期刊文献+
共找到4,681篇文章
< 1 2 235 >
每页显示 20 50 100
Electronic Commerce Security and Risk Management: An Important Part of College Curriculum
1
作者 Yongchang Cai 《Journal of Educational Theory and Management》 2024年第1期18-22,共5页
With the rapid expansion of e-commerce,its security and risk management problems become increasingly prominent.In the current business environment,the ability to understand and apply e-commerce security and risk manag... With the rapid expansion of e-commerce,its security and risk management problems become increasingly prominent.In the current business environment,the ability to understand and apply e-commerce security and risk management has become an important criterion to measure a good person.Therefore,the importance of e-commerce security and risk management courses in college education is self-evident.This course can not only help students master the basic knowledge of e-commerce,but also enable them to understand how to deal with various risks in practical work and ensure the safe operation of e-commerce.At the same time,through the study of e-commerce security and risk management,students can better understand the operation mode and law of e-commerce,and lay a solid foundation for their future career.In general,e-commerce security and risk management occupy an important position in the curriculum of colleges and universities,and play a crucial role in cultivating e-commerce professionals with practical operation ability and innovative thinking. 展开更多
关键词 Electronic commerce SECURE risk management College curriculum
下载PDF
Information Management in Disaster and Humanitarian Response: A Case in United Nations Office for the Coordination of Humanitarian Affairs
2
作者 Solomon M. Zewde 《Intelligent Information Management》 2023年第2期47-65,共19页
To guarantee a unified response to disasters, humanitarian organizations work together via the United Nations Office for the Coordination of Humanitarian Affairs (OCHA). Although the OCHA has made great strides to imp... To guarantee a unified response to disasters, humanitarian organizations work together via the United Nations Office for the Coordination of Humanitarian Affairs (OCHA). Although the OCHA has made great strides to improve its information management and increase the availability of accurate, real-time data for disaster and humanitarian response teams, significant gaps persist. There are inefficiencies in the emergency management of data at every stage of its lifecycle: collection, processing, analysis, distribution, storage, and retrieval. Disaster risk reduction and disaster risk management are the two main tenets of the United Nations’ worldwide plan for disaster management. Information systems are crucial because of the crucial roles they play in capturing, processing, and transmitting data. The management of information is seldom discussed in published works. The goal of this study is to employ qualitative research methods to provide insight by facilitating an expanded comprehension of relevant contexts, phenomena, and individual experiences. Humanitarian workers and OCHA staffers will take part in the research. The study subjects will be chosen using a random selection procedure. Online surveys with both closed- and open-ended questions will be used to compile the data. UN OCHA offers a structure for the handling of information via which all humanitarian actors may contribute to the overall response. This research will enable the UN Office for OCHA better gather, process, analyze, disseminate, store, and retrieve data in the event of a catastrophe or humanitarian crisis. 展开更多
关键词 information Systems management information management UNOCHA (United Nations office for Coordination of Humanitarian Affairs) Humanitarian Emergency Actors DISASTER risk Reduction RESPONSE Emer-gency management
下载PDF
The Role of Information Security Development (ISD) in Effective Information Security Management (ISM) Implementation in the Banks: A Nigerian Case
3
作者 Dorcas Adebola Babatunde Mohamad Hisyam Selamat Ramat Titilayo Salman 《Journal of Modern Accounting and Auditing》 2014年第5期614-619,共6页
This research discusses the role of information security development (ISD) using organizational factors such as information security plans, information security awareness, perceived quality training programs, inform... This research discusses the role of information security development (ISD) using organizational factors such as information security plans, information security awareness, perceived quality training programs, information security policies and procedures, and organizational culture in effective information security management (ISM) implementation in the banks (a Nigerian case). This paper explores the existing literature and a proposed framework that consists of ISD such as information security plans, information security awareness, perceived quality training programs, information security policies and procedures, and organizational culture in ISM implementation. ISD factors are found to be statistically significant, because it motivates an organization to implement effective ISM in the banks. Hence, it could be said that the role of ISD practices in an effective implementation of ISM among banks in Nigeria will be of great value. 展开更多
关键词 information security management (ISM) information security plans perceived quality training programs organizational culture Nigeria
下载PDF
Research about Online Security Warning and Risk Assessment of Power Grid Based on Energy Management System
4
作者 Hanyun Wang Kangyuan Wang +2 位作者 Yunxiao Zhang Guoqiang Mei Mingming Wu 《Journal of Energy and Power Engineering》 2012年第3期485-487,共3页
In this paper, online security warning and risk assessment of power grid are proposed, based on data from EMS (Energy Management System), combined with information of real-time operation state, component status and ... In this paper, online security warning and risk assessment of power grid are proposed, based on data from EMS (Energy Management System), combined with information of real-time operation state, component status and external operating environment. It combines the two factors, contingency likelihood and severity, that determine system reliability, into risk indices on different loads and operation modes, which provide precise evaluation of the power grid's security performance. According to these indices, it can know the vulnerable area of the system and whether the normal operating mode or repair mode is over-limited or not, and provide decision-making support for dispatchers. Common cause outages and equipment-aging are considered in terms of the establishment of outage model. Multiple risk indices are defined in order to reflect the risk level of the power grid more comprehensively. 展开更多
关键词 EMS (energy management system) online security warning risk assessment.
