Search results for: security patterns
1695 Security Strengths and Weaknesses of Blockchain Smart Contract System: A Survey
Authors: Malaw Ndiaye, Karim Konate
Abstract:
Smart contracts are computer protocols that facilitate, verify, and execute the negotiation or execution of a contract, or that render a contractual term unnecessary. Blockchain and smart contracts can be used to facilitate almost any financial transaction. Thanks to these smart contracts, the settlement of dividends and coupons could be automated. Smart contracts have become lucrative and profitable targets for attackers because they can hold a great amount of money. Smart contracts, although widely used in blockchain technology, are far from perfect due to security concerns. Although a series of attacks are listed, there is a lack of discussions and proposals on improving security. This survey takes stock of smart contract security from a more comprehensive perspective by correlating the level of vulnerability and systematic review of security levels in smart contracts.
Keywords: Blockchain, bitcoin, smart Contract, criminal smart contract, security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5381694 A Comparative Study of Fine Grained Security Techniques Based on Data Accessibility and Inference
Authors: Azhar Rauf, Sareer Badshah, Shah Khusro
Abstract:
This paper analyzes different techniques of the fine grained security of relational databases for the two variables-data accessibility and inference. Data accessibility measures the amount of data available to the users after applying a security technique on a table. Inference is the proportion of information leakage after suppressing a cell containing secret data. A row containing a secret cell which is suppressed can become a security threat if an intruder generates useful information from the related visible information of the same row. This paper measures data accessibility and inference associated with row, cell, and column level security techniques. Cell level security offers greatest data accessibility as it suppresses secret data only. But on the other hand, there is a high probability of inference in cell level security. Row and column level security techniques have least data accessibility and inference. This paper introduces cell plus innocent security technique that utilizes the cell level security method but suppresses some innocent data to dodge an intruder that a suppressed cell may not necessarily contain secret data. Four variations of the technique namely cell plus innocent 1/4, cell plus innocent 2/4, cell plus innocent 3/4, and cell plus innocent 4/4 respectively have been introduced to suppress innocent data equal to 1/4, 2/4, 3/4, and 4/4 percent of the true secret data inside the database. Results show that the new technique offers better control over data accessibility and inference as compared to the state-of-theart security techniques. This paper further discusses the combination of techniques together to be used. The paper shows that cell plus innocent 1/4, 2/4, and 3/4 techniques can be used as a replacement for the cell level security.
Keywords: Fine Grained Security, Data Accessibility, Inference, Row, Cell, Column Level Security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14701693 Cloud Computing for E-Learning with More Emphasis on Security Issues
Authors: Sajjad Hashemi, Seyyed Yasser Hashemi
Abstract:
In today's world, success of most systems depend on the use of new technologies and information technology (IT) which aimed to increase efficiency and satisfaction of users. One of the most important systems that use information technology to deliver services is the education system. But for educational services in the form of E-learning systems, hardware and software equipment should be containing high quality, which requires substantial investment. Because the vast majority of educational establishments can not invest in this area so the best way for them is reducing the costs and providing the E-learning services by using cloud computing. But according to the novelty of the cloud technology, it can create challenges and concerns that the most noted among them are security issues. Security concerns about cloud-based E-learning products are critical and security measures essential to protect valuable data of users from security vulnerabilities in products. Thus, the success of these products happened if customers meet security requirements then can overcome security threats. In this paper tried to explore cloud computing and its positive impact on E- learning and put main focus to identify security issues that related to cloud-based E-learning efforts which have been improve security and provide solutions in management challenges.
