Asset-backed securities are developed through complex processes such as asset restructuring and credit enhancement.Therefore,the information asymmetry between issuers and investors is greater compared to traditional s...Asset-backed securities are developed through complex processes such as asset restructuring and credit enhancement.Therefore,the information asymmetry between issuers and investors is greater compared to traditional securities,which imposes higher requirements on information disclosure for asset-backed securities.Asset-backed securities have characteristics such as diversified disclosers,differentiated disclosure content,and specialized risk factors.China has already formulated a series of rules and regulations regarding information disclosure of asset-backed securities.It is imperative to develop specialized laws and regulations for asset-backed securities,encompass original equity holders and credit enhancement agencies as information disclosers,incorporate information such as underlying asset details,cash flow projections,and credit ratings and enhancements into the disclosure content,and improve the legal liability rules to effectively address false disclosures.展开更多
Over the last decade,a significant increase has been observed in the use of web-based Information systems that process sensitive information,e.g.,personal,financial,medical.With this increased use,the security of such...Over the last decade,a significant increase has been observed in the use of web-based Information systems that process sensitive information,e.g.,personal,financial,medical.With this increased use,the security of such systems became a crucial aspect to ensure safety,integrity and authenticity of the data.To achieve the objectives of data safety,security testing is performed.However,with growth and diversity of information systems,it is challenging to apply security testing for each and every system.Therefore,it is important to classify the assets based on their required level of security using an appropriate technique.In this paper,we propose an asset security classification technique to classify the System Under Test(SUT)based on various factors such as system exposure,data criticality and security requirements.We perform an extensive evaluation of our technique on a sample of 451 information systems.Further,we use security testing on a sample extracted from the resulting prioritized systems to investigate the presence of vulnerabilities.Our technique achieved promising results of successfully assigning security levels to various assets in the tested environments and also found several vulnerabilities in them.展开更多
Livelihood assets are a matter of high concern for secured survival.Drought-prone Gamo lowland households have differential access to livelihood resources which indicates the varying capacity of resisting to shocks.Th...Livelihood assets are a matter of high concern for secured survival.Drought-prone Gamo lowland households have differential access to livelihood resources which indicates the varying capacity of resisting to shocks.The main objective of this study is to explore the impacts of livelihood assets on livelihood security in the drought-prone Gamo lowlands.Multistage sampling procedures were employed to select the study sites and sample respondents.Primary data of households’capital assets and livelihood security status were produced from 285 survey households,agricultural experts,key informants,focus group discussants,and field observation through transect walks.Descriptive and inferential statistics were used to analyze quantitative data,whereas discussions and annotations were employed for analyzing qualitative data.The Sustainable Livelihoods Framework is used with modifications to schematize the study conceptually.The findings indicated that the study households possessed combinations of livelihood resources differentially.Financial and natural capitals were found to be the most deficient and better-accessed capitals,respectively.The study also showed that lowland residents’access to assets has significant indications of livelihood security.Households’poor access to assets such as financial,information,and social capital demands raised attention of the concerned stakeholders and policy debates in the drought-prone rural setup.Hence,it has been concluded that the more assets are accessed,the stronger the capacity of the households to resist shocks,and better the livelihood security.Accordingly,enhancing people’s access to multiple livelihood assets is suggested to sustainably secure livelihoods.展开更多
As Egyptian oil and gas downstream information technology has grown digitally over the past decade, security breaches against these digitally connected systems have also increased. These cyber security threats could h...As Egyptian oil and gas downstream information technology has grown digitally over the past decade, security breaches against these digitally connected systems have also increased. These cyber security threats could have devastating effects on the operations and reputation of these companies. Preventing such cyberattacks is crucial. Especially, with the significance of the Egyptian oil and gas downstream sector to the local economy and the fact that many of these connected systems are sometimes managed remotely. This paper examines the value of the ISO 27001 standard in mitigating the effect of cyber threat and seeks to inspire decision-makers to the importance of the proactive measures to strengthen their organization’s cybersecurity posture and protect information critical assets. The study stresses the importance of improving the local educational system to bridge the gap between supply and demand for cybersecurity specialists by implementing a structured approach that emphasizes behavior modification to get a high return on investment in cybersecurity awareness.展开更多
