The smart grid has now been fully implemented with a robust defense system that is built on the primary security principles of “security zoning, network specialization, horizontal isolation, and vertical authentication.” The secure cryptographic module ...

The security of credit card fraud detection (CCFD) models based on machine learning is important but rarely considered in the existing research. To this end, we propose a black-box attack-based security evaluation framework for CCFD models. Under this ...

We verify the achievement of information-theoretic security of Visual Cryptography (VC) based on the detailed attack scenario. In addition, practical VCs use pseudo-random permutation (PRP) as a random shuffle, which we also verify in this case. ...

The exponential increase in IoT device usage has spawned numerous cyberspace innovations. IoT devices, sensors, and actuators bridge the gap between physical processes and the cyber network in a cyber‐physical system (CPS). Cyber‐physical system ...

Moving target defense (MTD) is a proactive defensive mechanism proposed to disrupt and disable potential attacks, thus reversing the defender's disadvantages. Cyber deception is a complementary technique that is often used to enhance MTD by utilizing ...

Password managers help users more effectively manage their passwords, encouraging them to adopt stronger passwords across their many accounts. In contrast to desktop systems where password managers receive no system-level support, mobile operating ...

Approaches to recognition of malicious behavior in computer networks and security evaluation of information systems using attributive metagraphs have been considered. Matrices of techniques, tactics, and methods of computer attacks for their ...

A design-centric modeling approach was proposed to model the behaviour of the physical processes controlled by Industrial Control Systems (ICS) and study the cascading impact of data-oriented attacks. A threat model was used as input to guide the ...

Evaluating the degree of security of a specific software system is a difficult problem and many metrics have been proposed. However, if the system has been built with a methodology that uses patterns as artifacts, a systematic and rather simple ...

In recent years, cyberspace has been formed and is continuously developing. It has fundamentally revolutionized the mechanism by which information is disseminated and utilized, in order to be closely involved in the physical world and human activities. ...

This study considers a class of randomised encryption techniques, where the encrypted data suffers from noise through transmission over a communication channel. It focuses on the encoding–encryption framework, where the data is first encoded using error ...

A variety of methodologies to build secure systems have been proposed. However, most of them do not say much about how to evaluate the degree of security of their products. In fact, we have no generally-accepted ways to measure if the product of some ...

Since proposed by the National Security Agency in June 2013, two lightweight block ciphers‐SIMON and SPECK have attracted the attention of cryptographers from all over the world. At CHES 2015, Simeck, a new block cipher inspired from both SIMON and SPECK ...

Cloud computing is a rapidly evolving service for potential clients who wish to outsource their data storage or subscribe to cloud services. In a data-driven society, every company needs to make cost-effective and responsible decisions in terms of how ...

Blockchain is an integrated technology to ensure keeping record and process transactions with decentralized manner. It is thought as the foundation of future decentralized ecosystem, and collects much attention. However, the maturity of this technology ...

The cyber moving target (MT) approach has been identified as one of the game-changing themes to rebalance the cyber landscape in favor of defense. MT techniques make cyber systems less static, less homogeneous, and less deterministic in order to create ...

Security concerns are frequently mentioned among the reasons why organizations hesitate to adopt cloud computing. Given the numerous choices of cloud-resource providers, clients often find it difficult to assess their relative advantages and ...

Clustering algorithms have become a popular tool in computer security to analyze the behavior of malware variants, identify novel malware families, and generate signatures for antivirus systems. However, the suitability of clustering algorithms for ...

Because attacks are becoming more frequent and more complex, intrusion detection systems IDSes need significant improvements to be able to detect new attacks and variants of already known attacks. It is thus necessary to assess precisely their quality ...

This paper focuses on reverse engineering web application for security mechanisms detection in the current design and thereby presents a security evaluation method for web application taking consideration of potential threats, security features provided ...