下载PDF
Fuzzy Risk Assessment Method for Airborne Network Security Based on AHP-TOPSIS
5
作者 Kenian Wang YuanHong Chunxiao Li 《Computers, Materials & Continua》 SCIE EI 2024年第7期1123-1142,共20页
With the exponential increase in information security risks,ensuring the safety of aircraft heavily relies on the accurate performance of risk assessment.However,experts possess a limited understanding of fundamental ... With the exponential increase in information security risks,ensuring the safety of aircraft heavily relies on the accurate performance of risk assessment.However,experts possess a limited understanding of fundamental security elements,such as assets,threats,and vulnerabilities,due to the confidentiality of airborne networks,resulting in cognitive uncertainty.Therefore,the Pythagorean fuzzy Analytic Hierarchy Process(AHP)Technique for Order Preference by Similarity to an Ideal Solution(TOPSIS)is proposed to address the expert cognitive uncertainty during information security risk assessment for airborne networks.First,Pythagorean fuzzy AHP is employed to construct an index system and quantify the pairwise comparison matrix for determining the index weights,which is used to solve the expert cognitive uncertainty in the process of evaluating the index system weight of airborne networks.Second,Pythagorean fuzzy the TOPSIS to an Ideal Solution is utilized to assess the risk prioritization of airborne networks using the Pythagorean fuzzy weighted distance measure,which is used to address the cognitive uncertainty in the evaluation process of various indicators in airborne network threat scenarios.Finally,a comparative analysis was conducted.The proposed method demonstrated the highest Kendall coordination coefficient of 0.952.This finding indicates superior consistency and confirms the efficacy of the method in addressing expert cognition during information security risk assessment for airborne networks. 展开更多
关键词 Airborne networks information security risk assessment cognitive uncertainty Pythagorean fuzzy sets
下载PDF
Cyber Resilience through Real-Time Threat Analysis in Information Security
6
作者 Aparna Gadhi Ragha Madhavi Gondu +1 位作者 Hitendra Chaudhary Olatunde Abiona 《International Journal of Communications, Network and System Sciences》 2024年第4期51-67,共17页
This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t... This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1]. 展开更多
关键词 Cybersecurity information security Network security Cyber Resilience Real-Time Threat Analysis Cyber Threats Cyberattacks Threat Intelligence Machine Learning Artificial Intelligence Threat Detection Threat Mitigation risk Assessment Vulnerability management Incident Response security Orchestration Automation Threat Landscape Cyber-Physical Systems Critical Infrastructure Data Protection Privacy Compliance Regulations Policy Ethics CYBERCRIME Threat Actors Threat Modeling security Architecture
下载PDF
AssessITS: Integrating Procedural Guidelines and Practical Evaluation Metrics for Organizational IT and Cybersecurity Risk Assessment
7
作者 Mir Mehedi Rahman Naresh Kshetri +1 位作者 Sayed Abu Sayeed Md Masud Rana 《Journal of Information Security》 2024年第4期564-588,共25页
In today’s digitally driven landscape, robust Information Technology (IT) risk assessment practices are essential for safeguarding systems, digital communication, and data. This paper introduces “AssessITS,” an act... In today’s digitally driven landscape, robust Information Technology (IT) risk assessment practices are essential for safeguarding systems, digital communication, and data. This paper introduces “AssessITS,” an actionable method designed to provide organizations with comprehensive guidelines for conducting IT and cybersecurity risk assessments. Drawing extensively from NIST 800-30 Rev 1, COBIT 5, and ISO 31000, “AssessITS” bridges the gap between high-level theoretical standards and practical implementation challenges. The paper outlines a step-by-step methodology that organizations can simply adopt to systematically identify, analyze, and mitigate IT risks. By simplifying complex principles into actionable procedures, this framework equips practitioners with the tools needed to perform risk assessments independently, without too much reliance on external vendors. The guidelines are developed to be straightforward, integrating practical evaluation metrics that allow for the precise quantification of asset values, threat levels, vulnerabilities, and impacts on confidentiality, integrity, and availability. This approach ensures that the risk assessment process is not only comprehensive but also accessible, enabling decision-makers to implement effective risk mitigation strategies customized to their unique operational contexts. “AssessITS” aims to enable organizations to enhance their IT security strength through practical, actionable guidance based on internationally recognized standards. 展开更多