The paper analyzes the theory and application of Markowitz Mean-Variance Model and CAPM model. Firstly, it explains the development process and standpoints of two models and deduces the whole process in detail. Then 3...The paper analyzes the theory and application of Markowitz Mean-Variance Model and CAPM model. Firstly, it explains the development process and standpoints of two models and deduces the whole process in detail. Then 30 stocks are choosen from Shangzheng 50 stocks and are testified whether the prices of Shanghai stocks conform to the two models. With the technique of time series and panel data analysis, the research on the stock risk and effective portfolio by ORIGIN and MATLAB software is conducted. The result shows that Shanghai stock market conforms to Markowitz Mean-Variance Model to a certain extent and can give investors reliable suggestion to gain higher return, but there is no positive relation between system risk and profit ratio and CAPM doesn't function well in China's security market.展开更多
With the rapid development of Internet technology,the issues of network asset detection and vulnerability warning have become hot topics of concern in the industry.However,most existing detection tools operate in a si...With the rapid development of Internet technology,the issues of network asset detection and vulnerability warning have become hot topics of concern in the industry.However,most existing detection tools operate in a single-node mode and cannot parallelly process large-scale tasks,which cannot meet the current needs of the industry.To address the above issues,this paper proposes a distributed network asset detection and vulnerability warning platform(Dis-NDVW)based on distributed systems and multiple detection tools.Specifically,this paper proposes a distributed message sub-scription and publication system based on Zookeeper and Kafka,which endows Dis-NDVW with the ability to parallelly process large-scale tasks.Meanwhile,Dis-NDVW combines the RangeAssignor,RoundRobinAssignor,and StickyAssignor algorithms to achieve load balancing of task nodes in a distributed detection cluster.In terms of a large-scale task processing strategy,this paper proposes a task partitioning method based on First-In-First-Out(FIFO)queue.This method realizes the parallel operation of task producers and task consumers by dividing pending tasks into different queues according to task types.To ensure the data reliability of the task cluster,Dis-NDVW provides a redundant storage strategy for master-slave partition replicas.In terms of distributed storage,Dis-NDVW utilizes a distributed elastic storage service based on ElasticSearch to achieve distributed storage and efficient retrieval of big data.Experimental verification shows that Dis-NDVW can better meet the basic requirements of ultra-large-scale detection tasks.展开更多
The security breaches of sensitive information have remained difficult to solve due to increased malware programs and unauthorized access to data stored in critical assets. As risk appetite differ from one organizatio...The security breaches of sensitive information have remained difficult to solve due to increased malware programs and unauthorized access to data stored in critical assets. As risk appetite differ from one organization to another, it prompts the threat analysis tools be integrated with organization’s information security policy so as to ensure security controls at local settings. However, it has been noted that the current tools for threat assessment processes have not encompassed information security policy for effective security management (i.e.?confidentiality, integrity and availability) based on organization’s risk appetite and culture. The information security policy serves as a tool to provide guidance on how to manage and secure all business operations including critical assets, infrastructure and people in the organization. This guidance (e.g. usage and controls) facilitates the provisions for threat assessment and compliance based on local context. The lack of effective threat assessment frameworks at local context have promoted the exposure of critical assets such as database servers, mails servers, web servers and user smart-devices at the hand of attackers and thus increase risks and probability to compromise the assets. In this paper we have proposed a conceptual framework for security threat assessment based on organization’s information security policy. Furthermore, the study proposed the policy automation canvas for provision of a methodology to alert the security managers what possible threats found in their organizations for quick security mitigation without depending on security expertise.展开更多
The Igbo have their homeland in seven states of Nigeria mainly Imo, Abia, Anambra, Ebonyi, Delta and Rivers. They are receptible to new ideas and adapt easily to change. The ramifications of human insecurity, poverty,...The Igbo have their homeland in seven states of Nigeria mainly Imo, Abia, Anambra, Ebonyi, Delta and Rivers. They are receptible to new ideas and adapt easily to change. The ramifications of human insecurity, poverty, social disorder, poor coherence and poor integration appear to haunt them and the gravity is felt more in the rural communities. The factors are traceable to many pathetic issues. The pathological consequences do affect Igbo stability and navigation in the Nigerian socio-economic environment. The causality constitutes the physical, human, natural, financial and social assets. It is recommended, among others, that the people should return to core values and norms, stick to their own noble identities, have a framework for tackling insecurity and hunger, target the youth in poverty reduction measures and tackle the herdsmen menace. Equally, the abused philosophies used to support dangerous and strange behavior should be tackled.展开更多
