To see the other types of publications on this topic, follow the link: COMPUTERS / Security / Viruses.
Journal articles on the topic 'COMPUTERS / Security / Viruses'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'COMPUTERS / Security / Viruses.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
VASILE, Cristinel Marius. "Firewall Technologies." International Journal of Information Security and Cybercrime 7, no. 1 (June 29, 2018): 37–44. http://dx.doi.org/10.19107/ijisc.2018.01.04.
Full textAbstract:
Today, most businesses are based on a computer system, more or less developed. For daily activities the organization needs to be able to connect to the Internet, possibly from a local area network (LAN). But, once with the benefits of the Internet, there are also security risks that the organization must minimize by measures and appropriate controls. Among security issues arising from using the Internet include hacker attacks, computers infection with viruses, malware and spyware. In theory, hackers can enter inside the organization network and steal confidential data, damaging computers or the entire organization's local area network. In this sense, firewall implementation is a security measure needed to any organization. This paper presents firewall types and technologies, attacks on firewalls and some security measures on the internal network.
2
AL-HANANI, ALI, and VENUS W. SAMAWI. "virus Detection Using Cryptography Algorithm." Iraqi Journal for Computers and Informatics 27, no. 1 (June 30, 1996): 8–15. http://dx.doi.org/10.25195/ijci.v27i1.220.
Full textAbstract:
Many papers have been published about manipulating computer viruses; instructions that impact a computer system and after a period of incubation and reproducion, activate and demonstrate their presence. mest Viruses were designed to attack microcomputers, sincce microcomputers are widely used nowadays, and have simple operating systems which result in lack of quality of their security systern. Connecting computers with networks and using copies of programs from unreliable sources such as bullet in board systems will increase the :of viral contact and the spread of viruses. Data Encryption disguises data flowing through a network so that it is unintelligible to any one monitor the data, Encryption techniques can also be used to detect file modification which may caused either by unithorized users or by viruses. This paper concern in viruses atracking users on system files (.exe and com) in microcomputer sytems, where viruses Types, how they work, and anti-virus streiagies are going o scussed. Finally, a dccction stralegy depending on Encryption techniques built the operating sysiems Suggested to improve PCs Security and preventing unauthorized users from inserting into programas commands that will cause system corruption.
3
Asaad, Renas Rajab. "Implementation of a Virus with Treatment and Protection Methods." ICONTECH INTERNATIONAL JOURNAL 4, no. 2 (September 16, 2020): 28–34. http://dx.doi.org/10.46291/icontechvol4iss2pp28-34.
Full textAbstract:
Currently, viruses are the most dangerous things that happens to computers, whether by transferring data or from the Internet cloud. This research paper shows how to implement a virus that has an ability to move and fortify itself from deletion or destroying. A strong virus must have automatic multiplication, automatic transmission between devices, copying itself in important locations on the computer and performing unauthorized actions and instructions in the computer. So in this research paper it will also shows how to get rid of such viruses and ways to prevent them or providing a good security for the users.
4
DARAJAT, PANGESTUTI PRIMA, and TYAS HUSADANINGSIH. "KONTROL OPTIMAL PADA MODEL PENYEBARAN VIRUS KOMPUTER DENGAN KLASIFIKASI PENGAMANAN." E-Jurnal Matematika 8, no. 4 (November 29, 2019): 253. http://dx.doi.org/10.24843/mtk.2019.v08.i04.p261.
Full textAbstract:
In this paper, a model of the spread of computer viruses with security classification and nonlinear infection rates is formulated. From the short analysis, is found that the model does not have a virus-free equilibrium point. This show that the virus will always exist in the system and increasingly that can not be avoided. Therefore, control strategy by installing antivirus on subpopulation susceptible low-security level and infective subpopulation aims to minimize the number of infective computers, and minimize the cost related to these strategies. Hence, an important tool, in this case is, optimal control theory. The system solved numerically by using Forward-Backward Sweep method in combination with the fourth-order Runge-Kutta method. Based on the simulation results, the combination of the two controls is effective in suppressing the spread of computer viruses. However, controlling by installing an antivirus on an infected computer has a great influence in suppressing the spread of the computer virus.
