This article explores the evolution of cloud computing, its advantages over traditional on-premises infrastructure, and its impact on information security. The study presents a comprehensive literature review covering...This article explores the evolution of cloud computing, its advantages over traditional on-premises infrastructure, and its impact on information security. The study presents a comprehensive literature review covering various cloud infrastructure offerings and security models. Additionally, it deeply analyzes real-life case studies illustrating successful cloud migrations and highlights common information security threats in current cloud computing. The article concludes by offering recommendations to businesses to protect themselves from cloud data breaches and providing insights into selecting a suitable cloud services provider from an information security perspective.展开更多
There are many reasons whymerchant ships make desirable targetsfor pirates and terrorists as well as aconvenient means of transport for thestowaway. Criminal activity in the form ofsuch threats is quickly becoming one...There are many reasons whymerchant ships make desirable targetsfor pirates and terrorists as well as aconvenient means of transport for thestowaway. Criminal activity in the form ofsuch threats is quickly becoming one ofthe greatest threats to ships and展开更多
Cyberattacks are difficult to prevent because the targeted companies and organizations are often relying on new and fundamentally insecure cloudbased technologies,such as the Internet of Things.With increasing industr...Cyberattacks are difficult to prevent because the targeted companies and organizations are often relying on new and fundamentally insecure cloudbased technologies,such as the Internet of Things.With increasing industry adoption and migration of traditional computing services to the cloud,one of the main challenges in cybersecurity is to provide mechanisms to secure these technologies.This work proposes a Data Security Framework for cloud computing services(CCS)that evaluates and improves CCS data security from a software engineering perspective by evaluating the levels of security within the cloud computing paradigm using engineering methods and techniques applied to CCS.This framework is developed by means of a methodology based on a heuristic theory that incorporates knowledge generated by existing works as well as the experience of their implementation.The paper presents the design details of the framework,which consists of three stages:identification of data security requirements,management of data security risks and evaluation of data security performance in CCS.展开更多
This study presents a radio frequency(RF)fingerprint identification method combining a convolutional neural network(CNN)and gated recurrent unit(GRU)network to identify measurement and control signals.The proposed alg...This study presents a radio frequency(RF)fingerprint identification method combining a convolutional neural network(CNN)and gated recurrent unit(GRU)network to identify measurement and control signals.The proposed algorithm(CNN-GRU)uses a convolutional layer to extract the IQ-related learning timing features.A GRU network extracts timing features at a deeper level before outputting the final identification results.The number of parameters and the algorithm’s complexity are reduced by optimizing the convolutional layer structure and replacing multiple fully-connected layers with gated cyclic units.Simulation experiments show that the algorithm achieves an average identification accuracy of 84.74% at a -10 dB to 20 dB signal-to-noise ratio(SNR)with fewer parameters and less computation than a network model with the same identification rate in a software radio dataset containing multiple USRP X310s from the same manufacturer,with fewer parameters and less computation than a network model with the same identification rate.The algorithm is used to identify measurement and control signals and ensure the security of the measurement and control link with theoretical and engineering applications.展开更多
Sybil attacks are one kind of well-known and powerful attacks against online social networks (OSNs). In a sybil attack, a malicious attacker generates a sybil group consisting of multiple sybil users, and controls t...Sybil attacks are one kind of well-known and powerful attacks against online social networks (OSNs). In a sybil attack, a malicious attacker generates a sybil group consisting of multiple sybil users, and controls them to attack the system. However, data confidentiality policies of major social network providers have severely limited researchers' access to large-scale datasets of sybil groups. A deep understanding of sybil groups can provide important insights into the characteristics of malicious behavior, as well as numerous practical implications on the design of security mechanisms. In this paper, we present an initial study to measure sybil groups in a large-scale OSN, Renren. We analyze sybil groups at different levels, including individual information, social relationships, and malicious activities. Our main observations are: 1) user information in sybil groups is usually incomplete and in poor quality; 2) sybil groups have special evolution patterns in connectivity structure, including bursty actions to add nodes, and a monotonous merging pattern that lacks non-singleton mergings; 3) several sybil groups have strong relationships with each other and compose sybil communities, and these communities cover a large number of users and pose great potential threats; 4) some sybil users are not banned until a long time after registration in some sybil groups. The characteristics of sybil groups can be leveraged to improve the security mechanisms in OSNs to defend against sybil attacks. Specifically, we suggest that OSNs should 1) check information completeness and quality, 2) learn from dynamics of community connectivity structure to detect sybil groups, 3) monitor sybil communities and inspect them carefully to prevent collusion, and 4) inspect sybil groups that behave normally even for a long time to prevent potential malicious behaviors.展开更多
文摘This article explores the evolution of cloud computing, its advantages over traditional on-premises infrastructure, and its impact on information security. The study presents a comprehensive literature review covering various cloud infrastructure offerings and security models. Additionally, it deeply analyzes real-life case studies illustrating successful cloud migrations and highlights common information security threats in current cloud computing. The article concludes by offering recommendations to businesses to protect themselves from cloud data breaches and providing insights into selecting a suitable cloud services provider from an information security perspective.
