Cyber Resilience through Real-Time Threat Analysis in Information Security

This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].

Cyberspace Security Using Adversarial Learning and Conformal Prediction

This paper advances new directions for cyber security using adversarial learning and conformal prediction in order to enhance network and computing services defenses against adaptive, malicious, persistent, and tactical offensive threats. Conformal prediction is the principled and unified adaptive and learning framework used to design, develop, and deploy a multi-faceted?self-managing defensive shield to detect, disrupt, and deny intrusive attacks, hostile and malicious behavior, and subterfuge. Conformal prediction leverages apparent relationships between immunity and intrusion detection using non-conformity measures characteristic of affinity, a typicality, and surprise, to recognize patterns and messages as friend or foe and to respond to them accordingly. The solutions proffered throughout are built around active learning, meta-reasoning, randomness, distributed semantics and stratification, and most important and above all around adaptive Oracles. The motivation for using conformal prediction and its immediate off-spring, those of semi-supervised learning and transduction, comes from them first and foremost supporting discriminative and non-parametric methods characteristic of principled demarcation using cohorts and sensitivity analysis to hedge on the prediction outcomes including negative selection, on one side, and providing credibility and confidence indices that assist meta-reasoning and information fusion.

社会工作质性评估研究的回顾(1990-2003)对中国社会工作的启示

Objective: This paper reviewed and examined the quality of all the qualitative evaluation studies indexed by two key search terms of “qualitative” and “evaluation” in the Social Work Abstracts database from 1990 to 2003 against a number of criteria typically adopted in the field of qualitative research. The review led to a dissatisfactory finding of the low quality of many qualitative evaluation studies due to their insensitivity to the following issues: philosophical basis of the study, auditability (detailed documentation of the participants and data collecting procedure), biases (acknowledgement of biases and preoccupation, and steps to deal with them), credibility or trustworthiness (triangulation, peer checking and participant verification of the findings), consistency (reliability consciousness and audit trails), and critical interpretation of the data (alternative explanations, disconfirming evidence, and limitations of the study). It was recommended that researchers be cautious when utilizing findings from the published qualitative evaluation studies; that social workers be sensitive to the issue of quality when conducting qualitative evaluation studies; that researchers be critical when judging the qualitative evaluation studies in social work; that researchers develop a clear set of guidelines for qualitative studies; that social work training institutes design qualified qualitative research courses; that a database of social work in China be established; that researchers be engaged in more qualitative studies that demonstrate high quality; that myths in qualitative research be debunked; and that adequate training for social workers on qualitative evaluation studies be provided.

Information Security in the Cloud: Emerging Trends and Challenges

This article explores the evolution of cloud computing, its advantages over traditional on-premises infrastructure, and its impact on information security. The study presents a comprehensive literature review covering various cloud infrastructure offerings and security models. Additionally, it deeply analyzes real-life case studies illustrating successful cloud migrations and highlights common information security threats in current cloud computing. The article concludes by offering recommendations to businesses to protect themselves from cloud data breaches and providing insights into selecting a suitable cloud services provider from an information security perspective.

Non-Homogeneous Stochastic Model for Cyber Security Predictions

Any computer system with known vulnerabilities can be presented using attack graphs. An attacker generally has a mission to reach a goal state that he expects to achieve. Expected Path Length (EPL) [1] in the context of an attack graph describes the length or number of steps that the attacker has to take in achieving the goal state. However, EPL varies and it is based on the “state of vulnerabilities” [2] [3] in a given computer system. Any vulnerability throughout its life cycle passes through several stages that we identify as “states of the vulnerability life cycle” [2] [3]. In our previous studies we have developed mathematical models using Markovian theory to estimate the probability of a given vulnerability being in a particular state of its life cycle. There, we have considered a typical model of a computer network system with two computers subject to three vulnerabilities, and developed a method driven by an algorithm to estimate the EPL of this network system as a function of time. This approach is important because it allows us to monitor a computer system during the process of being exploited. Proposed non-homogeneous model in this study estimates the behavior of the EPL as a function of time and therefore act as an index of the risk associated with the network system getting exploited.

