Cyber Resilience through Real-Time Threat Analysis in Information Security

This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].

A Tractable Approach to Analyzing the Physical-Layer Security in K-Tier Heterogeneous Cellular Networks

This study proposes a tractable approach to analyze the physical-layer security in the downlink of a multi-tier heterogeneous cellular network. This method is based on stochastic geometry, has low computational complexity, and uses the two-dimensional Poisson point process to model the locations of K-tier base stations and receivers, including those of legitimate users and eavesdroppers. Then, the achievable secrecy rates for an arbitrary user are determined and the upper and lower bounds of secrecy coverage probability derived on the condition that cross-tier interference is the main contributor to aggregate interference. Finally, our analysis results reveal the innate connections between information-theoretic security and the spatial densities of legitimate and malicious nodes.

Resource Allocation for Physical Layer Security in Heterogeneous Network with Hidden Eavesdropper

The tremendous performance gain of heterogeneous networks(Het Nets) is at the cost of complicated resource allocation. Considering information security, the resource allocation for Het Nets becomes much more challenging and this is the focus of this paper. In this paper, the eavesdropper is hidden from the macro base stations. To relax the unpractical assumption on the channel state information on eavesdropper, a localization based algorithm is first given. Then a joint resource allocation algorithm is proposed in our work, which simultaneously considers physical layer security, cross-tier interference and joint optimization of power and subcarriers under fairness requirements. It is revealed in our work that the considered optimization problem can be efficiently solved relying on convex optimization theory and the Lagrangian dual decomposition method is exploited to solve the considered problem effectively. Moreover, in each iteration the closed-form optimal resource allocation solutions can be obtained based on the Karush-Kuhn-Tucker(KKT) conditions. Finally, the simulation results are given to show the performance advantages of the proposed algorithm.

Key Technologies of Wireless Heterogeneous Network Security

Convergence and collaboration of heterogeneous networks in the next generation public mobile networks will be a subject of universal significance. Convergence of heterogeneous networks, as an effective approach to improve the coverage and capacity of public mobile network, to enable communication services, to provide Internet access and to enable mobile computing from everywhere, has drawn widespread attention for its good prospects in application. Construction of security system for wireless heterogeneous networks and development of new security models, key security techniques and approaches are critical and mandatory in heterogeneous networks development. Key technology of wireless heterogeneous networks security covers security routing protocol, access authentication, intrusion detection system, cooperative communication between nodes, etc.

Study on Architecture-Oriented Information Security Management Model for Using Mobile Devices Control

The popularization of mobile devices has caused considerable impact on the security of the military of the Republic of China.The military barrack-areas have long been faced the control of mobile devices four issues:the lack of accurate use of resources,the lack of protection of the mobile device from the overall point of view,the unclear division of responsibility among specialized agencies,and unclear members’responsibilities for their own duties.This study applies the structure behavior coalescence(SBC)methodology to integrate the organizational structure of the participating management and control units with effective management behaviors in a visualized and useful manner.The units can effectively communicate with each other and solve the four issues faced by the military barrack-areas for the control of mobile devices.This research fulfills improving the lack of control of the military mobile devices by using of management resources effectively and the establishment of mobile devices management with the overall concept,and strengthening the rights and responsibilities and information security awareness,through the logical verification and enterprise interview results.

Cost management based security framework in mobile ad hoc networks

Security issues are always difficult to deal with in mobile ad hoc networks. People seldom studied the costs of those security schemes respectively and for some security methods designed and adopted beforehand, their effects are often investigated one by one. In fact, when facing certain attacks, different methods would respond individually and result in waste of resources. Making use of the cost management idea, we analyze the costs of security measures in mobile ad hoc networks and introduce a security framework based on security mechanisms cost management. Under the framework, the network system’s own tasks can be finished in time and the whole network’s security costs can be decreased. We discuss the process of security costs computation at each mobile node and in certain nodes groups. To show how to use the proposed security framework in certain applications, we give examples of DoS attacks and costs computation of defense methods. The results showed that more secure environment can be achieved based on the security framework in mobile ad hoc networks.

