Current Issue : October - December Volume : 2016 Issue Number : 4 Articles : 6 Articles
Extensions of the Gordon-Loeb [1] and the Gordon-Loeb-Lucyshyn-Zhou [2] models are presented\nbased on mathematical equivalency with a generalized homeland security model. The extensions\ninclude limitations on changes in the probability of attack, simultaneous effects on probability and\nloss, diversion of attack, and shared non-information defenses. Legal cases are then investigated\nto assess approximate magnitudes of external effects and the extent they are internalized by the\nlegal system....
Cloud computing is an emerging and popular method of accessing shared and dynamically configurable\nresources via the computer network on demand. Cloud computing is excessively used by\nmobile applications to offload data over the network to the cloud. There are some security and\nprivacy concerns using both mobile devices to offload data to the facilities provided by the cloud\nproviders. One of the critical threats facing cloud users is the unauthorized access by the insiders\n(cloud administrators) or the justification of location where the cloud providers operating. Although,\nthere exist variety of security mechanisms to prevent unauthorized access by unauthorized\nuser by the cloud administration, but there is no security provision to prevent unauthorized\naccess by the cloud administrators to the client data on the cloud computing. In this paper, we\ndemonstrate how steganography, which is a secrecy method to hide information, can be used to\nenhance the security and privacy of data (images) maintained on the cloud by mobile applications.\nOur proposed model works with a key, which is embedded in the image along with the data, to\nprovide an additional layer of security, namely, confidentiality of data. The practicality of the\nproposed method is represented via a simple case study....
An intrusion detection system collects and analyzes information from different areas within a\ncomputer or a network to identify possible security threats that include threats from both outside\nas well as inside of the organization. It deals with large amount of data, which contains various irrelevant\nand redundant features and results in increased processing time and low detection rate.\nTherefore, feature selection should be treated as an indispensable pre-processing step to improve\nthe overall system performance significantly while mining on huge datasets. In this context, in this\npaper, we focus on a two-step approach of feature selection based on Random Forest. The first\nstep selects the features with higher variable importance score and guides the initialization of\nsearch process for the second step whose outputs the final feature subset for classification and interpretation.\nThe effectiveness of this algorithm is demonstrated on KDD�99 intrusion detection\ndatasets, which are based on DARPA 98 dataset, provides labeled data for researchers working in\nthe field of intrusion detection. The important deficiency in the KDD�99 data set is the huge number\nof redundant records as observed earlier. Therefore, we have derived a data set RRE-KDD by\neliminating redundant record from KDD�99 train and test dataset, so the classifiers and feature\nselection method will not be biased towards more frequent records. This RRE-KDD consists of\nboth KDD99Train+ and KDD99Test+ dataset for training and testing purposes, respectively. The\nexperimental results show that the Random Forest based proposed approach can select most important\nand relevant features useful for classification, which, in turn, reduces not only the number\nof input features and time but also increases the classification accuracy....
Honeyword system used to detect password file disclosure. For each user set of honeyword is generated. When adversary have a password file, then it get confused which one is real password in honeyword set. Adversary enters all honeywords in the set. When honeywords are entered notification will be send to the admin. Author gives hybrid method for generation of honeyword. Hybrid method provides strong DOS resistance and flatness....
Given the importance of cybersecurity to the survival of an organization, a fundamental economics-\nbased question that must be addressed by all organizations is: How much should be invested in\ncybersecurity related activities? Gordon and Loeb [1] presented a model to address this question,\nand that model has received a significant amount of attention in the academic and practitioner literature.\nThe primary objective of this paper is to discuss the Gordon-Loeb Model with a focus on\ngaining insights for the model�s use in a practical setting....
This paper proposes a scheme for password management by storing password encryptions on a\nserver. The method involves having the encryption key split into a share for the user and one for\nthe server. The user�s share shall be based solely on a selected passphrase. The server�s share\nshall be generated from the user�s share and the encryption key. The security and trust are\nachieved by performing both encryption and decryption on the client side. We also address the\nissue of countering dictionary attack by providing a further enhancement of the scheme....
Loading....