期刊文献+
共找到9篇文章
< 1 >
每页显示 20 50 100
An Investigation on Open-RAN Specifications:Use Cases,Security Threats,Requirements,Discussions
1
作者 Heejae Park Tri-HaiNguyen Laihyuk Park 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第10期13-41,共29页
The emergence of various technologies such as terahertz communications,Reconfigurable Intelligent Surfaces(RIS),and AI-powered communication services will burden network operators with rising infrastructure costs.Rece... The emergence of various technologies such as terahertz communications,Reconfigurable Intelligent Surfaces(RIS),and AI-powered communication services will burden network operators with rising infrastructure costs.Recently,the Open Radio Access Network(O-RAN)has been introduced as a solution for growing financial and operational burdens in Beyond 5G(B5G)and 6G networks.O-RAN promotes openness and intelligence to overcome the limitations of traditional RANs.By disaggregating conventional Base Band Units(BBUs)into O-RAN Distributed Units(O-DU)and O-RAN Centralized Units(O-CU),O-RAN offers greater flexibility for upgrades and network automation.However,this openness introduces new security challenges compared to traditional RANs.Many existing studies overlook these security requirements of the O-RAN networks.To gain deeper insights into the O-RAN system and security,this paper first provides an overview of the general O-RAN architecture and its diverse use cases relevant to B5G and 6G applications.We then delve into specifications of O-RAN security threats and requirements,aiming to mitigate security vulnerabilities effectively.By providing a comprehensive understanding of O-RAN architecture,use cases,and security considerations,thisworkserves as a valuable resource for future research in O-RAN and its security. 展开更多
关键词 O-RAN ARCHITECTURE use cases security issues security requirements security discussions
下载PDF
Security and Privacy in Solar Insecticidal Lamps Internet of Things:Requirements and Challenges
2
作者 Qingsong Zhao Lei Shu +3 位作者 Kailiang Li Mohamed Amine Ferrag Ximeng Liu Yanbin Li 《IEEE/CAA Journal of Automatica Sinica》 SCIE EI CSCD 2024年第1期58-73,共16页
Solar insecticidal lamps(SIL) can effectively control pests and reduce the use of pesticides. Combining SIL and Internet of Things(IoT) has formed a new type of agricultural IoT,known as SIL-IoT, which can improve the... Solar insecticidal lamps(SIL) can effectively control pests and reduce the use of pesticides. Combining SIL and Internet of Things(IoT) has formed a new type of agricultural IoT,known as SIL-IoT, which can improve the effectiveness of migratory phototropic pest control. However, since the SIL is connected to the Internet, it is vulnerable to various security issues.These issues can lead to serious consequences, such as tampering with the parameters of SIL, illegally starting and stopping SIL,etc. In this paper, we describe the overall security requirements of SIL-IoT and present an extensive survey of security and privacy solutions for SIL-IoT. We investigate the background and logical architecture of SIL-IoT, discuss SIL-IoT security scenarios, and analyze potential attacks. Starting from the security requirements of SIL-IoT we divide them into six categories, namely privacy, authentication, confidentiality, access control, availability,and integrity. Next, we describe the SIL-IoT privacy and security solutions, as well as the blockchain-based solutions. Based on the current survey, we finally discuss the challenges and future research directions of SIL-IoT. 展开更多
关键词 CHALLENGES Internet of Things(IoT) privacy and security security requirements solar insecticidal lamps(SIL)
下载PDF
Fine-Tuning Cyber Security Defenses: Evaluating Supervised Machine Learning Classifiers for Windows Malware Detection
3
作者 Islam Zada Mohammed Naif Alatawi +4 位作者 Syed Muhammad Saqlain Abdullah Alshahrani Adel Alshamran Kanwal Imran Hessa Alfraihi 《Computers, Materials & Continua》 SCIE EI 2024年第8期2917-2939,共23页
Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malwar... Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malware detection.However,there remains a need for comprehensive studies that compare the performance of different classifiers specifically for Windows malware detection.Addressing this gap can provide valuable insights for enhancing cybersecurity strategies.While numerous studies have explored malware detection using machine learning techniques,there is a lack of systematic comparison of supervised classifiers for Windows malware detection.Understanding the relative effectiveness of these classifiers can inform the selection of optimal detection methods and improve overall security measures.This study aims to bridge the research gap by conducting a comparative analysis of supervised machine learning classifiers for detecting malware on Windows systems.The objectives include Investigating the performance of various classifiers,such as Gaussian Naïve Bayes,K Nearest Neighbors(KNN),Stochastic Gradient Descent Classifier(SGDC),and Decision Tree,in detecting Windows malware.Evaluating the accuracy,efficiency,and suitability of each classifier for real-world malware detection scenarios.Identifying the strengths and limitations of different classifiers to provide insights for cybersecurity practitioners and researchers.Offering recommendations for selecting the most effective classifier for Windows malware detection based on empirical evidence.The study employs a structured methodology consisting of several phases:exploratory data analysis,data preprocessing,model training,and evaluation.Exploratory data analysis involves understanding the dataset’s characteristics and identifying preprocessing requirements.Data preprocessing includes cleaning,feature encoding,dimensionality reduction,and optimization to prepare the data for training.Model training utilizes various supervised classifiers,and their performance is evaluated using metrics such as accuracy,precision,recall,and F1 score.The study’s outcomes comprise a comparative analysis of supervised machine learning classifiers for Windows malware detection.Results reveal the effectiveness and efficiency of each classifier in detecting different types of malware.Additionally,insights into their strengths and limitations provide practical guidance for enhancing cybersecurity defenses.Overall,this research contributes to advancing malware detection techniques and bolstering the security posture of Windows systems against evolving cyber threats. 展开更多
