发布求助
文献互助 智能选刊 最新文献

Information Security Journal: A Global Perspective最新文献

筛选
英文 中文
Security and privacy preservation using constructive hierarchical data-sharing approach in cloud environment 云环境中使用建设性分层数据共享方法的安全和隐私保护
Information Security Journal: A Global Perspective Pub Date : 2022-10-17 DOI: 10.1080/19393555.2022.2128942
Rajesh Bingu, S. Jothilakshmi, N. Srinivasu
{"title":"Security and privacy preservation using constructive hierarchical data-sharing approach in cloud environment","authors":"Rajesh Bingu, S. Jothilakshmi, N. Srinivasu","doi":"10.1080/19393555.2022.2128942","DOIUrl":"https://doi.org/10.1080/19393555.2022.2128942","url":null,"abstract":"ABSTRACT With the vast development in the cloud computing environment, many cloud users intend to outsource the data to a remote location and share the data with multiple users. The hierarchical model is an extensively used data organization process. It is highly complex to guarantee integrity, privacy, and confidentiality of the data and the structure of the model when the sensitive data is held in this manner. This research attempts to give a solution to hierarchically ensure the security and privacy of the information while data sharing occurs. A constructive hierarchical data sharing (CHDS) method is proposed to adopt symmetric encryption over the rooted hierarchical graph structure. The hierarchical graph model deals with incoming data features to establish the model’s privacy and authenticity. Based on this model, the proposed CHDS is known to be transparent, secure, and confident in the public environment. Here, performance metrics like computational complexity, key generation, prediction accuracy, and execution time are evaluated. The outcomes provide the security of the multi-party environment without forfeiting sensible resources when the hierarchical model grows to a more significant number of siblings, edges, and vertices. The proposed CHDS gives a better trade-off when compared with various existing approaches.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"216 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122388810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Mitigation strategies for distributed denial of service (DDoS) in SDN: A survey and taxonomy SDN中分布式拒绝服务(DDoS)的缓解策略:调查和分类
Information Security Journal: A Global Perspective Pub Date : 2022-10-07 DOI: 10.1080/19393555.2022.2111004
Suruchi Karnani, H. K. Shakya
{"title":"Mitigation strategies for distributed denial of service (DDoS) in SDN: A survey and taxonomy","authors":"Suruchi Karnani, H. K. Shakya","doi":"10.1080/19393555.2022.2111004","DOIUrl":"https://doi.org/10.1080/19393555.2022.2111004","url":null,"abstract":"ABSTRACT Software-defined network (SDN) plays a dominant role in meeting today’s business requirements with its ingrained features like programmability, agility, and central management. Although, distributed denial-of-service (DDoS) attacks can threaten the flexibility and availability of resources in SDN. In recent years, attackers participate actively to abuse the network elements with extensive efforts. With that, efforts have been put parallelly to defend against DDoS attacks by the researchers too. This survey performed on DDoS attack mitigation strategies in the SDN environment. As a result of this work, the mitigation taxonomy has evolved. The taxonomy of SDN DDoS mitigation strategies is categorized into four: Application plane, Control plane, Data plane, and Communication interfaces. An in-depth review of existing literature on mitigating DDoS in SDN encapsulated. This article sheds light on the nuts and bolts, strengths and limitations of mitigation strategies in SDN environment to support research and security domains.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"195 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122435681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A real-time machine learning application for browser extension security monitoring 浏览器扩展安全监控的实时机器学习应用程序
