2013 Information Security for South Africa最新文献_第3页

Implementation guidelines for a harmonised digital forensic investigation readiness process model 统一数字法证调查准备过程模型的实施指引

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI: 10.1109/ISSA.2013.6641041

A. Valjarević, H. Venter

{"title":"Implementation guidelines for a harmonised digital forensic investigation readiness process model","authors":"A. Valjarević, H. Venter","doi":"10.1109/ISSA.2013.6641041","DOIUrl":"https://doi.org/10.1109/ISSA.2013.6641041","url":null,"abstract":"Digital forensic investigation readiness enables an organisation to prepare itself in order to perform a digital forensic investigation in a more efficient and effective manner. Benefits of achieving a high level of digital forensic investigation readiness include, but are not limited to, higher admissibility of digital evidence in a court of law, better utilisation of resources (including time and financial resources) and higher awareness of forensic investigation readiness. The problem that this paper addresses is that there is no harmonised digital forensic investigation readiness process model with appropriate implementation guidelines and, thus, there is a lack of an effective and standardised implementation of digital forensic investigation readiness measures within organisations. Valjarevic and Venter have, in their previous work, proposed a harmonised digital forensic investigation readiness process model. This paper proposes implementation guidelines for such a harmonised digital forensic investigation process model in order to help practitioners and researchers to successfully implement the proposed model. The authors believe that these guidelines will significantly help to properly and consistently implement digital forensic readiness measures in different organisations in a bid to achieve higher admissibility of digital evidence in a court of law, as well as more efficient and effective digital forensic investigations.","PeriodicalId":300864,"journal":{"name":"2013 Information Security for South Africa","volume":"81 5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126021608","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 17

Security steps for smartphone users 智能手机用户的安全措施

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI: 10.1109/ISSA.2013.6641036

H. Pieterse, M. Olivier

{"title":"Security steps for smartphone users","authors":"H. Pieterse, M. Olivier","doi":"10.1109/ISSA.2013.6641036","DOIUrl":"https://doi.org/10.1109/ISSA.2013.6641036","url":null,"abstract":"Smart phones are an important asset for people living in the 21st century.With functionality similar to computers, smart phones have become all-in-one portable devices providing interconnectivity and device-to-device communication. Such continuous improvement in capabilities will cause the popularity of smart phones to constantly rise. Besides the popularity of smart phones there has also been a sharp increase in mobile malware. Most of the mobile malware recently discovered target Google's Android operating system. The ease of modifying and the simplicity of the design of the operating system are the aspects that are drawing malware developers towards Android smart phones. This study focus on the current state of mobile malware, the adequacy of mobile security applications and possible security steps smart phone users can take to prevent mobile malware attacks. To evaluate the adequacy of current mobile security applications a malicious Android application is developed and deployed on an Android smartphone. In addition, this new Android application is also evaluated against mobile security applications. From the results additional security steps are identified that users of smartphones can follow to prevent or detect possible mobile malware infections. The ultimate goal of this research is to eventually automate the identified steps in the form of an application rather than depending on the user to execute the steps.","PeriodicalId":300864,"journal":{"name":"2013 Information Security for South Africa","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126105346","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 10

Democratic detection of malicious behaviour in MANET: A voting process MANET中恶意行为的民主检测:一个投票过程

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI: 10.1109/ISSA.2013.6641051

