期刊文献+
共找到5,543篇文章
< 1 2 250 >
每页显示 20 50 100
Systematic Security Guideline Framework through Intelligently Automated Vulnerability Analysis
1
作者 Dahyeon Kim Namgi Kim Junho Ahn 《Computers, Materials & Continua》 SCIE EI 2024年第3期3867-3889,共23页
This research aims to propose a practical framework designed for the automatic analysis of a product’s comprehensive functionality and security vulnerabilities,generating applicable guidelines based on real-world sof... This research aims to propose a practical framework designed for the automatic analysis of a product’s comprehensive functionality and security vulnerabilities,generating applicable guidelines based on real-world software.The existing analysis of software security vulnerabilities often focuses on specific features or modules.This partial and arbitrary analysis of the security vulnerabilities makes it challenging to comprehend the overall security vulnerabilities of the software.The key novelty lies in overcoming the constraints of partial approaches.The proposed framework utilizes data from various sources to create a comprehensive functionality profile,facilitating the derivation of real-world security guidelines.Security guidelines are dynamically generated by associating functional security vulnerabilities with the latest Common Vulnerabilities and Exposure(CVE)and Common Vulnerability Scoring System(CVSS)scores,resulting in automated guidelines tailored to each product.These guidelines are not only practical but also applicable in real-world software,allowing for prioritized security responses.The proposed framework is applied to virtual private network(VPN)software,wherein a validated Level 2 data flow diagram is generated using the Spoofing,Tampering,Repudiation,Information Disclosure,Denial of Service,and Elevation of privilege(STRIDE)technique with references to various papers and examples from related software.The analysis resulted in the identification of a total of 121 vulnerabilities.The successful implementation and validation demonstrate the framework’s efficacy in generating customized guidelines for entire systems,subsystems,and selected modules. 展开更多
关键词 FRAMEWORK AUTOMATION vulnerability analysis security GUIDELINES
下载PDF
MV-Honeypot:Security Threat Analysis by Deploying Avatar as a Honeypot in COTS Metaverse Platforms
2
作者 Arpita Dinesh Sarang Mohsen Ali Alawami Ki-Woong Park 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第10期655-669,共15页
Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes.Therefore,the Avatar and Metav... Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes.Therefore,the Avatar and Metaverse are being developed with a new theory,application,and design,necessitating the association of more personal data and devices of targeted users every day.This Avatar and Metaverse technology explosion raises privacy and security concerns,leading to cyber attacks.MV-Honeypot,or Metaverse-Honeypot,as a commercial off-the-shelf solution that can counter these cyber attack-causing vulnerabilities,should be developed.To fill this gap,we study user’s engagements with Avatars in Metaverse,analyze possible security vulnerabilities,and create a model named Simplified Avatar Relationship Association with Non-linear Gradient(SARANG)that draws the full diagram of infrastructure components and data flow through accessing Metaverse in this paper.We also determine the most significant threat for each component’s cyberattacks that will affect user data and Avatars.As a result,the commercial off-the-shelf(COTS)of the MV-Honeypot must be established. 展开更多
关键词 AVATAR metaverse CYBERsecurity cloud computing internet of things artificial intelligence security analysis
下载PDF
Design & Test of an Advanced Web Security Analysis Tool (AWSAT)
3
作者 Meenakshi S. P. Manikandaswamy Vijay Madisetti 《Journal of Software Engineering and Applications》 2024年第5期448-461,共14页
Considering the escalating frequency and sophistication of cyber threats targeting web applications, this paper proposes the development of an automated web security analysis tool to address the accessibility gap for ... Considering the escalating frequency and sophistication of cyber threats targeting web applications, this paper proposes the development of an automated web security analysis tool to address the accessibility gap for non-security professionals. This paper presents the design and implementation of an automated web security analysis tool, AWSAT, aimed at enabling individuals with limited security expertise to effectively assess and mitigate vulnerabilities in web applications. Leveraging advanced scanning techniques, the tool identifies common threats such as Cross-Site Scripting (XSS), SQL Injection, and Cross-Site Request Forgery (CSRF), providing detailed reports with actionable insights. By integrating sample payloads and reference study links, the tool facilitates informed decision-making in enhancing the security posture of web applications. Through its user-friendly interface and robust functionality, the tool aims to democratize web security practices, empowering a wider audience to proactively safeguard against cyber threats. 展开更多
