth and innovation, and safeguard people’s health and wellbeing– while respecting the Earth’s natural limits.

Keywords: Climate change, EU law, food policy, food security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 852
4736 A High Bitrate Information Hiding Algorithm for Video in Video

Authors: Wang Shou-Dao, Xiao Chuang-Bai, Lin Yu

Abstract:

In high bitrate information hiding techniques, 1 bit is embedded within each 4 x 4 Discrete Cosine Transform (DCT) coefficient block by means of vector quantization, then the hidden bit can be effectively extracted in terminal end. In this paper high bitrate information hiding algorithms are summarized, and the scheme of video in video is implemented. Experimental result shows that the host video which is embedded numerous auxiliary information have little visually quality decline. Peak Signal to Noise Ratio (PSNR)Y of host video only degrades 0.22dB in average, while the hidden information has a high percentage of survives and keeps a high robustness in H.264/AVC compression, the average Bit Error Rate(BER) of hiding information is 0.015%.

Keywords: Information Hiding, Embed, Quantification, Extract

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1899
4735 The Quality of Accounting Information of Private Companies in the Czech Republic

Authors: Kateřina Struhařová

Abstract:

The paper gives the evidence of quality of accounting information of Czech private companies. In general the private companies in the Czech Republic do not see the benefits of providing accounting information of high quality. Based on the research of financial statements of entrepreneurs and companies in Zlin region it was confirmed that the quality of accounting information differs among the private entities and that the major impact on the accounting information quality has the fact if the financial statements are audited as well as the size of the entity. Also the foreign shareholders and lenders have some impact on the accounting information quality.

Keywords: Accounting information quality, Financial Statements, Czech Republic.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1618
4734 Power System Security Constrained Economic Dispatch Using Real Coded Quantum Inspired Evolution Algorithm

Authors: A. K. Al-Othman, F. S. Al-Fares, K. M. EL-Nagger

Abstract:

This paper presents a new optimization technique based on quantum computing principles to solve a security constrained power system economic dispatch problem (SCED). The proposed technique is a population-based algorithm, which uses some quantum computing elements in coding and evolving groups of potential solutions to reach the optimum following a partially directed random approach. The SCED problem is formulated as a constrained optimization problem in a way that insures a secure-economic system operation. Real Coded Quantum-Inspired Evolution Algorithm (RQIEA) is then applied to solve the constrained optimization formulation. Simulation results of the proposed approach are compared with those reported in literature. The outcome is very encouraging and proves that RQIEA is very applicable for solving security constrained power system economic dispatch problem (SCED).

Keywords: State Estimation, Fuzzy Linear Regression, FuzzyLinear State Estimator (FLSE) and Measurements Uncertainty.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1715
4733 The Role of Online Videos in Undergraduate Casual-Leisure Information Behaviors

Authors: Nei-Ching Yeh

Abstract:

This study describes undergraduate casual-leisure information behaviors relevant to online videos. Diaries and in-depth interviews were used to collect data. Twenty-four undergraduates participated in this study (9 men, 15 women; all were aged 18–22 years). This study presents a model of casual-leisure information behaviors and contributes new insights into user experience in casual-leisure settings, such as online video programs, with implications for other information domains.

Keywords: Casual-leisure information behaviors, information behavior, online videos, role.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1189
4732 Testing the Validity of Maturity Model for E-Government Implementation in Indonesia

Authors: Darmawan Napitupulu, Dana Indra Sensuse, Aniati Murni

Abstract:

The research was conducted to empirically validate the proposed maturity model of e-Government implementation, composed of four dimensions, further specified by 54 success factors as attributes. To do so, there are two steps were performed. First, expert’s judgment was conducted to test its content validity. The second, reliability study was performed to evaluate inter-rater agreement by using Fleiss Kappa approach. The kappa statistic (kappa coefficient) is the most commonly used method for testing the consistency among raters. Fleiss Kappa was a generalization of Kappa in extensions to the case of more than two raters (multiple raters) with multi-categorical ratings. Our findings show that most attributes of the proposed model were related to their corresponding dimensions. According to our results, The percentage of agree answers given by the experts was 73.69% in dimension A, 89.76% in B, 81.5% in C and 60.37% in D. This means that more than half of the attributes of each dimensions were appropriate or relevant to the dimensions they were supposed to measure, while 85% of attributes were relevant enough to their corresponding dimensions. Inter-rater reliability coefficient also showed satisfactory result and interpreted as substantial agreement among raters. Therefore, the proposed model in this paper was valid and reliable to measure the maturity of e-Government implementation.