Keywords: Cloud computing, E-Learning, Security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 32201692 Minimal Critical Sets of Inertias for Irreducible Zero-nonzero Patterns of Order 3
Authors: Ber-Lin Yu, Ting-Zhu Huang
Abstract:
If there exists a nonempty, proper subset S of the set of all (n + 1)(n + 2)/2 inertias such that S Ôèå i(A) is sufficient for any n × n zero-nonzero pattern A to be inertially arbitrary, then S is called a critical set of inertias for zero-nonzero patterns of order n. If no proper subset of S is a critical set, then S is called a minimal critical set of inertias. In [3], Kim, Olesky and Driessche identified all minimal critical sets of inertias for 2 × 2 zero-nonzero patterns. Identifying all minimal critical sets of inertias for n × n zero-nonzero patterns with n ≥ 3 is posed as an open question in [3]. In this paper, all minimal critical sets of inertias for 3 × 3 zero-nonzero patterns are identified. It is shown that the sets {(0, 0, 3), (3, 0, 0)}, {(0, 0, 3), (0, 3, 0)}, {(0, 0, 3), (0, 1, 2)}, {(0, 0, 3), (1, 0, 2)}, {(0, 0, 3), (2, 0, 1)} and {(0, 0, 3), (0, 2, 1)} are the only minimal critical sets of inertias for 3 × 3 irreducible zerononzero patterns.
Keywords: Permutation digraph, zero-nonzero pattern, irreducible pattern, critical set of inertias, inertially arbitrary.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 12361691 Hopfield Network as Associative Memory with Multiple Reference Points
Authors: Domingo López-Rodríguez, Enrique Mérida-Casermeiro, Juan M. Ortiz-de-Lazcano-Lobato
Abstract:
Hopfield model of associative memory is studied in this work. In particular, two main problems that it possesses: the apparition of spurious patterns in the learning phase, implying the well-known effect of storing the opposite pattern, and the problem of its reduced capacity, meaning that it is not possible to store a great amount of patterns without increasing the error probability in the retrieving phase. In this paper, a method to avoid spurious patterns is presented and studied, and an explanation of the previously mentioned effect is given. Another technique to increase the capacity of a network is proposed here, based on the idea of using several reference points when storing patterns. It is studied in depth, and an explicit formula for the capacity of the network with this technique is provided.
Keywords: Associative memory, Hopfield network, network capacity, spurious patterns.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 11061690 Does the Polysemic Nature of Energy Security Make it a 'Wicked' Problem?
Authors: Lynne Chester
Abstract:
Governments around the world are expending considerable time and resources framing strategies and policies to deliver energy security. The term 'energy security' has quietly slipped into the energy lexicon without any meaningful discourse about its meaning or assumptions. An examination of explicit and inferred definitions finds that the concept is inherently slippery because it is polysemic in nature having multiple dimensions and taking on different specificities depending on the country (or continent), timeframe or energy source to which it is applied. But what does this mean for policymakers? Can traditional policy approaches be used to address the problem of energy security or does its- polysemic qualities mean that it should be treated as a 'wicked' problem? To answer this question, the paper assesses energy security against nine commonly cited characteristics of wicked policy problems and finds strong evidence of 'wickedness'.Keywords: Energy security, policy making, wicked problems.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15161689 A Survey of Attacks and Security Requirements in Wireless Sensor Networks
Authors: Vishnu Pratap Singh Kirar
Abstract:
Wireless sensor network (WSN) is a network of many interconnected networked systems, they equipped with energy resources and they are used to detect other physical characteristics. On WSN, there are many researches are performed in past decades. WSN applicable in many security systems govern by military and in many civilian related applications. Thus, the security of WSN gets attention of researchers and gives an opportunity for many future aspects. Still, there are many other issues are related to deployment and overall coverage, scalability, size, energy efficiency, quality of service (QoS), computational power and many more. In this paper we discus about various applications and security related issue and requirements of WSN.
Keywords: Wireless Sensor Network (WSN), Wireless Network Attacks, Wireless Network Security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 29951688 Challenges for Security in Wireless Sensor Networks (WSNs)
Authors: Muazzam A. Khan, Ghalib A. Shah, Muhammad Sher
Abstract:
Wireless sensor network is formed with the combination of sensor nodes and sink nodes. Recently Wireless sensor network has attracted attention of the research community. The main application of wireless sensor network is security from different attacks both for mass public and military. However securing these networks, by itself is a critical issue due to many constraints like limited energy, computational power and lower memory. Researchers working in this area have proposed a number of security techniques for this purpose. Still, more work needs to be done.In this paper we provide a detailed discussion on security in wireless sensor networks. This paper will help to identify different obstacles and requirements for security of wireless sensor networks as well as highlight weaknesses of existing techniques.