关键词 Web security Automated analysis Vulnerability Assessment Web Scanning Cross-Site Scripting SQL Injection Cross-Site Request Forgery
下载PDF
Cyber Resilience through Real-Time Threat Analysis in Information Security
4
作者 Aparna Gadhi Ragha Madhavi Gondu +1 位作者 Hitendra Chaudhary Olatunde Abiona 《International Journal of Communications, Network and System Sciences》 2024年第4期51-67,共17页
This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t... This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1]. 展开更多
关键词 Cybersecurity Information security Network security Cyber Resilience Real-Time Threat analysis Cyber Threats Cyberattacks Threat Intelligence Machine Learning Artificial Intelligence Threat Detection Threat Mitigation Risk Assessment Vulnerability Management Incident Response security Orchestration Automation Threat Landscape Cyber-Physical Systems Critical Infrastructure Data Protection Privacy Compliance Regulations Policy Ethics CYBERCRIME Threat Actors Threat Modeling security Architecture
下载PDF
Towards Fully Secure 5G Ultra-Low Latency Communications: A Cost-Security Functions Analysis
5
作者 Borja Bordel Ramón Alcarria +3 位作者 Joaquin Chung Rajkumar Kettimuthu Tomás Robles Iván Armuelles 《Computers, Materials & Continua》 SCIE EI 2023年第1期855-880,共26页
Future components to enhance the basic,native security of 5G networks are either complex mechanisms whose impact in the requiring 5G communications are not considered,or lightweight solutions adapted to ultrareliable ... Future components to enhance the basic,native security of 5G networks are either complex mechanisms whose impact in the requiring 5G communications are not considered,or lightweight solutions adapted to ultrareliable low-latency communications(URLLC)but whose security properties remain under discussion.Although different 5G network slices may have different requirements,in general,both visions seem to fall short at provisioning secure URLLC in the future.In this work we address this challenge,by introducing cost-security functions as a method to evaluate the performance and adequacy of most developed and employed non-native enhanced security mechanisms in 5G networks.We categorize those new security components into different groups according to their purpose and deployment scope.We propose to analyze them in the context of existing 5G architectures using two different approaches.First,using model checking techniques,we will evaluate the probability of an attacker to be successful against each security solution.Second,using analytical models,we will analyze the impact of these security mechanisms in terms of delay,throughput consumption,and reliability.Finally,we will combine both approaches using stochastic cost-security functions and the PRISM model checker to create a global picture.Our results are first evidence of how a 5G network that covers and strengthened all security areas through enhanced,dedicated non-native mechanisms could only guarantee secure URLLC with a probability of∼55%. 展开更多
关键词 5G networks security analysis secure low latency COMMUNICATIONS URLLC eMBBC
下载PDF
Optimal Unification of Static and Dynamic Features for Smartphone Security Analysis
6
作者 Sumit Kumar S.Indu Gurjit Singh Walia 《Intelligent Automation & Soft Computing》 SCIE 2023年第1期1035-1051,共17页
Android Smartphones are proliferating extensively in the digital world due to their widespread applications in a myriad offields.The increased popularity of the android platform entices malware developers to design ma... Android Smartphones are proliferating extensively in the digital world due to their widespread applications in a myriad offields.The increased popularity of the android platform entices malware developers to design malicious apps to achieve their malevolent intents.Also,static analysis approaches fail to detect run-time behaviors of malicious apps.To address these issues,an optimal unification of static and dynamic features for smartphone security analysis is proposed.The proposed solution exploits both static and dynamic features for generating a highly distinct unified feature vector using graph based cross-diffusion strategy.Further,a unified feature is subjected to the fuzzy-based classification model to distinguish benign and malicious applications.The suggested framework is extensively experimentally validated through both qualitative and quantitative analysis and results are compared with the existing solutions.Performance evaluation over benchmarked datasets from Google Play Store,Drebin,Androzoo,AMD,and CICMalDroid2020 revealed that the suggested solution outperforms state-of-the-art methods.We achieve average detection accuracy of 98.62%and F1 Score of 0.9916. 展开更多
关键词 FUSION SMARTPHONE ANDROID security analysis malware detection
下载PDF
Public Sentiment Analysis of Social Security Emergencies Based on Feature Fusion Model of BERT and TextLevelGCN
7
作者 Linli Wang Hu Wang Hanlu Lei 《Journal of Computer and Communications》 2023年第5期194-204,共11页