关键词 CYBERsecurity information security risk Assessment risk Evaluation risk Mitigation Threat Level Vulnerability Assessment
下载PDF
United States Healthcare Data Breaches: Insights for NIST SP 800-66 Revision 2 from a Review of the NIST SP 800-66 Revision 1
8
作者 Mohammed Mohammed Raoof 《Journal of Information Security》 2024年第2期232-244,共13页
Healthcare security and privacy breaches are occurring in the United States (US), and increased substantially during the pandemic. This paper reviews the National Institute of Standards and Technology (NIST) publicati... Healthcare security and privacy breaches are occurring in the United States (US), and increased substantially during the pandemic. This paper reviews the National Institute of Standards and Technology (NIST) publication base as an effective solution. The NIST Special Publication 800-66 Revision 1 was an essential standard in US healthcare, which was withdrawn in February 2024 and superseded by SP 800-66 Revision 2. This review investigates the academic papers concerning the application of the NIST SP 800-66 Revision 1 standard in the US healthcare literature. A systematic review method was used in this study to determine current knowledge gaps of the SP 800-66 Revision 1. Some limitations were employed in the search to enforce validity. A total of eleven articles were found eligible for the study. Consequently, this study suggests the necessity for additional academic papers pertaining to SP 800-66 Revision 2 in the US healthcare literature. In turn, it will enhance awareness of safeguarding electronic protected health information (ePHI), help to mitigate potential future risks, and eventually reduce breaches. 展开更多
关键词 SP 800-66 Revision 1 SP 800-66 Revision 2 HIPAA Compliance security Breaches risk management Framework (RMF) Internet of Things (IoT) Artificial Intelligence (AI)
下载PDF
Research on Assessment Model of Information System Security Based on Various Security Factors 被引量:5
9
作者 林梦泉 朱赟 +1 位作者 王强民 李建华 《Journal of Shanghai Jiaotong university(Science)》 EI 2007年第3期405-409,共5页
With the rapid development of network technology, the meaning of layers and attributes in respect of information system security must be extended based on the understanding of the concept of information system securit... With the rapid development of network technology, the meaning of layers and attributes in respect of information system security must be extended based on the understanding of the concept of information system security. The layering model (LM) of information system security and the five-attribute model (FAM) based on security factors were put forward to perfect the description and modeling of the information system security framework. An effective framework system of risk calculation and assessment was proposed, which is based on FAM. 展开更多
关键词 information system security factors five-attribute model(FAM) risk assessment
下载PDF
Estimating Security Risk of Healthcare Web Applications: A Design Perspective 被引量:1
10
作者 Fahad A.Alzahrani 《Computers, Materials & Continua》 SCIE EI 2021年第4期187-209,共23页
In the recent years,the booming web-based applications have attracted the hackers’community.The security risk of the web-based hospital management system(WBHMS)has been increasing rapidly.In the given context,the mai... In the recent years,the booming web-based applications have attracted the hackers’community.The security risk of the web-based hospital management system(WBHMS)has been increasing rapidly.In the given context,the main goal of all security professionals and website developers is to maintain security divisions and improve on the user’s confidence and satisfaction.At this point,the different WBHMS tackle different types of security risks.In WBHMS,the security of the patients’medical information is of utmost importance.All in all,there is an inherent security risk of data and assets in the field of the medical