5
Tang, Tian, Mu-Chuan Zhou, Yi Quan, Jun-Liang Guo, V. S. Balaji, V. Gomathi, and V. Elamaran. "Penetration Testing and Security Assessment of Healthcare Records on Hospital Websites." Journal of Medical Imaging and Health Informatics 10, no. 9 (August 1, 2020): 2242–46. http://dx.doi.org/10.1166/jmihi.2020.3138.
Full textAbstract:
At present, computer security is the flourishing field in the IT industry. Nowadays, the usage of computers and the Internet grows drastically, and hence, computers become vehicles for the attackers to spread viruses and worms, to distribute spam and spyware, and to perform denial-of-service attacks, etc. The IT engineers (even users) should know about network security threats, and at the same time, to some extent, they should know techniques to overcome the issues. The reliability and privacy of healthcare records of the patients are the most critical issue in the healthcare business industry sector. The security safeguards, such as physical, technical, and administrative safeguards, are crucial in protecting the information in all aspects. This article deals with the forty popular hospital portals in India related to the professional and network security related issues such as operating system guesses, number of open/closed/filtered ports, the name of the Web server, etc. The Nmap (network mapper) tool is used to analyze the results belong to the security perspective.
6
Xu, Zhao. "Study on Strategies of Campus Network Security." Applied Mechanics and Materials 303-306 (February 2013): 1956–59. http://dx.doi.org/10.4028/www.scientific.net/amm.303-306.1956.
Full textAbstract:
Higher education institutions have a moral as well as legal responsibility to protect the sensitive data maintained on campus computers. Higher education institutions are beginning to look at areas to improve the protection of their information technology structure due to the increase of viruses, spam, hackers, and identity theft. The main goal of this paper is to study network security in university. The result shows the genuine exposure, the risk of being effectively compromised is real. Consequently, this network trap should be closely monitored and data control mechanisms, such as a reverse firewall, should be configured to prevent an attacker from using the network trap to damage other production resources.
7
Widarma, Adi, M. Dedi Irawan, Fajri Nurhidayahti, and Ranis Hsb. "Decision Support System Determining Computer Virus Protection Applications Using Simple Additive Weighting (SAW) Method." Journal of Computer Networks, Architecture, and High-Performance Computing 3, no. 1 (March 2, 2021): 86–79. http://dx.doi.org/10.47709/cnahpc.v3i1.936.
Full textAbstract:
The use of information technology devices such as computers or laptops is currently increasing. The increased use is due to the fact that these devices are very supportive of our daily work activities. With the increasing use of these computers, data security on a computer or laptop device must be completely safe from virus attacks. To ward off viral attacks m aka requires the application of anti-virus to inhibit and prevent a variety of viruses that enter into the computer system so that the computer user's activity was not bothered by the many viruses are easily spread. Because there are too many antiviruses on the market, it is necessary to choose a good antivirus. One of the ways to choose antivirus is the existence of a decision support system . In this study, the Simple Additive Weighting (SAW) method was applied for the anti-virus application selection system. This data assessment analysis aims to produce the best anti - virus application options that computer users can use to secure their computer data. The criteria and weights used are K1 = application rating (5%) , K2 = completeness of features (30%) , K3 = price / official license (5%) , K4 = malware detection (45%) and K5 = blocking URL (15%). Of the 25 alternatives used, the results of the study, namely alternative A1 = Kaspersky anti-virus get the highest ranking result.
8
Scott, Ralph L. "Wired to the World: Anti-virus Software." North Carolina Libraries 62, no. 1 (January 20, 2009): 63. http://dx.doi.org/10.3776/ncl.v62i1.157.