Keywords: Wireless senor networks (WSNs), security, denial of service, black hole, cryptography, stenography.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 29221687 Enhancing Security in Resource Sharing Using Key Holding Mechanism
Authors: M. Victor Jose, V. Seenivasagam
Abstract:
This paper describes a logical method to enhance security on the grid computing to restrict the misuse of the grid resources. This method is an economic and efficient one to avoid the usage of the special devices. The security issues, techniques and solutions needed to provide a secure grid computing environment are described. A well defined process for security management among the resource accesses and key holding algorithm is also proposed. In this method, the identity management, access control and authorization and authentication are effectively handled.
Keywords: Grid security, Irregular binary series, Key holding mechanism, Resource identity, Secure resource access.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17251686 Power System Security Assessment using Binary SVM Based Pattern Recognition
Authors: S Kalyani, K Shanti Swarup
Abstract:
Power System Security is a major concern in real time operation. Conventional method of security evaluation consists of performing continuous load flow and transient stability studies by simulation program. This is highly time consuming and infeasible for on-line application. Pattern Recognition (PR) is a promising tool for on-line security evaluation. This paper proposes a Support Vector Machine (SVM) based binary classification for static and transient security evaluation. The proposed SVM based PR approach is implemented on New England 39 Bus and IEEE 57 Bus systems. The simulation results of SVM classifier is compared with the other classifier algorithms like Method of Least Squares (MLS), Multi- Layer Perceptron (MLP) and Linear Discriminant Analysis (LDA) classifiers.Keywords: Static Security, Transient Security, Pattern Recognition, Classifier, Support Vector Machine.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18741685 Towards Security in Virtualization of SDN
Authors: Wanqing You, Kai Qian, Xi He, Ying Qian
Abstract:
In this paper, the potential security issues brought by the virtualization of a Software Defined Networks (SDN) would be analyzed. The virtualization of SDN is achieved by FlowVisor (FV). With FV, a physical network is divided into multiple isolated logical networks while the underlying resources are still shared by different slices (isolated logical networks). However, along with the benefits brought by network virtualization, it also presents some issues regarding security. By examining security issues existing in an OpenFlow network, which uses FlowVisor to slice it into multiple virtual networks, we hope we can get some significant results and also can get furtherdiscussions among the security of SDN virtualization.
Keywords: FlowVisor, Network virtualization, Potential threats, Possible solutions.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21621684 Graphic Watermarking, Security Feature in Cadastral Content Management
Authors: Manole Velicanu, Emanuil Rednic
Abstract:
The paper shows the necessity to increase the security level for paper management in the cadastral field by using specific graphical watermarks. Using the graphical watermarking will increase the security in the cadastral content management; furthermore any altered document will be validated afterwards of its originality by checking the graphic watermark. If, by any reasons the document is changed for counterfeiting, it is invalidated and found that is an illegal copy due to the graphic check of the watermarking, check made at pixel levelKeywords: cadastral system, database security, security standards, content management, identity management, watermarking.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15261683 Scenario Analysis of Indonesia's Energy Security by using a System-Dynamics Approach
Authors: Yudha Prambudia, Masaru Nakano
Abstract:
Due to rapid economic growth, Indonesia's energy needs is rapidly increasing. Indonesia-s primary energy consumption has doubled in 2007 compared to 2003. Indonesia's status change from oil net-exporter to oil net-importer country recently has increased Indonesia's concern over energy security. Due to this, oil import becomes center of attention in the dynamics of Indonesia's energy security. Conventional studies addressing Indonesia's energy security have focused on energy production sector. This study explores Indonesia-s energy security considering energy import sector by modeling and simulating Indonesia-s energy-related policies using system dynamics. Simulation result of Indonesia's energy security in 2020 in Business-As-Usual scenario shows that in term of supply demand ratio, energy security will be very high, but also it poses high dependence on energy import. The Alternative scenario result shows lower energy security in term of supply demand ratio and much lower dependence on energy import. It is also found that the Alternative scenario produce lower GDP growth.