Quantitative Security Evaluation for Software System from Vulnerability Database

This paper proposes a quantitative security evaluation for software system from the vulnerability data consisting of discovery date, solution date and exploit publish date based on a stochastic model. More precisely, our model considers a vulnerability life-cycle model and represents the vulnerability discovery process as a non-homogeneous Poisson process. In a numerical example, we show the quantitative measures for contents management system of an open source project.

Ensuring Security, Confidentiality and Fine-Grained Data Access Control of Cloud Data Storage Implementation Environment

With the development of cloud computing, the mutual understandability among distributed data access control has become an important issue in the security field of cloud computing. To ensure security, confidentiality and fine-grained data access control of Cloud Data Storage (CDS) environment, we proposed Multi-Agent System (MAS) architecture. This architecture consists of two agents: Cloud Service Provider Agent (CSPA) and Cloud Data Confidentiality Agent (CDConA). CSPA provides a graphical interface to the cloud user that facilitates the access to the services offered by the system. CDConA provides each cloud user by definition and enforcement expressive and flexible access structure as a logic formula over cloud data file attributes. This new access control is named as Formula-Based Cloud Data Access Control (FCDAC). Our proposed FCDAC based on MAS architecture consists of four layers: interface layer, existing access control layer, proposed FCDAC layer and CDS layer as well as four types of entities of Cloud Service Provider (CSP), cloud users, knowledge base and confidentiality policy roles. FCDAC, it’s an access policy determined by our MAS architecture, not by the CSPs. A prototype of our proposed FCDAC scheme is implemented using the Java Agent Development Framework Security (JADE-S). Our results in the practical scenario defined formally in this paper, show the Round Trip Time (RTT) for an agent to travel in our system and measured by the times required for an agent to travel around different number of cloud users before and after implementing FCDAC.

Security: A Core Issue in Mobile <i>Ad hoc</i>Networks

Computation is spanning from PC to Mobile devices. The Mobile Ad hoc Networks (MANETs) are optimal choice to accommodate this growing trend but there is a problem, security is the core issue. MANETs rely on wireless links for communication. Wireless networks are considered more exposed to security attacks as compared to wired networks, especially;MANETs are the soft target due to vulnerable in nature. Lack of infrastructure, open peer to peer connectivity, shared wireless medium, dynamic topology and scalability are the key characteristics of MANETs which make them ideal for security attacks. In this paper, we shall discuss in detail, what does security mean, why MANETs are more susceptible to security attacks than wired networks, taxonomy of network attacks and layer wise analysis of network attacks. Finally, we shall propose solutions to meet the security challenges, according to our framed security criteria.

Evaluation of Sample Taxicab Security Cameras

Background: Taxicab drivers have high homicide rates compared to all worker occupations. To help taxi fleets select effective taxicab security cameras, this project tested eight sample taxicab security cameras for determining their photographic quality which correlated to the effectiveness of in-taxicab facial identification. Methods: Five photographic quality metric thresholds: 1) resolution, 2) highlight dynamic range, 3) shadow dynamic range, 4) lens distortion, and 5) shutter speed, were employed to evaluate the photographic quality of the sample cameras. Waterproof tests and fire-resistive tests on recording memory cards were conducted to determine the memory card survivability in water and simulated fire. Results: The Full-HD (1920 × 1080 pixels), HD (1280 × 720 pixels) and dual-lens VGA (2 × 640 × 480 pixels with wide-angle and telephoto lenses) cameras performed well in resolution tests in daylight conditions. The resolution of a single-lens VGA (640 × 480 pixels) camera did not meet the resolution minimum requirements. All of the recording memory cards passed the five-meter/72-hour waterproof test. A fire resistant chamber made with one fire insulation material could protect a single memory card at 538&degC/1000°F for a five-minute simulated fire test. Conclusions: Single-lens VGA-resolution (640 × 480 pixels) cameras are not suggested for use as security cameras in taxicabs with two or more rows of seats. The recording memory cards can survive 5-meter/72-hour waterproof tests. The memory card chamber built with an existing heat insulation material can protect an individual memory card during 538&degC?(1000°F)/5-minute fire resistance oven-test.

