信息安全(英文)最新文献

{"title":"Fifty-Six Big Data V’s Characteristics and Proposed Strategies to Overcome Security and Privacy Challenges (BD2)","authors":"Abouelela Abdou Hussein","doi":"10.4236/jis.2020.114019","DOIUrl":"https://doi.org/10.4236/jis.2020.114019","url":null,"abstract":"The amount of data that is traveling across the internet today, including \u0000very large and complex set of raw facts that are not only large, but also, \u0000complex, noisy, heterogeneous, and longitudinal data as well. Companies, \u0000institutions, healthcare system, mobile application capturing devices and \u0000sensors, traffic management, banking, retail, education etc., use piles of data \u0000which are further used for creating reports in order to ensure continuity \u0000regarding the services that they have to offer. Recently, Big data is one of \u0000the most important topics in IT industry. Managing Big data needs new \u0000techniques because traditional security and privacy mechanisms are inadequate \u0000and unable to manage complex distributed computing for different types of data. \u0000New types of data have different and new challenges also. A lot of researches \u0000treat with big data challenges starting from Doug Laney’s landmark paper, during the previous two \u0000decades; the big challenge is how to operate a huge volume of data that has to \u0000be securely delivered through the internet and reach its destination intact. \u0000The present paper highlights important concepts of Fifty-six Big Data V’s \u0000characteristics. This paper also highlights the security and privacy Challenges \u0000that Big Data faces and solving this problem by proposed technological \u0000solutions that help us avoiding these challenging problems.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47518411","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards Post-Quantum Cryptography Using Thermal Noise Theory and True Random Numbers Generation","authors":"Protais Ndagijimana, F. Nahayo, M. Assogba, Adoté François-Xavier Ametepe, J. Shabani","doi":"10.4236/jis.2020.113010","DOIUrl":"https://doi.org/10.4236/jis.2020.113010","url":null,"abstract":"The advent of quantum computers and algorithms challenges the semantic security of symmetric and asymmetric cryptosystems. Thus, the implementation of new cryptographic primitives is essential. They must follow the breakthroughs and properties of quantum calculators which make vulnerable existing cryptosystems. In this paper, we propose a random number generation model based on evaluation of the thermal noise power of the volume elements of an electronic system with a volume of 58.83 cm3. We prove through the sampling of the temperature of each volume element that it is difficult for an attacker to carry out an exploit. In 12 seconds, we generate for 7 volume elements, a stream of randomly generated keys of 187 digits that will be transmitted from source to destination through the properties of quantum cryptography.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44455117","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Comparative Study of Different Cryptographic Algorithms","authors":"Baha Eldin Hamouda Hassan Hamouda","doi":"10.4236/jis.2020.113009","DOIUrl":"https://doi.org/10.4236/jis.2020.113009","url":null,"abstract":"With the increasing interconnection of computer networks and sophistication of cyber-attacks, Cryptography is one way to make sure that confidentiality, authentication, integrity, availability, and identification of data user can be maintained as well as security and privacy of data provided to the user. Symmetric key cryptography is a part of the cryptographic technique which ensures high security and confidentiality of data transmitted through the communication channel using a common key for both encryption and decryption. In this paper I have analyzed comparative encryption algorithms in performance, three most useful algorithms: Data Encryption Standard (DES), Triple DES (3DES) also known as Triple Data Encryption Algorithm (TDEA), and Advanced Encryption Standard (AES). They have been analyzed on their ability to secure data, time taken to encrypt data and throughput the algorithm requires. The performance of different algorithms differs according to the inputs.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42638884","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Remote Access Communications Security: Analysis of User Authentication Roles in Organizations","authors":"E. Yeboah-Boateng, Grace Dzifa Kwabena-Adade","doi":"10.4236/jis.2020.113011","DOIUrl":"https://doi.org/10.4236/jis.2020.113011","url":null,"abstract":"Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via various channels of remote communication, the most common being Virtual Private Networks (VPNs). The demand for remote access is on the rise, especially during the Covid-19 pandemic, and will continue to increase as most organizations are re-structuring to make telecommuting a permanent part of their mode of operation. Employee mobility, while presenting organizations with some advantages, comes with the associated risk of exposing corporate cyber assets to attackers. The remote user and the remote connectivity technology present some vulnerabilities which can be exploited by any threat agent to violate the confidentiality, integrity and availability (CIA) dimensions of these cyber assets. So, how are users and remote devices authenticated? To what extent is the established connection secured? With employee mobility on the rise, it is necessary