Keywords: Energy security, modeling, simulation, system dynamics.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21261682 Adding Security Blocks to the DevOps Lifecycle
Authors: Andrew John Zeller, Francis Pouatcha
Abstract:
Working according to the DevOps principle has gained in popularity over the past decade. While its extension DevSecOps started to include elements of cybersecurity, most real-life projects do not focus risk and security until the later phases of a project as teams are often more familiar with engineering and infrastructure services. To help bridge the gap between security and engineering, this paper will take six building blocks of cybersecurity and apply them to the DevOps approach. After giving a brief overview of the stages in the DevOps lifecycle, the main part discusses to what extent six cybersecurity blocks can be utilized in various stages of the lifecycle. The paper concludes with an outlook on how to stay up to date in the dynamic world of cybersecurity.
Keywords: Information security, data security, cybersecurity, DevOps, IT management.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1141681 The Effects of Cross-Border Use of Drones in Nigerian National Security
Authors: H. P. Kerry
Abstract:
Drone technology has become a significant discourse in a nation’s national security, while this technology could constitute a danger to national security on the one hand, on the other hand, it is used in developed and developing countries for border security, and in some cases, for protection of security agents and migrants. In the case of Nigeria, drones are used by the military to monitor and tighten security around the borders. However, terrorist groups have devised a means to utilize the technology to their advantage. Therefore, the potential danger in the widespread proliferation of this technology has become a myriad of risks. The research on the effects of cross-border use of drones in Nigerian national security looks at the negative and positive consequences of using drone technology. The study employs the use of interviews and relevant documents to obtain data while the study applied the Just War theory to justify the reason why countries use force; it further buttresses the points with what the realist theory thinks about the use of force. In conclusion, the paper recommends that the Nigerian government through the National Assembly should pass a bill for the establishment of a law that will guide the use of armed and unarmed drones in Nigeria enforced by the Nigeria Civil Aviation Authority and the office of the National Security Adviser.
Keywords: Armed drones, cross-border, drones, national security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 11471680 Construction Methods for Sign Patterns Allowing Nilpotence of Index k
Authors: Jun Luo
Abstract:
In this paper, the smallest such integer k is called by the index (of nilpotence) of B such that Bk = 0. In this paper, we study sign patterns allowing nilpotence of index k and obtain four methods to construct sign patterns allowing nilpotence of index at most k, which generalizes some recent results.
Keywords: Sign pattern, Nilpotence, Jordan block.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16511679 High Speed Rail vs. Other Factors Affecting the Tourism Market in Italy
Authors: F. Pagliara, F. Mauriello
Abstract:
The objective of this paper is to investigate the relationship between the increase of accessibility brought by high speed rail (HSR) systems and the tourism market in Italy. The impacts of HSR projects on tourism can be quantified in different ways. In this manuscript, an empirical analysis has been carried out with the aid of a dataset containing information both on tourism and transport for 99 Italian provinces during the 2006-2016 period. Panel data regression models have been considered, since they allow modelling a wide variety of correlation patterns. Results show that HSR has an impact on the choice of a given destination for Italian tourists while the presence of a second level hub mainly affects foreign tourists. Attraction variables are also significant for both categories and the variables concerning security, such as number of crimes registered in a given destination, have a negative impact on the choice of a destination.