Full textAbstract:
This column is the third installment of a fourpart series on computer security. The recent “Mydoom” virus attack was an example of afast-spreading Internet virus that clogs incoming mail boxes. Many of you have already received a ton of emails from people you have never heard of, or messages from “PAYROLL,” “Message returned,” or “TRAFFIC OFFICE.” These were distributed to you because someone did not keep his/her computer anti-virus software up-to-date and/or opened an e-mail attachment that contained the virus. Outside of the admonition not to open e-mail attachments from people you don’t know, what can you do to prevent the spread of viruses to other computers?
9
Shang, Yilun. "Optimal Control Strategies for Virus Spreading in Inhomogeneous Epidemic Dynamics." Canadian Mathematical Bulletin 56, no. 3 (September 1, 2013): 621–29. http://dx.doi.org/10.4153/cmb-2012-007-2.
Full textAbstract:
Abstract.In this paper, we study the spread of virus/worm in computer networks with a view to addressing cyber security problems. Epidemic models have been applied extensively to model the propagation of computer viruses, which characterize the fact that infected machines may spread malware to other hosts connected to the network. In our framework, the dynamics of hosts evolves according to a modified inhomogeneous Susceptible-Infectious-Susceptible (SIS) epidemic model with time-varying transmission rate and recovery rate. The infection of computers is subject to direct attack as well as propagation among hosts. Based on optimal control theory, optimal attack strategies are provided by minimizing the cost (equivalently maximizing the profit) of the attacker. We present a threshold function of the fraction of infectious hosts, which captures the dynamically evolving strategies of the attacker and reflects the persistence of virus spreading. Moreover, our results indicate that if the infectivity of a computer worm is low and the computers are installed with antivirus software with high reliability, the intensity of attacks incurred will likely be low. This agrees with our intuition.
10
Aisyah, Siti. "Computer Networking Company in Business Area." International Research Journal of Management, IT & Social Sciences 2, no. 7 (July 1, 2015): 1. http://dx.doi.org/10.21744/irjmis.v2i7.67.
Full textAbstract:
Computer Networking is not something new today. Almost every company there is a Computer Network to facilitate the flow of Information within the company. Internet increasingly popular today is a giant Computer Network of Computers that are connected and can interact. This can occur because of the network technology development is very rapid. But in some ways connected to the internet can be dangerous threat, many attacks that can occur both within and outside such as Viruses, Trojans, and Hackers. In the end the security of computers and computer networks will play an important role in this case. A good firewall configuration and optimized to reduce these threats. Firewall configuration there are 3 types of them are screened host firewall system (Single- homed bastion), screened host firewall system (Dual-homed bastion), and screened subnet firewall. And also configure the firewall to open the ports Port right to engage connect to the Internet, because the ports to configure a firewall that can filter packets incoming data in accordance with the policy or policies. This firewall architecture that will be used to optimize a firewall on the network.
11
Hulak, Hennadii, Volodymyr Buriachok, Pavlo Skladannyi, and Lydia Kuzmenko. "CRYPTOVIROLOGY: SECURITY THREATS TO GUARANTEED INFORMATION SYSTEMS AND MEASURES TO COMBAT ENCRYPTION VIRUSES." Cybersecurity: Education, Science, Technique 2, no. 10 (2020): 6–28. http://dx.doi.org/10.28925/2663-4023.2020.10.628.
Full textAbstract:
This paper examines the security threats to guaranteed information systems, as well as measures to combat encryption viruses. A typical sequence of cyberattacks with information encryption using software tools to implement attacks is determined. The sequence of procedures of the WannaCry encryption part is described. The paper proposes a description of the computational complexity of encrypted data recovery problems, including methods for parallelizing the solution of cryptanalysis problems, methods used to solve problems of cryptosystem stability assessment, vulnerability search and decryption depending on basic mathematical methods. The application of distributed computing technology to solve problems of recovery of encrypted resources is described. The paper states that in modern conditions of constant development of cryptography methods with a high level of stability and their wide availability a necessary condition for improving the recovery of encrypted programs - data seekers is to create a special software security monitor and build specialized multiprocessor systems to implement cryptanalysis methods with wide access of authorized users. , from the point of view of minimizing the ratio "cost - the result" the most rational approach to creating specialized multiprocessor systems is to build a cluster system based on the most powerful general-purpose computers using hardware computing accelerators based on programmable logic integrated circuits to increase the effectiveness of attacks on cryptographic software tools for the implementation of attacks, it is advisable to develop technologies for active actions in cyberspace, in particular, those that provide the formation of hidden channels.