to analyze the user authentication role since the mobile employee is not under the monitoring radar of the organization, and the environment from which the mobile employee connects may be vulnerable. In this study, an experiment was setup to ascertain the user authentication roles. The experiment showed the process of 2FA in user authentication and it proved to be an effective means of improving user authentication during remote access. This was depicted via the use of what the user has (mobile phone/soft-token) as a second factor in addition to what the user knows, i.e. password. This authentication method overcomes the security weaknesses inherent in single-factor user authentication via the use of password only. However, the results also showed that though 2FA user authentication ensures security, the remote devices could exhibit further vulnerabilities and pose serious risks to the organization. Thus, a varied implementation was recommended to further enhance the security of remote access communication with regards to the remote user authentication.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48129968","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Reducing Threats by Using Bayesian Networks to Prioritize and Combine Defense in Depth Security Measures","authors":"R. Alexander","doi":"10.4236/jis.2020.113008","DOIUrl":"https://doi.org/10.4236/jis.2020.113008","url":null,"abstract":"Studied in this article is whether the Bayesian Network Model (BNM) can be effectively applied to the prioritization of defense in-depth security tools and procedures and to the combining of those measures to reduce cyber threats. The methods used in this study consisted of scanning 24 peer reviewed Cybersecurity Articles from prominent Cybersecurity Journals using the Likert Scale Model for the article’s list of defense in depth measures (tools and procedures) and the threats that those measures were designed to reduce. The defense in depth tools and procedures are then compared to see whether the Likert scale and the Bayesian Network Model could be effectively applied to prioritize and combine the measures to reduce cyber threats attacks against organizational and private computing systems. The findings of the research reject the H0 null hypothesis that BNM does not affect the relationship between the prioritization and combining of 24 Cybersecurity Article’s defense in depth tools and procedures (independent variables) and cyber threats (dependent variables).","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46758531","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Using the Latin Square Design Model in the Prioritzation of Network Security Threats: A Quantitative Study","authors":"R. Alexander","doi":"10.4236/jis.2020.112006","DOIUrl":"https://doi.org/10.4236/jis.2020.112006","url":null,"abstract":"Society is becoming increasingly dependent on cyberspace for both business and pleasure. Cyber attackers continue to attack organizational computer networks, as those same computer networks become increasing critical to organizational business process. Strategic planning and managing IT security risks play an important role in the business and government planning process. Deploying defense in depth security measures can ensure that organizations continue to function in times of crisis. This quantitative study explores whether the Latin Square Design (LSD) model can be effectively applied to the prioritization of cybersecurity threats and to the linking of information assurance defense in-depth measures to those threats. The methods used in this study consisted of scanning 10 Cybersecurity Websites such as the Department of Homeland Security US CERT (United States-Computer Emergency Readiness Team [1]) and the SANS Institute (SysAdmin, Audit, Network and Security [2]) using the Likert Scale Model for the Website’s top ten list of cyber threats facing organizations and the network defense in depth measures to fight those threats. A comparison of each cybersecurity threats was then made using LSD to determine whether the Likert scale and the LSD model could be effectively applied to prioritize information assurance measures to protect organizational computing devices. The findings of the research reject the H0 null hypothesis that LSD does not affect the relationship between the ranking of 10 Cybersecurity websites top ten cybersecurity threats dependent variables and the independent variables of defense in depth measures used in protecting organizational devices against cyber-attacks.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43798303","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"How Secure Having IoT Devices in Our Homes?","authors":"Debora Estrada, L. Tawalbeh, Roberto Vinaja","doi":"10.4236/jis.2020.112005","DOIUrl":"https://doi.org/10.4236/jis.2020.112005","url":null,"abstract":"Nowadays, technology has evolved to be in our daily lives to assist in making our lives easier. We now have technology helping us in our lives at home. Devices used to create our “smart home” have done a great deal in making our lives at home less burdensome, but sadly, these devices have secured our personal lives to be more accessible to outsiders. In this paper, the security of home smart devices and their communication will be researched by using other academic articles to support facts found. The operation of the devices will be discussed along with security risks and future trends on security attacks. The results found will be crucial to knowing exactly how well our own home is protected. After understanding where the risks lie and a demonstration of how hackers can take control of our smart home, solutions will be given to shield ourselves from security attacks. We protect our homes from physical threats by locking doors, but it is time we guard ourselves from cyber threats as well.