Keywords: Tourists, overnights, high speed rail, attractions, security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 7121678 Addressing Data Security in the Cloud
Authors: Marinela Mircea
Abstract:
The development of information and communication technology, the increased use of the internet, as well as the effects of the recession within the last years, have lead to the increased use of cloud computing based solutions, also called on-demand solutions. These solutions offer a large number of benefits to organizations as well as challenges and risks, mainly determined by data visualization in different geographic locations on the internet. As far as the specific risks of cloud environment are concerned, data security is still considered a peak barrier in adopting cloud computing. The present study offers an approach upon ensuring the security of cloud data, oriented towards the whole data life cycle. The final part of the study focuses on the assessment of data security in the cloud, this representing the bases in determining the potential losses and the premise for subsequent improvements and continuous learning.Keywords: cloud computing, data life cycle, data security, security assessment.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21611677 E-Business Security: Methodological Considerations
Authors: Ja'far Alqatawna, Jawed Siddiqi, Babak Akhgar, Mohammad Hjouj Btoush
Abstract:
A great deal of research works in the field information systems security has been based on a positivist paradigm. Applying the reductionism concept of the positivist paradigm for information security means missing the bigger picture and thus, the lack of holism which could be one of the reasons why security is still overlooked, comes as an afterthought or perceived from a purely technical dimension. We need to reshape our thinking and attitudes towards security especially in a complex and dynamic environment such as e- Business to develop a holistic understanding of e-Business security in relation to its context as well as considering all the stakeholders in the problem area. In this paper we argue the suitability and need for more inductive interpretive approach and qualitative research method to investigate e-Business security. Our discussion is based on a holistic framework of enquiry, nature of the research problem, the underling theoretical lens and the complexity of e-Business environment. At the end we present a research strategy for developing a holistic framework for understanding of e-Business security problems in the context of developing countries based on an interdisciplinary inquiry which considers their needs and requirements.Keywords: e-Business Security, Complexity, Methodological considerations, interpretive qualitative research and Case study method.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15061676 Tidal Flow Patterns Near A Coastal Headland
Authors: Fu E. Tang, Daoyi Chen
Abstract:
Experimental investigations were carried out in the Manchester Tidal flow Facility (MTF) to study the flow patterns in the region around and adjacent to a hypothetical headland in tidal (oscillatory) ambient flow. The Planar laser-induced fluorescence (PLIF) technique was used for visualization, with fluorescent dye released at specific points around the headland perimeter and in its adjacent recirculation zone. The flow patterns can be generalized into the acceleration, stable flow and deceleration stages for each halfcycle, with small variations according to location, which are more distinct for low Keulegan-Carpenter number (KC) cases. Flow patterns in the mixing region are unstable and complex, especially in the recirculation zone. The flow patterns are in agreement with previous visualizations, and support previous results in steady ambient flow. It is suggested that the headland lee could be a viable location for siting of pollutant outfalls.Keywords: Planar laser-induced Fluorescence, recirculation zone, tidal flow, wake flows
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16451675 Privacy vs. National Security: Where Do We Draw the Line?
Authors: Nooraneda Mutalip Laidey
Abstract:
Privacy is sacred and would normally be expected and preserved by an individual. Online privacy is no longer about the right to be left alone, but also includes the right not to be monitored. However, with the revelations made by United States National Security Agency former employee Edward Snowden that the government is spying on internet communications, individuals’ privacy can no longer be expected. Therefore, this paper is intended to evaluate law related to privacy protection in the digital domain, who should govern it and whether invasion to a person’s privacy is a necessary justification to preserve national security.