Keywords: E-Government, Model, Maturity, Validity, Reliability Kappa.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2202
4731 Secure Hashing Algorithm and Advance Encryption Algorithm in Cloud Computing

Authors: Jaimin Patel

Abstract:

Cloud computing is one of the most sharp and important movement in various computing technologies. It provides flexibility to users, cost effectiveness, location independence, easy maintenance, enables multitenancy, drastic performance improvements, and increased productivity. On the other hand, there are also major issues like security. Being a common server, security for a cloud is a major issue; it is important to provide security to protect user’s private data, and it is especially important in e-commerce and social networks. In this paper, encryption algorithms such as Advanced Encryption Standard algorithms, their vulnerabilities, risk of attacks, optimal time and complexity management and comparison with other algorithms based on software implementation is proposed. Encryption techniques to improve the performance of AES algorithms and to reduce risk management are given. Secure Hash Algorithms, their vulnerabilities, software implementations, risk of attacks and comparison with other hashing algorithms as well as the advantages and disadvantages between hashing techniques and encryption are given.

Keywords: Cloud computing, encryption algorithm, secure hashing algorithm, brute force attack, birthday attack, plaintext attack, man-in-the-middle attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1748
4730 Understanding the Selectional Preferences of the Twitter Mentions Network

Authors: R. Sudhesh Solomon, P. Y. K. L. Srinivas, Abhay Narayan, Amitava Das

Abstract:

Users in social networks either unicast or broadcast their messages. At mention is the popular way of unicasting for Twitter whereas general tweeting could be considered as broadcasting method. Understanding the information flow and dynamics within a Social Network and modeling the same is a promising and an open research area called Information Diffusion. This paper seeks an answer to a fundamental question - understanding if the at-mention network or the unicasting pattern in social media is purely random in nature or is there any user specific selectional preference? To answer the question we present an empirical analysis to understand the sociological aspects of Twitter mentions network within a social network community. To understand the sociological behavior we analyze the values (Schwartz model: Achievement, Benevolence, Conformity, Hedonism, Power, Security, Self-Direction, Stimulation, Traditional and Universalism) of all the users. Empirical results suggest that values traits are indeed salient cue to understand how the mention-based communication network functions. For example, we notice that individuals possessing similar values unicast among themselves more often than with other value type people. We also observe that traditional and self-directed people do not maintain very close relationship in the network with the people of different values traits.

Keywords: Social network analysis, information diffusion, personality and values, Twitter Mentions Network.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 747
4729 Transient Combined Conduction and Radiation in a Two-Dimensional Participating Cylinder in Presence of Heat Generation

Authors: Raoudha Chaabane, Faouzi Askri, Sassi Ben Nasrallah

Abstract:

Simultaneous transient conduction and radiation heat transfer with heat generation is investigated. Analysis is carried out for both steady and unsteady situations. two-dimensional gray cylindrical enclosure with an absorbing, emitting, and isotropically scattering medium is considered. Enclosure boundaries are assumed at specified temperatures. The heat generation rate is considered uniform and constant throughout the medium. The lattice Boltzmann method (LBM) was used to solve the energy equation of a transient conduction-radiation heat transfer problem. The control volume finite element method (CVFEM) was used to compute the radiative information. To study the compatibility of the LBM for the energy equation and the CVFEM for the radiative transfer equation, transient conduction and radiation heat transfer problems in 2-D cylindrical geometries were considered. In order to establish the suitability of the LBM, the energy equation of the present problem was also solved using the the finite difference method (FDM) of the computational fluid dynamics. The CVFEM used in the radiative heat transfer was employed to compute the radiative information required for the solution of the energy equation using the LBM or the FDM (of the CFD). To study the compatibility and suitability of the LBM for the solution of energy equation and the CVFEM for the radiative information, results were analyzed for the effects of various parameters such as the boundary emissivity. The results of the LBMCVFEM combination were found to be in excellent agreement with the FDM-CVFEM combination. The number of iterations and the steady state temperature in both of the combinations were found comparable. Results are found for situations with and without heat generation. Heat generation is found to have significant bearing on temperature distribution.