Information Security Journal: A Global Perspective Pub Date : 2022-10-03 DOI: 10.1080/19393555.2022.2128944
T. P. Fowdur, Shuaïb Hosenally
{"title":"A real-time machine learning application for browser extension security monitoring","authors":"T. P. Fowdur, Shuaïb Hosenally","doi":"10.1080/19393555.2022.2128944","DOIUrl":"https://doi.org/10.1080/19393555.2022.2128944","url":null,"abstract":"ABSTRACT One of the most common attacks in browser extensions is Cross-site scripting (XSS). To address these challenges, several browsers have proposed a new mechanism where legitimate browser extensions can only be installed from their respective Web Stores. Nonetheless, this mechanism is not flawless and multiple users still choose to install browser extensions from other sources, leaving them exposed to multiple types of attacks. This paper proposes a browser extension capable of detecting XSS attacks using Machine Learning (ML), as well as other irregularities that may occur in recently installed browser extensions. Regarding the detection of XSS attacks, the detection model is based on the Support Vector Machine (SVM) and it was able to detect malicious scripts with an accuracy of 99.5%, a precision of 99.4%, and a recall of 99.0%. Additionally, the detection of two other types of irregularities, namely the presence of blacklisted or irregular URLs located in the browser extension, and the presence of undesirable data in the manifest file of the browser extension, were considered. A Windows application was also designed in Java and deployed alongside the browser extension to monitor suspicious network requests from the newly installed browser extension.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122684146","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Intelligent security sanitizing gate 智能安全消毒门
Information Security Journal: A Global Perspective Pub Date : 2022-09-08 DOI: 10.1080/19393555.2022.2118089
Mohammed Elwan, Amira Salem, Hossam Fawky, Ahmed Mahmoud ramadan
{"title":"Intelligent security sanitizing gate","authors":"Mohammed Elwan, Amira Salem, Hossam Fawky, Ahmed Mahmoud ramadan","doi":"10.1080/19393555.2022.2118089","DOIUrl":"https://doi.org/10.1080/19393555.2022.2118089","url":null,"abstract":"ABSTRACT It is very difficult to keep track of employee attendance manually. In addition to the length of time that the registration process takes, there are still chances that some errors may occur. It’s easy to put an end to errors, save time and eliminate hassles with a dedicated attendance recording app that automates the process. With these tools, you can track employee entry and exit processes, keep a record of hours worked, manage employee overtime, half-offs, days off, and much more. In this research paper, a gate has been proposed through which employees’ departure and attendance are calculated. Prevent any unwanted person from entering at the same time, a unit can be added through which individuals are sterilized for the Prevention of viruses. The proposed system showed high efficiency in recording the attendance and departure of employees and preventing any unwanted person from entering. The raspberry pi 4 model/ 8GB is used and Practical tests were conducted and applied to the system of employees in one of the educational institutions and proved highly efficient.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"76 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132874951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Optimized generative adversarial network with fractional calculus based feature fusion using Twitter stream for spam detection 基于分数阶微积分的特征融合优化生成对抗网络,利用Twitter流进行垃圾邮件检测
Information Security Journal: A Global Perspective Pub Date : 2022-09-03 DOI: 10.1080/19393555.2021.1956024