Security Management Measures for Library Computer Network

Informationization and automation are important in library management due to the development of computer technology and network technology.Although computer networks bring great convenience and improvement to library management’s efficiency and quality,there are many security issues that could tag along with networks.The library information is prone to leak due to virus and hackers as well as the transparency of the network.Thus,this leads to a high security risk in library management.Therefore,this paper mainly analyses the security management strategies of library computer networks.

Information Security Management Measures for College Archives Under the Network Environment

The construction of archives in colleges and universities in China is in the process of development and improvement.With the development information technology,the informatization of college archives has been accelerated.Network technology is developing rapidly in our country,and the number of network users has increased significantly.The use of network technology in university archives management can improve the management efficiency and quality of archives,but the safety factor has dropped significantly.For example,the archival system may face many problems such as virus infection,system paralysis,or cyberattacks,which affects the security of the university archives.Therefore,this paper presents an analysis of these problems in detail,and proposes corresponding solutions,so as to optimize and improve the information security management of college archives.

TRUSED:A Trust-Based Security Evaluation Scheme for A Distributed Control System

Distributed control systems(DCS)have revolutionized the communication process and attracted more interest due to their pervasive computing nature(cyber/physical),their monitoring capabilities and the benefits they offer.However,due to distributed communication,flexible network topologies and lack of central control,the traditional security strategies are inadequate formeeting the unique characteristics ofDCS.Moreover,malicious and untrustworthy nodes pose a significant threat during the formation of a DCS network.Trust-based secure systems not only monitor and track the behavior of the nodes but also enhance the security by identifying and isolating the malicious node,which reduces the risk and increases network lifetime.In this research,we offer TRUSED,a trust-based security evaluation scheme that both,directly and indirectly,estimates each node’s level of trustworthiness,incorporating the cumulative trust concept.In addition,simulation results show that the proposed technique can effectively identify malicious nodes,determine their node’s trustworthiness rating,and improve the packet delivery ratio.

Enhance Vertical Handover Security During Execution Phase in Mobile Networks

The Vertical Handover(VHO)is one of the most vital features provided for the heterogeneous mobile networks.It allows Mobile Users(MUs)to keep ongoing sessions without disruption while they continuously move between different Radio Access Technologies(RATs)such as Wireless Fidelity(Wi-Fi),Global System for Mobile Communication(GSM),Universal Mobile Telecommunications System(UMTS),Long Term Evolution(LTE)and Fifth Generation(5G).In order to fulfill this goal,the VHO must comply to three main phases:starting of collecting the required information and then passing it for decision phase to obtain the best available RAT for performing VHO by execution phase eventually.However,the execution phase still encounters some security issues which are exploited by hackers in launching malicious attacks such as ransomware,fragmentation,header manipulation,smurf,host initialization,reconnaissance,eavesdropping,Denial of Service(DoS),spoofing,Man in the Middle(MITM)and falsification.This paper thoroughly studies the recent security issues for hundreds VHO approaches found in the literature and comes up with a secure procedure to enhance VHO security during execution phase.A numerical analysis results of the proposed procedure are effectively evaluated in terms of security and signaling cost.Compared with the recent related work found in literature,the analysis demonstrates that the security is successfully improved by 20%whereas signaling cost is maintained as in non-proposed procedure.

Security: A Core Issue in Mobile <i>Ad hoc</i>Networks

Computation is spanning from PC to Mobile devices. The Mobile Ad hoc Networks (MANETs) are optimal choice to accommodate this growing trend but there is a problem, security is the core issue. MANETs rely on wireless links for communication. Wireless networks are considered more exposed to security attacks as compared to wired networks, especially;MANETs are the soft target due to vulnerable in nature. Lack of infrastructure, open peer to peer connectivity, shared wireless medium, dynamic topology and scalability are the key characteristics of MANETs which make them ideal for security attacks. In this paper, we shall discuss in detail, what does security mean, why MANETs are more susceptible to security attacks than wired networks, taxonomy of network attacks and layer wise analysis of network attacks. Finally, we shall propose solutions to meet the security challenges, according to our framed security criteria.