Keywords: heat generation, cylindrical coordinates; RTE;transient; coupled conduction radiation; heat transfer; CVFEM; LBM

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2203
4728 Improved Zero Text Watermarking Algorithm against Meaning Preserving Attacks

Authors: Jalil Z., Farooq M., Zafar H., Sabir M., Ashraf E.

Abstract:

Internet is largely composed of textual contents and a huge volume of digital contents gets floated over the Internet daily. The ease of information sharing and re-production has made it difficult to preserve author-s copyright. Digital watermarking came up as a solution for copyright protection of plain text problem after 1993. In this paper, we propose a zero text watermarking algorithm based on occurrence frequency of non-vowel ASCII characters and words for copyright protection of plain text. The embedding algorithm makes use of frequency non-vowel ASCII characters and words to generate a specialized author key. The extraction algorithm uses this key to extract watermark, hence identify the original copyright owner. Experimental results illustrate the effectiveness of the proposed algorithm on text encountering meaning preserving attacks performed by five independent attackers.

Keywords: Copyright protection, Digital watermarking, Document authentication, Information security, Watermark.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2160
4727 M-band Wavelet and Cosine Transform Based Watermark Algorithm Using Randomization and Principal Component Analysis

Authors: Tong Liu, Xuan Xu, Xiaodi Wang

Abstract:

Computational techniques derived from digital image processing are playing a significant role in the security and digital copyrights of multimedia and visual arts. This technology has the effect within the domain of computers. This research presents discrete M-band wavelet transform (MWT) and cosine transform (DCT) based watermarking algorithm by incorporating the principal component analysis (PCA). The proposed algorithm is expected to achieve higher perceptual transparency. Specifically, the developed watermarking scheme can successfully resist common signal processing, such as geometric distortions, and Gaussian noise. In addition, the proposed algorithm can be parameterized, thus resulting in more security. To meet these requirements, the image is transformed by a combination of MWT & DCT. In order to improve the security further, we randomize the watermark image to create three code books. During the watermark embedding, PCA is applied to the coefficients in approximation sub-band. Finally, first few component bands represent an excellent domain for inserting the watermark.

Keywords: discrete M-band wavelet transform , discrete M-band wavelet transform, randomized watermark, principal component analysis

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2009
4726 Hybrid Intelligent Intrusion Detection System

Authors: Norbik Bashah, Idris Bharanidharan Shanmugam, Abdul Manan Ahmed

Abstract:

Intrusion Detection Systems are increasingly a key part of systems defense. Various approaches to Intrusion Detection are currently being used, but they are relatively ineffective. Artificial Intelligence plays a driving role in security services. This paper proposes a dynamic model Intelligent Intrusion Detection System, based on specific AI approach for intrusion detection. The techniques that are being investigated includes neural networks and fuzzy logic with network profiling, that uses simple data mining techniques to process the network data. The proposed system is a hybrid system that combines anomaly, misuse and host based detection. Simple Fuzzy rules allow us to construct if-then rules that reflect common ways of describing security attacks. For host based intrusion detection we use neural-networks along with self organizing maps. Suspicious intrusions can be traced back to its original source path and any traffic from that particular source will be redirected back to them in future. Both network traffic and system audit data are used as inputs for both.

