In recent years, the place occupied by the various manifestations of cyber-crime in companies has been considerable. Indeed, due to the rapid evolution of telecommunications technologies, companies, regardless of thei...In recent years, the place occupied by the various manifestations of cyber-crime in companies has been considerable. Indeed, due to the rapid evolution of telecommunications technologies, companies, regardless of their size or sector of activity, are now the target of advanced persistent threats. The Work 2035 study also revealed that cyber crimes (such as critical infrastructure hacks) and massive data breaches are major sources of concern. Thus, it is important for organizations to guarantee a minimum level of security to avoid potential attacks that can cause paralysis of systems, loss of sensitive data, exposure to blackmail, damage to reputation or even a commercial harm. To do this, among other means, hardening is used, the main objective of which is to reduce the attack surface within a company. The execution of the hardening configurations as well as the verification of these are carried out on the servers and network equipment with the aim of reducing the number of openings present by keeping only those which are necessary for proper operation. However, nowadays, in many companies, these tasks are done manually. As a result, the execution and verification of hardening configurations are very often subject to potential errors but also highly consuming human and financial resources. The problem is that it is essential for operators to maintain an optimal level of security while minimizing costs, hence the interest in automating hardening processes and verifying the hardening of servers and network equipment. It is in this logic that we propose within the framework of this work the reinforcement of the security of the information systems (IS) by the automation of the mechanisms of hardening. In our work, we have, on the one hand, set up a hardening procedure in accordance with international security standards for servers, routers and switches and, on the other hand, designed and produced a functional application which makes it possible to: 1) Realise the configuration of the hardening;2) Verify them;3) Correct the non conformities;4) Write and send by mail a verification report for the configurations;5) And finally update the procedures of hardening. Our web application thus created allows in less than fifteen (15) minutes actions that previously took at least five (5) hours of time. This allows supervised network operators to save time and money, but also to improve their security standards in line with international standards.展开更多
This article expounds and proves the basic model of the inconsistency of the security supervision policy and makes an analysis in the method of game theory on the inconsistency of the security transaction-tax-rate pol...This article expounds and proves the basic model of the inconsistency of the security supervision policy and makes an analysis in the method of game theory on the inconsistency of the security transaction-tax-rate policy, concludes that the security supervision department is inclined to increase or decrease the security transaction tax rate, thus points out ways for supervision department to surmount this difficulty.展开更多
Social security fund is the foundation of the social security to run, so to strengthen the supervision of social security fund, and promote the sustainable development of it is particularly important. However, the sup...Social security fund is the foundation of the social security to run, so to strengthen the supervision of social security fund, and promote the sustainable development of it is particularly important. However, the supervision of social security fund of China exists many difficulties at present. In this paper ,the author will be based on the angle of the diversity of regulation, and put forward some relevant suggestions to improve the system of supervision of social security fund.展开更多
Due to the dynamic nature and node mobility,assuring the security of Mobile Ad-hoc Networks(MANET)is one of the difficult and challenging tasks today.In MANET,the Intrusion Detection System(IDS)is crucial because it a...Due to the dynamic nature and node mobility,assuring the security of Mobile Ad-hoc Networks(MANET)is one of the difficult and challenging tasks today.In MANET,the Intrusion Detection System(IDS)is crucial because it aids in the identification and detection of malicious attacks that impair the network’s regular operation.Different machine learning and deep learning methodologies are used for this purpose in the conventional works to ensure increased security of MANET.However,it still has significant flaws,including increased algorithmic complexity,lower system performance,and a higher rate of misclassification.Therefore,the goal of this paper is to create an intelligent IDS framework for significantly enhancing MANET security through the use of deep learning models.Here,the min-max normalization model is applied to preprocess the given cyber-attack datasets for normalizing the attributes or fields,which increases the overall intrusion detection performance of classifier.Then,a novel Adaptive Marine Predator Optimization Algorithm(AOMA)is implemented to choose the optimal features for improving the speed and intrusion detection performance of classifier.Moreover,the Deep Supervise Learning Classification(DSLC)mechanism is utilized to predict and categorize the type of intrusion based on proper learning and training operations.During evaluation,the performance and results of the proposed AOMA-DSLC based IDS methodology is validated and compared using various performance measures and benchmarking datasets.展开更多