关键词 security and privacy challenges in the context of requirements engineering supervisedmachine learning malware detection windows systems comparative analysis Gaussian Naive Bayes K Nearest Neighbors Stochastic Gradient Descent Classifier Decision Tree
下载PDF
Usability Evaluation Through Fuzzy AHP-TOPSIS Approach: Security Requirement Perspective 被引量:3
4
作者 Yoosef BAbushark Asif Irshad Khan +5 位作者 Fawaz Jaber Alsolami Abdulmohsen Almalawi Md Mottahir Alam Alka Agrawal Rajeev Kumar Raees Ahmad Khan 《Computers, Materials & Continua》 SCIE EI 2021年第7期1203-1218,共16页
Most of the security strategies today are primarily designed to provide security protection,rather than to solve one of the basic security issues related to adequate software product architecture.Several models,framew... Most of the security strategies today are primarily designed to provide security protection,rather than to solve one of the basic security issues related to adequate software product architecture.Several models,frameworks and methodologies have been introduced by the researchers for a secure and sustainable software development life cycle.Therefore it is important to assess the usability of the popular security requirements engineering(SRE)approaches.A significant factor in the management and handling of successful security requirements is the assessment of security requirements engineering method performance.This assessment will allow changes to the engineering process of security requirements.The consistency of security requirements depends heavily on the usability of security requirements engineering.Several SRE approaches are available for use and each approach takes into account several factors of usability but does not cover every element of usability.There seems to be no realistic implementation of such models because the concept of usability is not specific.This paper aims at specifying the different taxonomy of usability and design hierarchical usability model.The taxonomy takes into account the common quality assessment parameters that combine variables,attributes,and characteristics identified in different approaches used for security requirements engineering.The multiple-criteria decision-making(MCDM)model used in this paper for usability evaluation is called the fuzzy AHP-TOPSIS model which can conveniently be incorporated into the current approach of software engineering.Five significant usability criteria are identified and used to evaluate the six different alternatives.Such strategies are graded as per their expected values of usability. 展开更多
关键词 security requirements engineering cyber-security USABILITY fuzzy logic MCDM
下载PDF
A Data Security Framework for Cloud Computing Services 被引量:3
5
作者 Luis-Eduardo Bautista-Villalpando Alain Abran 《Computer Systems Science & Engineering》 SCIE EI 2021年第5期203-218,共16页
Cyberattacks are difficult to prevent because the targeted companies and organizations are often relying on new and fundamentally insecure cloudbased technologies,such as the Internet of Things.With increasing industr... Cyberattacks are difficult to prevent because the targeted companies and organizations are often relying on new and fundamentally insecure cloudbased technologies,such as the Internet of Things.With increasing industry adoption and migration of traditional computing services to the cloud,one of the main challenges in cybersecurity is to provide mechanisms to secure these technologies.This work proposes a Data Security Framework for cloud computing services(CCS)that evaluates and improves CCS data security from a software engineering perspective by evaluating the levels of security within the cloud computing paradigm using engineering methods and techniques applied to CCS.This framework is developed by means of a methodology based on a heuristic theory that incorporates knowledge generated by existing works as well as the experience of their implementation.The paper presents the design details of the framework,which consists of three stages:identification of data security requirements,management of data security risks and evaluation of data security performance in CCS. 展开更多
关键词 Cloud computing SERVICES computer security data security data security requirements data risk data security measurement
下载PDF
Abstract security patterns and the design of secure systems
6
作者 Eduardo B.Fernandez Nobukazu Yoshioka +1 位作者 Hironori Washizaki Joseph Yoder 《Cybersecurity》 EI CSCD 2022年第3期1-17,共17页
