Continuous process improvement and the risk to informationassurance

In today's climate, every good manager should pay attention to the technology gap developing between the deployment of information assurance (IA) products and the technical capabilities of exploiters who can successfully attack an enterprise's information assets. The growing number of would-be hackers eager to infiltrate a network-based computer system represents an ever-present threat to managers concerned with protecting the information assets those same computer systems host. Managers can counter this threat by acquiring and deploying protection technology within an environment that involves, at best, an incremental improvement process. However; the exploiter of the computer-based system works within a continuous process improvement environment. The difference between the exploiter's and the manager's environments creates an IA gap that leaves information assets vulnerable and therefore at risk     

结合生物特征识别技术的网络安全认证系统设计

随着信息技术的飞速发展,生物特征识别技术正在被越来越广泛地应用到数据库和商业系统的访问控制中。这些应用需要采用一定的措施来抵御对安全的威胁。在涉及到一个开放的网络环境下的认证问题时,例如非面对面的交易中,加密技术(公钥加密术和数字签名技术)被采用来防止对生物认证信息的无授权的使用,同时保证数据的完整性。该文提出了一种包含可信任的第三方的网络认证结构,其结合了手形认证技术和加密技术。并开发了一种应用于基于网络环境的原型系统。对此模型的初步评估结果是令人满意的。类似的技术可以被应用到更加灵活的应用中。     

针对网络入侵检测系统的攻击及防御

Internet的使用越来越广泛,随之而来的网络安全已成为人们关注的焦点。入侵检测系统作为一种对付攻击的有效手段,已为越来越多的单位所采用。然而一旦攻击者发现目标网络中部署有入侵检测系统IDS,那么IDS往往成为他们首选的攻击目标。该文详细分析了针对网络IDS的几种攻击类型,即过载攻击、崩溃攻击和欺骗攻击,以及如何防御这些攻击,这对于IDS的设计具有一定的借鉴意义。     

Coauthorship networks and academic literature recommendation

Recommender systems are increasingly touted as an indispensable service of many online stores and websites. Most existing recommendation techniques typically rely on users’ historical, long-term interest profiles, derived either explicitly from users’ preference ratings or implicitly from their purchasing/browsing history, to arrive at recommendation decisions. In this study, we propose a coauthorship network-based, task-focused literature recommendation technique to meet users’ information need specific to a task under investigation and develop three different schemes for estimating the closeness between scholars based on their coauthoring relationships. We empirically evaluate the proposed coauthorship network-based technique. The evaluation results suggest that our proposed technique outperforms the author-based technique across various degrees of content coherence in task profiles. The proposed technique is more effective than the content-based technique when task profiles specified by users are similar in their contents but is less effective otherwise. We further develop a hybrid method that switches between the coauthorship network-based and content-based techniques on the basis of the content coherence of a task profile. It achieves comparable or better recommendation effectiveness, when compared with the pure coauthorship network-based and content-based techniques.     

Real time detection of cache-based side-channel attacks using hardware performance counters

In this paper we analyze three methods to detect cache-based side-channel attacks in real time, preventing or limiting the amount of leaked information. Two of the three methods are based on machine learning techniques and all the three of them can successfully detect an attack in about one fifth of the time required to complete it. We could not experience the presence of false positives in our test environment and the overhead caused by the detection systems is negligible. We also analyze how the detection systems behave with a modified version of one of the spy processes. With some optimization we are confident these systems can be used in real world scenarios.     

Improving Query Response Delivery Quality in Peer-to-Peer Systems

Unstructured peer-to-peer (P2P) system is the prevalent model in today's P2P systems. In such systems, a response is sent along the same path that carried the incoming query message. To guarantee the anonymity of the requestor, no requestor information is included in the response message, and each node in the query's incoming path only knows its direct neighbors who sent the query request to it. This mechanism introduces response loss when any one node or connection in the path fails, which is a common occurrence in the P2P system due to its dynamic feature. In this paper, we address the response loss problem and show that peers' oscillation can cause up to a 35 percent response loss in an unstructured P2P system. We also present three techniques to alleviate this problem: the redundant response delivery (RRD) scheme as a proactive approach, the adaptive response delivery (ARD) scheme as a reactive approach, and the extended adaptive response delivery scheme to render ARD to function in an unstructured P2P system with limited or no flooding-based search mechanism. We have evaluated our techniques in a large-scale network simulation. With limited traffic overhead, all three techniques reduce response loss rate by more than 65 percent and are fully distributed. We have designed our techniques to be simple to develop and implement in existing P2P systems     

Protection from reconnaissance for establishing information security systems

ABSTRACT

The paper presents a generalized method for improving security of information systems based on protection of the systems from reconnaissance by adversaries. Attacks carried out by exploiting almost all vulnerabilities require particular information about the architecture and operating algorithms of an information system. Obstructions to obtain that information also complicates carrying out attacks. Reconnaissance-protection methods can be utilized for establishing such systems (continuous change of attack surface). Practical implementation of the techniques demonstrated their high efficiency in reducing the risk of information resources to be cracked or compromised.     