industry as a whole.The objective of this study is to estimate the security risk assessment of WBHMS.The risks assessment pertains to securing the integrity of the information in alignment with the Health Insurance Portability and Accountability Act.This includes protecting the relevant financial records,as well as the identification,evaluation,and prevention of a data breach.In the past few years,according to the US-based cyber-security firm Fire-eye,6.8 million data thefts have been recorded in the healthcare sector in India.The breach barometer report mentions that in the year 2019,the data breaches found were up to 48.6%as compared to the year 2018.Therefore,it is very important to assess the security risk in WBHMS.In this research,we have followed the hybrid technique fuzzy analytic hierarchy process-technique for order of preference by similarity to ideal solution(F-AHPTOPSIS)approach to assess the security risk in WBHMS.The place of this empirical database is at the local hospital of Varanasi,U.P.,India.Given the affectability of WBHMS for its board framework,this work has used diverse types of web applications.The outcomes obtained and the procedure used in this assessment would support future researchers and specialists in organizing web applications through advanced support of safety and security. 展开更多
关键词 Web based hospital management system security risk fuzzy AHP fuzzy TOPSIS
下载PDF
The NP-Complete Face of Information-Theoretic Security
11
作者 Stefan Rass Peter Schartner 《Computer Technology and Application》 2011年第11期893-905,共13页
The problem of perfectly secure communication has enjoyed considerable theoretical treatment over the last decades. Results in this area include the identification of multipath transmission as a necessary ingredient, ... The problem of perfectly secure communication has enjoyed considerable theoretical treatment over the last decades. Results in this area include the identification of multipath transmission as a necessary ingredient, as well as quantum key distribution (QKD), which can perfectly protect direct lines, Combining the advantages of the quantum and multipath transmission paradigm, as well as rigorously analyzing the security of such combined techniques, is possible by virtue of game-theory. Based on a game-theoretic measure of channel vulnerability, the authors prove the problem of setting up infrastructures for QKD-based multipath transmission to be NP-complete. The authors consider the problem in two flavors, both being computationally hard. Remarkably, the authors' results indicate that the P-vs-NP-question is only of minor effect for confidentiality, because either nowadays public-key cryptosystems remain secure (in case that P, NP) or infrastructures facilitating perfectly confidential communication can be constructed efficiently (in case that P = NP). 展开更多
关键词 risk management CRYPTOGRAPHY complexity theory NP-COMPLETENESS network security
下载PDF
Franchise Value Change Information of State-owned Commercial Bank and Securities Investment Risk
12
作者 HE Yun-long 《Journal of Modern Accounting and Auditing》 2007年第2期70-76,共7页
The investment strategy choice of state-owned commercial bank is related to its franchise value change information. This paper analyzes the franchise value change information of state-owned commercial bank. The franch... The investment strategy choice of state-owned commercial bank is related to its franchise value change information. This paper analyzes the franchise value change information of state-owned commercial bank. The franchise value change information shows that the franchise value of state-owned Commercial Bank is descending. Along with the descending of the franchise value, state-owned commercial bank strengthens its high risk investment motive when it chooses its investment strategy. State-owned commercial bank tends to run the high risk of investing securities because its investment variety is very sparse. Based on the theoretical principle of how to control securities investment risk, this paper proposes some countermeasures and suggestions that state-owned commercial bank strengthen the control of its securities investment risk in order to perfect its investment strategy. 展开更多
关键词 state-owned commercial bank franchise value change information investment strategy risk management
下载PDF
How Does the Internet Impact the Public's Perception of Information Security Risk?