Keywords: Intrusion Detection, Network Security, Data mining, Fuzzy Logic.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2131
4725 Two Undetectable On-line Dictionary Attacks on Debiao et al.’s S-3PAKE Protocol

Authors: Sung-Bae Choi, Sang-Yoon Yoon, Eun-Jun Yoon

Abstract:

In 2011, Debiao et al. pointed out that S-3PAKE protocol proposed by Lu and Cao for password-authenticated key exchange in the three-party setting is vulnerable to an off-line dictionary attack. Then, they proposed some countermeasures to eliminate the security vulnerability of the S-3PAKE. Nevertheless, this paper points out their enhanced S-3PAKE protocol is still vulnerable to undetectable on-line dictionary attacks unlike their claim.

Keywords: Authentication, 3PAKE, password, three-party key exchange, network security, dictionary attacks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1638
4724 Information Technologies in Automotive Assembly Industry in Thailand

Authors: Jirarat Teeravaraprug, Usawadee Inklay

Abstract:

This paper gave an attempt in prioritizing information  technologies that organizations should give concentration. The case  study was organizations in the automotive assembly industry in  Thailand. Data were first collected to gather all information  technologies known and used in the automotive assembly industry in  Thailand. Five experts from the industries were surveyed based on  the concept of fuzzy DEMATEL. The information technologies were  categorized into six groups, which were communication, transaction,  planning, organization management, warehouse management, and  transportation. The cause groups of information technologies for each  group were analyzed and presented. Moreover, the relationship  between the used and the significant information technologies was  given. Discussions based on the used information technologies and  the research results are given.

 

Keywords: Information technology, automotive assembly industry, fuzzy DEMATEL.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1719
4723 Counterfeit Drugs Prevention in Pharmaceutical Industry with RFID: A Framework Based On Literature Review

Authors: Zeeshan Hamid, Asher Ramish

Abstract:

The purpose of this paper is to focus on security and safety issues facing by pharmaceutical industry globally when counterfeit drugs are in question. Hence, there is an intense need to secure and authenticate pharmaceutical products in the emerging counterfeit product market. This paper will elaborate the application of radio frequency identification (RFID) in pharmaceutical industry and to identify its key benefits for patient’s care. The benefits are: help to co-ordinate the stream of supplies, accuracy in chains of supplies, maintaining trustworthy information, to manage the operations in appropriate and timely manners and finally deliver the genuine drug to patient. It is discussed that how RFID supported supply chain information sharing (SCIS) helps to combat against counterfeit drugs. And a solution how to tag pharmaceutical products; since, some products prevent RFID implementation in this industry. In this paper, a proposed model for pharma industry distribution suggested to combat against the counterfeit drugs when they are in supply chain.

Keywords: Supply chain, RFID, pharmaceutical industry, counterfeit drugs, patients care.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4657
4722 Efficient Secured Lossless Coding of Medical Images– Using Modified Runlength Coding for Character Representation

Authors: S. Annadurai, P. Geetha

Abstract:

Lossless compression schemes with secure transmission play a key role in telemedicine applications that helps in accurate diagnosis and research. Traditional cryptographic algorithms for data security are not fast enough to process vast amount of data. Hence a novel Secured lossless compression approach proposed in this paper is based on reversible integer wavelet transform, EZW algorithm, new modified runlength coding for character representation and selective bit scrambling. The use of the lifting scheme allows generating truly lossless integer-to-integer wavelet transforms. Images are compressed/decompressed by well-known EZW algorithm. The proposed modified runlength coding greatly improves the compression performance and also increases the security level. This work employs scrambling method which is fast, simple to implement and it provides security. Lossless compression ratios and distortion performance of this proposed method are found to be better than other lossless techniques.

Keywords: EZW algorithm, lifting scheme, losslesscompression, reversible integer wavelet transform, securetransmission, selective bit scrambling, modified runlength coding .

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1367
4721 Managing the Information System Life Cycle in Construction and Manufacturing

Authors: Carlos J. Costa, Manuela Aparício

Abstract:

In this paper we present the information life cycle and analyze the importance of managing the corporate application portfolio across this life cycle. The approach presented here corresponds not just to the extension of the traditional information system development life cycle. This approach is based in the generic life cycle. In this paper it is proposed a model of an information system life cycle, supported in the assumption that a system has a limited life. But, this limited life may be extended. This model is also applied in several cases; being reported here two examples of the framework application in a construction enterprise and in a manufacturing enterprise.