Keywords: Cyberspace, data protection, national security, privacy.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 32321674 Analyzing and Determining the Ideal Response Force for Combatting Terrorist Groups
Authors: Erhan Turgut, Salih Ergün, Abdülkadir Öz
Abstract:
Terror is a modern war strategy which uses violence as a means of communication in order to achieve political objectives. In today’s security environment narrowing the propaganda field of terrorist organization is the primary goal for the security forces. In this sense, providing and maintaining public support is the most necessary ability for security units. Rather than enemy and threat-oriented approach, homeland security oriented approach is essential to ensure public support. In this study, terror assumed as a homeland security issue and assigning the law enforcement forces with military status is analyzed.Keywords: Terrorism, Counter-terrorism, Military Status Law-enforcement.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21941673 Survey of Impact of Production and Adoption of Nanocrops on Food Security
Authors: Sahar Dehyouri, Seyed Jamal Farajollah Hosseini
Abstract:
Perspective of food security in 21 century showed shortage of food that production is faced to vital problem. Food security strategy is applied longtime method to assess required food. Meanwhile, nanotechnology revolution changes the world face. Nanotechnology is adequate method utilize of its characteristics to decrease environmental problems and possible further access to food for small farmers. This article will show impact of production and adoption of nanocrops on food security. Population is researchers of agricultural research center of Esfahan province. The results of study show that there was a relationship between uses, conversion, distribution, and production of nanocrops, operative human resources, operative circumstance, and constrains of usage of nanocrops and food security. Multivariate regression analysis by enter model shows that operative circumstance, use, production and constrains of usage of nanocrops had positive impact on food security and they determine in four steps 20 percent of it.Keywords: adoption, food safety, food security, nanocrops
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17521672 A Study on Abnormal Behavior Detection in BYOD Environment
Authors: Dongwan Kang, Joohyung Oh, Chaetae Im
Abstract:
Advancement of communication technologies and smart devices in the recent times is leading to changes into the integrated wired and wireless communication environments. Since early days, businesses had started introducing environments for mobile device application to their operations in order to improve productivity (efficiency) and the closed corporate environment gradually shifted to an open structure. Recently, individual user's interest in working environment using mobile devices has increased and a new corporate working environment under the concept of BYOD is drawing attention. BYOD (bring your own device) is a concept where individuals bring in and use their own devices in business activities. Through BYOD, businesses can anticipate improved productivity (efficiency) and also a reduction in the cost of purchasing devices. However, as a result of security threats caused by frequent loss and theft of personal devices and corporate data leaks due to low security, companies are reluctant about adopting BYOD system. In addition, without considerations to diverse devices and connection environments, there are limitations in detecting abnormal behaviors, such as information leaks, using the existing network-based security equipment. This study suggests a method to detect abnormal behaviors according to individual behavioral patterns, rather than the existing signature-based malicious behavior detection, and discusses applications of this method in BYOD environment.
Keywords: BYOD, Security, Anomaly Behavior Detection.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 20671671 Techniques Used in String Matching for Network Security
Authors: Jamuna Bhandari
Abstract:
String matching also known as pattern matching is one of primary concept for network security. In this area the effectiveness and efficiency of string matching algorithms is important for applications in network security such as network intrusion detection, virus detection, signature matching and web content filtering system. This paper presents brief review on some of string matching techniques used for network security.
Keywords: Filtering, honeypot, network telescope, pattern, string, signature.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 27011670 Stackelberg Security Game for Optimizing Security of Federated Internet of Things Platform Instances
Authors: Violeta Damjanovic-Behrendt
Abstract:
This paper presents an approach for optimal cyber security decisions to protect instances of a federated Internet of Things (IoT) platform in the cloud. The presented solution implements the repeated Stackelberg Security Game (SSG) and a model called Stochastic Human behaviour model with AttRactiveness and Probability weighting (SHARP). SHARP employs the Subjective Utility Quantal Response (SUQR) for formulating a subjective utility function, which is based on the evaluations of alternative solutions during decision-making. We augment the repeated SSG (including SHARP and SUQR) with a reinforced learning algorithm called Naïve Q-Learning. Naïve Q-Learning belongs to the category of active and model-free Machine Learning (ML) techniques in which the agent (either the defender or the attacker) attempts to find an optimal security solution. In this way, we combine GT and ML algorithms for discovering optimal cyber security policies. The proposed security optimization components will be validated in a collaborative cloud platform that is based on the Industrial Internet Reference Architecture (IIRA) and its recently published security model.