Knowledge acquisition, semantic text mining, and security risks in health and biomedical informatics

Computational techniques have been adopted in medi-cal and biological systems for a long time. There is no doubt that the development and application of computational methods will render great help in better understanding biomedical and biological functions. Large amounts of datasets have been produced by biomedical and biological experiments and simulations. In order for researchers to gain knowledge from origi- nal data, nontrivial transformation is necessary, which is regarded as a critical link in the chain of knowledge acquisition, sharing, and reuse. Challenges that have been encountered include: how to efficiently and effectively represent human knowledge in formal computing models, how to take advantage of semantic text mining techniques rather than traditional syntactic text mining, and how to handle security issues during the knowledge sharing and reuse. This paper summarizes the state-of-the-art in these research directions. We aim to provide readers with an introduction of major computing themes to be applied to the medical and biological research.

Geographical Information System-Based Assessment of Ecological Security in Changbai Mountain Region

Ecological security defined as the creation of a condition where the physical surroundings of a community provide for the needs of its inhabitants without diminishing its natural stock,which is important for regional security and social stability.In recent years,land use patterns in the Changbai Mountain region have changed significantly with intensive human activities,and consequently led to increasing problems in regional ecological security.Based on the Pressure-State-Impact-Response(PSIR) model and the mathematical method of catastrophe progression supported by geographical information system(GIS),the ecological security situation of the study area under land use and cover change(LUCC) was evaluated.The results indicated that the ecological security in Changbai Mountain region varied nonlinearly,which got better from 1990 to 2000 but became worse from 2000 to 2007,the ecological security levels in Changbai Mountain region were mainly medium and medium to low during the past 17 years,with higher values of Ecological Security Index(ESI) in the central region and lower values in the east and west,the ecological security situation was more serious in the settlements and river valleys,where the LUCC was most remarkable.

Classification of Cybersecurity Threats, Vulnerabilities and Countermeasures in Database Systems

Database systems have consistently been prime targets for cyber-attacks and threats due to the critical nature of the data they store.Despite the increasing reliance on database management systems,this field continues to face numerous cyber-attacks.Database management systems serve as the foundation of any information system or application.Any cyber-attack can result in significant damage to the database system and loss of sensitive data.Consequently,cyber risk classifications and assessments play a crucial role in risk management and establish an essential framework for identifying and responding to cyber threats.Risk assessment aids in understanding the impact of cyber threats and developing appropriate security controls to mitigate risks.The primary objective of this study is to conduct a comprehensive analysis of cyber risks in database management systems,including classifying threats,vulnerabilities,impacts,and countermeasures.This classification helps to identify suitable security controls to mitigate cyber risks for each type of threat.Additionally,this research aims to explore technical countermeasures to protect database systems from cyber threats.This study employs the content analysis method to collect,analyze,and classify data in terms of types of threats,vulnerabilities,and countermeasures.The results indicate that SQL injection attacks and Denial of Service(DoS)attacks were the most prevalent technical threats in database systems,each accounting for 9%of incidents.Vulnerable audit trails,intrusion attempts,and ransomware attacks were classified as the second level of technical threats in database systems,comprising 7%and 5%of incidents,respectively.Furthermore,the findings reveal that insider threats were the most common non-technical threats in database systems,accounting for 5%of incidents.Moreover,the results indicate that weak authentication,unpatched databases,weak audit trails,and multiple usage of an account were the most common technical vulnerabilities in database systems,each accounting for 9%of vulnerabilities.Additionally,software bugs,insecure coding practices,weak security controls,insecure networks,password misuse,weak encryption practices,and weak data masking were classified as the second level of security vulnerabilities in database systems,each accounting for 4%of vulnerabilities.The findings from this work can assist organizations in understanding the types of cyber threats and developing robust strategies against cyber-attacks.

