The Magnitude of Switching Costs for Corporate Antivirus Software Switching Decision

Today’s businesses environment is forcing companies to become increasingly more efficient in applying Internet technology to conduct transactions. AS the possibility of infection by computer virus is much greater now than ever before, businesses search for appropriate corporate antivirus software to safeguard their computer systems. This paper considers corporate antivirus software switching as one of the major security selection problem and proposes possible avenues for software switching decision and management. In conceptual model, we draw upon switching costs where transaction costs, learning costs, and artificial costs were examined as main costs for software switching decision. Our findings shown only two out of three types of switching costs have influence over corporate antivirus software switching decisions. Despite the existence of switching costs, businesses continue to repeat software switching because the perceived risks of security threats are much greater than the switching cost itself. Furthermore, we examine various approaches to the cost of switching and then propose an index map to evaluate switching decision. Five sets of propositions are advanced to help guide this research

A Study on Security Attributes of Software-Defined Wide Area Network

For organizations to communicate important data across various branches, a reliable Wide Area Network (WAN) is important. With the increase of several factors such as usage of cloud services, WAN bandwidth demand, cost of leased lines, complexity in building/managing WAN and changing business needs led to need of next generation WAN. Software-defined wide area network (SD- WAN) is an emerging trend in today’s networking world as it simplifies management of network and provides seamless integration with the cloud. Compared to Multiprotocol Label Switching (MPLS) majorly used in traditional WAN architecture, SD-WAN incurs less cost, highly secure and offers great performance. This paper will mainly focus to investigate this next-generation WAN’s security attributes as security plays a crucial role in SD-WAN implementation. The goal of the paper is to analyze SD-WAN security by applying principles of CIA triad principle. Comparison of SD-WAN products offered by three different vendors in SD-WAN market with respect to its security is another important area that will be covered in this paper

Trust-based content filtering: Investigating the association between assurance seals, source expertise, and topics of online product reviews

Online product reviews are a significant component affecting transactions in business-to-consumer (B2C) e-commerce. The sheer volume of online reviews makes it virtually impossible for buyers to systematically process all reviews available. Drawing on the elaboration likelihood model (ELM) and web assurance seals (AS) literature, we investigate the association between two trust-building proxies included in reviews: verified buyer flag (VBF) and reviewer’s technical understanding (TU), and topics discussed in online product reviews. Our results indicate that both VBF and TU affect review content. From a practical perspective, we provide a means of content filtering that can be implemented at a recommender system level to reduce information overload prospective buyers are subjected to. From a theoretical perspective our results indicate there is an identifiable shift that has occurred in the e-commerce environment. More specifically, the evolution of the web has brought elements of consumer-to-consumer (C2C) interactions into the space typically reserved for B2C landscape, where sellers also act as intermediaries facilitating information exchange between buyers

Harnessing Technology in Schools Survey 2007: technical report

This technical report provides a detailed review of the methods used and the data gathered for this survey. The report also provides copies of the research instruments used in this survey

An architecture for certification-aware service discovery

Service-orientation is an emerging paradigm for building complex systems based on loosely coupled components, deployed and consumed over the network. Despite the original intent of the paradigm, its current instantiations are limited to a single trust domain (e.g., a single organization). Also, some of the key promises of service-orientation - such as the dynamic orchestration of externally provided software services, using runtime service discovery and deployment - are still unachieved. One of the main reasons for this is the trust gap that normally arises when software services, offered by previously unknown providers, are to be selected at run-time, without any human intervention. To close this gap, the concept of machine-readable security certificates (called asserts) has been recently introduced, which paves the way to automated processing about security properties of services. Similarly to current security certification schemes, the assessment of the security properties of a service is delegated to an independent third party (certification authority), who issues a corresponding assert, bound to the service. In this paper, we propose an architecture, which exploits the assert concept to realise a certification-aware service discovery framework. The architecture supports the discovery of single services based on certified security properties (in additional to the usual functional properties), as well as the dynamic synthesis of service compositions, that satisfy the given security properties. The architecture is extensible, thus allowing for a range of domain specific matchmaking components, to cover dimensions related to, e.g., performance, cost and other non-functional characteristics

Goal-oriented Email Stream Classifier with A Multi-agent System Approach

Now-a-days, email is often one of the most widely used means of communication despite the rise of other communication methods such as instant messaging or communication via social networks. The need to automate the email stream management increases for reasons such as multi-folder categorization, and spam email classification. There are solutions based on email content, capable of contemplating elements such as the text subjective nature, adverse effects of concept drift, among others. This paper presents an email stream classifier with a goal-oriented approach to client and server environment. The i* language was the basis for designing the proposed email stream classifier. The email environment was represented with the early requirements model and the proposed classifier with the late requirements model. The classifier was implemented following a multi-agent system approach supported by JADE agent platform and Implementation_JADE pattern. The behavior of agents was taking from an existing classifier. The multi-agent classifier was evaluated using functional, efficacy and performance tests, which compared the existing classifier with the multi-agent approach. The results obtained were satisfactory in all the tests. The performance of multi-agent approach was better than the existing classifier due to the use of multi-threads.This work was performed as part of the Smart University Project financed by the University of Alicante

Diverse protection systems for improving security: a study with AntiVirus engines

Diverse “barriers” or “protection systems” are very common in many industries, especially in safety-critical ones where the designers must use “defense in depth” techniques to prevent safety failures. Similar techniques are also commonly prescribed for security systems: using multiple, diverse detection systems to prevent security breaches. However empirical evidence of the effectiveness of diversity is rare. We present results of an empirical study which uses a large-scale dataset to assess the benefits of diversity with an important category of security systems: AntiVirus products. The analysis was based on 1599 malware samples collected from a distributed honeypot deployment over a period of 178 days. The malware samples were sent to the signature engines of 32 different AntiVirus products hosted by the VirusTotal service. We also present an exploratory model which shows that the number of diverse protection layers that are needed to achieve “perfect” detection with our dataset follows an exponential power-law distribution. If this distribution is shown to be generic with other datasets, it would be a cost-effective means for predicting the probability of perfect detection for systems that use a large number of barriers based on measurements made with systems that are composed of fewer (say 2, 3) barriers