The border gateway protocol (BGP) is the default inter domain routing protocol used on the internet for exchanging information between autonomous systems. Available literature suggests that BGP is vulnerable to sessio...The border gateway protocol (BGP) is the default inter domain routing protocol used on the internet for exchanging information between autonomous systems. Available literature suggests that BGP is vulnerable to session hijacking attacks. There are a number of proposals aimed at improving BGP security which have not been fully implemented. This paper examines a number of approaches for securing BGP through a comparative study and identifies the reasons why these proposals have not been implemented commercially. This paper analyses the architecture of internet routing and the design of BGP while focusing on the problem of BGP session hijacking attacks. Using Graphical Network Simulator 3 (GNS-3), a session hijack is demonstrated and a solution which involves the implementation of route filtering, policy-maps and route-maps on CISCO routers representing ASes is carried out. In the end, a workable industry standard framework for securing and protecting BGP sessions and border routers from exploitation with little or no modification to the existing routing infrastructure is demonstrated.展开更多
Grain security guarantees national security.China has many widely distributed grain depots to supervise grain storage security.However,this has led to a lack of regulatory capacity and manpower.Amid the development of...Grain security guarantees national security.China has many widely distributed grain depots to supervise grain storage security.However,this has led to a lack of regulatory capacity and manpower.Amid the development of reserve-level information technology,big data supervision of grain storage security should be improved.This study proposes big data research architecture and an analysis model for grain storage security;as an example,it illustrates the supervision of the grain loss problem in storage security.The statistical analysis model and the prediction and clustering-based model for grain loss supervision were used to mine abnormal data.A combination of feature extraction and feature selection reduction methods were chosen for dimensionality.A comparative analysis showed that the nonlinear prediction model performed better on the grain loss data set,with R2 of 87.21%,87.83%,91.97%,and 89.40%for Gradient Boosting Regressor(GBR),Random Forest,Decision Tree,XGBoost regression on test sets,respectively.Nineteen abnormal data were filtered out by GBR combined with residuals as an example.The deep learning model had the best performance on the mean absolute error,with an R2 of 85.14%on the test set and only one abnormal data identified.This is contrary to the original intention of finding as many anomalies as possible for supervisory purposes.Five classes were generated using principal component analysis dimensionality reduction combined with Density-Based Spatial Clustering of Applications with Noise(DBSCAN)clustering,with 11 anomalous data points screened by adding the amount of normalized grain loss.Based on the existing grain information system,this paper provides a supervision model for grain storage that can help mine abnormal data.Unlike the current post-event supervision model,this study proposes a pre-event supervision model.This study provides a framework of ideas for subsequent scholarly research;the addition of big data technology will help improve efficient supervisory capacity in the field of grain supervision.展开更多
The social security fund is the masses of"Survival Money" "lucky money". In order to promote the sustainable development of social security funds, the effective supervision of social security funds become very imp...The social security fund is the masses of"Survival Money" "lucky money". In order to promote the sustainable development of social security funds, the effective supervision of social security funds become very important. This paper based on the aims to promote the sustainable development of the social security fund and analysis of social forces to participate in the supervision of social security fund situation, put forward to further improve the social security fund supervision and management of effective means.展开更多
This paper advances new directions for cyber security using adversarial learning and conformal prediction in order to enhance network and computing services defenses against adaptive, malicious, persistent, and tactic...This paper advances new directions for cyber security using adversarial learning and conformal prediction in order to enhance network and computing services defenses against adaptive, malicious, persistent, and tactical offensive threats. Conformal prediction is the principled and unified adaptive and learning framework used to design, develop, and deploy a multi-faceted?self-managing defensive shield to detect, disrupt, and deny intrusive attacks, hostile and malicious behavior, and subterfuge. Conformal prediction leverages apparent relationships between immunity and intrusion detection using non-conformity measures characteristic of affinity, a typicality, and surprise, to recognize patterns and messages as friend or foe and to respond to them accordingly. The solutions proffered throughout are built around active learning, meta-reasoning, randomness, distributed semantics and stratification, and most important and above all around adaptive Oracles. The motivation for using conformal prediction and its immediate off-spring, those of semi-supervised learning and transduction, comes from them first and foremost supporting discriminative and non-parametric methods characteristic of principled demarcation using cohorts and sensitivity analysis to hedge on the prediction outcomes including negative selection, on one side, and providing credibility and confidence indices that assist meta-reasoning and information fusion.展开更多