Web Security and Log Management: An Application Centric Perspective

The World Wide Web has been an environment with many security threats and lots of reported cases of security breaches. Various tools and techniques have been applied in trying to curb this problem, however new attacks continue to plague the Internet. We discuss risks that affect web applications and explain how network-centric and host-centric techniques, as much as they are crucial in an enterprise, lack necessary depth to comprehensively analyze overall application security. The nature of web applications to span a number of servers introduces a new dimension of security requirement that calls for a holistic approach to protect the information asset regardless of its physical or logical separation of modules and tiers. We therefore classify security mechanisms as either infrastructure-centric or application-centric based on what asset is being secured. We then describe requirements for such application-centric security mechanisms.

Security,Controllability,Manageability and Survivability in Trustworthy Network

The Internet plays increasingly important roles in everyone's life; however, the existence of a mismatch between the basic architectural idea beneath the Internet and the emerging requirements for it is becoming more and more obvious. Although the Internet community came up with a consensus that the future network should be trustworthy, the concept of 'trustworthy networks' and the ways leading us to a trustworthy network are not yet clear. This research insists that the security, controllability, manageability, and survivability should be basic properties of a trustworthy network. The key ideas and techniques involved in these properties are studied, and recent developments and progresses are surveyed. At the same time, the technical trends and challenges are briefly discussed. The network trustworthiness could and should be eventually achieved.

On an Interactive Network Security Measur

An interactive network security measure and a description of its function as well as its principle are presented. Based on the existing security loopholes and bugs in operating systems, this measure focuses on the restrictive condition of security and the establishment of configuration files. Under the control and administration of the secure management of configuration files, each system module brings much flexibility, adaptability and high-level security. The security detecting and managing software used in UNIX based on this measure has obtained good results, achieving the goal of automatically detecting and handling inner and outer system-violation and system abuse.

信息安全中Safety与Security的比较研究

文章针对Security和Safety在信息网络安全领域和在具体行业中应用的含义进行了探讨,给出了它们的相关定义,对信息安全风险评估、风险管理、等级保护及信息安全评价指标体系的研究具有一定的指导意义。

Quality of Service and Security on Cisco Network Devices, Coupled with the Development of a Mobile Application Prototype Software for Server Room Temperature Monitoring

In an era where digital technology is paramount, higher education institutions like the University of Zambia (UNZA) are employing advanced computer networks to enhance their operational capacity and offer cutting-edge services to their academic fraternity. Spanning across the Great East Road campus, UNZA has established one of the most extensive computer networks in Zambia, serving a burgeoning community of over 20,000 active users through a Metropolitan Area Network (MAN). However, as the digital landscape continues to evolve, it is besieged with burgeoning challenges that threaten the very fabric of network integrity—cyber security threats and the imperatives of maintaining high Quality of Service (QoS). In an effort to mitigate these threats and ensure network efficiency, the development of a mobile application to monitor temperatures in the server room was imperative. According to L. Wei, X. Zeng, and T. Shen, the use of wireless sensory networks to monitor the temperature of train switchgear contact points represents a cost-effective solution. The system is based on wireless communication technology and is detailed in their paper, “A wireless solution for train switchgear contact temperature monitoring and alarming system based on wireless communication technology”, published in the International Journal of Communications, Network and System Sciences, vol. 8, no. 4, pp. 79-87, 2015 [1]. Therefore, in this study, a mobile application technology was explored for monitoring of temperatures in the server room in order to aid Cisco device performance. Additionally, this paper also explores the hardening of Cisco device security and QoS which are the cornerstones of this study.