Vehicular Networks (VANET) are the largest real-life paradigm of ad hoc networks which aim to ensure road safety and enhance drivers’ comfort. In VANET, the vehicles communicate or collaborate with each other and wit...Vehicular Networks (VANET) are the largest real-life paradigm of ad hoc networks which aim to ensure road safety and enhance drivers’ comfort. In VANET, the vehicles communicate or collaborate with each other and with adjacent infrastructure by exchanging significant messages, such as road accident warnings, steep-curve ahead warnings or traffic jam warnings. However, this communication and other assets involved are subject to major threats and provide numerous opportunities for attackers to launch several attacks and compromise security and privacy of vehicular users. This paper reviews the cyber security in VANET and proposes an asset-based approach for VANET security. Firstly, it identifies relevant assets in VANET. Secondly, it provides a detailed taxonomy of vulnerabilities and threats on these assets, and, lastly, it classifies the possible attacks in VANET and critically evaluates them.展开更多
We propose a scheme for probabilistic teleportation of an unknown two-particle state with a four-particle pure entangled state and positive operator valued measure (POVM). In this scheme the teleportation of an unkn...We propose a scheme for probabilistic teleportation of an unknown two-particle state with a four-particle pure entangled state and positive operator valued measure (POVM). In this scheme the teleportation of an unknown two-particle state can be realized with certain probability by performing two Bell state measurements, a proper POVM and a unitary transformation.展开更多
With the commercialization of 5th-generation mobile communications(5G)networks,a large-scale internet of things(IoT)environment is being built.Security is becoming increasingly crucial in 5G network environments due t...With the commercialization of 5th-generation mobile communications(5G)networks,a large-scale internet of things(IoT)environment is being built.Security is becoming increasingly crucial in 5G network environments due to the growing risk of various distributed denial of service(DDoS)attacks across vast IoT devices.Recently,research on automated intrusion detection using machine learning(ML)for 5G environments has been actively conducted.However,5G traffic has insufficient data due to privacy protection problems and imbalance problems with significantly fewer attack data.If this data is used to train an ML model,it will likely suffer from generalization errors due to not training enough different features on the attack data.Therefore,this paper aims to study a training method to mitigate the generalization error problem of the ML model that classifies IoT DDoS attacks even under conditions of insufficient and imbalanced 5G traffic.We built a 5G testbed to construct a 5G dataset for training to solve the problem of insufficient data.To solve the imbalance problem,synthetic minority oversampling technique(SMOTE)and generative adversarial network(GAN)-based conditional tabular GAN(CTGAN)of data augmentation were used.The performance of the trained ML models was compared and meaningfully analyzed regarding the generalization error problem.The experimental results showed that CTGAN decreased the accuracy and f1-score compared to the Baseline.Still,regarding the generalization error,the difference between the validation and test results was reduced by at least 1.7 and up to 22.88 times,indicating an improvement in the problem.This result suggests that the ML model training method that utilizes CTGANs to augment attack data for training data in the 5G environment mitigates the generalization error problem.展开更多
文摘Asset-backed securities are developed through complex processes such as asset restructuring and credit enhancement.Therefore,the information asymmetry between issuers and investors is greater compared to traditional securities,which imposes higher requirements on information disclosure for asset-backed securities.Asset-backed securities have characteristics such as diversified disclosers,differentiated disclosure content,and specialized risk factors.China has already formulated a series of rules and regulations regarding information disclosure of asset-backed securities.It is imperative to develop specialized laws and regulations for asset-backed securities,encompass original equity holders and credit enhancement agencies as information disclosers,incorporate information such as underlying asset details,cash flow projections,and credit ratings and enhancements into the disclosure content,and improve the legal liability rules to effectively address false disclosures.
基金the Higher Education Commission(HEC),Pakistan throughits initiative of National Center for Cyber Security for the affiliated Security Testing-Innovative SecuredSystems Lab(ISSL)established at University of Engineering&Technology(UET)Peshawar,Grant No.2(1078)/HEC/M&E/2018/707.
文摘Over the last decade,a significant increase has been observed in the use of web-based Information systems that process sensitive information,e.g.,personal,financial,medical.With this increased use,the security of such systems became a crucial aspect to ensure safety,integrity and authenticity of the data.To achieve the objectives of data safety,security testing is performed.However,with growth and diversity of information systems,it is challenging to apply security testing for each and every system.Therefore,it is important to classify the assets based on their required level of security using an appropriate technique.In this paper,we propose an asset security classification technique to classify the System Under Test(SUT)based on various factors such as system exposure,data criticality and security requirements.We perform an extensive evaluation of our technique on a sample of 451 information systems.Further,we use security testing on a sample extracted from the resulting prioritized systems to investigate the presence of vulnerabilities.Our technique achieved promising results of successfully assigning security levels to various assets in the tested environments and also found several vulnerabilities in them.
