In recent years,China has witnessed continuous development and progress in its scientific and technological landscape,with widespread utilization of computer networks.Concurrently,issues related to computer network in...In recent years,China has witnessed continuous development and progress in its scientific and technological landscape,with widespread utilization of computer networks.Concurrently,issues related to computer network information security,such as information leakage and virus invasions,have become increasingly prominent.Consequently,there is a pressing need for the implementation of effective network security measures.This paper aims to provide a comprehensive summary and analysis of the challenges associated with computer network information security processing.It delves into the core concepts and characteristics of big data technology,exploring its potential as a solution.The study further scrutinizes the application strategy of big data technology in addressing the aforementioned security issues within computer networks.The insights presented in this paper are intended to serve as a valuable reference for individuals involved in the relevant fields,offering guidance on effective approaches to enhance computer network information security through the application of big data technology.展开更多
This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in d...This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.展开更多
In the computer field,network security is a crucial integrant.It is necessary to pay attention on the application of virtual network technology,so as to raise the standard of computer network security to a new level[2...In the computer field,network security is a crucial integrant.It is necessary to pay attention on the application of virtual network technology,so as to raise the standard of computer network security to a new level[2].In view of this,this paper will analyze the application of virtual network technology in computer network security and propose some strategies for future reference.展开更多
A Virtual Private Network (VPN) allows the provisioning of private network services for an organization over a public network such as the Internet. In other words a VPN can transform the characteristics of a public wh...A Virtual Private Network (VPN) allows the provisioning of private network services for an organization over a public network such as the Internet. In other words a VPN can transform the characteristics of a public which may be non-secure network into those of a private secure network through using encrypted tunnels. This work customized a standard VPN to a newly one called EEVPN (Effective Extensive VPN). It transmits a small data size in through a web based system in a reasonable time without affecting the security level. The proposed EEVPN is more effective where it takes small data transmission time with achieving high level of security. Also, the proposed EEVPN is more extensive because it is not built for a specific environment.展开更多
This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical fra...This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical framework of the system and the experimental process and technical principle of the platform. The experiment platform can provide more than 20 attack classes. Using the virtualization technology can build hypothesized target of various types in the laboratory and diversified network structure to carry out attack and defense experiment.展开更多
The framework Information Technology professionals and Network Organizations use is often seen as open and dynamic. This can create many different pathways for cybercriminals to launch an attack on an enterprise netwo...The framework Information Technology professionals and Network Organizations use is often seen as open and dynamic. This can create many different pathways for cybercriminals to launch an attack on an enterprise network to cause panic, this situation could be prevented. Using the proposed framework, network administrators and networked organizations can improve their cybersecurity framework for future consumer networks. Implementing a network security plan that is up to date and outlines responsibilities of team members, creating a government subsidy to implement and increase safeguards on US based networks, and the analyzing of past cyber-attacks metadata to further understand the attacks that are causing problems for consumer networks can improve the cybersecurity framework for consumer networks and increase potential security on US based networks. Research found that the implementation of security plans, creating a government subsidy, and analyzing past metadata all show signs of improving the framework of cybersecurity in consumer based networks.展开更多
Society is becoming increasingly dependent on cyberspace for both business and pleasure. Cyber attackers continue to attack organizational computer networks, as those same computer networks become increasing critical ...Society is becoming increasingly dependent on cyberspace for both business and pleasure. Cyber attackers continue to attack organizational computer networks, as those same computer networks become increasing critical to organizational business process. Strategic planning and managing IT security risks play an important role in the business and government planning process. Deploying defense in depth security measures can ensure that organizations continue to function in times of crisis. This quantitative study explores whether the Latin Square Design (LSD) model can be effectively applied to the prioritization of cybersecurity threats and to the linking of information assurance defense in-depth measures to those threats. The methods used in this study consisted of scanning 10 Cybersecurity Websites such as the Department of Homeland Security US CERT (United States-Computer Emergency Readiness Team [1]) and the SANS Institute (SysAdmin, Audit, Network and Security [2]) using the Likert Scale Model for the Website’s top ten list of cyber threats facing organizations and the network defense in depth measures to fight those threats. A comparison of each cybersecurity threats was then made using LSD to determine whether the Likert scale and the LSD model could be effectively applied to prioritize information assurance measures to protect organizational computing devices. The findings of the research reject the H0 null hypothesis that LSD does not affect the relationship between the ranking of 10 Cybersecurity websites top ten cybersecurity threats dependent variables and the independent variables of defense in depth measures used in protecting organizational devices against cyber-attacks.展开更多