Estimating circuit activity in combinational CMOS digital circuits

Largely because of the recent trend toward portable computing and wireless communication systems, estimating power consumption has become a major concern in today's VLSI circuit and system design. Moreover, the dramatic decrease in feature size, combined with the corresponding increase in the number of devices on a chip, makes the power density larger. To be practical, a portable system should be able to operate for an extended period without requiring a batter recharge or replacement. Achieving this objective means minimizing power consumption. Fast and accurate probabilistic and statistical techniques for estimating circuit activity in CMOS digital circuits offer an alternative to circuit simulation. The techniques use statistics of input signals to determine accurate switching information     

下一代网络入侵防御研究

随着信息化的发展和网络应用的普及,针对企业和个人的各种攻击越来越复杂,攻击技术和策略也在不断调整,传统的入侵防御系统必须进化到能够处理先进的有针对性的威胁。首先介绍了下一代网络入侵防御系统的概念和主要功能,接着分析了和其它网络安全产品的关系,然后,阐述了下一代网络入侵防御典型产品的关键技术,最后,指出了下一代网络入侵防御的发展前景。     

数据挖掘技术在入侵检测系统中的应用研究

随着以太网的快速发展,基于网络的攻击方式越来越多,传统的入侵检测系统越来越难以应付;将数据挖掘技术引入到入侵检测系统中来,分析网络中各种行为记录中潜在的攻击信息,自动辨别出网络入侵的模式,从而提高系统的检测效率;将K- MEANS算法及DBSCAN算法相综合,应用到入侵检测系统,并针对K- MEANS算法的一些不足进行了改进,提出了通过信息嫡理论的使用解决K- MEANS算法选择初始簇中心问题,然后利用其分类结果完善DBSCAN算法两个关键参数(Eps,Minpts)的设置,通过DB-SCAN算法,进一步地分析可疑的异常聚类,提高聚类的准确度.     

Coding for high availability of a distributed-parallel storagesystem

We have developed a distributed parallel storage system that employs the aggregate bandwidth of multiple data servers connected by a high-speed wide-area network to achieve scalability and high data throughput. This paper studies different schemes to enhance the reliability and availability of such network-based distributed storage systems. The general approach of this paper employs “erasure” error-correcting codes that can be used to reconstruct missing information caused by hardware, software, or human faults. The paper describes the approach and develops optimized algorithms for the encoding and decoding operations. Moreover, the paper presents techniques for reducing the communication and computation overhead incurred while reconstructing missing data from the redundant information. These techniques include clustering, multidimensional coding, and the full two-dimensional parity schemes. The paper considers trade-offs between redundancy, fault tolerance, and complexity of error recovery     

一种基于树结构的网络渗透测试系统

随着计算机安全技术的高速发展，渗透测试作为网络安全的一种新技术，越来越受到重视，建立一种自动智能的网络渗透测试系统已经成为当前的重要研究方向。本文介绍了攻击树模型，提出了一种基于树结构的网络渗透测试系统。它可以根据目标的实际情况制定出攻击策略，实施攻击。该系统使得攻击有自动性和智能性，提高丁攻击成功的可能性。     

Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures

Side-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks are well established within the cybersecurity domain, and thus their cyber-physical systems are actively defended with countermeasures. Non-cyber systems are equally as vulnerable to side-channel attacks; however, this is largely unrecognised and therefore countermeasures to defend them are limited. This paper surveys side-channel attacks against non-cyber systems and investigates the consequent security and privacy ramifications. Side-channel attack techniques rely on respective side-channel properties in order to succeed; therefore, countermeasures that disrupt each side-channel property are identified, effectively thwarting the side-channel attack. This principle is captured within a countermeasure algorithm: a systematic and extensible approach to identifying candidate countermeasures for non-cyber systems. We validate the output of this process by showing how the candidate countermeasures could be applied in the context of each non-cyber system and in the real world. This work provides an extensible platform for translating cybersecurity-derived side-channel attack research into defending systems from non-cyber domains.

