International Journal of Computer Network and Information Security

Cover page and Table of Contents. vol. 14 No. 1, 2022, IJCNIS

Другой

Бесплатно

Specific Case of Two Dynamical Options in Application to the Security Issues: Theoretical Development

Andriy V. Goncharenko

Статья научная

In the presented paper it is investigated the influence of the subjective perception of the objectively existing security values upon the security measures and indicators in the framework of the subjective entropy maximum principle. The subjective analysis theory entropy paradigm makes it possible to consider the security system based upon dynamic parameters as an active system governed by an individual (active element of the managerial system) with the help of her/his individual subjective preferences optimal distributions obtained in conditions of the available situation multi-alternativeness and those achievable alternatives presence, as well as the active system active element’s individual subjective preferences uncertainty. The described approach takes into account the simple two-alternative security situation in regards with the objectively existing effectiveness functions, related to security measures, in the view of a controlled parameter and a combination of it with its rate as the ratio. It is obtained the expressions for the objective functional extremal functions of the effectiveness and preferences, mathematically explicitly visualizing the security situation and allowing taking a good choice. The ideas of the required proper governing, managing, and control methods choice optimization with respect to only 2 alternative objective effectiveness functions arguments might be simple; nevertheless, increasing the number of parameters and further complication of the problem setting will not change the principle of the problem solution. This study is rather comparative. The significance and value of the study becomes clear in comparison with the theoretical results in the entropy paradigm field. Herein the solution obtained in the explicit view based upon the integral form objective functional. Such kind of dynamic optimization was not modeled in the background works.

Бесплатно

Design of a Highly Accurate PPG Sensing Interface via Multimodal Ensemble Classification Architecture

Neha Singh, Arun Kumar

Статья научная

Photoplethysmogram (PPG) sensing is a field of signal measurement that involves accurate sensor design and efficient signal processing. Sensing interfaces have matured due to use of sophisticated nano-meter technologies, that allow for high speed, and low error sampling. Thus, in order to improve the efficiency of PPG sensing, the signal processing unit must be tweaked. A wide variety of algorithms have been proposed by researchers that use different classification models for signal conditioning and error reduction. When applied to blood pressure (BP) monitoring, the efficiency of these models is limited by their ability to differentiate between BP levels. In order to improve this efficiency, the underlying text proposes a novel multimodal ensemble classifier. The proposed classifier accumulates correct classification instances from a series of highly efficient classifiers in order to enhance the efficiency of PPG sensing. This efficiency is compared with standard classification models like k-nearest neighbors (kNN), random forest (RF), linear support vector machine (LSVM), multilayer perceptron (MLP), and logistic regression (LR). It is observed that the proposed model is 10% efficient than these models in terms of classification accuracy; and thus, can be used for real time BP monitoring PPG signal acquisition scenarios. This accuracy is estimated by comparing actual BP values with measured BP values, and then evaluating error difference w.r.t. other algorithms.

Бесплатно

A Bayesian Attack-Network Modeling Approach to Mitigating Malware-Based Banking Cyberattacks

Aaron Zimba

Статья научная

According to Cybersecurity Ventures, the damage related to cybercrime is projected to reach $6 trillion annually by 2021. The majority of the cyberattacks are directed at financial institutions as this reduces the number of intermediaries that the attacker needs to attack to reach the target - monetary proceeds. Research has shown that malware is the preferred attack vector in cybercrimes targeted at banks and other financial institutions. In light of the above, this paper presents a Bayesian Attack Network modeling technique of cyberattacks in the financial sector that are perpetuated by crimeware. We use the GameOver Zeus malware for our use cases as it’s the most common type of malware in this domain. The primary targets of this malware are any users of financial services. Today, financial services are accessed using personal laptops, institutional computers, mobile phones and tablets, etc. All these are potential victims that can be enlisted to the malware’s botnet. In our approach, phishing emails as well as Common Vulnerabilities and Exposures (CVEs) which are exhibited in various systems are employed to derive conditional probabilities that serve as inputs to the modeling technique. Compared to the state-of-the-art approaches, our method generates probability density curves of various attack structures whose semantics are applied in the mitigation process. This is based on the level exploitability that is deduced from the vertex degrees of the compromised nodes that characterizes the probability density curves.

Бесплатно

System Monitoring Addon Analysis in System Load Simulation

Filip Gjorgjevikj, Kire Jakimoski

Статья научная

The complexity of interconnected devices requires constant real-time monitoring, as failure of one part can have catastrophic consequences for the entire system. Computer-information monitoring tools enable us to always be one step ahead of potential problems that may occur in a monitored network environment, whether it is a human-caused configuration or simply an element has failed or stopped working. Not only can they report potential problems, but they can also solve the problem itself. For example, if an element needs increased resources at a given time, the tool itself can recognize it and automatically increase the resource needs of that element. By setting up a monitoring system in a virtual environment, the results can be seen and through their analysis will bring an optimal solution when it comes to what agent to use. This paper presents analysis of how network monitoring agent is responding in cases when there is increased use of shared resources. Knowing this can help in choosing what agent should be used in any given environment, and with that more resources will be saved. This leads to better utilization of resources which is an important in mid-size and big setup of computer monitoring systems.

Бесплатно

Mitigation of DDOS and MiTM Attacks using Belief Based Secure Correlation Approach in SDN-Based IoT Networks

Mimi M. Cherian, Satishkumar L. Varma

Статья научная

In recent years the domain of Internet of Things (IoT) has acquired great interest from the ICT community. Environmental observation and collecting information is one of the key reasons that IoT infrastructure facilitates the creation of many varieties of the latest business methods and applications. There are however still issues about security measures to be resolved to ensure adequate operation of devices. Distributed Denial of Service (DDoS) attacks are currently the most severe virtual threats that are causing serious damage to many IoT devices. With this in mind, numerous research projects were carried out to discover new methods and develop Novel techniques and solutions for DDOS attacks prevention. The use of new technology, such as software-defined networking (SDN) along with IoT devices has proven to be an innovative solution to mitigate DDoS attacks. In this article, we are using a novel data sharing system in IoT units that link IoT units with the SDN controller and encrypt information from IoT unit. We use conventional Redstone cryptographic algorithms to encrypt information from IoT devices in this framework. The Proposed Belief Based Secure Correlation methodology supports the prevention of DDOS attacks and other forms of data attacks. The system proposes new routes for transmission through the controller and communicates with approved switches for the safe transmission of data. To simulate our entire scenario, we proposed the algorithm Belief Based Secure Correlation (BBSC) implemented in SDN–IoT Testbed and verified IoT data is secure during transmission in the network.

Бесплатно