Studied in this article is whether the Bayesian Network Model (BNM) can be effectively applied to the prioritization of defense in-depth security tools and procedures and to the combining of those measures to reduce c...Studied in this article is whether the Bayesian Network Model (BNM) can be effectively applied to the prioritization of defense in-depth security tools and procedures and to the combining of those measures to reduce cyber threats. The methods used in this study consisted of scanning 24 peer reviewed Cybersecurity Articles from prominent Cybersecurity Journals using the Likert Scale Model for the article’s list of defense in depth measures (tools and procedures) and the threats that those measures were designed to reduce. The defense in depth tools and procedures are then compared to see whether the Likert scale and the Bayesian Network Model could be effectively applied to prioritize and combine the measures to reduce cyber threats attacks against organizational and private computing systems. The findings of the research reject the H0 null hypothesis that BNM does not affect the relationship between the prioritization and combining of 24 Cybersecurity Article’s defense in depth tools and procedures (independent variables) and cyber threats (dependent variables).展开更多
Based on the analysis of the security problems existing in the cloud platform of the data center, this paper proposes a set of cloud platform security protection scheme being with virtualization technology. This paper...Based on the analysis of the security problems existing in the cloud platform of the data center, this paper proposes a set of cloud platform security protection scheme being with virtualization technology. This paper focuses on the overall architecture of cloud platform as well as the design of virtualization security architecture. Meantime, it introduces the key technologies of VXLAN in detail. The scheme realizes flexible scheduling of security resources through virtual pooling of independent security gateway and virtual machine isolation through VXLAN technology. Moreover, it guides all horizontal traffic to independent security gateway for processing, unified management of security gateway through cloud platform by using Huawei NSH business chain technology. This scheme effectively solves the horizontal transmission of security threat among virtual machines, and realizes the fine security control and protection for the campus data center.展开更多
Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via vario...Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via various channels of remote communication, the most common being Virtual Private Networks (VPNs). The demand for remote access is on the rise, especially during the Covid-19 pandemic, and will continue to increase as most organizations are re-structuring to make telecommuting a permanent part of their mode of operation. Employee mobility, while presenting organizations with some advantages, comes with the associated risk of exposing corporate cyber assets to attackers. The remote user and the remote connectivity technology present some vulnerabilities which can be exploited by any threat agent to violate the confidentiality, integrity and availability (CIA) dimensions of these cyber assets. So, how are users and remote devices authenticated? To what extent is the established connection secured? With employee mobility on the rise, it is necessary to analyze the user authentication role since the mobile employee is not under the monitoring radar of the organization, and the environment from which the mobile employee connects may be vulnerable. In this study, an experiment was setup to ascertain the user authentication roles. The experiment showed the process of 2FA in user authentication and it proved to be an effective means of improving user authentication during remote access. This was depicted via the use of what the user has (mobile phone/soft-token) as a second factor in addition to what the user knows, i.e. password. This authentication method overcomes the security weaknesses inherent in single-factor user authentication via the use of password only. However, the results also showed that though 2FA user authentication ensures security, the remote devices could exhibit further vulnerabilities and pose serious risks to the organization. Thus, a varied implementation was recommended to further enhance the security of remote access communication with regards to the remote user authentication.展开更多
The purpose of this research was to determine whether the Linear Regression Analysis can be effectively applied to the prioritization of defense-in-depth security tools and procedures to reduce cyber threats during th...The purpose of this research was to determine whether the Linear Regression Analysis can be effectively applied to the prioritization of defense-in-depth security tools and procedures to reduce cyber threats during the Global Corona Virus Pandemic. The way this was determined or methods used in this study consisted of scanning 20 peer reviewed Cybersecurity Articles from prominent Cybersecurity Journals for a list of defense in depth measures (tools and procedures) and the threats that those measures were designed to reduce. The methods further involved using the Likert Scale Model to create an ordinal ranking of the measures and threats. The defense in depth tools and procedures were then compared to see whether the Likert scale and Linear Regression Analysis could be effectively applied to prioritize and combine the measures to reduce pandemic related cyber threats. The results of this research reject the H0 null hypothesis that Linear Regression Analysis does not affect the relationship between the prioritization and combining of defense in depth tools and procedures (independent variables) and pandemic related cyber threats (dependent variables).展开更多
[研究目的]从情报学和情报工作专业视角研究美国商务部工业与安全局(The Bureau of Industry and Secur-ity of U.S.Department of Commerce,BIS)的情报工作,为新时期中国情报学和情报工作创新发展提供参考。[研究方法]通过BIS官方网站...[研究目的]从情报学和情报工作专业视角研究美国商务部工业与安全局(The Bureau of Industry and Secur-ity of U.S.Department of Commerce,BIS)的情报工作,为新时期中国情报学和情报工作创新发展提供参考。[研究方法]通过BIS官方网站信息内容研究、官方网站重要文件研究、瓦森纳协定官方网站信息内容研究、BIS典型执法案例研究相结合的方法,研究BIS情报工作的全貌和精要。[研究结论]从情报学和情报工作专业视角对BIS的组织机构使命、组织网络、信息网络、人际网络、法律保障、典型情报工作、提升美国出口商情报能力的主要工作进行研究,揭示了BIS情报工作全貌、精要和最突出的关键成功因素。展开更多
基金supported by the Hainan Provincial Key Laboratory of Philosophy and Social Sciences for Hainan Free Trade Port International Shipping Development and Property Rights Digitization,Hainan Vocational University of Science and Technology(Qiong Social Science[2022]No.26).