13
作者 Yi Chengzhi 《Social Sciences in China》 2024年第2期184-206,共23页
Clarifying the relationship between internet use and public information security risk perception helps us gain a better understanding of the factors influencing public risk perception.However,the relationship is still... Clarifying the relationship between internet use and public information security risk perception helps us gain a better understanding of the factors influencing public risk perception.However,the relationship is still under-explored.This paper empirically examines the relationship between internet use and information security risk perception based on data from the 2021 Chinese Social Survey.It was found that whether to use the internet and the frequency of use are both significantly positively correlated with the perception of information security risk.On this basis,the mechanism by which internet use affects public information security risk perceptions is verified from the perspective of interpersonal trust.The mechanism analysis found that interpersonal trust exerts an indirect effect between internet use and perceived information security risk.The findings of this study provide new insights for our further understanding of how internet use affects residents'perceptions of securityrisk. 展开更多
关键词 internet use PUBLIC perceived information security risk
原文传递
Management Strategies of Information Assurance Utilizing Biometrics Authentication via Wireless Bio-Aesthitires of Endysis or Emphyteusis
14
作者 Panagiotis Petratos Soydemir Gokce 《通讯和计算机(中英文版)》 2012年第12期1372-1382,共11页
关键词 生物特征识别技术 信息安全保障 管理 无线 州立大学 生物识别技术 信息系统 识别方法
下载PDF
Study on risk analysis of supply chain enterprises 被引量:2
15
作者 Wu Xiaohui Zhong Xiaobing +1 位作者 Song Shiji Wu Cheng 《Journal of Systems Engineering and Electronics》 SCIE EI CSCD 2006年第4期781-787,共7页
The sources of supply chain enterprise risk from different aspects including material flow, information flow, cash flow and partner relationship is analyzed. Measures for risk reduction have also been summarized from ... The sources of supply chain enterprise risk from different aspects including material flow, information flow, cash flow and partner relationship is analyzed. Measures for risk reduction have also been summarized from the aspects of risk sharing, information sharing, change of inventory control mode, and supply chain flexibility. Finally, problems in current research on supply chain risk management are pointed out and a discussion on future research trend is presented. 展开更多
关键词 supply chain risk management risk analysis information sharing.
下载PDF
Fuzzy logic applied to value of information assessment in oil and gas projects 被引量:2
16
作者 Martin Vilela Gbenga Oluyemi Andrei Petrovski 《Petroleum Science》 SCIE CAS CSCD 2019年第5期1208-1220,共13页
The concept of value of information(VOI)has been widely used in the oil industry when making decisions on the acquisition of new data sets for the development and operation of oil fields.The classical approach to VOI ... The concept of value of information(VOI)has been widely used in the oil industry when making decisions on the acquisition of new data sets for the development and operation of oil fields.The classical approach to VOI assumes that the outcome of the data acquisition process produces crisp values,which are uniquely mapped onto one of the deterministic reservoir models representing the subsurface variability.However,subsurface reservoir data are not always crisp;it can also be fuzzy and may correspond to various reservoir models to different degrees.The classical approach to VOI may not,therefore,lead to the best decision with regard to the need to acquire new data.Fuzzy logic,introduced in the 1960 s as an alternative to the classical logic,is able to manage the uncertainty associated with the fuzziness of the data.In this paper,both classical and fuzzy theoretical formulations for VOI are developed and contrasted using inherently vague data.A case study,which is consistent with the future development of an oil reservoir,is used to compare the application of both approaches to the estimation of VOI.The results of the VOI process show that when the fuzzy nature of the data is included in the assessment,the value of the data decreases.In this case study,the results of the assessment using crisp data and fuzzy data change the decision from"acquire"the additional data(in the former)to"do not acquire"the additional data(in the latter).In general,different decisions are reached,depending on whether the fuzzy nature of the data is considered during the evaluation.The implications of these results are significant in a domain such as the oil and gas industry(where investments are huge).This work strongly suggests the need to define the data as crisp or fuzzy for use in VOI,prior to implementing the assessment to select and define the right approach. 展开更多
关键词 Value of information Fuzzy logic Uncertainty and risk management Oil and gas industry
下载PDF
Identification of Key Links in Electric Power Operation Based-Spatiotemporal Mixing Convolution Neural Network
17
作者 Lei Feng Bo Wang +2 位作者 Fuqi Ma Hengrui Ma Mohamed AMohamed 《Computer Systems Science & Engineering》 SCIE EI 2023年第8期1487-1501,共15页