Keywords: Information systems/technology, information systems life cycle, organization engineering, information economics.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1807
4720 Strategies for Securing Safety Messages with Fixed Key Infrastructure in Vehicular Network

Authors: Nasser Mozayani, Maryam Barzegar, Hoda Madani

Abstract:

Vehicular communications play a substantial role in providing safety in transportation by means of safety message exchange. Researchers have proposed several solutions for securing safety messages. Protocols based on a fixed key infrastructure are more efficient in implementation and maintain stronger security in comparison with dynamic structures. These protocols utilize zone partitioning to establish distinct key infrastructure under Certificate Authority (CA) supervision in different regions. Secure anonymous broadcasting (SAB) is one of these protocols that preserves most of security aspects but it has some deficiencies in practice. A very important issue is region change of a vehicle for its mobility. Changing regions leads to change of CA and necessity of having new key set to resume communication. In this paper, we propose solutions for informing vehicles about region change to obtain new key set before entering next region. This hinders attackers- intrusion, packet loss and lessons time delay. We also make key request messages secure by confirming old CA-s public key to the message, hence stronger security for safety message broadcasting is attained.

Keywords: Secure broadcasting, Certificate authority (CA), Key exchange, Vehicular network.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1539
4719 “Friction Surfaces” of Airport Emergency Plan

Authors: Jakub Kraus, Vladimír Plos, Peter Vittek

Abstract:

This article focuses on the issue of airport emergency plans, which are documents describing reactions to events with impact on aviation safety or aviation security. The article specifically focuses on the use and creation of emergency plans, where could be found a number of disagreements between different stakeholders, for which the airport emergency plan applies. Those are the friction surfaces of interfaces, which is necessary to identify and ensure them smooth process to avoid dangerous situations or delay.

Keywords: Airport emergency plan, aviation safety, aviation security, comprehensive management system, friction surfaces of airport emergency plan, interfaces of processes.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1949
4718 The Prevalence of Organized Retail Crime in Riyadh, Saudi Arabia

Authors: Saleh Dabil

Abstract:

This study investigates the level of existence of organized retail crime in supermarkets of Riyadh, Saudi Arabia. The store managers, security managers and general employees were asked about the types of retail crimes occur in the stores. Three independent variables were related to the report of organized retail theft. The independent variables are: 1) the supermarket profile (volume, location, standard and type of the store), 2) the social physical environment of the store (maintenance, cleanness and overall organizational cooperation), 3) the security techniques and loss prevention electronics techniques used. The theoretical framework of this study based on the social disorganization theory. This study concluded that the organized retail theft, in specific, organized theft is moderately apparent in Riyadh stores. The general result showed that the environment of the stores has an effect on the prevalence of organized retail theft with relation to the gender of thieves, age groups, working shift, type of stolen items as well as the number of thieves in one case. Among other reasons, some factors of the organized theft are: economic pressure of customers based on the location of the store. The dealing of theft also was investigated to have a clear picture of stores dealing with organized retail theft. The result showed that mostly, thieves sent without any action and sometimes given written warning. Very few cases dealt with by police. There are other factors in the study can be looked up in the text. This study suggests solving the problem of organized theft; first, is "the well distributing of the duties and responsibilities between the employees especially for security purposes". Second "Installation of strong security system" and "Making well-designed store layout". Third is "giving training for general employees" and "to give periodically security skills training of employees". There are other suggestions in the study can be looked up in the text.

Keywords: Organized Crime, Retail, Theft, Loss prevention, Store environment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2335
4717 Distributed Self-Healing Protocol for Unattended Wireless Sensor Network

Authors: E. Golden Julie, E. Sahaya Rose Vigita, S. Tamil Selvi

Abstract:

Wireless sensor network is vulnerable to a wide range of attacks. Recover secrecy after compromise, to develop technique that can detect intrusions and able to resilient networks that isolates the point(s) of intrusion while maintaining network connectivity for other legitimate users. To define new security metrics to evaluate collaborative intrusion resilience protocol, by leveraging the sensor mobility that allows compromised sensors to recover secure state after compromise. This is obtained with very low overhead and in a fully distributed fashion using extensive simulations support our findings.

