Current Issue : April-June Volume : 2024 Issue Number : 2 Articles : 5 Articles
There is growing concern about IT security in the healthcare sector due to the number of cyberattacks. The objective of the review is to analyze the state of adoption of computer security in the healthcare sector and provide valuable knowledge to researchers and health organizations interested in this field of study. An exhaustive search of international and regional articles on computer security in healthcare organizations was conducted using Scopus, Dimensions, and pubMed databases. Preferred reporting items for systematic reviews and meta-analysis (PRISMA) statement was used for the selection of articles published between 2018 and 2022. The final number of articles considered is 50. The review explored approaches related to computer security types, mechanisms, and technologies. The findings reveal that blockchain is the most widely used technology to protect medical information. In addition, network, software, and hardware security approaches are employed, using mechanisms such as data encryption, authentication, and access control. Based on these findings, a perimeter security model for the protection of medical information is proposed. In conclusion, these results highlight the importance of adopting robust security measures in terms of networks, software, and hardware, as well as adopting blockchain technology to improve data security in the healthcare sector....
With the proliferation of mobile devices and the increasing demand for low-latency and high-throughput applications, mobile edge computing (MEC) has emerged as a promising paradigm to offload computational tasks to the network edge. However, the dynamic and resource-constrained nature of MEC environments introduces new challenges, particularly in the realm of security. In this context, intrusion detection becomes crucial to safeguard the integrity and confidentiality of sensitive data processed at the edge. This paper presents a novel Secured Edge Computing Intrusion Detection System (SEC-IDS) tailored for MEC environments. The proposed SEC-IDS framework integrates both signature-based and anomaly-based detection mechanisms to enhance the accuracy and adaptability of intrusion detection. Leveraging edge computing resources, the framework distributes detection tasks closer to the data source, thereby reducing latency and improving real-time responsiveness. To validate the effectiveness of the proposed SEC-IDS framework, extensive experiments were conducted in a simulated MEC environment. The results demonstrate superior detection rates compared to traditional centralized approaches, highlighting the efficiency and scalability of the proposed solution. Furthermore, the framework exhibits resilience to resource constraints commonly encountered in edge computing environments....
Traditionally, website security risks are measured using static analysis based on patterns and dynamic analysis by accessing websites with user devices. Recently, similarity hash-based website security risk analysis and machine learning-based website security risk analysis methods have been proposed. In this study, we propose a technique to measure website risk by collecting public information on the Internet. Publicly available DNS information, IP information, and website reputation information were used to measure security risk. Website reputation information includes global traffic rankings, malware distribution history, and HTTP access status. In this study, we collected public information on a total of 2000 websites, including 1000 legitimate domains and 1000 malicious domains, to assess their security risk. We evaluated 11 categories of public information collected by the Korea Internet & Security Agency, an international domain registrar. Through this study, public information about websites can be collected and used to measure website security risk....
Static analysis is a software testing technique that analyzes the code without executing it. It is widely used to detect vulnerabilities, errors, and other issues during software development. Many tools are available for static analysis of Java code, including SpotBugs. Methods that perform a security check must be declared private or final; otherwise, they can be compromised when a malicious subclass overrides the methods and omits the checks. In Java, security checks can be performed using the SecurityManager class. This paper addresses the aforementioned problem by building a new automated checker that raises an issue when this rule is violated. The checker is built under the SpotBugs static analysis tool. We evaluated our approach on both custom test cases and real-world software, and the results revealed that the checker successfully detected related bugs in both with optimal metrics values....
WARP, an efficient lightweight block cipher presented by Banik et al., offers a viable alternative to AES with its 128-bit block and a 128-bit key. It adopts a 32-nibble type-II generalized Feistel network (GFN) structure, incorporating a nibble permutation optimized for both security and efficiency. Notably, WARP has achieved the lowest hardware implementation among 128-bit block ciphers. Its bit-serial encryption-only circuit is only 763 gate equivalents (GEs). Consequently, WARP has received significant attention since its inception. The designers evaluated the number of active Sboxes for linear trails in WARP to establish its security. To further investigate WARP’s resistance against linear attacks, we employed an automated model to analyze the optimal linear trails/hulls of WARP. To achieve this, the problem will be transformed into a Boolean satisfiability problem (SAT). The constraints in conjunctive normal form (CNF) are used to describe the mask propagation of WARP and invoke the SAT solver to find valid solutions. The results allowed us to obtain the optimal correlation of the initial 21-round linear trails for WARP. Furthermore, by enumerating the linear trails within a linear hull, the distribution of linear trails is revealed, and the probability of the linear hull is improved to be more accurate. This work extends the linear distinguisher from 18 to 21 rounds. Additionally, the first independent analysis of WARP’s linear properties is presented, offering a more precise evaluation of its resistance against linear cryptanalysis....
Loading....