E. O. Ochola, M. Eloff, J. A. V. D. Poll

{"title":"Democratic detection of malicious behaviour in MANET: A voting process","authors":"E. O. Ochola, M. Eloff, J. A. V. D. Poll","doi":"10.1109/ISSA.2013.6641051","DOIUrl":"https://doi.org/10.1109/ISSA.2013.6641051","url":null,"abstract":"Wireless MANET presents new security problems in comparison to the conventional wired and wireless networks, as it is more vulnerable to malicious attacks due to its unique features. The MANET routing protocols require that the mobile nodes that form such temporal network cooperate with each other to achieve the desired routing purpose for the exchange of information amongst the participating nodes. However, the cooperation cannot be realised where network nodes exhibit malicious operations. The MANET characteristics and applications make it difficult to have a centralised security management entity. Furthermore, the implementation of Power- Aware routing protocols complicates the possibility of relying entirely on watchdog mechanisms to safeguard the network against Black-Hole attack. In addition, the watchdog's eavesdropping operation violates the TCP protocol rules, and requires buffering of large amount of packets during the monitoring process, which results to extra overheads. This paper proposes an algorithm which utilises Cluster-Heads and votes from neighbourhood nodes to detect and eliminate malicious nodes. It addresses challenges posed by Power-Aware routing protocols and watchdog approaches in detecting Black-Hole attack, thereby increasing nodes' availability and the overall network performance.","PeriodicalId":300864,"journal":{"name":"2013 Information Security for South Africa","volume":"237 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132664629","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 3

Bimodal biometrics for financial infrastructure security 金融基础设施安全的双峰生物识别技术

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI: 10.1109/ISSA.2013.6641045

O. Esan, S. Ngwira, I. Osunmakinde

{"title":"Bimodal biometrics for financial infrastructure security","authors":"O. Esan, S. Ngwira, I. Osunmakinde","doi":"10.1109/ISSA.2013.6641045","DOIUrl":"https://doi.org/10.1109/ISSA.2013.6641045","url":null,"abstract":"This research examines whether the integration of facial and fingerprint biometrics can improve the performance in financial infrastructure security such as ATM protection. Fingerprint biometrics consider distorted and misaligned fingerprints caused by environmental noise such as oil, wrinkles, dry skin, dirt and displacement of the query fingerprint with the database fingerprint template during matching. The noisy, distorted and/or misaligned fingerprint produced as a 2-D on x-y image, is enhanced and optimized using a new hybrid Modified Gabor Filter-Hierarchal Structure Check (MGF-HSC) system model based on an MGF integrated with an HSC. However, in order to improve the accuracy of financial infrastructure, face biometrics are introduced using a fast principal component analysis algorithm, in which different face conditions such as lighting, blurriness, pose, head orientation and other conditions are addressed. The MGF-HSC approach minimizes false fingerprint matching and the dominant effect of distortion and misalignment of fingerprints to an acceptable level. The proposed bimodal biometrics increase the accuracy of the False Rejection Rate (FRR) to 98% when the False Acceptance Rate (FAR) is 0.1% in an experiment conducted with 1000 test cases. This result shows that facial biometrics can be used to support fingerprint biometrics for improving financial security based on with significant improvement in both FRR and FAR.","PeriodicalId":300864,"journal":{"name":"2013 Information Security for South Africa","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127278634","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 6

Classification of Security Operation Centers 安全运营中心分类

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI: 10.1109/ISSA.2013.6641054

Pierre Jacobs, A. Arnab, B. Irwin

引用次数: 35

Selection and ranking of remote hosts for digital forensic investigation in a Cloud environment 云环境中用于数字取证调查的远程主机的选择和排序

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI: 10.1109/ISSA.2013.6641044

G. Sibiya, Thomas Fogwill, H. Venter

{"title":"Selection and ranking of remote hosts for digital forensic investigation in a Cloud environment","authors":"G. Sibiya, Thomas Fogwill, H. Venter","doi":"10.1109/ISSA.2013.6641044","DOIUrl":"https://doi.org/10.1109/ISSA.2013.6641044","url":null,"abstract":"Cloud computing is a new computing paradigm which presents challenges for digital forensic investigators. Digital forensics is a branch of computer security that makes use of electronic evidence to build up a criminal case or for troubleshooting purposes. Advances have been made since the advent of Cloud computing in addressing issues that came with the Cloud including that of security. However, not all aspects of security are advancing. Developments in digital forensics still leave a lot to be desired in terms of standards and appropriate digital forensic tools that are applicable in the Cloud. To achieve that, standards as well as standard tools are required for successful evidence collection, preservation, analysis and conviction in case of a criminal case. This paper contributes towards addressing issues in digital forensics by presenting an algorithm that can be used in the evidence identification phase of a digital forensic process. Data in Cloud environments exist in the Internet or in networked environments and data is always accessed remotely. There is therefore at least one connection to a host that exists in a Cloud environment. In a case of a computer system that hosts a Cloud service, the number of connections from clients can be very large. In such a scenario it is very hard to identify an attacker from both active and recently disconnected connections to a host. This may require an investigator to probe all individual IP addresses connected to the host which can be time consuming and costly. There is therefore a need for a mechanism that can identify and rank remote hosts that are connected to a victim host and that may be associated with a malicious activity. In this paper we present an algorithm that uses probabilities to identify and rank suspicious remote hosts connected to a victim host. This algorithm helps minimize the effort required of investigators to probe each IP address that is connected to a victim as connected IP addresses will be prioritized according to their rank.","PeriodicalId":300864,"journal":{"name":"2013 Information Security for South Africa","volume":"222 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122608807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 4