文摘In recent years, the place occupied by the various manifestations of cyber-crime in companies has been considerable. Indeed, due to the rapid evolution of telecommunications technologies, companies, regardless of their size or sector of activity, are now the target of advanced persistent threats. The Work 2035 study also revealed that cyber crimes (such as critical infrastructure hacks) and massive data breaches are major sources of concern. Thus, it is important for organizations to guarantee a minimum level of security to avoid potential attacks that can cause paralysis of systems, loss of sensitive data, exposure to blackmail, damage to reputation or even a commercial harm. To do this, among other means, hardening is used, the main objective of which is to reduce the attack surface within a company. The execution of the hardening configurations as well as the verification of these are carried out on the servers and network equipment with the aim of reducing the number of openings present by keeping only those which are necessary for proper operation. However, nowadays, in many companies, these tasks are done manually. As a result, the execution and verification of hardening configurations are very often subject to potential errors but also highly consuming human and financial resources. The problem is that it is essential for operators to maintain an optimal level of security while minimizing costs, hence the interest in automating hardening processes and verifying the hardening of servers and network equipment. It is in this logic that we propose within the framework of this work the reinforcement of the security of the information systems (IS) by the automation of the mechanisms of hardening. In our work, we have, on the one hand, set up a hardening procedure in accordance with international security standards for servers, routers and switches and, on the other hand, designed and produced a functional application which makes it possible to: 1) Realise the configuration of the hardening;2) Verify them;3) Correct the non conformities;4) Write and send by mail a verification report for the configurations;5) And finally update the procedures of hardening. Our web application thus created allows in less than fifteen (15) minutes actions that previously took at least five (5) hours of time. This allows supervised network operators to save time and money, but also to improve their security standards in line with international standards.
文摘This article expounds and proves the basic model of the inconsistency of the security supervision policy and makes an analysis in the method of game theory on the inconsistency of the security transaction-tax-rate policy, concludes that the security supervision department is inclined to increase or decrease the security transaction tax rate, thus points out ways for supervision department to surmount this difficulty.
文摘Social security fund is the foundation of the social security to run, so to strengthen the supervision of social security fund, and promote the sustainable development of it is particularly important. However, the supervision of social security fund of China exists many difficulties at present. In this paper ,the author will be based on the angle of the diversity of regulation, and put forward some relevant suggestions to improve the system of supervision of social security fund.
文摘Due to the dynamic nature and node mobility,assuring the security of Mobile Ad-hoc Networks(MANET)is one of the difficult and challenging tasks today.In MANET,the Intrusion Detection System(IDS)is crucial because it aids in the identification and detection of malicious attacks that impair the network’s regular operation.Different machine learning and deep learning methodologies are used for this purpose in the conventional works to ensure increased security of MANET.However,it still has significant flaws,including increased algorithmic complexity,lower system performance,and a higher rate of misclassification.Therefore,the goal of this paper is to create an intelligent IDS framework for significantly enhancing MANET security through the use of deep learning models.Here,the min-max normalization model is applied to preprocess the given cyber-attack datasets for normalizing the attributes or fields,which increases the overall intrusion detection performance of classifier.Then,a novel Adaptive Marine Predator Optimization Algorithm(AOMA)is implemented to choose the optimal features for improving the speed and intrusion detection performance of classifier.Moreover,the Deep Supervise Learning Classification(DSLC)mechanism is utilized to predict and categorize the type of intrusion based on proper learning and training operations.During evaluation,the performance and results of the proposed AOMA-DSLC based IDS methodology is validated and compared using various performance measures and benchmarking datasets.