At present, the emotion classification method of Weibo public opinions based on graph neural network cannot solve the polysemy problem well, and the scale of global graph with fixed weight is too large. This paper pro... At present, the emotion classification method of Weibo public opinions based on graph neural network cannot solve the polysemy problem well, and the scale of global graph with fixed weight is too large. This paper proposes a feature fusion network model Bert-TextLevelGCN based on BERT pre-training and improved TextGCN. On the one hand, Bert is introduced to obtain the initial vector input of graph neural network containing rich semantic features. On the other hand, the global graph connection window of traditional TextGCN is reduced to the text level, and the message propagation mechanism of global sharing is applied. Finally, the output vector of BERT and TextLevelGCN is fused by interpolation update method, and a more robust mapping of positive and negative sentiment classification of public opinion text of “Tangshan Barbecue Restaurant beating people” is obtained. In the context of the national anti-gang campaign, it is of great significance to accurately and efficiently analyze the emotional characteristics of public opinion in sudden social violence events with bad social impact, which is of great significance to improve the government’s public opinion warning and response ability to public opinion in sudden social security events. . 展开更多
关键词 Social security Emergencies Network Public Opinion Emotion analysis Graph Neural Network TextLevelGCN BERT
下载PDF
Appraising the Manifestation of Optimism Bias and Its Impact on Human Perception of Cyber Security: A Meta Analysis
8
作者 Khaled M. Alnifie Charles Kim 《Journal of Information Security》 2023年第2期93-110,共18页
Cyber threats and risks are increasing exponentially with time. For preventing and defense against these threats and risks, precise risk perception for effective mitigation is the first step. Risk perception is necess... Cyber threats and risks are increasing exponentially with time. For preventing and defense against these threats and risks, precise risk perception for effective mitigation is the first step. Risk perception is necessary requirement to mitigate risk as it drives the security strategy at the organizational level and human attitude at individual level. Sometime, individuals understand there is a risk that a negative event or incident can occur, but they do not believe there will be a personal impact if the risk comes to realization but instead, they believe that the negative event will impact others. This belief supports the common belief that individuals tend to think of themselves as invulnerable, i.e., optimistically bias about the situation, thus affecting their attitude for taking preventive measures due to inappropriate risk perception or overconfidence. The main motivation of this meta-analysis is to assess that how the cyber optimistic bias or cyber optimism bias affects individual’s cyber security risk perception and how it changes their decisions. Applying a meta-analysis, this study found that optimistic bias has an overall negative impact on the cyber security due to the inappropriate risk perception and considering themselves invulnerable by biasing that the threat will not occur to them. Due to the cyber optimism bias, the individual will sometimes share passwords by considering it will not be maliciously used, lack in adopting of preventive measures, ignore security incidents, wrong perception of cyber threats and overconfidence on themselves in the context of cyber security. 展开更多
关键词 Cyber security META-analysis Optimistic Bias Optimism Bias Risk Perception Cognitive Bias
下载PDF
Software Vulnerability Mining and Analysis Based on Deep Learning
9
作者 Shibin Zhao Junhu Zhu Jianshan Peng 《Computers, Materials & Continua》 SCIE EI 2024年第8期3263-3287,共25页
In recent years,the rapid development of computer software has led to numerous security problems,particularly software vulnerabilities.These flaws can cause significant harm to users’privacy and property.Current secu... In recent years,the rapid development of computer software has led to numerous security problems,particularly software vulnerabilities.These flaws can cause significant harm to users’privacy and property.Current security defect detection technology relies on manual or professional reasoning,leading to missed detection and high false detection rates.Artificial intelligence technology has led to the development of neural network models based on machine learning or deep learning to intelligently mine holes,reducing missed alarms and false alarms.So,this project aims to study Java source code defect detection methods for defects like null pointer reference exception,XSS(Transform),and Structured Query Language(SQL)injection.Also,the project uses open-source Javalang to translate the Java source code,conducts a deep search on the AST to obtain the empty syntax feature library,and converts the Java source code into a dependency graph.The feature vector is then used as the learning target for the neural network.Four types of Convolutional Neural Networks(CNN),Long Short-Term Memory(LSTM),Bi-directional Long Short-Term Memory(BiLSTM),and Attention Mechanism+Bidirectional LSTM,are used to investigate various code defects,including blank pointer reference exception,XSS,and SQL injection defects.Experimental results show that the attention mechanism in two-dimensional BLSTM is the most effective for object recognition,verifying the correctness of the method. 展开更多