AI赋能哲学社会科学研究、传播及评价

人工智能正在改变整个人类社会,丰富人们的文化生活,促进科技创新与发展,是各行各业“新质化”的促进剂。人工智能可为哲学社会科学提供高效的研究工具和研究场景,将深刻影响哲学社会科学研究、传播及评价的方方面面。加速人工智能在哲学社会科学研究、传播及评价领域的深入应用,提升哲学社会科学研究效率,促进哲学社会科学的创新与发展,构建自主知识体系,是当下哲学社会科学工作者的重要使命。为推进AI赋能哲学社会科学(AI4SS),2024年9月28日,由西华大学、四川省社会科学学术期刊协会主办,西华大学学术期刊部、四川省社会科学重点研究基地四川学术成果分析与应用研究中心承办的“AI赋能社科研究与评价天府论坛”在西华大学举行。来自南京大学、中国人民大学、四川大学等高校与科研机构的20位专家学者,从不同学科、研究领域出发,就人工智能赋能哲学社会科学研究、传播及评价进行了深入交流。文章为20位专家学者在论坛上所作报告的主要观点。这些报告议题包括AI赋能人文社科研究方法的变革,法学、教育学、经济学、图书情报学、新闻传播等社会学科视域下的人工智能,AI辅助社会科学研究的学术伦理,人工智能在医疗健康、大宗商品价格风险监测、大学生高阶思维能力培养等方面的应用,AI赋能学术期刊出版与传播,AI赋能哲学社会科学评价新模式、新平台、新场景,等等。这些议题共同描绘了一个由AI技术驱动的多学科融合与创新的新时代。

Evaluation of Mountain Land Ecological Security Based on DPSIR Model and Entropy Weight Method

In the Report of the 19 th National Congress of the Communist Party of China,it stated that we must put the ecological safety and green development in the first place.To achieve rural revitalization,ecological livability is the most important factor.Taking Luquan Yi and Miao Autonomous County(national level poor county)in Jinsha River valley of Yunnan Province as an example,using DPSIR(drivers,pressures,states,impacts,responses)model,this paper established an evaluation indicator system.Besides,using the entropy method,it determined the indicator weight.In addition,it evaluated the land ecological security of Luquan County since the implementation of targeted poverty alleviation policy(2013-2017)using multi-factor comprehensive evaluation method.This study shows that Luquan County has improved its ecological security in the past five years.The ecological status has gone through four stages,from sensitive state to severe state to critical safety to excellent ecology,and the value of the comprehensive index of land ecological security shows a rising trend.Through analyzing the ecological security value of each criterion hierarchy,it obtained the main factors affecting the ecological security of Luquan County.On this basis,it came up with feasible measures and recommendations for studying the ecological security of land in the region,so as to guide the rational use of land and sustainable economic development,provide a reference for the implementation of rural revitalization strategies,and promote the construction of regional ecological civilization.

Soil Database Management Software Development for Optimizing Land Resource Information Utilization to Support National Food Security

Since land resource database development in 1987/1988, a large amount of digital data in spatial, tabular and metadata format has been collected and generated. There are some application softwares of soil database to manage such a large amount of data, i.e.: Side & Horizon (SHDE4), Soil Sample Analysis (SSA), and Land Unit in dbf file, while Site and Horizon is in DataEase formats. The database contains soil physics and chemical property data of each soil horizon from surface to effective soil depth, climate, land surface condi- tions, and other parameters required for soil classification. Currently, database management software for land resources is still based on DOS and is stand alone. The system is not efficient and effectively used as Agri- cultural Land Resource Information System. At present, as a key component of this system requires review and development of new database software is compatible with the development of information technology. This paper explains about development of interactive agricultural land resources information system for op- timizing land resources data utilization. Hopefully, the software can give contributions in national Agricul- tural Land Resources System Information development for supporting food security.