文摘The border gateway protocol (BGP) is the default inter domain routing protocol used on the internet for exchanging information between autonomous systems. Available literature suggests that BGP is vulnerable to session hijacking attacks. There are a number of proposals aimed at improving BGP security which have not been fully implemented. This paper examines a number of approaches for securing BGP through a comparative study and identifies the reasons why these proposals have not been implemented commercially. This paper analyses the architecture of internet routing and the design of BGP while focusing on the problem of BGP session hijacking attacks. Using Graphical Network Simulator 3 (GNS-3), a session hijack is demonstrated and a solution which involves the implementation of route filtering, policy-maps and route-maps on CISCO routers representing ASes is carried out. In the end, a workable industry standard framework for securing and protecting BGP sessions and border routers from exploitation with little or no modification to the existing routing infrastructure is demonstrated.
文摘Grain security guarantees national security.China has many widely distributed grain depots to supervise grain storage security.However,this has led to a lack of regulatory capacity and manpower.Amid the development of reserve-level information technology,big data supervision of grain storage security should be improved.This study proposes big data research architecture and an analysis model for grain storage security;as an example,it illustrates the supervision of the grain loss problem in storage security.The statistical analysis model and the prediction and clustering-based model for grain loss supervision were used to mine abnormal data.A combination of feature extraction and feature selection reduction methods were chosen for dimensionality.A comparative analysis showed that the nonlinear prediction model performed better on the grain loss data set,with R2 of 87.21%,87.83%,91.97%,and 89.40%for Gradient Boosting Regressor(GBR),Random Forest,Decision Tree,XGBoost regression on test sets,respectively.Nineteen abnormal data were filtered out by GBR combined with residuals as an example.The deep learning model had the best performance on the mean absolute error,with an R2 of 85.14%on the test set and only one abnormal data identified.This is contrary to the original intention of finding as many anomalies as possible for supervisory purposes.Five classes were generated using principal component analysis dimensionality reduction combined with Density-Based Spatial Clustering of Applications with Noise(DBSCAN)clustering,with 11 anomalous data points screened by adding the amount of normalized grain loss.Based on the existing grain information system,this paper provides a supervision model for grain storage that can help mine abnormal data.Unlike the current post-event supervision model,this study proposes a pre-event supervision model.This study provides a framework of ideas for subsequent scholarly research;the addition of big data technology will help improve efficient supervisory capacity in the field of grain supervision.
文摘The social security fund is the masses of"Survival Money" "lucky money". In order to promote the sustainable development of social security funds, the effective supervision of social security funds become very important. This paper based on the aims to promote the sustainable development of the social security fund and analysis of social forces to participate in the supervision of social security fund situation, put forward to further improve the social security fund supervision and management of effective means.
文摘This paper advances new directions for cyber security using adversarial learning and conformal prediction in order to enhance network and computing services defenses against adaptive, malicious, persistent, and tactical offensive threats. Conformal prediction is the principled and unified adaptive and learning framework used to design, develop, and deploy a multi-faceted?self-managing defensive shield to detect, disrupt, and deny intrusive attacks, hostile and malicious behavior, and subterfuge. Conformal prediction leverages apparent relationships between immunity and intrusion detection using non-conformity measures characteristic of affinity, a typicality, and surprise, to recognize patterns and messages as friend or foe and to respond to them accordingly. The solutions proffered throughout are built around active learning, meta-reasoning, randomness, distributed semantics and stratification, and most important and above all around adaptive Oracles. The motivation for using conformal prediction and its immediate off-spring, those of semi-supervised learning and transduction, comes from them first and foremost supporting discriminative and non-parametric methods characteristic of principled demarcation using cohorts and sensitivity analysis to hedge on the prediction outcomes including negative selection, on one side, and providing credibility and confidence indices that assist meta-reasoning and information fusion.