关键词 Vulnerability mining software security deep learning static analysis
下载PDF
Novel Static Security and Stability Control of Power Systems Based on Artificial Emotional Lazy Q-Learning
10
作者 Tao Bao Xiyuan Ma +3 位作者 Zhuohuan Li Duotong Yang Pengyu Wang Changcheng Zhou 《Energy Engineering》 EI 2024年第6期1713-1737,共25页
The stability problem of power grids has become increasingly serious in recent years as the size of novel power systems increases.In order to improve and ensure the stable operation of the novel power system,this stud... The stability problem of power grids has become increasingly serious in recent years as the size of novel power systems increases.In order to improve and ensure the stable operation of the novel power system,this study proposes an artificial emotional lazy Q-learning method,which combines artificial emotion,lazy learning,and reinforcement learning for static security and stability analysis of power systems.Moreover,this study compares the analysis results of the proposed method with those of the small disturbance method for a stand-alone power system and verifies that the proposed lazy Q-learning method is able to effectively screen useful data for learning,and improve the static security stability of the new type of power system more effectively than the traditional proportional-integral-differential control and Q-learning methods. 展开更多
关键词 Artificial sentiment static secure stable analysis Q-LEARNING lazy learning data filtering
下载PDF
Renewal Needs and Solutions for Urban Old Communities under the Guidance of Resilient Security
11
作者 ZHOU Xu LIU Zihan +1 位作者 SUN Ziin YANG Peizhe 《Journal of Landscape Research》 2024年第5期15-18,26,共5页
The renewal strategy guided by resilient security aims to enhance the community’s resistance and resilience to natural disasters and other emergency situations,ensuring that the community can quickly restore normal f... The renewal strategy guided by resilient security aims to enhance the community’s resistance and resilience to natural disasters and other emergency situations,ensuring that the community can quickly restore normal functions in the face of shocks.By enhancing the resilience of the community,residents’sense of security and satisfaction can be improved,while promoting the long-term stability and prosperity of the city.Using methods such as literature review,case analysis,and demand investigation,this paper investigates the needs and strategies for the renewal of urban old communities,and explores the demand analysis and solutions for the renewal of urban old communities under the guidance of resilient security.This paper aims to address the lack of resilience in old communities caused by outdated construction,aging infrastructure,and insufficient public services,as well as how to improve the adaptability,resilience,and transformation ability of communities through renovation and transformation. 展开更多
关键词 Resilient security Old community Community renewal Demand analysis Implementation path
下载PDF
Fine-Tuning Cyber Security Defenses: Evaluating Supervised Machine Learning Classifiers for Windows Malware Detection
12
作者 Islam Zada Mohammed Naif Alatawi +4 位作者 Syed Muhammad Saqlain Abdullah Alshahrani Adel Alshamran Kanwal Imran Hessa Alfraihi 《Computers, Materials & Continua》 SCIE EI 2024年第8期2917-2939,共23页
Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malwar... Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malware detection.However,there remains a need for comprehensive studies that compare the performance of different classifiers specifically for Windows malware detection.Addressing this gap can provide valuable insights for enhancing cybersecurity strategies.While numerous studies have explored malware detection using machine learning techniques,there is a lack of systematic comparison of supervised classifiers for Windows malware detection.Understanding the relative effectiveness of these classifiers can inform the selection of optimal detection methods and improve overall security measures.This study aims to bridge the research gap by conducting a comparative analysis of supervised machine learning classifiers for detecting malware on Windows systems.The objectives include Investigating the performance of various classifiers,such as Gaussian Naïve Bayes,K Nearest Neighbors(KNN),Stochastic Gradient Descent Classifier(SGDC),and Decision Tree,in detecting Windows malware.Evaluating the accuracy,efficiency,and suitability of each classifier for real-world malware detection scenarios.Identifying the strengths and limitations of different classifiers to provide insights for cybersecurity practitioners and researchers.Offering