     

电力企业信息系统安全技术的研究

近年来,在信息技术发展的同时,各种攻击技术、网络入侵技术水平也得到了飞速发展,这就要求电力行业计算机信息系统的结构有相应的变化,建立纵深防御的安全系统,能有效地抵御各类攻击,以提高电力行业信息系统的安全性。     

Toward systems ecology

Can we adapt our understanding of bioecological systems to develop efficient, effective and sustainable man-made systems? It is perhaps not an overstatement to say that sustainable human development is unrealistic without major reliance on information technology. Yet, without a cohesive systems ecology to guide the use of information, how can we expect to manage today's complex systems? Whether they be man-made, human or organizational, systems based on a systems ecology could more quickly lead to knowledge and enterprise integration for the betterment of humankind     

抗电路板级物理攻击的操作系统防御技术研究

计算设备处理和存储日益增多的敏感信息,如口令和指纹信息等,对安全性提出更高要求.物理攻击技术的发展催生了一种通过攻击电路板级硬件组件来获取操作系统机密信息的攻击方法：电路板级物理攻击.该类攻击具有工具简单、成本低、易流程化等特点,极容易被攻击者利用形成黑色产业,是操作系统面临的新安全威胁和挑战.在处理器上扩展内存加密引擎可抵抗该类攻击,但是目前大部分计算设备并未配备该硬件安全机制.学术界和产业界提出软件方式抗电路板级物理攻击的操作系统防御技术,该类技术已成为近年来的研究热点.深入分析了该类技术的研究进展,总结其技术优势和不足,并探讨其发展趋势.首先,介绍了电路板级物理攻击的定义、威胁模型、现实攻击实例.之后,介绍软件方式抗电路板级物理攻击的操作系统防御技术所依赖的一些基础技术.然后,对该类防御技术的研究进展按照保护范围进行分类总结和归纳.最后,分析了该类防御技术的优势与不足,给出工程实现建议,并探讨该类防御技术未来的研究趋势.     

浅谈计算机网络安全及相关安全对策

随着信息产业的高速发展,计算机网络也迅速普及,各部门都利用互联网建立自己的信息系统渗透到我们生活的各个角落。以充分利用各类信息资源。但在连接信息能力、流通能力提高的同时,基于网络连接的安全问题也日益突出。然而,网络自身固有其脆弱性,并且中国的网络信息技术起步较晚,给网络安全带来诸多潜在的威胁。本文针对影响计算机网络系统安全的主要因素,结合实际工作进行分析,并提出相应的对策进行探讨。     

Insider Attack Detection Using Deep Belief Neural Network in Cloud Computing

Cloud computing is a high network infrastructure where users, owners, third users, authorized users, and customers can access and store their information quickly. The use of cloud computing has realized the rapid increase of information in every field and the need for a centralized location for processing efficiently. This cloud is nowadays highly affected by internal threats of the user. Sensitive applications such as banking, hospital, and business are more likely affected by real user threats. An intruder is presented as a user and set as a member of the network. After becoming an insider in the network, they will try to attack or steal sensitive data during information sharing or conversation. The major issue in today's technological development is identifying the insider threat in the cloud network. When data are lost, compromising cloud users is difficult. Privacy and security are not ensured, and then, the usage of the cloud is not trusted. Several solutions are available for the external security of the cloud network. However, insider or internal threats need to be addressed. In this research work, we focus on a solution for identifying an insider attack using the artificial intelligence technique. An insider attack is possible by using nodes of weak users’ systems. They will log in using a weak user id, connect to a network, and pretend to be a trusted node. Then, they can easily attack and hack information as an insider, and identifying them is very difficult. These types of attacks need intelligent solutions. A machine learning approach is widely used for security issues. To date, the existing lags can classify the attackers accurately. This information hijacking process is very absurd, which motivates young researchers to provide a solution for internal threats. In our proposed work, we track the attackers using a user interaction behavior pattern and deep learning technique. The usage of mouse movements and clicks and keystrokes of the real user is stored in a database. The deep belief neural network is designed using a restricted Boltzmann machine (RBM) so that the layer of RBM communicates with the previous and subsequent layers. The result is evaluated using a Cooja simulator based on the cloud environment. The accuracy and F-measure are highly improved compared with when using the existing long short-term memory and support vector machine.     

Studying fake news spreading,polarisation dynamics,and manipulation by bots: A tale of networks and language

With the explosive growth of online social media, the ancient problem of information disorders interfering with news diffusion has surfaced with a renewed intensity threatening our democracies, public health, and news outlets’ credibility. Therefore, thousands of scientific papers have been published in a relatively short period, making researchers of different disciplines struggle with an information overload problem. The aim of this survey is threefold: (1) we present the results of a network-based analysis of the existing multidisciplinary literature to support the search for relevant trends and central publications; (2) we describe the main results and necessary background to attack the problem under a computational perspective; (3) we review selected contributions using network science as a unifying framework and computational linguistics as the tool to make sense of the shared content. Despite scholars working on computational linguistics and networks traditionally belong to different scientific communities, we expect that those interested in the area of fake news should be aware of crucial aspects of both disciplines.