检索结果-南通市图书馆

Fuzzing:Progress,Challenges,and Perspectives

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2024年第1期78卷 1-29页

作者： Zhenhua Yu Zhengqi Liu Xuya Cong Xiaobo Li Li Yin Institute of systems Security and Control College of Computer Science and TechnologyXi'an University of Science and TechnologyXi'an710054China School of Mathematics and Information Science Baoji University of Arts and SciencesBaoji721013China Institute of systems Engineering Macao University of Science and TechnologyTaipaMacaoChina

As one of the most effective techniques for finding software vulnerabilities,fuzzing has become a hot topic in software *** feeds potentially syntactically or semantically malformed test data to a target program to mine vulnerabilities and crash the *** recent years,considerable efforts have been dedicated by researchers and practitioners towards improving fuzzing,so there aremore and more methods and forms,whichmake it difficult to have a comprehensive understanding of the *** paper conducts a thorough survey of fuzzing,focusing on its general process,classification,common application scenarios,and some state-of-the-art techniques that have been introduced to improve its ***,this paper puts forward key research challenges and proposes possible future research directions that may provide new insights for researchers.

关键词： Fuzzing vulnerability software testing software security

Cyber Resilience through Real-Time Threat Analysis in Information Security

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

International Journal of Communications, Network and System Sciences 2024年第4期17卷 51-67页

作者： Aparna Gadhi Ragha Madhavi Gondu Hitendra Chaudhary Olatunde Abiona Department of Computer Information systems Indiana University Northwest Gary IN USA

This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].

关键词： Cybersecurity Information Security Network Security Cyber Resilience Real-Time Threat Analysis Cyber Threats Cyberattacks Threat Intelligence Machine Learning Artificial Intelligence Threat Detection Threat Mitigation Risk Assessment vulnerability Management Incident Response Security Orchestration Automation Threat Landscape Cyber-Physical systems Critical Infrastructure Data Protection Privacy Compliance Regulations Policy Ethics Cybercrime Threat Actors Threat Modeling Security Architecture

Evaluating the Efficacy of Latent Variables in Mitigating Data Poisoning Attacks in the Context of Bayesian Networks:An Empirical Study

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computer Modeling in Engineering & Sciences 2024年第5期139卷 1635-1654页

作者： Shahad Alzahrani Hatim Alsuwat Emad Alsuwat Independent Researcher Specializing in Data Security and Privacy Taif26571Saudi Arabia Department of Computer Science College of Computer and Information SystemsUmm Al-Qura UniversityMakkah24382Saudi Arabia Department of Computer Science College of Computers and Information TechnologyTaif UniversityTaif26571Saudi Arabia

Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among ***,the reliability and integrity of learned Bayesian network models are highly dependent on the quality of incoming data *** of the primary challenges with Bayesian networks is their vulnerability to adversarial data poisoning attacks,wherein malicious data is injected into the training dataset to negatively influence the Bayesian network models and impair their *** this research paper,we propose an efficient framework for detecting data poisoning attacks against Bayesian network structure learning *** framework utilizes latent variables to quantify the amount of belief between every two nodes in each causal model over *** use our innovative methodology to tackle an important issue with data poisoning assaults in the context of Bayesian *** regard to four different forms of data poisoning attacks,we specifically aim to strengthen the security and dependability of Bayesian network structure learning techniques,such as the PC *** doing this,we explore the complexity of this area and offer workablemethods for identifying and reducing these sneaky ***,our research investigates one particular use case,the“Visit to Asia Network.”The practical consequences of using uncertainty as a way to spot cases of data poisoning are explored in this inquiry,which is of utmost *** results demonstrate the promising efficacy of latent variables in detecting and mitigating the threat of data poisoning ***,our proposed latent-based framework proves to be sensitive in detecting malicious data poisoning attacks in the context of stream data.