recommendations for selecting the most effective classifier for Windows malware detection based on empirical evidence.The study employs a structured methodology consisting of several phases:exploratory data analysis,data preprocessing,model training,and evaluation.Exploratory data analysis involves understanding the dataset’s characteristics and identifying preprocessing requirements.Data preprocessing includes cleaning,feature encoding,dimensionality reduction,and optimization to prepare the data for training.Model training utilizes various supervised classifiers,and their performance is evaluated using metrics such as accuracy,precision,recall,and F1 score.The study’s outcomes comprise a comparative analysis of supervised machine learning classifiers for Windows malware detection.Results reveal the effectiveness and efficiency of each classifier in detecting different types of malware.Additionally,insights into their strengths and limitations provide practical guidance for enhancing cybersecurity defenses.Overall,this research contributes to advancing malware detection techniques and bolstering the security posture of Windows systems against evolving cyber threats. 展开更多
关键词 security and privacy challenges in the context of requirements engineering supervisedmachine learning malware detection windows systems comparative analysis Gaussian Naive Bayes K Nearest Neighbors Stochastic Gradient Descent Classifier Decision Tree
下载PDF
Systematic Literature Review on Cloud Computing Security: Threats and Mitigation Strategies
13
作者 Sina Ahmadi 《Journal of Information Security》 2024年第2期148-167,共20页
Cloud computing plays a significant role in modern information technology, providing organizations with numerous benefits, including flexibility, scalability, and cost-efficiency. However, it has become essential for ... Cloud computing plays a significant role in modern information technology, providing organizations with numerous benefits, including flexibility, scalability, and cost-efficiency. However, it has become essential for organizations to ensure the security of their applications, data, and cloud-based networks to use cloud services effectively. This systematic literature review aims to determine the latest information regarding cloud computing security, with a specific emphasis on threats and mitigation strategies. Additionally, it highlights some common threats related to cloud computing security, such as distributed denial-of-service (DDoS) attacks, account hijacking, malware attacks, and data breaches. This research also explores some mitigation strategies, including security awareness training, vulnerability management, security information and event management (SIEM), identity and access management (IAM), and encryption techniques. It discusses emerging trends in cloud security, such as integrating artificial intelligence (AI) and machine learning (ML), serverless computing, and containerization, as well as the effectiveness of the shared responsibility model and its related challenges. The importance of user awareness and the impact of emerging technologies on cloud security have also been discussed in detail to mitigate security risks. A literature review of previous research and scholarly articles has also been conducted to provide insights regarding cloud computing security. It shows the need for continuous research and innovation to address emerging threats and maintain a security-conscious culture in the company. 展开更多
关键词 Cloud security Threat analysis Mitigation Strategies Emerging Trends Ethi-cal Considerations Data analysis
下载PDF
Application of periodic orbit theory in chaos-based security analysis 被引量:3
14
作者 龙敏 丘水生 《Chinese Physics B》 SCIE EI CAS CSCD 2007年第8期2254-2258,共5页
Chaos-based encryption schemes have been studied extensively, while the security analysis methods for them are still problems to be resolved. Based on the periodic orbit theory, this paper proposes a novel security an... Chaos-based encryption schemes have been studied extensively, while the security analysis methods for them are still problems to be resolved. Based on the periodic orbit theory, this paper proposes a novel security analysis method. The periodic orbits theory indicates that the fundamental frequency of the spiraling orbits is the natural frequency of associated linearized system, which is decided by the parameters of the chaotic system. Thus, it is possible to recover the plaintext of secure communication systems based on chaotic shift keying by getting the average time on the spiraling orbits. Analysis and simulation results show that the security analysis method can break chaos shift keying secure communication systems, which use the parameters as keys. 展开更多
关键词 periodic orbit theory secure communication chaos-based security analysis
下载PDF
Comprehensive security risk factor identification for small reservoirs with heterogeneous data based on grey relational analysis model 被引量:6
15
作者 Jing-chun Feng Hua-ai Huang +1 位作者 Yao Yin Ke Zhang 《Water Science and Engineering》 EI CAS CSCD 2019年第4期330-338,共9页