Keywords: WSN security, intrusion resilience, compromised sensors, mobility.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1757
4716 CybeRisk Management in Banks: An Italian Case Study

Authors: E. Cenderelli, E. Bruno, G. Iacoviello, A. Lazzini

Abstract:

The financial sector is exposed to the risk of cyber-attacks like any other industrial sector. Furthermore, the topic of CybeRisk (cyber risk) has become particularly relevant given that Information Technology (IT) attacks have increased drastically in recent years, and cannot be stopped by single organizations requiring a response at international and national level. IT risk is never a matter purely for the IT manager, although he clearly plays a key role. A bank's risk management function requires a thorough understanding of the evolving risks as well as the tools and practical techniques available to address them. Upon the request of European and national legislation regarding CybeRisk in the financial system, banks are therefore called upon to strengthen the operational model for CybeRisk management. This will require an important change with a more intense collaboration with the structures that deal with information security for the development of an ad hoc system for the evaluation and control of this type of risk. The aim of the work is to propose a framework for the management and control of CybeRisk that will bridge the gap in the literature regarding the understanding and consideration of CybeRisk as an integral part of business management. The IT function has a strong relevance in the management of CybeRisk, which is perceived mainly as operational risk, but with a positive tendency on the part of risk management to the identification of CybeRisk assessment methods that are increasingly complete, quantitative and able to better describe the possible impacts on the business. The paper provides answers to the research questions: Is it possible to define a CybeRisk governance structure able to support the comparison between risk and security? How can the relationships between IT assets be integrated into a cyberisk assessment framework to guarantee a system of protection and risks control? From a methodological point of view, this research uses a case study approach. The choice of “Monte dei Paschi di Siena” was determined by the specific features of one of Italy’s biggest lenders. It is chosen to use an intensive research strategy: an in-depth study of reality. The case study methodology is an empirical approach to explore a complex and current phenomenon that develops over time. The use of cases has also the advantage of allowing the deepening of aspects concerning the "how" and "why" of contemporary events, on which the scholar has little control. The research bases on quantitative data and qualitative information obtained through semi-structured interviews of an open-ended nature and questionnaires to directors, members of the audit committee, risk, IT and compliance managers, and those responsible for internal audit function and anti-money laundering. The added value of the paper can be seen in the development of a framework based on a mapping of IT assets from which it is possible to identify their relationships for purposes of a more effective management and control of cyber risk.

Keywords: Bank, CybeRisk, information technology, risk management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1429
4715 Home Network-Specific RBAC Model

Authors: Geon-Woo Kim, Do-Woo Kim, Jun-Ho Lee, Jin-Beon Hwang, Jong-Wook Han

Abstract:

As various mobile sensing technologies, remote control and ubiquitous infrastructure are developing and expectations on quality of life are increasing, a lot of researches and developments on home network technologies and services are actively on going, Until now, we have focused on how to provide users with high-level home network services, while not many researches on home network security for guaranteeing safety are progressing. So, in this paper, we propose an access control model specific to home network that provides various kinds of users with home network services up one-s characteristics and features, and protects home network systems from illegal/unnecessary accesses or intrusions.