文摘In recent years,China has witnessed continuous development and progress in its scientific and technological landscape,with widespread utilization of computer networks.Concurrently,issues related to computer network information security,such as information leakage and virus invasions,have become increasingly prominent.Consequently,there is a pressing need for the implementation of effective network security measures.This paper aims to provide a comprehensive summary and analysis of the challenges associated with computer network information security processing.It delves into the core concepts and characteristics of big data technology,exploring its potential as a solution.The study further scrutinizes the application strategy of big data technology in addressing the aforementioned security issues within computer networks.The insights presented in this paper are intended to serve as a valuable reference for individuals involved in the relevant fields,offering guidance on effective approaches to enhance computer network information security through the application of big data technology.
文摘This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.
文摘In the computer field,network security is a crucial integrant.It is necessary to pay attention on the application of virtual network technology,so as to raise the standard of computer network security to a new level[2].In view of this,this paper will analyze the application of virtual network technology in computer network security and propose some strategies for future reference.
文摘A Virtual Private Network (VPN) allows the provisioning of private network services for an organization over a public network such as the Internet. In other words a VPN can transform the characteristics of a public which may be non-secure network into those of a private secure network through using encrypted tunnels. This work customized a standard VPN to a newly one called EEVPN (Effective Extensive VPN). It transmits a small data size in through a web based system in a reasonable time without affecting the security level. The proposed EEVPN is more effective where it takes small data transmission time with achieving high level of security. Also, the proposed EEVPN is more extensive because it is not built for a specific environment.
文摘This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical framework of the system and the experimental process and technical principle of the platform. The experiment platform can provide more than 20 attack classes. Using the virtualization technology can build hypothesized target of various types in the laboratory and diversified network structure to carry out attack and defense experiment.
文摘The framework Information Technology professionals and Network Organizations use is often seen as open and dynamic. This can create many different pathways for cybercriminals to launch an attack on an enterprise network to cause panic, this situation could be prevented. Using the proposed framework, network administrators and networked organizations can improve their cybersecurity framework for future consumer networks. Implementing a network security plan that is up to date and outlines responsibilities of team members, creating a government subsidy to implement and increase safeguards on US based networks, and the analyzing of past cyber-attacks metadata to further understand the attacks that are causing problems for consumer networks can improve the cybersecurity framework for consumer networks and increase potential security on US based networks. Research found that the implementation of security plans, creating a government subsidy, and analyzing past metadata all show signs of improving the framework of cybersecurity in consumer based networks.
文摘Society is becoming increasingly dependent on cyberspace for both business and pleasure. Cyber attackers continue to attack organizational computer networks, as those same computer networks become increasing critical to organizational business process. Strategic planning and managing IT security risks play an important role in the business and government planning process. Deploying defense in depth security measures can ensure that organizations continue to function in times of crisis. This quantitative study explores whether the Latin Square Design (LSD) model can be effectively applied to the prioritization of cybersecurity threats and to the linking of information assurance defense in-depth measures to those threats. The methods used in this study consisted of scanning 10 Cybersecurity Websites such as the Department of Homeland Security US CERT (United States-Computer Emergency Readiness Team [1]) and the SANS Institute (SysAdmin, Audit, Network and Security [2]) using the Likert Scale Model for the Website’s top ten list of cyber threats facing organizations and the network defense in depth measures to fight those threats. A comparison of each cybersecurity threats was then made using LSD to determine whether the Likert scale and the LSD model could be effectively applied to prioritize information assurance measures to protect organizational computing devices. The findings of the research reject the H0 null hypothesis that LSD does not affect the relationship between the ranking of 10 Cybersecurity websites top ten cybersecurity threats dependent variables and the independent variables of defense in depth measures used in protecting organizational devices against cyber-attacks.