A software gateway to affordable and effective Information Security Governance in SMMEs 在中小企业中实现负担得起且有效的信息安全治理的软件网关

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI: 10.1109/ISSA.2013.6641035

Jacques Coertze, R. V. Solms

{"title":"A software gateway to affordable and effective Information Security Governance in SMMEs","authors":"Jacques Coertze, R. V. Solms","doi":"10.1109/ISSA.2013.6641035","DOIUrl":"https://doi.org/10.1109/ISSA.2013.6641035","url":null,"abstract":"It has been found that many small, medium and micro enterprises (SMMEs) do not comply with sound information security governance principles, specifically those principles involved in drafting information security policies and monitoring compliance, mainly as a result of restricted resources and expertise. Research suggests that this problem occurs worldwide and that the impact it has on SMMEs is great. In previous research an information security governance model was established to assist SMMEs in addressing information security governance issues and concerns. In order to provide SMMEs with a practical approach for applying this model, further research was conducted to establish a software program that demonstrates the model's practical feasibility. The aim of this paper is to introduce this software program, called The Information Security Governance Toolbox (ISGT), by means of its various components, workings and benefits. Furthermore, a focus-group study's evaluation results are offered that suggest that the program is useful to SMMEs in addressing their information security governance implementation challenges and offer value for industry.","PeriodicalId":300864,"journal":{"name":"2013 Information Security for South Africa","volume":"23 18","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131805531","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 7

Data vulnerability detection by security testing for Android applications Android应用安全测试数据漏洞检测

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI: 10.1109/ISSA.2013.6641043

S. Salva, Stassia R. Zafimiharisoa

{"title":"Data vulnerability detection by security testing for Android applications","authors":"S. Salva, Stassia R. Zafimiharisoa","doi":"10.1109/ISSA.2013.6641043","DOIUrl":"https://doi.org/10.1109/ISSA.2013.6641043","url":null,"abstract":"The Android intent messaging is a mechanism that ties components together to build Mobile applications. Intents are kinds of messages composed of actions and data, sent by a component to another component to perform several operations, e.g., launching a user interface. The intent mechanism eases the writing of Mobile applications, but it might also be used as an entry point for security attacks. The latter can be easily sent with intents to components, that can indirectly forward attacks to other components and so on. In this context, this paper proposes a Model-based security testing approach to attempt to detect data vulnerabilities in Android applications. In other words, this approach generates test cases to check whether components are vulnerable to attacks, sent through intents, that expose personal data. Our method takes Android applications and intent-based vulnerabilities formally expressed with models called vulnerability patterns. Then, and this is the originality of our approach, partial specifications are automatically generated from configuration files and component codes. Test cases are then automatically generated from vulnerability patterns and the previous specifications. A tool, called APSET, is presented and evaluated with experimentations on some Android applications.","PeriodicalId":300864,"journal":{"name":"2013 Information Security for South Africa","volume":"163 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132428655","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 14

Social engineering from a normative ethics perspective 规范伦理学视角下的社会工程

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI: 10.1109/ISSA.2013.6641064

Francois Mouton, Mercia M. Malan, H. Venter

引用次数: 17

Digital forensic readiness in the cloud 云中的数字取证准备

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI: 10.1109/ISSA.2013.6641055

Philip M. Trenwith, H. Venter

引用次数: 55