Identification of security risk factors for small reservoirs is the basis for implementation of early warning systems.The manner of identification of the factors for small reservoirs is of practical significance when ... Identification of security risk factors for small reservoirs is the basis for implementation of early warning systems.The manner of identification of the factors for small reservoirs is of practical significance when data are incomplete.The existing grey relational models have some disadvantages in measuring the correlation between categorical data sequences.To this end,this paper introduces a new grey relational model to analyze heterogeneous data.In this study,a set of security risk factors for small reservoirs was first constructed based on theoretical analysis,and heterogeneous data of these factors were recorded as sequences.The sequences were regarded as random variables,and the information entropy and conditional entropy between sequences were measured to analyze the relational degree between risk factors.Then,a new grey relational analysis model for heterogeneous data was constructed,and a comprehensive security risk factor identification method was developed.A case study of small reservoirs in Guangxi Zhuang Autonomous Region in China shows that the model constructed in this study is applicable to security risk factor identification for small reservoirs with heterogeneous and sparse data. 展开更多
关键词 security risk factor identification Heterogeneous data Grey relational analysis model Relational degree Information entropy Conditional entropy Small reservoir GUANGXI
下载PDF
Quantitative analysis of the dynamic change and spatial differences of the ecological security: a case study of Loess Plateau in northern Shaanxi Province 被引量:5
16
作者 LI Jing REN Zhiyuan ZHOU Zixiang 《Journal of Geographical Sciences》 SCIE CSCD 2006年第2期251-256,共6页
Using the theory and method of the ecological footprint, and combining the changes of regional land use, resource environment, population, society and economy, this paper calculated the ecological footprint, ecologica... Using the theory and method of the ecological footprint, and combining the changes of regional land use, resource environment, population, society and economy, this paper calculated the ecological footprint, ecological carrying capacity and ecological surplus/loss in 1986-2002 on the Loess Plateau in northern Shaanxi Province. What is more, this paper has put forward the concept of ecological pressure index, set up ecological pressure index models, and ecological security grading systems, and the prediction models of different ecological footprints, ecological carrying capacity, ecological surplus and ecological safety change, and also has assessed the ecological footprint demands of 10,000 yuan GDE The results of this study are as follows: (1) the ecological carrying capacity in northern Shaanxi shows a decreasing trend, the difference of reducing range is the fastest; (2) the ecological footprint appears an increasing trend; (3) ecological pressure index rose to 0.91 from 0.44 during 1986-2002 on the Loess Plateau of northern Shaanxi with an increase of 47%; and (4) the ecological security in the study area is in a critical state, and the ecological oressure index has been increasing rapidlv. 展开更多
关键词 regional ecological security dynamic change spatial difference quantitative analysis the Loess Plateau in northern Shaanxi Province
下载PDF
Evaluation on Urban Land Ecological Security Based on the PSR Model and Matter-Element Analysis: A Case Study of Zhuhai, Guangdong, China 被引量:4
17
作者 LI Shuang 《Journal of Landscape Research》 2019年第3期82-88,92,共8页
As one of the Special Economic Zones since the reform and opening up, Zhuhai has developed during the past 30 years. Its economic development, industrial structure and ecological environment have undergone great chang... As one of the Special Economic Zones since the reform and opening up, Zhuhai has developed during the past 30 years. Its economic development, industrial structure and ecological environment have undergone great changes. Research on changes in Zhuhai’s land ecological security is of great significance. Using relevant data from 2007-2012, this study established a land ecological security assessment system based on the PSR conceptual framework model. The system contained 18 indicators from 3 aspects according to the concrete features of Zhuhai. Then we used the matterelement analysis and the improved entropy weight to analyze and evaluate the land ecological security of Zhuhai. The results showed that: from 2007 to 2012, the levels of the land ecological security of Zhuhai were “secure”, and the value increased year by year;as the land ecological security response value increased, Zhuhai was capable of solving land ecosystem problems. However, it should be noted that the structure of land ecosystem in Zhuhai has not formed and that rapid expansion of construction land has caused the shortage of cultivated land and other issues. Measures should be taken to control the construction area, improve land intensive utilization and improve the land ecological security. 展开更多