As the scale of the power system continues to expand,the environment for power operations becomes more and more complex.Existing risk management and control methods for power operations can only set the same risk dete... As the scale of the power system continues to expand,the environment for power operations becomes more and more complex.Existing risk management and control methods for power operations can only set the same risk detection standard and conduct the risk detection for any scenario indiscriminately.Therefore,more reliable and accurate security control methods are urgently needed.In order to improve the accuracy and reliability of the operation risk management and control method,this paper proposes a method for identifying the key links in the whole process of electric power operation based on the spatiotemporal hybrid convolutional neural network.To provide early warning and control of targeted risks,first,the video stream is framed adaptively according to the pixel changes in the video stream.Then,the optimized MobileNet is used to extract the feature map of the video stream,which contains both time-series and static spatial scene information.The feature maps are combined and non-linearly mapped to realize the identification of dynamic operating scenes.Finally,training samples and test samples are produced by using the whole process image of a power company in Xinjiang as a case study,and the proposed algorithm is compared with the unimproved MobileNet.The experimental results demonstrated that the method proposed in this paper can accurately identify the type and start and end time of each operation link in the whole process of electric power operation,and has good real-time performance.The average accuracy of the algorithm can reach 87.8%,and the frame rate is 61 frames/s,which is of great significance for improving the reliability and accuracy of security control methods. 展开更多
关键词 security risk management key links identifications electric power operation spatiotemporal mixing convolution neural network MobileNet network
下载PDF
Towards an integrated risk analysis security framework according to a systematic analysis of existing proposals
18
作者 Antonio SANTOS-OLMO Luis Enrique SÁNCHEZ +4 位作者 David G.ROSADO Manuel A.SERRANO Carlos BLANCO Haralambos MOURATIDIS Eduardo FERNÁNDEZ-MEDINA 《Frontiers of Computer Science》 SCIE EI CSCD 2024年第3期199-216,共18页
The information society depends increasingly on risk assessment and management systems as means to adequately protect its key information assets.The availability of these systems is now vital for the protection and ev... The information society depends increasingly on risk assessment and management systems as means to adequately protect its key information assets.The availability of these systems is now vital for the protection and evolution of companies.However,several factors have led to an increasing need for more accurate risk analysis approaches.These are:the speed at which technologies evolve,their global impact and the growing requirement for companies to collaborate.Risk analysis processes must consequently adapt to these new circumstances and new technological paradigms.The objective of this paper is,therefore,to present the results of an exhaustive analysis of the techniques and methods offered by the scientific community with the aim of identifying their main weaknesses and providing a new risk assessment and management process.This analysis was carried out using the systematic review protocol and found that these proposals do not fully meet these new needs.The paper also presents a summary of MARISMA,the risk analysis and management framework designed by our research group.The basis of our framework is the main existing risk standards and proposals,and it seeks to address the weaknesses found in these proposals.MARISMA is in a process of continuous improvement,as is being applied by customers in several European and American countries.It consists of a risk data management module,a methodology for its systematic application and a tool that automates the process. 展开更多
关键词 information security management security system security risk assessment and management
原文传递
The History, Trend, Types, and Mitigation of Distributed Denial of Service Attacks
19
作者 Richard Kabanda Bertrand Byera +1 位作者 Henrietta Emeka Khaja Taiyab Mohiuddin 《Journal of Information Security》 2023年第4期464-471,共8页
Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global infor... Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat. 展开更多
关键词 DDoS (Distributed Denial of Service Attacks) and DoS (Denial of Service Attacks) DAC (DDoS Attack Coefficient) Flood SIEM (security information and Event management) CISA (Cybersecurity and Infrastructure security Agency) NIST (National Institute of Standards and Technology) XDR (Extended Detection and Response) ACK-SYN (Synchronize Acknowledge Packet) ICMP (Internet Control Message Protocol) Cyberwarfare
下载PDF
Development of a risk index for cross-border data movement 被引量:1
20
作者 Jin Li Wanting Dong +1 位作者 Chong Zhang Zihan Zhuo 《Data Science and Management》 2022年第3期97-104,共8页
Cross-border data transmission in the biomedical area is on the rise,which brings potential risks and management challenges to data security,biosafety,and national security.Focusing on cross-border data security asses... Cross-border data transmission in the biomedical area is on the rise,which brings potential risks and management challenges to data security,biosafety,and national security.Focusing on cross-border data security assessment and risk management,many countries have successively issued relevant laws,regulations,and assessment guidelines.This study aims to provide an index system model and management application reference for the risk assessment of the cross-border data movement.From the perspective of a single organization,the relevant risk assessment standards of several countries are integrated to guide the identification and determination of risk factors.Then,the risk assessment index system of cross-border data flow is constructed.A case study of risk assessment in 358 biomedical organizations is carried out,and the suggestions for data management are offered.This study is condusive to improving security monitoring and the early warning of the cross-border data flow,thereby realizing the safe and orderly global flow of biomedical data. 展开更多
关键词 Cross-border data Data security Biomedical data risk assessment Data management
下载PDF
上一页 1 2 235 下一页 到第
使用帮助 返回顶部