Keywords: Home network security, RBAC, access control, authentication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1730
4714 Performance Evaluation of Para-virtualization on Modern Mobile Phone Platform

Authors: Yang Xu, Felix Bruns, Elizabeth Gonzalez, Shadi Traboulsi, Klaus Mott, Attila Bilgic

Abstract:

Emergence of smartphones brings to live the concept of converged devices with the availability of web amenities. Such trend also challenges the mobile devices manufactures and service providers in many aspects, such as security on mobile phones, complex and long time design flow, as well as higher development cost. Among these aspects, security on mobile phones is getting more and more attention. Microkernel based virtualization technology will play a critical role in addressing these challenges and meeting mobile market needs and preferences, since virtualization provides essential isolation for security reasons and it allows multiple operating systems to run on one processor accelerating development and cutting development cost. However, virtualization benefits do not come for free. As an additional software layer, it adds some inevitable virtualization overhead to the system, which may decrease the system performance. In this paper we evaluate and analyze the virtualization performance cost of L4 microkernel based virtualization on a competitive mobile phone by comparing the L4Linux, a para-virtualized Linux on top of L4 microkernel, with the native Linux performance using lmbench and a set of typical mobile phone applications.

Keywords: L4 microkernel, virtualization overhead, mobilephone.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1976
4713 Research and Development of Net-Centric Information Sharing Platform

Authors: Xiaoqing Wang, Fang Youyuan, Zheng Yanxing, Gu Tianyang, Zong Jianjian, Tong Jinrong

Abstract:

Compared with traditional distributed environment, the net-centric environment brings on more demanding challenges for information sharing with the characteristics of ultra-large scale and strong distribution, dynamic, autonomy, heterogeneity, redundancy. This paper realizes an information sharing model and a series of core services, through which provides an open, flexible and scalable information sharing platform.

Keywords: Net-centric environment, Information sharing, Metadata registry and catalog, Cross-domain data access control.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1370
4712 Mechanized Proof of Resistance of Denial of Service Attacks in Voting Protocol with ProVerif

Authors: Bo Meng, Wei Wang

Abstract:

Resistance of denial of service attacks is a key security requirement in voting protocols. Acquisti protocol plays an important role in development of internet voting protocols and claims its security without strong physical assumptions. In this study firstly Acquisti protocol is modeled in extended applied pi calculus, and then resistance of denial of service attacks is proved with ProVerif. The result is that it is not resistance of denial of service attacks because two denial of service attacks are found. Finally we give the method against the denial of service attacks.

Keywords: Applied pi calculus, protocol state, symbolic model, availability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1256
4711 A Web Text Mining Flexible Architecture

Authors: M. Castellano, G. Mastronardi, A. Aprile, G. Tarricone

Abstract:

Text Mining is an important step of Knowledge Discovery process. It is used to extract hidden information from notstructured o semi-structured data. This aspect is fundamental because much of the Web information is semi-structured due to the nested structure of HTML code, much of the Web information is linked, much of the Web information is redundant. Web Text Mining helps whole knowledge mining process to mining, extraction and integration of useful data, information and knowledge from Web page contents. In this paper, we present a Web Text Mining process able to discover knowledge in a distributed and heterogeneous multiorganization environment. The Web Text Mining process is based on flexible architecture and is implemented by four steps able to examine web content and to extract useful hidden information through mining techniques. Our Web Text Mining prototype starts from the recovery of Web job offers in which, through a Text Mining process, useful information for fast classification of the same are drawn out, these information are, essentially, job offer place and skills.

Keywords: Web text mining, flexible architecture, knowledgediscovery.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2665
4710 Determination of Cr Content in Canned Fish Marketed in Iran

Authors: Soheil Sobhanardakani, Seyed Vali Hosseini, Lima Tayebi

Abstract:

The presence of heavy metals in the environment could constitute a hazard to food security and public health. These can be accumulated in aquatic animals such as fish. Samples of four popular brands of canned fish in the Iranian market (yellowfin tuna, common Kilka, Kawakawa and longtail tuna) were analyzed for level of Cr after wet digestion with acids using graphite furnace atomic absorption spectrophotometry. The mean concentrations for Cr in the different brands were: 2.57, 3.24, 3.16 and 1.65 μg/g for brands A, B, C and D respectively. Significant differences were observed in the Cr levels between all of the different brands of canned fish evaluated in this study. The Cr concentrations for the varieties of canned fishes were generally within the FAO/WHO, U.S. FDA and U.S. EPA recommended limits for fish.

Keywords: Heavy metals, essential metals, canned fish, food security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2581