V. B, V. V.
{"title":"Optimized generative adversarial network with fractional calculus based feature fusion using Twitter stream for spam detection","authors":"V. B, V. V.","doi":"10.1080/19393555.2021.1956024","DOIUrl":"https://doi.org/10.1080/19393555.2021.1956024","url":null,"abstract":"ABSTRACT The social networks continue to augment their popularity due to the increased usage of the Internet. The people become connected using social media like Facebook and Twitter. This has increased impulsive communication, namely, spam and is utilized in accumulating information of an individual or marketing to cause offense against people. Spam detection in Twitter is a major issue because of small text and elevated language inconsistency in social media. Thus, it is imperative to devise a spam detection model that poses the ability to detect spam messages using Twitter data. This paper devises a novel spam detection model using a stream of Twitter data. Here, the data transformation is done on the input data using Yeo-Jhonson (YJ) transformation for making the data suitable for processing. The feature fusion is performed using Renyi entropy and Deep Belief Network (DBN). Moreover, the spam detection is performed using the Generative Adversial Network (GAN), which is trained by the proposed Conditional Autoregressive Value at Risk-Sail Fish (CAViaR-SF) algorithm. The proposed CAViaR-SF algorithm is devised by integrating Sail Fish optimizer (SFO) and Conditional Autoregressive Value at Risk (CAViaR) algorithm. The proposed CAViaR-SF offered maximal precision of 97.3%, recall of 99.2%, and F-measure of 98.2%.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114609661","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
“We had no homefront”: another piece of the U.S part in the information warfare story “我们没有后方”:美国在信息战中扮演的另一个角色
Information Security Journal: A Global Perspective Pub Date : 2022-08-10 DOI: 10.1080/19393555.2022.2111005
D. Bouhnik, Achia Admoni
{"title":"“We had no homefront”: another piece of the U.S part in the information warfare story","authors":"D. Bouhnik, Achia Admoni","doi":"10.1080/19393555.2022.2111005","DOIUrl":"https://doi.org/10.1080/19393555.2022.2111005","url":null,"abstract":"ABSTRACT According to popular opinion, evidence of international or military information warfare can be found only toward the end of the 20th century, in the late 1980ʹs or early 1990ʹs. The purpose of this study is to examine the truth of this claim and to ascertain if any earlier evidence of this type of warfare exists. The study focused on two main sources: past research of technological developments during the 1960–1980 period and interviews with past prominent figures in the technological field. We revealed evidence of hostility between the U.S. and the Soviet Union and an awareness of defense and warfare tools. Further investigation revealed hypothetical evidence as to the existence of offensive operations. This study uncovers the beginnings of modern information warfare, which were rooted in technological developments and social changes of the time.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-08-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132750534","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Modeling an efficient authentic provable data possession model using legacy filter model for IOT and cloud environment 利用物联网和云环境的遗留过滤模型,建立了一个高效、可信、可证明的数据占有模型
Information Security Journal: A Global Perspective Pub Date : 2022-08-09 DOI: 10.1080/19393555.2022.2107584
P. Nagesh, N. Srinivasu
{"title":"Modeling an efficient authentic provable data possession model using legacy filter model for IOT and cloud environment","authors":"P. Nagesh, N. Srinivasu","doi":"10.1080/19393555.2022.2107584","DOIUrl":"https://doi.org/10.1080/19393555.2022.2107584","url":null,"abstract":"ABSTRACT Internet of Things (IoT) is extensively adopted to manage everyday life. Data is gathered from IoT devices cloud computing is inevitable to store and analyze the data. The storage over the cloud is also not owned by the end-user. Thus, it is not so feasible. Therefore, two diverse issues are directly connected with the verification of data integrity, i.e. the incoming data should be verified and the verification process is performed. Various prevailing approaches are used for performing data integrity verification over the trusted party and nodes with proper resources. Moreover, it is highly complex to apply different prevalent research methods to IoT devices with constrained resources. This work concentrates on performing secure cloud-based storage over an IoT environment using authentic provable data possession (APDP) using the Legacy filtering model (APDP-LFM). The major contribution is the data possession and filter process to reduce the computational complexity. The experimentation is performed using a MATLAB environment, and the outcomes demonstrate that the proposed model preserves computational time and no complexity over the verification process. This model helps avoid False Positives and efficiently works for the enormous amount of incoming data over the IoT environment.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-08-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126382957","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Translation of AADL model to security attack tree (TAMSAT) to SMART evaluation of monetary security risk 从AADL模型到安全攻击树(TAMSAT)再到货币安全风险的SMART评估