文摘Livelihood assets are a matter of high concern for secured survival.Drought-prone Gamo lowland households have differential access to livelihood resources which indicates the varying capacity of resisting to shocks.The main objective of this study is to explore the impacts of livelihood assets on livelihood security in the drought-prone Gamo lowlands.Multistage sampling procedures were employed to select the study sites and sample respondents.Primary data of households’capital assets and livelihood security status were produced from 285 survey households,agricultural experts,key informants,focus group discussants,and field observation through transect walks.Descriptive and inferential statistics were used to analyze quantitative data,whereas discussions and annotations were employed for analyzing qualitative data.The Sustainable Livelihoods Framework is used with modifications to schematize the study conceptually.The findings indicated that the study households possessed combinations of livelihood resources differentially.Financial and natural capitals were found to be the most deficient and better-accessed capitals,respectively.The study also showed that lowland residents’access to assets has significant indications of livelihood security.Households’poor access to assets such as financial,information,and social capital demands raised attention of the concerned stakeholders and policy debates in the drought-prone rural setup.Hence,it has been concluded that the more assets are accessed,the stronger the capacity of the households to resist shocks,and better the livelihood security.Accordingly,enhancing people’s access to multiple livelihood assets is suggested to sustainably secure livelihoods.
文摘As Egyptian oil and gas downstream information technology has grown digitally over the past decade, security breaches against these digitally connected systems have also increased. These cyber security threats could have devastating effects on the operations and reputation of these companies. Preventing such cyberattacks is crucial. Especially, with the significance of the Egyptian oil and gas downstream sector to the local economy and the fact that many of these connected systems are sometimes managed remotely. This paper examines the value of the ISO 27001 standard in mitigating the effect of cyber threat and seeks to inspire decision-makers to the importance of the proactive measures to strengthen their organization’s cybersecurity posture and protect information critical assets. The study stresses the importance of improving the local educational system to bridge the gap between supply and demand for cybersecurity specialists by implementing a structured approach that emphasizes behavior modification to get a high return on investment in cybersecurity awareness.
基金Supported by Zhejiang Provincial Natural Science Foundation (Y604137)Student Research Training Program in Zhejiang University
文摘The paper analyzes the theory and application of Markowitz Mean-Variance Model and CAPM model. Firstly, it explains the development process and standpoints of two models and deduces the whole process in detail. Then 30 stocks are choosen from Shangzheng 50 stocks and are testified whether the prices of Shanghai stocks conform to the two models. With the technique of time series and panel data analysis, the research on the stock risk and effective portfolio by ORIGIN and MATLAB software is conducted. The result shows that Shanghai stock market conforms to Markowitz Mean-Variance Model to a certain extent and can give investors reliable suggestion to gain higher return, but there is no positive relation between system risk and profit ratio and CAPM doesn't function well in China's security market.
基金supported by the Fundamental Research Funds for the Central Universities(Grant No.HIT.NSRIF.201714)Weihai Science and TechnologyDevelopment Program(2016DX GJMS15)+1 种基金Weihai Scientific Research and Innovation Fund(2020)Key Research and Development Program in Shandong Provincial(2017GGX90103).
文摘With the rapid development of Internet technology,the issues of network asset detection and vulnerability warning have become hot topics of concern in the industry.However,most existing detection tools operate in a single-node mode and cannot parallelly process large-scale tasks,which cannot meet the current needs of the industry.To address the above issues,this paper proposes a distributed network asset detection and vulnerability warning platform(Dis-NDVW)based on distributed systems and multiple detection tools.Specifically,this paper proposes a distributed message sub-scription and publication system based on Zookeeper and Kafka,which endows Dis-NDVW with the ability to parallelly process large-scale tasks.Meanwhile,Dis-NDVW combines the RangeAssignor,RoundRobinAssignor,and StickyAssignor algorithms to achieve load balancing of task nodes in a distributed detection cluster.In terms of a large-scale task processing strategy,this paper proposes a task partitioning method based on First-In-First-Out(FIFO)queue.This method realizes the parallel operation of task producers and task consumers by dividing pending tasks into different queues according to task types.To ensure the data reliability of the task cluster,Dis-NDVW provides a redundant storage strategy for master-slave partition replicas.In terms of distributed storage,Dis-NDVW utilizes a distributed elastic storage service based on ElasticSearch to achieve distributed storage and efficient retrieval of big data.Experimental verification shows that Dis-NDVW can better meet the basic requirements of ultra-large-scale detection tasks.
