Current Issue : January - March Volume : 2015 Issue Number : 1 Articles : 5 Articles
Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and\nmust be managed. Companies in many parts of the world protect sensitive information using the international standard known\nas the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect\nconfidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular\nflaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because\nthe first priority of industrial control is safety of the system. Therefore, a new information security management system based on\nconfidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS.\nThis paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS....
The authentication system provides the secure environment for the resources. Authentication and identification of the user have always represented the challenging aspects of security systems. The text based user authentication and identification are not sufficient to address to address these issues. The text based security is considered retrograde and out-dated for current security threats that easily undermine authentication, identification and non-repudiation. A crucial usability goal for authentication systems is to support users in selecting better passwords. Often users create memorable passwords that are easy for attackers to guess, whereas the strong system-assigned passwords are difficult for users to remember. Therefore, modern day researchers suggest using the alternative methods. Here a graphical password system with test password is described. In the proposed work, a click-based graphical password scheme called persuasive cued click points (PCCP) is used along with pass point’s password. In this system, a password consists of sequence of few images wherein a user selects one click-point per specific region of an image and on the last opened image user has to reselect the sequence of clicks for that specific image. Due to integration of passpoints and PCCP password in the graphical authentications the security is enhanced in this system....
This paper analyses and proposes a novel detection strategy for the ââ?¬Ë?Chameleonââ?¬â?¢ WiFi AP-AP virus. Previous\nresearch has considered virus construction, likely virus behaviour and propagation methods. The research here\ndescribes development of an objective measure of virus success, the impact of product susceptibility, the\nacceleration of infection and the growth of the physical area covered by the virus. An important conclusion of this\ninvestigation is that the connectivity between devices in the victim population is a more significant influence on\nvirus propagation than any other factor. The work then proposes and experimentally verifies the application of a\ndetection method for the virus. This method utilises layer 2 management frame information which can detect the\nattack while maintaining user privacy and user confidentiality, a key requirement in many security solutions....
In this work, by exploiting the traces left by double compression in the statistics of quantized modified discrete cosine\ntransform coefficients, a single measure has been derived that allows to decide whether an MP3 file is singly or doubly\ncompressed and, in the last case, to devise also the bit-rate of the first compression. Moreover, the proposed method\nas well as two state-of-the-art methods have been applied to analyze short temporal windows of the track, allowing\nthe localization of possible tampered portions in the MP3 file under analysis. Experiments confirm the good\nperformance of the proposed scheme and demonstrate that current detection methods are useful for tampering\nlocalization, thus offering a new tool for the forensic analysis of MP3 audio tracks....
This paper proposes to investigate the impact of the channel model for authentication systems based on codes that\nare corrupted by a physically unclonable noise such as the one emitted by a printing process. The core of such a\nsystem for the receiver is to perform a statistical test in order to recognize and accept an original code corrupted by\nnoise and reject any illegal copy or a counterfeit. This study highlights the fact that the probability of type I and type II\nerrors can be better approximated, by several orders of magnitude, when using the Cram�©r-Chernoff theorem instead\nof a Gaussian approximation. The practical computation of these error probabilities is also possible using Monte Carlo\nsimulations combined with the importance sampling method. By deriving the optimal test within a Neyman-Pearson\nsetup, a first theoretical analysis shows that a thresholding of the received code induces a loss of performance. A\nsecond analysis proposes to find the best parameters of the channels involved in the model in order to maximize the\nauthentication performance. This is possible not only when the opponentâ��s channel is identical to the legitimate\nchannel but also when the opponentâ��s channel is different, leading this time to a min-max game between the two\nplayers. Finally, we evaluate the impact of an uncertainty for the receiver on the opponent channel, and we show that\nthe authentication is still possible whenever the receiver can observe forged codes and uses them to estimate the\nparameters of the model....
Loading....