关键词： Bayesian networks data poisoning attacks latent variables structure learning algorithms adversarial attacks

Machine Learning Empowered Security and Privacy Architecture for IoT Networks with the Integration of Blockchain

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Intelligent Automation & Soft Computing 2024年第2期39卷 353-379页

作者： Sohaib Latif M.Saad Bin Ilyas Azhar Imran Hamad Ali Abosaq Abdulaziz Alzubaidi Vincent Karovic Jr. Department of Computer Science The University of ChenabGujrat50700Pakistan Department of Creative Technologies Air UniversityIslamabad42000Pakistan Computer Science Department College of Computer Science and Information SystemsNajran UniversityNajran66244Saudi Arabia Department of Computer Science Umm Alqura UniversityAlQunfudah28821Saudi Arabia Department of Information systems Faculty of ManagementComenius University in BratislavaBratislava82005Slovakia

The Internet of Things(IoT)is growing rapidly and impacting almost every aspect of our lives,fromwearables and healthcare to security,traffic management,and fleet management *** has generated massive volumes of data and security,and data privacy risks are increasing with the advancement of technology and network *** access control solutions are inadequate for establishing access control in IoT systems to provide data protection owing to their vulnerability to single-point OF ***,conventional privacy preservation methods have high latency costs and overhead for resource-constrained *** machine learning approaches were also unable to detect denial-of-service(DoS)*** study introduced a novel decentralized and secure framework for blockchain *** avoid single-point OF failure,an accredited access control scheme is incorporated,combining blockchain with local peers to record each transaction and verify the signature to ***-based attribute-based cryptography is implemented to protect data storage privacy by generating threshold parameters,managing keys,and revoking users on the *** innovative contract-based DOS attack mitigation method is also incorporated to effectively validate devices with intelligent contracts as trusted or untrusted,preventing the server from becoming *** proposed framework effectively controls access,safeguards data privacy,and reduces the risk of *** results depict that the suggested framework outperforms the results in terms of accuracy,precision,sensitivity,recall,and F-measure at 96.9%,98.43%,98.8%,98.43%,and 98.4%,respectively.

关键词： Machine learning internet of things blockchain data privacy security Industry 4.0

Towards Defense Against Adversarial Attacks on Graph Neural Networks via Calibrated Co-Training

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Journal of Computer Science & Technology 2022年第5期37卷 1161-1175页

作者：吴旭刚邬会军周旭赵翔卢凯 College of Computer National University of Defense TechnologyChangsha 410073China College of systems Engineering National University of Defense TechnologyChangsha 410073China

Graph neural networks(GNNs)have achieved significant success in graph representation ***,the recent work indicates that current GNNs are vulnerable to adversarial perturbations,in particular structural ***,therefore,narrows the application of GNN models in real-world *** vulnerability can be attributed to the model’s excessive reliance on incomplete data views(e.g.,graph convolutional networks(GCNs)heavily rely on graph structures to make predictions).By integrating the information from multiple perspectives,this problem can be effectively addressed,and typical views of graphs include the node feature view and the graph structure *** this paper,we propose C^(2)oG,which combines these two typical views to train sub-models and fuses their knowledge through *** to the orthogonality of the views,sub-models in the feature view tend to be robust against the perturbations targeted at sub-models in the structure view.C^(2)oG allows sub-models to correct one another mutually and thus enhance the robustness of their *** our evaluations,C^(2)oG significantly improves the robustness of graph models against adversarial attacks without sacrificing their performance on clean datasets.

关键词： adversarial defense graph neural network multi-view co-training

A Novel Parallel Computing Confidentiality Scheme Based on Hindmarsh-Rose Model

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2023年第8期76卷 1325-1341页

作者： Jawad Ahmad Mimonah Al Qathrady Mohammed SAlshehri Yazeed Yasin Ghadi Mujeeb Ur Rehman Syed Aziz Shah School of Computing Engineering and the Built EnvironmentEdinburgh Napier UniversityEdinburghEH105DTUK Department of Information systems College of Computer Science and Information SystemsNajran UniversityNajran61441Saudi Arabia Department of Computer Science College of Computer Science and Information SystemsNajran UniversityNajran61441Saudi Arabia Department of Computer Science Al Ain UniversityAbu Dhabi112612United Arab Emirates School of Science Technology and HealthYork St John UniversityYorkYO317EXUK Research Centre for Intelligent Healthcare Coventry UniversityCoventryCV15FBUK

Due to the inherent insecure nature of the Internet,it is crucial to ensure the secure transmission of image data over this ***,given the limitations of computers,it becomes evenmore important to employ efficient and fast image encryption *** 1D chaotic maps offer a practical approach to real-time image encryption,their limited flexibility and increased vulnerability restrict their practical *** this research,we have utilized a 3DHindmarsh-Rosemodel to construct a secure *** randomness of the chaotic map is assessed through standard *** proposed system enhances security by incorporating an increased number of system parameters and a wide range of chaotic parameters,as well as ensuring a uniformdistribution of chaotic signals across the entire value ***,a fast image encryption technique utilizing the new chaotic system is *** novelty of the approach is confirmed through time complexity *** further strengthen the resistance against cryptanalysis attacks and differential attacks,the SHA-256 algorithm is employed for secure key *** results through a number of parameters demonstrate the strong cryptographic performance of the proposed image encryption approach,highlighting its exceptional suitability for secure ***,the security of the proposed scheme has been compared with stateof-the-art image encryption schemes,and all comparison metrics indicate the superior performance of the proposed scheme.