文摘Studied in this article is whether the Bayesian Network Model (BNM) can be effectively applied to the prioritization of defense in-depth security tools and procedures and to the combining of those measures to reduce cyber threats. The methods used in this study consisted of scanning 24 peer reviewed Cybersecurity Articles from prominent Cybersecurity Journals using the Likert Scale Model for the article’s list of defense in depth measures (tools and procedures) and the threats that those measures were designed to reduce. The defense in depth tools and procedures are then compared to see whether the Likert scale and the Bayesian Network Model could be effectively applied to prioritize and combine the measures to reduce cyber threats attacks against organizational and private computing systems. The findings of the research reject the H0 null hypothesis that BNM does not affect the relationship between the prioritization and combining of 24 Cybersecurity Article’s defense in depth tools and procedures (independent variables) and cyber threats (dependent variables).
文摘Based on the analysis of the security problems existing in the cloud platform of the data center, this paper proposes a set of cloud platform security protection scheme being with virtualization technology. This paper focuses on the overall architecture of cloud platform as well as the design of virtualization security architecture. Meantime, it introduces the key technologies of VXLAN in detail. The scheme realizes flexible scheduling of security resources through virtual pooling of independent security gateway and virtual machine isolation through VXLAN technology. Moreover, it guides all horizontal traffic to independent security gateway for processing, unified management of security gateway through cloud platform by using Huawei NSH business chain technology. This scheme effectively solves the horizontal transmission of security threat among virtual machines, and realizes the fine security control and protection for the campus data center.
文摘Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via various channels of remote communication, the most common being Virtual Private Networks (VPNs). The demand for remote access is on the rise, especially during the Covid-19 pandemic, and will continue to increase as most organizations are re-structuring to make telecommuting a permanent part of their mode of operation. Employee mobility, while presenting organizations with some advantages, comes with the associated risk of exposing corporate cyber assets to attackers. The remote user and the remote connectivity technology present some vulnerabilities which can be exploited by any threat agent to violate the confidentiality, integrity and availability (CIA) dimensions of these cyber assets. So, how are users and remote devices authenticated? To what extent is the established connection secured? With employee mobility on the rise, it is necessary to analyze the user authentication role since the mobile employee is not under the monitoring radar of the organization, and the environment from which the mobile employee connects may be vulnerable. In this study, an experiment was setup to ascertain the user authentication roles. The experiment showed the process of 2FA in user authentication and it proved to be an effective means of improving user authentication during remote access. This was depicted via the use of what the user has (mobile phone/soft-token) as a second factor in addition to what the user knows, i.e. password. This authentication method overcomes the security weaknesses inherent in single-factor user authentication via the use of password only. However, the results also showed that though 2FA user authentication ensures security, the remote devices could exhibit further vulnerabilities and pose serious risks to the organization. Thus, a varied implementation was recommended to further enhance the security of remote access communication with regards to the remote user authentication.
文摘The purpose of this research was to determine whether the Linear Regression Analysis can be effectively applied to the prioritization of defense-in-depth security tools and procedures to reduce cyber threats during the Global Corona Virus Pandemic. The way this was determined or methods used in this study consisted of scanning 20 peer reviewed Cybersecurity Articles from prominent Cybersecurity Journals for a list of defense in depth measures (tools and procedures) and the threats that those measures were designed to reduce. The methods further involved using the Likert Scale Model to create an ordinal ranking of the measures and threats. The defense in depth tools and procedures were then compared to see whether the Likert scale and Linear Regression Analysis could be effectively applied to prioritize and combine the measures to reduce pandemic related cyber threats. The results of this research reject the H0 null hypothesis that Linear Regression Analysis does not affect the relationship between the prioritization and combining of defense in depth tools and procedures (independent variables) and pandemic related cyber threats (dependent variables).
文摘[研究目的]从情报学和情报工作专业视角研究美国商务部工业与安全局(The Bureau of Industry and Secur-ity of U.S.Department of Commerce,BIS)的情报工作,为新时期中国情报学和情报工作创新发展提供参考。[研究方法]通过BIS官方网站信息内容研究、官方网站重要文件研究、瓦森纳协定官方网站信息内容研究、BIS典型执法案例研究相结合的方法,研究BIS情报工作的全貌和精要。[研究结论]从情报学和情报工作专业视角对BIS的组织机构使命、组织网络、信息网络、人际网络、法律保障、典型情报工作、提升美国出口商情报能力的主要工作进行研究,揭示了BIS情报工作全貌、精要和最突出的关键成功因素。