12
Żmigrodzka, Małgorzata. "Cybersecurity – One of the Greatest Challenges for Civil Aviation in the 21st Century." Safety & Defense 6, no. 2 (August 7, 2020): 33–41. http://dx.doi.org/10.37105/sd.73.
Full textAbstract:
In every aspect of aviation’s operations, from handling to aircraft designing and production, ensuring the continuity of flight, technical service, to air carriers, there is a possibility of the occurrence of cybercrime. Ubiquitous computers, telephones, and internet carry a risk of various types of threats – from simple viruses, to theft of personal data, to taking over of the aircraft by cybercriminals. The aim of the paper is to describe main cyberthreats in the area of civil aviation. Theoretical analysis of the available source materials and empirical usage of security procedures in aviation organizations served as main research methods that have been utilized in the analysis of the cybersecurity problem. Author’s extensive professional experience in the aviation sector, especially in the field of quality and security, provided the possibility to verify and understand these vital problems for the aviation industry.
13
O. E., Rubtsov, Norkina A. N., and Chicherov K.A. "Information Protection Tools for Android-based Mobile Devices." KnE Social Sciences 3, no. 2 (February 15, 2018): 235. http://dx.doi.org/10.18502/kss.v3i2.1548.
Full textAbstract:
Presently, the issue of protecting information and personal data contained in mobile devices is of vital importance. The use of cutting-edge powerful smartphones presented by manufacturers as a substitute for personal computers, laptops and tablets, stresses the need for utilizing both built-in free information protection features and special antivirus software manufactured by recognized global developers. The article reveals the effectiveness of using built-in information protection tools for Android-based mobile devices and presents a comparative characteristic of similar tools applied with the help of up-to-date antivirus software. Keywords: mobile devices, information, personal data, cyber threats, Android-based, viruses, protection of information (information protection), smartphones, security.
14
Aji, Ranggi Praharaningtyas, Muhamad Awiet Wiedanto Prasetyo, Argiyan Dwi Pritama, Ika Ayu Pratiwi, and Resti Nur Azizah. "Peningkatan pemahaman guru tentang pengamanan data ajar melalui pelatihan online di SMPN I Karangwelas." ABSYARA: Jurnal Pengabdian Pada Masyarakat 2, no. 1 (July 31, 2021): 62–71. http://dx.doi.org/10.29408/ab.v2i1.3549.
Full textAbstract:
The importance of securing data is something that most Indonesian teachers ignore. In addition, their inability to secure data is also a factor supporting the failure to secure data. Allowing access to their personal computers to be known and the loss of data due to viruses is often experienced by teachers at SMPN 1 Karanglewas. For this reason, training is made that is packaged in a teaching data security webinar. This activity aims to grow the understanding and awareness of teachers in securing the teaching data they have. The implementation of this activity uses Google Meet technology, which can be accessed directly through the YouTube channel. The results obtained are the increasing understanding of the teachers seen from the difference in the results of the post-test and pre-test, which reaches 40-80%. In addition, there were also positive responses from the teachers participating in the webinar, which stated that 56% of the participants stated that it was good and 30% was sufficient, and 24% was excellent. The next activity that is expected to be carried out is live class making training and the manufacture of interactive teaching materials.
15
Dal Moro, Eric. "Towards an Economic Cyber Loss Index for Parametric Cover Based on IT Security Indicator: A Preliminary Analysis." Risks 8, no. 2 (May 8, 2020): 45. http://dx.doi.org/10.3390/risks8020045.