关键词： Hindmarsh-rose model image encryption SHA-256 parallel computing

Software Vulnerabilities Overview:A Descriptive Study

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Tsinghua Science and Technology 2020年第2期25卷 270-280页

作者： Mario Calín Sánchez Juan Manuel Carrillo de Gea José Luis Fernández-Alemán Jesús Garcerán Ambrosio Toval the Department of Informatics and systems Faculty of Computer ScienceUniversity of Murcia

Computer security is a matter of great *** the last decade there have been numerous cases of cybercrime based on the exploitation of software *** fact has generated a great social concern and a greater importance of computer security as a *** this work,the most important vulnerabilities of recent years are identified,classified,and categorized individually.A measure of the impact of each vulnerability is used to carry out this classification,considering the number of products affected by each vulnerability,as well as its *** addition,the categories of vulnerabilities that have the greatest presence are *** on the results obtained in this study,we can understand the consequences of the most common vulnerabilities,which software products are affected,how to counteract these vulnerabilities,and what their current trend is.

关键词： descriptive study software security software vulnerabilities vulnerability databases

The Space Infrastructure vulnerability Cadastre:Orbital Debris Critical Loads

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

International Journal of Disaster Risk Science 2015年第4期6卷 359-371页

作者： Adrian V.Gheorghe Daniel E.Yuchnovicz Department of Engineering Management and systems Engineering Old Dominion University

Orbital debris from over 50 years of human activity in space are threatening the operations of existing and future satellites and the sustainability of high-value satellite orbits. This technical memorandum calls for the development of a cadastre that depicts the vulnerability of critical satellite orbits to accumulating orbital debris. A space infrastructure vulnerability cadastre could serve as a governance tool for use by developers and operators of critical space infrastructures to better communicate the current and future vulnerability of high-value orbits to the accumulation of orbital debris. These high-value orbits are susceptible to 'loss' for decades or centuries if generation of orbital debris continues unabated. The concept of environmental critical loads is applied to heavily used orbits as a way to indicate acceptable debris density for satellite operations, and when debris density/risk thresholds approach unacceptable levels that reduce the probability of sustaining spacecraft operations in those orbits.

关键词：轨道的碎片卫星轨道空间地籍图空间基础结构

Security Threat and vulnerability Assessment and Measurement in Secure Software Development

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2022年第6期71卷 5039-5059页

作者： Mamoona Humayun NZ Jhanjhi Maram Fahhad Almufareh Muhammad Ibrahim Khalil Department of Information systems College of Computer and Information SciencesJouf UniversityAl-JoufKSA School of Computer Science and Engineering(SCE) Taylor’s UniversitySelangorMalaysia Department of Computer Science Bahria UniversityIslamabadPakistan

Security is critical to the success of software,particularly in today’s fast-paced,technology-driven *** ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).This is only possible if security is taken into account at all stages of the SDLC(Software Development Life Cycle).Various approaches to software quality have been developed,such as CMMI(Capabilitymaturitymodel integration).However,there exists no explicit solution for incorporating security into all phases of *** of the major causes of pervasive vulnerabilities is a failure to prioritize *** the most proactive companies use the“patch and penetrate”strategy,inwhich security is accessed once the job is *** cost,time overrun,not integrating testing and input in SDLC,usage of third-party tools and components,and lack of knowledge are all reasons for not paying attention to the security angle during the SDLC,despite the fact that secure software development is essential for business continuity and survival in today’s ICT *** is a need to implement best practices in SDLC to address security at all *** fill this gap,we have provided a detailed overview of secure software development practices while taking care of project costs and *** proposed a secure SDLC framework based on the identified practices,which integrates the best security practices in various SDLC phases.A mathematical model is used to validate the proposed framework.A case study and findings show that the proposed system aids in the integration of security best practices into the overall SDLC,resulting in more secure applications.

关键词： Security secure software development software development life cycle(SDLC) confidentiality integrity availability