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47384683","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Malware Detection for Forensic Memory Using Deep Recurrent Neural Networks","authors":"Ioannis Karamitsos, Aishwarya Afzulpurkar, T. Trafalis","doi":"10.4236/jis.2020.112007","DOIUrl":"https://doi.org/10.4236/jis.2020.112007","url":null,"abstract":"Memory forensics is a young but fast-growing area of research and a promising one for the field of computer forensics. The learned model is proposed to reside in an isolated core with strict communication restrictions to achieve incorruptibility as well as efficiency, therefore providing a probabilistic memory-level view of the system that is consistent with the user-level view. The lower level memory blocks are constructed using primary block sequences of varying sizes that are fed as input into Long-Short Term Memory (LSTM) models. Four configurations of the LSTM model are explored by adding bi- directionality as well as attention. Assembly level data from 50 Windows portable executable (PE) files are extracted, and basic blocks are constructed using the IDA Disassembler toolkit. The results show that longer primary block sequences result in richer LSTM hidden layer representations. The hidden states are fed as features into Max pooling layers or Attention layers, depending on the configuration being tested, and the final classification is performed using Logistic Regression with a single hidden layer. The bidirectional LSTM with Attention proved to be the best model, used on basic block sequences of size 29. The differences between the model’s ROC curves indicate a strong reliance on the lower level, instructional features, as opposed to metadata or string features.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44339877","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Real Time Vehicular Traffic Simulation for Black Hole Attack in the Greater Detroit Area","authors":"Abdulaziz Alshammari, M. Zohdy, D. Debnath, George P. Corser","doi":"10.4236/jis.2020.111004","DOIUrl":"https://doi.org/10.4236/jis.2020.111004","url":null,"abstract":"Vehicular Ad-hoc Networks (VANETs) technology has recently emerged, and gaining significant attention from the research because it is promising technologies related to Intelligent Transportation System (ITSs) and smart cities. Wireless vehicular communication is employed to improve traffic safety and to reduce traffic congestion. Each vehicle in the ad-hoc network achieves as a smart mobile node categorized by high mobility and forming of dynamic networks. As a result of the movement of vehicles in a continuous way, VANETs are vulnerable to many security threats so it requisites capable and secure communication. Unfortunately, Ad hoc networks are liable to varied attacks like Block Hole attacks and Grey Hole attacks, Denial of service attacks, etc. Among the most known attacks are the Black Hole attacks while the malicious vehicle is able to intercept the data and drops it without forwarding it to the cars. The main goal of our simulation is to analyze the performance impact of black hole attack in real time vehicular traffic in the Greater Detroit Area using NS-2 and SUMO (Simulation of Urban). The simulation will be with AODV protocol.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"70334736","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Threat Perceptions, Avoidance Motivation and Security Behaviors Correlations","authors":"Fabrice Djatsa","doi":"10.4236/jis.2020.111002","DOIUrl":"https://doi.org/10.4236/jis.2020.111002","url":null,"abstract":"As the economy increases its dependence on the internet to increase efficiency and productivity in all aspects of society, close attention has been directed to solve the challenges related to internet security. Despite the large amount of resource invested so far in this area, cybersecurity challenges are still great as the media frequently report new cyber breaches. Although researchers acknowledge that great progress has been made in protecting digital assets, cybercriminals are still successful in their operations which are no longer limited to government entities and corporations but also individual computer users. To improve users’ security posture, the researcher examined the relationship between Millennials’ perceptions of cybersecurity threat, users’ online security behaviors and avoidance motivation. The study focused on three constructs which are Perceived Threat (PTH), Online Security Behaviors (OSB) and Avoidance Motivation (AMO). The researcher administered a survey to 109 participants randomly selected in the United States. The Spearman’s correlation test performed supported the analysis of the strength of the relationship and the level of significance between the independent variable and the dependent variables. The results from the statistical test provided enough evidence to fail to reject the null hypothesis related to relationships between PTH and OSB and to reject the null hypothesis regarding the relationship between PTH and AMO.","PeriodicalId":57259,"journal":{"name":"信息安全(英文)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"70334676","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}