Full textAbstract:
As cyber events have virtually no geographical limitations and can result in economic losses on a global scale, the assessment of return periods for such economic losses is currently debated among experts. The potential accumulation of consequential insurance losses due to intrusions or viruses is one of the major reasons why the (re-)insurance industry has limited risk appetite for cyber related risks. In order to increase the risk appetite for cyber risk and based on a first batch of data provided by Symantec, the goal of this article is to: Check if IT activity, i.e., the number of virus or intrusions being blocked by Norton on end-user computers could be used as an index for parametric covers that reinsurance companies could propose to their cedants; Look into the correlations of this IT activity across different regions, thereby confirming the absence of geographical limitations for cyber risk, and hence confirming the systemic nature of this risk. This first study on the Symantec dataset shows that a cyber index based on IT activity could be a useful tool to design parametric reinsurance product.
16
Shulga, Olga. "Confidentiality and scam in the internet." University Economic Bulletin, no. 48 (March 30, 2021): 76–91. http://dx.doi.org/10.31470/2306-546x-2021-48-76-91.
Full textAbstract:
The purpose of the work is to consider the theoretical and practical aspects of fraud in the Internet sphere and on this basis to identify ways to ensure the confidentiality and cybersecurity of private users and commercial organizations. The methodological basis of the work is the use of general and special methods of scientific knowledge. Methods of combining analysis and synthesis, induction and deduction have been used to identify different types of fraud in the Internet. Generalization methods, logical and empirical, were used in determining the directions of development of the national cyber defense system and ensuring confidentiality. The main results of the work: The most common methods of fraud with the use of bank payment cards are identified, among which: a fake poll on social networks with a prize draw; a phone call to obtain classified information; SIM card replacement for access to online banking; online payments on unsecured sites; phishing; copying card data when handed over; unsecured WI-Fi networks; computers in public places; skimming for card data theft; unauthorized micropayments; ATM fraud; use of malicious programs (viruses), fake sites in order to compromise the details of electronic payment instruments and/or logins/passwords for access to Internet/mobile banking systems; dissemination (sale, dissemination) of information on compromised data; terminal network fraud; fraud in remote service systems; social engineering. Basic security rules are defined to prevent fraud. The experience of European countries in the field of cybersecurity is analyzed. The directions of adaptation of the current legislation on cybersecurity to the EU standards are outlined and the directions of development of the national system of cybersecurity are defined. The practical significance of the results is to deepen the understanding of the nature and mechanism of various types of fraud in the Internet. The recommendations proposed in the paper can form a methodological and theoretical basis for the development of economic policy of the state to ensure the confidentiality and cybersecurity of private users and commercial organizations. Conclusions. The state should establish an effective oversight body in the field of personal data protection, but security measures and online restrictions should comply with international standards. The use of encryption should not be prohibited at the legislative level, as such restrictions reduce the ability of citizens to protect themselves from illegal intrusions into privacy. In addition, the state policy in the Internet should be aimed at promoting the development and operation of secure Internet technologies and the formation of mechanisms to protect against services and protocols that threaten the technical functioning of the Internet from viruses, phishing and more.
17
Highland, Esther H. "Security expert gives advice on computer viruses." Computers & Security 7, no. 4 (August 1988): 425–26. http://dx.doi.org/10.1016/0167-4048(88)90605-0.
Full text
18
Spafford, Eugene H. "Computer Viruses as Artificial Life." Artificial Life 1, no. 3 (April 1994): 249–65. http://dx.doi.org/10.1162/artl.1994.1.3.249.
Full textAbstract:
There has been considerable interest in computer viruses since they first appeared in 1981, and especially in the past few years as they have reached epidemic numbers in many personal computer environments. Viruses have been written about as a security problem, as a social problem, and as a possible means of performing useful tasks in a distributed computing environment. However, only recently have some scientists begun to ask if computer viruses are not a form of artificial life—a self-replicating organism. Simply because computer viruses do not exist as organic molecules may not be sufficient reason to dismiss the classification of this form of “vandalware” as a form of life. This paper begins with a description of how computer viruses operate and their history, and of the various ways computer viruses are structured. It then examines how viruses meet properties associated with life as defined by some researchers in the area of artificial life and self-organizing systems. The paper concludes with some comments directed toward the definition of artificially “alive” systems and experimentation.