Keywords: Security, internet of things, cloud computing, Stackelberg security game, machine learning, Naïve Q-learning.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16421669 A New Approach of Wireless Network Traffic on VPN
Authors: Amir Rashid, M. Saleem Khan, Freeha Zafar
Abstract:
This work presents a new approach of securing a wireless network. The configuration is focused on securing & Protecting wireless network traffic for a small network such as a home or dorm room. The security Mechanism provided both authentication, allowing only known authorized users access to the wireless network, and encryption, preventing anyone from reading the wireless traffic. The mentioned solution utilizes the open source free S/WAN software which implements the Internet Protocol Security –IPSEC. In addition to wireless components, wireless NIC in PC and wireless access point needs a machine running Linux to act as security gateway. While the current configuration assumes that the wireless PC clients are running Linux, Windows XP/VISTA/7 based machines equipped with VPN software which will allow to interface with this configuration.Keywords: Wireless network security, security network, authentication, encryption and internet protocol security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21421668 Protocol and Method for Preventing Attacks from the Web
Authors: Ryuya Uda
Abstract:
Nowadays, computer worms, viruses and Trojan horse become popular, and they are collectively called malware. Those malware just spoiled computers by deleting or rewriting important files a decade ago. However, recent malware seems to be born to earn money. Some of malware work for collecting personal information so that malicious people can find secret information such as password for online banking, evidence for a scandal or contact address which relates with the target. Moreover, relation between money and malware becomes more complex. Many kinds of malware bear bots to get springboards. Meanwhile, for ordinary internet users, countermeasures against malware come up against a blank wall. Pattern matching becomes too much waste of computer resources, since matching tools have to deal with a lot of patterns derived from subspecies. Virus making tools can automatically bear subspecies of malware. Moreover, metamorphic and polymorphic malware are no longer special. Recently there appears malware checking sites that check contents in place of users' PC. However, there appears a new type of malicious sites that avoids check by malware checking sites. In this paper, existing protocols and methods related with the web are reconsidered in terms of protection from current attacks, and new protocol and method are indicated for the purpose of security of the web.Keywords: Information Security, Malware, Network Security, World Wide Web
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 20971667 Use of Persuasive Technology to Change End-Users- IT Security Aware Behaviour: A Pilot Study
Authors: Ai Cheo Yeo, Md. Mahbubur Rahim, Yin Ying Ren
Abstract:
Persuasive technology has been applied in marketing, health, environmental conservation, safety and other domains and is found to be quite effective in changing people-s attitude and behaviours. This research extends the application domains of persuasive technology to information security awareness and uses a theory-driven approach to evaluate the effectiveness of a web-based program developed based on the principles of persuasive technology to improve the information security awareness of end users. The findings confirm the existence of a very strong effect of the webbased program in raising users- attitude towards information security aware behavior. This finding is useful to the IT researchers and practitioners in developing appropriate and effective education strategies for improving the information security attitudes for endusers.Keywords: Information security, persuasive technology, ITsecurity-aware behaviour, theory of planned behaviour survey.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 24071666 Syntactic Recognition of Distorted Patterns
Authors: Marek Skomorowski
Abstract:
In syntactic pattern recognition a pattern can be represented by a graph. Given an unknown pattern represented by a graph g, the problem of recognition is to determine if the graph g belongs to a language L(G) generated by a graph grammar G. The so-called IE graphs have been defined in [1] for a description of patterns. The IE graphs are generated by so-called ETPL(k) graph grammars defined in [1]. An efficient, parsing algorithm for ETPL(k) graph grammars for syntactic recognition of patterns represented by IE graphs has been presented in [1]. In practice, structural descriptions may contain pattern distortions, so that the assignment of a graph g, representing an unknown pattern, to a graph language L(G) generated by an ETPL(k) graph grammar G is rejected by the ETPL(k) type parsing. Therefore, there is a need for constructing effective parsing algorithms for recognition of distorted patterns. The purpose of this paper is to present a new approach to syntactic recognition of distorted patterns. To take into account all variations of a distorted pattern under study, a probabilistic description of the pattern is needed. A random IE graph approach is proposed here for such a description ([2]).Keywords: Syntactic pattern recognition, Distorted patterns, Random graphs, Graph grammars.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1393