307,869 research outputs found
An Evolutionary Approach for Learning Attack Specifications in Network Graphs
This paper presents an evolutionary algorithm that learns attack scenarios, called attack specifications, from a network graph. This learning process aims to find attack specifications that minimise cost and maximise the value that an attacker gets from a successful attack. The attack specifications that the algorithm learns are represented using an approach based on Hoare's CSP (Communicating Sequential Processes). This new approach is able to represent several elements found in attacks, for example synchronisation. These attack specifications can be used by network administrators to find vulnerable scenarios, composed from the basic constructs Sequence, Parallel and Choice, that lead to valuable assets in the network
Risks and remedies in e-learning system
One of the most effective applications of Information and Communication
Technology (ICT) is the emergence of E-Learning. Considering the importance and
need of E-Learning, recent years have seen a drastic change of learning
methodologies in Higher Education. Undoubtedly, the three main entities of
E-Learning system can be considered as Student, Teacher & Controlling Authority
and there will be different level, but a good E-Learning system needs total
integrity among all entities in every level. Apart from integrity enforcement,
security enforcement in the whole system is the other crucial way to organize
the it. As internet is the backbone of the entire system which is inherently
insecure, during transaction of message in E-Learning system, hackers attack by
utilising different loopholes of technology. So different security measures are
required to be imposed on the system. In this paper, emphasis is given on
different risks called e-risks and their remedies called e-remedies to build
trust in the minds of all participants of E-Learning system
European Digital Libraries: Web Security Vulnerabilities
Purpose β The purpose of this paper is to investigate the web vulnerability challenges at European library web sites and how these issues can affect the data protection of their patrons.
Design/methodology/approach β A web vulnerability testing tool was used to analyze 80 European library sites in four countries to determine how many security vulnerabilities each had and what were the most common types of problems.
Findings β Analysis results from surveying the libraries show the majority have serious security flaws in their web applications. The research shows that despite country-specific laws mandating secure sites, system librarians have not implemented appropriate measures to secure their online information systems.
Research limitations/implications β Further research on library vulnerability throughout the world can be taken to educate librarians in other countries of the serious nature of protecting their systems.
Practical implications β The findings serve to remind librarians of the complexity in providing a secure online environment for their patrons and that a disregard or lack of awareness of securing systems could lead to serious vulnerabilities of the patrons' personal data and systems. Lack of consumer trust may result in a decreased use of online commerce and have serious repercussions for the municipal libraries. Several concrete examples of methods to improve security are provided.
Originality/value β The paper serves as a current paper on data security issues at Western European municipal library web sites. It serves as a useful summary regarding technical and managerial measures librarians can take to mitigate inadequacies in their security implementation
Password Cracking and Countermeasures in Computer Security: A Survey
With the rapid development of internet technologies, social networks, and
other related areas, user authentication becomes more and more important to
protect the data of the users. Password authentication is one of the widely
used methods to achieve authentication for legal users and defense against
intruders. There have been many password cracking methods developed during the
past years, and people have been designing the countermeasures against password
cracking all the time. However, we find that the survey work on the password
cracking research has not been done very much. This paper is mainly to give a
brief review of the password cracking methods, import technologies of password
cracking, and the countermeasures against password cracking that are usually
designed at two stages including the password design stage (e.g. user
education, dynamic password, use of tokens, computer generations) and after the
design (e.g. reactive password checking, proactive password checking, password
encryption, access control). The main objective of this work is offering the
abecedarian IT security professionals and the common audiences with some
knowledge about the computer security and password cracking, and promoting the
development of this area.Comment: add copyright to the tables to the original authors, add
acknowledgement to helpe
- β¦