文摘There are many reasons whymerchant ships make desirable targetsfor pirates and terrorists as well as aconvenient means of transport for thestowaway. Criminal activity in the form ofsuch threats is quickly becoming one ofthe greatest threats to ships and
文摘Cyberattacks are difficult to prevent because the targeted companies and organizations are often relying on new and fundamentally insecure cloudbased technologies,such as the Internet of Things.With increasing industry adoption and migration of traditional computing services to the cloud,one of the main challenges in cybersecurity is to provide mechanisms to secure these technologies.This work proposes a Data Security Framework for cloud computing services(CCS)that evaluates and improves CCS data security from a software engineering perspective by evaluating the levels of security within the cloud computing paradigm using engineering methods and techniques applied to CCS.This framework is developed by means of a methodology based on a heuristic theory that incorporates knowledge generated by existing works as well as the experience of their implementation.The paper presents the design details of the framework,which consists of three stages:identification of data security requirements,management of data security risks and evaluation of data security performance in CCS.
基金supported by the National Natural Science Foundation of China(No.62027801).
文摘This study presents a radio frequency(RF)fingerprint identification method combining a convolutional neural network(CNN)and gated recurrent unit(GRU)network to identify measurement and control signals.The proposed algorithm(CNN-GRU)uses a convolutional layer to extract the IQ-related learning timing features.A GRU network extracts timing features at a deeper level before outputting the final identification results.The number of parameters and the algorithm’s complexity are reduced by optimizing the convolutional layer structure and replacing multiple fully-connected layers with gated cyclic units.Simulation experiments show that the algorithm achieves an average identification accuracy of 84.74% at a -10 dB to 20 dB signal-to-noise ratio(SNR)with fewer parameters and less computation than a network model with the same identification rate in a software radio dataset containing multiple USRP X310s from the same manufacturer,with fewer parameters and less computation than a network model with the same identification rate.The algorithm is used to identify measurement and control signals and ensure the security of the measurement and control link with theoretical and engineering applications.
文摘Sybil attacks are one kind of well-known and powerful attacks against online social networks (OSNs). In a sybil attack, a malicious attacker generates a sybil group consisting of multiple sybil users, and controls them to attack the system. However, data confidentiality policies of major social network providers have severely limited researchers' access to large-scale datasets of sybil groups. A deep understanding of sybil groups can provide important insights into the characteristics of malicious behavior, as well as numerous practical implications on the design of security mechanisms. In this paper, we present an initial study to measure sybil groups in a large-scale OSN, Renren. We analyze sybil groups at different levels, including individual information, social relationships, and malicious activities. Our main observations are: 1) user information in sybil groups is usually incomplete and in poor quality; 2) sybil groups have special evolution patterns in connectivity structure, including bursty actions to add nodes, and a monotonous merging pattern that lacks non-singleton mergings; 3) several sybil groups have strong relationships with each other and compose sybil communities, and these communities cover a large number of users and pose great potential threats; 4) some sybil users are not banned until a long time after registration in some sybil groups. The characteristics of sybil groups can be leveraged to improve the security mechanisms in OSNs to defend against sybil attacks. Specifically, we suggest that OSNs should 1) check information completeness and quality, 2) learn from dynamics of community connectivity structure to detect sybil groups, 3) monitor sybil communities and inspect them carefully to prevent collusion, and 4) inspect sybil groups that behave normally even for a long time to prevent potential malicious behaviors.