During the initial stages of software development,the primary goal is to define precise and detailed requirements without concern for software realizations.Security constraints should be introduced then and must be ba... During the initial stages of software development,the primary goal is to define precise and detailed requirements without concern for software realizations.Security constraints should be introduced then and must be based on the semantic aspects of applications,not on their software architectures,as it is the case in most secure development methodologies.In these stages,we need to identify threats as attacker goals and indicate what conceptual security defenses are needed to thwart these goals,without consideration of implementation details.We can consider the effects of threats on the application assets and try to find ways to stop them.These threats should be controlled with abstract security mechanisms that can be realized by abstract security patterns(ASPs),that include only the core functions of these mechanisms,which must be present in every implementation of them.An abstract security pattern describes a conceptual security mechanism that includes functions able to stop or mitigate a threat or comply with a regulation or institutional policy.We describe here the properties of ASPs and present a detailed example.We relate ASPs to each other and to Security Solution Frames,which describe families of related patterns.We show how to include ASPs to secure an application,as well as how to derive concrete patterns from them.Finally,we discuss their practical value,including their use in“security by design”and IoT systems design. 展开更多
关键词 security patterns Secure software development security requirements Secure software architecture loT systems design
原文传递
An Ontology-based Approach to Security Pattern Selection
7
作者 Hui Guan Hongji Yang Jun Wang 《International Journal of Automation and computing》 EI CSCD 2016年第2期168-182,共15页
Usually, the security requirements are addressed by abstracting the security problems arising in a specific context and providing a well proven solution to them. Security patterns incorporating proven security experti... Usually, the security requirements are addressed by abstracting the security problems arising in a specific context and providing a well proven solution to them. Security patterns incorporating proven security expertise solution to the recurring security problems have been widely accepted by the community of security engineering. The fllndamental challenge for using security patterns to satisfy security requirements is the lack of defined syntax, which makes it impossible to ask meaningful questions and get semantically meaningful answers. Therefore, this paper presents an ontological approach to facilitating security knowledge mapping from security requirements to their corresponding solutions security patterns. Ontologies have been developed using Web Ontology Language (OWL) and then incorporated into a security pattern search engine which enables sophisticated search and retrieval of security patterns using the proposed algorithm. Applying the introduced approach allows security novices to reuse security expertise to develop secure software system. 展开更多
关键词 security pattern ONTOLOGY security requirement risk analysis security engineering
原文传递
Comparison of SETAM with Security Use Case and Security Misuse Case:A Software Security Testing Study
8
作者 HUI Zhanwei HUANG Song 《Wuhan University Journal of Natural Sciences》 CAS 2012年第6期516-520,共5页
A software security testing behavior model,SETAM,was proposed in our previous work as the integrated model for describing software security testing requirements behavior,which is not only compatible with security func... A software security testing behavior model,SETAM,was proposed in our previous work as the integrated model for describing software security testing requirements behavior,which is not only compatible with security functions and latent typical misuse behaviors,but also with the interaction of them.In this paper,we analyze the differences between SETAM with security use case and security misuse case in different types of security test requirements.To illustrate the effectiveness of SETAM,we compare them in a practical case study by the number of test cases and the number of faults detected by them.The results show that SETAM could decrease about 34.87% use cases on average,and the number of faults detected by SETAM increased by 71.67% in average,which means that our model can detect more faults with fewer test cases for software security testing. 展开更多
关键词 security testing security use case security misuse case software security testing behavior model security testing requirement
原文传递
Formal analysis and design of multi-party fair exchange protocols
9
作者 QING Sihan1,2,3 & LI Gaicheng1,3 1. Engineering Research Center for Information Security Technology, Institute of Software, Chinese Academy of Sciences, Beijing 100080, China 2. Beijing Zhongke Ansheng Corporation of Information Technology, Beijing 100080, China 3. Graduate School of the Chinese Academy of Sciences, Beijing 100039, China 《Science in China(Series F)》 2006年第2期155-174,共20页
Based on the origin of message items and channel combination between transacting parties, and events and relations among events, this paper presents a concise, precise, and hierarchical model for general fair exchange... Based on the origin of message items and channel combination between transacting parties, and events and relations among events, this paper presents a concise, precise, and hierarchical model for general fair exchange protocols, formally specifies various security requirements which are able to reflect inherent requirements for fair exchange protocols more rigorously, and partition these security requirements with fine granularity. This work helps analyze, debug, and design multi-party fair exchange protocols more effectively and elaborately, 展开更多
关键词 fair exchange logical protocol formal model security requirement.
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部