Bioinformatics analyses of differentially expressed genes associated with spinal cord injury:a microarray-based analysis in a mouse model

Gene spectrum analysis has shown that gene expression and signaling pathways change dramatically after spinal cord injury,which may affect the microenvironment of the damaged site.Microarray analysis provides a new opportunity for investigating diagnosis,treatment,and prognosis of spinal cord injury.However,differentially expressed genes are not consistent among studies,and many key genes and signaling pathways have not yet been accurately studied.GSE5296 was retrieved from the Gene Expression Omnibus DataSet.Differentially expressed genes were obtained using R/Bioconductor software(expression changed at least two-fold;P < 0.05).Database for Annotation,Visualization and Integrated Discovery was used for functional annotation of differentially expressed genes and Animal Transcription Factor Database for predicting potential transcription factors.The resulting transcription regulatory protein interaction network was mapped to screen representative genes and investigate their diagnostic and therapeutic value for disease.In total,this study identified 109 genes that were upregulated and 30 that were downregulated at 0.5,4,and 24 hours,and 3,7,and 28 days after spinal cord injury.The number of downregulated genes was smaller than the number of upregulated genes at each time point.Database for Annotation,Visualization and Integrated Discovery analysis found that many inflammation-related pathways were upregulated in injured spinal cord.Additionally,expression levels of these inflammation-related genes were maintained for at least 28 days.Moreover,399 regulation modes and 77 nodes were shown in the protein-protein interaction network of upregulated differentially expressed genes.Among the 10 upregulated differentially expressed genes with the highest degrees of distribution,six genes were transcription factors.Among these transcription factors,ATF3 showed the greatest change.ATF3 was upregulated within 30 minutes,and its expression levels remained high at28 days after spinal cord injury.These key genes screened by bioinformatics tools can be used as biological markers to diagnose diseases and provide a reference for identifying therapeutic targets.

Modeling and Implementation of a Data Security and Protection Medium Using the Generated Key Based on Electromagnetic Wave Propagation Theories

Today, the advent of quantum computers and algorithms is calling into question the semantic security of symmetrical and asymmetrical cryptosystems. The security of objects connected to the network, which must provide a security service and protect the privacy of users by providing protection against attacks such as identity theft, denial of service, eavesdropping and unauthorised access to personal and sensitive data. It is therefore necessary to find a robust method of using the key that is effective in protecting and preventing data tampering. In this paper, we design and implement a security and data protection method using a key generated on the basis of electromagnetic wave propagation theories. Modelling and implementation of a data security and protection method using a key generated on the basis of electromagnetic wave propagation theories.

中国岩石圈数据模型总体设计

基于GIS的中国岩石圈三维结构数据库包含了数据类型各异的12个专业子库内容。存储和管理这些复杂的数据需要一个合理有效的数据模型,以确保数据库中的所有数据对象得到精确和完整的表达。本文讨论岩石圈数据模型的总体设计问题,基本思路是采用当前成熟的面向对象的软件开发技术和面向对象的地理数据库模型。总库数据模型需要满足扩展性和扩充性的要求。开发中用UML协助分析子库数据,在面向对象的地理数据库中用一个要素数据集来容纳一个子库的空间数据,用数据库表、要素类、关系类、子类、域等概念描述岩石圈研究中的各种概念和信息,形成统一的、空间和属性存储管理一体化的岩石圈数据模型。

A Case Study on Security Recommendations for a Global Organization

In today’s world, computer networks form an essential part of any organization. They are used not only to communicate information amongst the various parties involved but also to process data and store critical information which is accessible to approved subscribers. Protecting critical data, ensuring confidentiality, and thwarting illegal access are primary concerns for such organizations. This case study presents security recommendations for any such organization, to assist them in defining security policies at various levels of the network infrastructure.

高速切削稳定性数据库的研究

针对当前高速切削技术因缺乏考虑高速切削稳定性的优化切削数据及其工程应用方法而不能科学、有效地控制切削过程振动严重影响加工质量及生产率的瓶颈限制,在对高速切削稳定性理论和实验研究的基础上,设计构建了高速切削稳定性数据库。通过数据库系统结构、功能模块以及应用程序的设计实现,该数据库具有考虑切削稳定性的高速切削数据查询、切削稳定性评价、优化等功能。可为生产企业经济、高效、方便地提供以最大生产率和高加工质量为目标的、优化的稳定切削用量参数,为高速切削加工提供了科学、高效、可操作性强的工程应用方法。