关键词 Land ECOLOGICAL security PSR model MATTER-ELEMENT analysis Improved ENTROPY WEIGHT Zhuhai
下载PDF
Benchmarking Approach to Compare Web Applications Static Analysis Tools Detecting OWASP Top Ten Security Vulnerabilities 被引量:4
18
作者 Juan R.Bermejo Higuera Javier Bermejo Higuera +2 位作者 Juan A.Sicilia Montalvo Javier Cubo Villalba Juan JoséNombela Pérez 《Computers, Materials & Continua》 SCIE EI 2020年第9期1555-1577,共23页
To detect security vulnerabilities in a web application,the security analyst must choose the best performance Security Analysis Static Tool(SAST)in terms of discovering the greatest number of security vulnerabilities ... To detect security vulnerabilities in a web application,the security analyst must choose the best performance Security Analysis Static Tool(SAST)in terms of discovering the greatest number of security vulnerabilities as possible.To compare static analysis tools for web applications,an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project(OWASP)Top Ten project is required.The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows that the different design and implementation of those tools has different effectiveness rates in terms of security performance.Given the significant cost of commercial tools,this paper studies the performance of seven static tools using a new methodology proposal and a new benchmark designed for vulnerability categories included in the known standard OWASP Top Ten project.Thus,the practitioners will have more precise information to select the best tool using a benchmark adapted to the last versions of OWASP Top Ten project.The results of this work have been obtaining using widely acceptable metrics to classify them according to three different degree of web application criticality. 展开更多
关键词 Web application benchmark security vulnerability security analysis Static Tools assessment methodology false positive false negative precision F-MEASURE
下载PDF
HASN:A Hierarchical Attack Surface Network for System Security Analysis 被引量:1
19
作者 Kangyu Huang Lin Yang +2 位作者 Renfang Fu Shengli Zhou Zheng Hong 《China Communications》 SCIE CSCD 2019年第5期137-157,共21页
Attack surfaces, as one of the security models, can help people to analyse the security of systems in cyberspace, such as risk assessment by utilizing various security metrics or providing a cost-effective network har... Attack surfaces, as one of the security models, can help people to analyse the security of systems in cyberspace, such as risk assessment by utilizing various security metrics or providing a cost-effective network hardening solution. Numerous attack surface models have been proposed in the past decade,but they are not appropriate for describing complex systems with heterogeneous components. To address this limitation, we propose to use a two-layer Hierarchical Attack Surface Network(HASN) that models the data interactions and resource distribution of the system in a component-oriented view. First, we formally define the HASN by extending the entry point and exit point framework. Second, in order to assess data input risk and output risk on the HASN, we propose two behaviour models and two simulation-based risk metrics. Last, we conduct experiments for three network systems. Our experimental results show that the proposed approach is applicable and effective. 展开更多
关键词 ATTACK SURFACE security analysis security model RISK assessment
下载PDF
Analysis of Grain Storage Security Countermeasures under the New Normal Condition with "Grain Storage Technology" as the Core 被引量:6
20
作者 Xingang ZHAO Shengzhong DONG +3 位作者 Hongwei MA Zhaohuan WEN Xiufeng SHAN Peng MAO 《Agricultural Science & Technology》 CAS 2017年第10期1971-1974,共4页
Grain storage security is big issue related to national economy and the people's livelihood, as well as one of the most important strategic requirements in China. Under the background of grain supply-side structural ... Grain storage security is big issue related to national economy and the people's livelihood, as well as one of the most important strategic requirements in China. Under the background of grain supply-side structural reform, this paper analyzed the grain storage security countermeasures under the new normal conditions with "grain storage technology", one of the national grain security strategies of China during the 13th Five-year Plan, as the guiding ideology, from the perspectives of scientific technologies, policy supports, government supports and talent construction, so as to provide supports for the storage enterprises with vulnerable technological links. In addition, the food security issues discussed in this paper could be a helping hand in improving people's living quality, enhancing grain storage ecological quality, promoting grain green storage quality security, and be of important and profound strategic significance to enhance the macro-control capability of the government, maintain social stability and people's health. 展开更多
关键词 Grain storage technology Grain storage security Countermeasure analysis
下载PDF
上一页 1 2 250 下一页 到第
使用帮助 返回顶部