85,131 research outputs found
Recommended from our members
Protection of an intrusion detection engine with watermarking in ad hoc networks
Mobile ad hoc networks have received great attention in recent years, mainly due to the evolution of wireless networking and mobile computing hardware. Nevertheless, many inherent vulnerabilities exist in mobile ad hoc networks and their applications that affect the security of wireless transactions. As intrusion prevention mechanisms, such as encryption and authentication, are not sufficient we need a second line of defense, Intrusion Detection. In this pa-per we present an intrusion detection engine based on neural networks and a protection method based on watermarking techniques. In particular, we exploit information visualization and machine learning techniques in order to achieve intrusion detection and we authenticate the maps produced by the application of the intelligent techniques using a novel combined watermarking embedding method. The performance of the proposed model is evaluated under different traffic conditions, mobility patterns and visualization metrics
Towards Data Protection Compliance
Privacy and data protection are fundamental issues nowadays for every organization. This paper calls for the development of methods, techniques and infrastructure to allow the deployment of privacy-aware IT systems, in which humans are integral part of the organizational processes and accountable for their possible misconduct. In particular, we discuss the challenges to be addressed in order to improve organizations privacy practices, as well as the approach to ensure compliance with legal requirements and increasing efficiency
Security Toolbox for Detecting Novel and Sophisticated Android Malware
This paper presents a demo of our Security Toolbox to detect novel malware in
Android apps. This Toolbox is developed through our recent research project
funded by the DARPA Automated Program Analysis for Cybersecurity (APAC)
project. The adversarial challenge ("Red") teams in the DARPA APAC program are
tasked with designing sophisticated malware to test the bounds of malware
detection technology being developed by the research and development ("Blue")
teams. Our research group, a Blue team in the DARPA APAC program, proposed a
"human-in-the-loop program analysis" approach to detect malware given the
source or Java bytecode for an Android app. Our malware detection apparatus
consists of two components: a general-purpose program analysis platform called
Atlas, and a Security Toolbox built on the Atlas platform. This paper describes
the major design goals, the Toolbox components to achieve the goals, and the
workflow for auditing Android apps. The accompanying video
(http://youtu.be/WhcoAX3HiNU) illustrates features of the Toolbox through a
live audit.Comment: 4 pages, 1 listing, 2 figure
Characteristics of the Audit Processes for Distributed Informatics Systems
The paper contains issues regarding: main characteristics and examples of the distributed informatics systems and main difference categories among them, concepts, principles, techniques and fields for auditing the distributed informatics systems, concepts and classes of the standard term, characteristics of this one, examples of standards, guidelines, procedures and controls for auditing the distributed informatics systems. The distributed informatics systems are characterized by the following issues: development process, resources, implemented functionalities, architectures, system classes, particularities. The audit framework has two sides: the audit process and auditors. The audit process must be led in accordance with the standard specifications in the IT&C field. The auditors must meet the ethical principles and they must have a high-level of professional skills and competence in IT&C field.informatics audit, characteristic, distributed informatics system, standard
Detection of the Security Vulnerabilities in Web Applications
The contemporary organizations develop business processes in a very complex environment. The IT&C technologies are used by organizations to improve their competitive advantages. But, the IT&C technologies are not perfect. They are developed in an iterative process and their quality is the result of the lifecycle activities. The audit and evaluation processes are required by the increased complexity of the business processes supported by IT&C technologies. In order to organize and develop a high-quality audit process, the evaluation team must analyze the risks, threats and vulnerabilities of the information system. The paper highlights the security vulnerabilities in web applications and the processes of their detection. The web applications are used as IT&C tools to support the distributed information processes. They are a major component of the distributed information systems. The audit and evaluation processes are carried out in accordance with the international standards developed for information system security assurance.security, vulnerability, web application, audit
- âŠ