Information Security Journal: A Global Perspective Pub Date : 2022-08-04 DOI: 10.1080/19393555.2022.2106909
Paul A. Wortman, J. Chandy
{"title":"Translation of AADL model to security attack tree (TAMSAT) to SMART evaluation of monetary security risk","authors":"Paul A. Wortman, J. Chandy","doi":"10.1080/19393555.2022.2106909","DOIUrl":"https://doi.org/10.1080/19393555.2022.2106909","url":null,"abstract":"ABSTRACT Designing secure architectures for IT infrastructure is a difficult process that needs mechanisms to provide security risk metrics that can help guide the system design process. It is through this evaluation process that a designer can ensure that implementations of a model meet the necessary security-based requirements. This work presents a scheme called TAMSAT for translating early-stage system architecture design models into security-based attack trees, which are evaluated for security risk. These attack trees can be evaluated around a set of assets of importance, whose security risk is classified by a monetary value. This security risk value can inform the system designer and provide input into an iterative design process, as well as illuminate unexpected sources of potential future security issues.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"147 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-08-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124608432","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Cyber threat modeling for protecting the crown jewels in the Financial Services Sector (FSS) 网络威胁建模用于保护金融服务部门(FSS)的核心业务
Information Security Journal: A Global Perspective Pub Date : 2022-07-29 DOI: 10.1080/19393555.2022.2104766
Lampis Alevizos, Eliana Stavrou
{"title":"Cyber threat modeling for protecting the crown jewels in the Financial Services Sector (FSS)","authors":"Lampis Alevizos, Eliana Stavrou","doi":"10.1080/19393555.2022.2104766","DOIUrl":"https://doi.org/10.1080/19393555.2022.2104766","url":null,"abstract":"ABSTRACT Financial institutions are undergoing the so-called “de-perimeterization.” The security model up to today is heavily dependent on ”border patrols” focusing mostly on providing a secure perimeter while the internal network is inherently trusted. In the upcoming borderless networks, the focus is shifting to protection of the data itself, considering the full lifecycle or switching toward context-aware defensive strategies also known as zero trust networks. The focus of this work is to critically discuss existing threat modeling methodologies, available and used in the financial services sector (FSS). The objective is to investigate the extent at which existing methodologies cover the different threat actors & events and if they reflect the current threat landscape in the FSS. The investigations are supported by a real-world case study to uncover if any process can reflect the current threat landscape without any customizations or special know-how, and whether the final outcome helps in reaching a secure or compliance state. Through the case study, it is evidenced that by utilizing the IRAM2 methodology resulted in a high ratio of compliance, however, considering the Crown Jewels of a Financial Institution (FI), a secure, as much as possible, state should be the desired outcome.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123794463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Transactions privacy on blockchain using web of trust concept 基于信任网络的b区块链交易隐私保护
Information Security Journal: A Global Perspective Pub Date : 2022-07-18 DOI: 10.1080/19393555.2022.2100844
R. Dervishi, Vehbi Neziri, Blerim Rexha
{"title":"Transactions privacy on blockchain using web of trust concept","authors":"R. Dervishi, Vehbi Neziri, Blerim Rexha","doi":"10.1080/19393555.2022.2100844","DOIUrl":"https://doi.org/10.1080/19393555.2022.2100844","url":null,"abstract":"ABSTRACT Exchange of information through the web took place inside a trusted environment and thus user privacy was assured by default. Nowadays, ensuring user privacy is becoming one of the most desirable features of new technology, and Blockchain is not an exception. The Blockchain is a decentralized technology, open, and public platform where all transactions are stored and viewed from nodes, an approach known as “Web of Trust.” Although these transactions tend to be anonymous but in the case of the banking sector, user privacy requires special attention. In centralized systems, the implementation of privacy is no longer a challenge, using a hierarchical approach such as Public Key Infrastructure. This paper presents a broad landscape and state of art of user transaction privacy in Blockchain technology using the Web of Trust approach. Furthermore, we present a novel approach using the Public Key Infrastructure for assuring user privacy adding an optionally encrypted field in blocks in transactions. We have used Bithomp, as a free and open-source tool with the Testnet platform, and Ripple as the best known in the implementation of the payment system to implement the proposed approach. The paper concludes with the strengths and limitations of the proposed approach.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130551137","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信