文摘The security breaches of sensitive information have remained difficult to solve due to increased malware programs and unauthorized access to data stored in critical assets. As risk appetite differ from one organization to another, it prompts the threat analysis tools be integrated with organization’s information security policy so as to ensure security controls at local settings. However, it has been noted that the current tools for threat assessment processes have not encompassed information security policy for effective security management (i.e.?confidentiality, integrity and availability) based on organization’s risk appetite and culture. The information security policy serves as a tool to provide guidance on how to manage and secure all business operations including critical assets, infrastructure and people in the organization. This guidance (e.g. usage and controls) facilitates the provisions for threat assessment and compliance based on local context. The lack of effective threat assessment frameworks at local context have promoted the exposure of critical assets such as database servers, mails servers, web servers and user smart-devices at the hand of attackers and thus increase risks and probability to compromise the assets. In this paper we have proposed a conceptual framework for security threat assessment based on organization’s information security policy. Furthermore, the study proposed the policy automation canvas for provision of a methodology to alert the security managers what possible threats found in their organizations for quick security mitigation without depending on security expertise.
文摘The Igbo have their homeland in seven states of Nigeria mainly Imo, Abia, Anambra, Ebonyi, Delta and Rivers. They are receptible to new ideas and adapt easily to change. The ramifications of human insecurity, poverty, social disorder, poor coherence and poor integration appear to haunt them and the gravity is felt more in the rural communities. The factors are traceable to many pathetic issues. The pathological consequences do affect Igbo stability and navigation in the Nigerian socio-economic environment. The causality constitutes the physical, human, natural, financial and social assets. It is recommended, among others, that the people should return to core values and norms, stick to their own noble identities, have a framework for tackling insecurity and hunger, target the youth in poverty reduction measures and tackle the herdsmen menace. Equally, the abused philosophies used to support dangerous and strange behavior should be tackled.
文摘Vehicular Networks (VANET) are the largest real-life paradigm of ad hoc networks which aim to ensure road safety and enhance drivers’ comfort. In VANET, the vehicles communicate or collaborate with each other and with adjacent infrastructure by exchanging significant messages, such as road accident warnings, steep-curve ahead warnings or traffic jam warnings. However, this communication and other assets involved are subject to major threats and provide numerous opportunities for attackers to launch several attacks and compromise security and privacy of vehicular users. This paper reviews the cyber security in VANET and proposes an asset-based approach for VANET security. Firstly, it identifies relevant assets in VANET. Secondly, it provides a detailed taxonomy of vulnerabilities and threats on these assets, and, lastly, it classifies the possible attacks in VANET and critically evaluates them.
基金Supported by the Hebei Natural Science Foundation of China under Grant Nos A2004000141 and A2005000140, and the Natural Science Foundation of Hebei Normal University.
文摘We propose a scheme for probabilistic teleportation of an unknown two-particle state with a four-particle pure entangled state and positive operator valued measure (POVM). In this scheme the teleportation of an unknown two-particle state can be realized with certain probability by performing two Bell state measurements, a proper POVM and a unitary transformation.
基金This work was supported by Institute of Information&communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.2021-0-00796Research on Foundational Technologies for 6GAutonomous Security-by-Design toGuarantee Constant Quality of Security).
文摘With the commercialization of 5th-generation mobile communications(5G)networks,a large-scale internet of things(IoT)environment is being built.Security is becoming increasingly crucial in 5G network environments due to the growing risk of various distributed denial of service(DDoS)attacks across vast IoT devices.Recently,research on automated intrusion detection using machine learning(ML)for 5G environments has been actively conducted.However,5G traffic has insufficient data due to privacy protection problems and imbalance problems with significantly fewer attack data.If this data is used to train an ML model,it will likely suffer from generalization errors due to not training enough different features on the attack data.Therefore,this paper aims to study a training method to mitigate the generalization error problem of the ML model that classifies IoT DDoS attacks even under conditions of insufficient and imbalanced 5G traffic.We built a 5G testbed to construct a 5G dataset for training to solve the problem of insufficient data.To solve the imbalance problem,synthetic minority oversampling technique(SMOTE)and generative adversarial network(GAN)-based conditional tabular GAN(CTGAN)of data augmentation were used.The performance of the trained ML models was compared and meaningfully analyzed regarding the generalization error problem.The experimental results showed that CTGAN decreased the accuracy and f1-score compared to the Baseline.Still,regarding the generalization error,the difference between the validation and test results was reduced by at least 1.7 and up to 22.88 times,indicating an improvement in the problem.This result suggests that the ML model training method that utilizes CTGANs to augment attack data for training data in the 5G environment mitigates the generalization error problem.
