Poisson factorization for peer-based anomaly detection

Anomaly detection systems are a promising tool to identify compromised user credentials and malicious insiders in enterprise networks. Most existing approaches for modelling user behaviour rely on either independent observations for each user or on pre-defined user peer groups. A method is proposed based on recommender system algorithms to learn overlapping user peer groups and to use this learned structure to detect anomalous activity. Results analysing the authentication and process-running activities of thousands of users show that the proposed method can detect compromised user accounts during a red team exercise

On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.Comment: Survey, 22 Pages, 21 Figure

Authentication and authorisation in entrusted unions

This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported

E-commerce Systems and E-shop Web Sites Security

Fruitfulnes of contemporary companies rests on new business model development, elimination of communication obstacles, simplification of industrial processes, possibilities of responding in real-time and above all meeting the floating custom needs. Quite a number of company activities and transactions are realized within the framework of e-business. Business transactions are supported by e-commerce systems. One of the e-commerce system part is web interface (web sites). Present trend is putting the accent on security. E-commerce system security and web sites security is the most overlooked aspect of securing data. E-commerce system security depends on technologies and its correct exploitation and proceedings. If we want e-commerce system and e-shops web sites with all services to be safety, it is necessary to know all possible risks, use up to date technologies, follow conventions of web sites development and have good security management system. The article deals with definition and description of risk areas refer to e-commerce systems and e-shop web sites and show fundamental principles of e-commerce systems and e-shop web sites security.E-commerce system, e-shop web sites, security, security proceedings, web technologies

A personal networking solution

This paper presents an overview of research being conducted on Personal Networking Solutions within the Mobile VCE Personal Distributed Environment Work Area. In particular it attempts to highlight areas of commonality with the MAGNET initiative. These areas include trust of foreign devices and service providers, dynamic real-time service negotiation to permit context-aware service delivery, an automated controller algorithm for wireless ad hoc networks, and routing protocols for ad hoc networking environments. Where possible references are provided to Mobile VCE publications to enable further reading