19
Anggrawan, Anthony, Raisul Azhar, Bambang Krismono Triwijoyo, and Mayadi Mayadi. "Developing Application in Anticipating DDoS Attacks on Server Computer Machines." MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer 20, no. 2 (May 30, 2021): 427–34. http://dx.doi.org/10.30812/matrik.v20i2.410.
Full textAbstract:
The use of server computer machines in companies is primarily a web hosting server that is very easy to experience threats, especially external security threats such as attempts to infiltrate, hacking, viruses, and other malicious attacks. Having a secure server is indispensable for working online and especially if involved in business-related network transactions. The Server's realization to be safe from threats is to protect the server machine's security on the hardware and software side and pay attention to network security that goes to the server machine. Generally, firewall applications on router devices have configuration limitations in securing the network, namely non-integrated applications. In other words, it is necessary to manage the perfect firewall configuration to anticipate Distributed Daniel attacks of Service (DDoS) attacks. Therefore, this study aims to integrate existing firewall applications for router devices into an integrated program to secure the network. The methodology used is the Network Development Life Cycle (NDLC). The research results on this developed application program can overcome DDoS attacks without setting up a firewall on the router device and can automatically monitor DDoS attack activities from outside the Server. Securing servers from DDoS attacks without setting up a firewall on the router device and automating the monitoring of DDoS attack activity from outside the Server are the novelties of this study that have not been available in previous studies.
20
SUSANTO, YULIUS KURNIA, and RATIH HANDAYANI. "INTENSITAS ANCAMAN KEAMANAN SISTEM INFORMASI AKUNTANSI KOMPUTERISASIAN." Jurnal Bisnis dan Akuntansi 10, no. 3 (April 19, 2018): 113–26. http://dx.doi.org/10.34208/jba.v10i3.223.
Full textAbstract:
The objective of the paper was (1) there are significant security threats of CAIS on the organization types, (2) there is difference among the organization types regarding the security threats of CAIS, (3) there are difference between integration-on line and integration-manual CAIS regarding the security threats of CAIS. Eighty four respondents from Jakarta organizations had participated in this research. The collecting data used a questionnaire survey via electronicmail and post. Data were analyzed using a Kruskal-Wallis test. The resultsshowed that first there is significant security threats of CAIS in Jakarta Organizations, like that the accidental entry of bad data, accidental destruction of data, employees’ sharing of passwords and introduction of computer viruses the to CAIS are the significant security threats of CAIS in Jakarta Organizations. Second, there is no difference among the organization types regarding the security threats of CAIS. Third, there is no difference between integration-on line and integration-manual CAIS regarding the security threats of CAIS. But, there is difference between integration-on line and integration-manual CAIS regarding introduction of computer viruses to the CAIS.
21
Ji, Hong. "Research on the Protection Strategy of Network Security." Advanced Materials Research 703 (June 2013): 236–39. http://dx.doi.org/10.4028/www.scientific.net/amr.703.236.
Full textAbstract:
The global information has become the human development trend with the development of network technology. People enjoy the convenience brought by the network technology and confront many network security issues. Because the network attack behavior has concealment, complexity and permeability, the network security issues become increasingly prominent and the network security protection become more difficult. Based on the analysis of the threatening factors to the network security, such as hacking, computer viruses, computer system vulnerabilities, security issues of the network protocol, weak authentication and logic bombs, the firewall technology, intrusion detection technology, access control technology and computer virus protection technology are proposed to ensure safe and stable operation and use of network.
22
Du, Yu Lin. "Research on the Information Security of Internet Bank." Applied Mechanics and Materials 687-691 (November 2014): 1925–29. http://dx.doi.org/10.4028/www.scientific.net/amm.687-691.1925.
Full textAbstract:
In this paper, we focus on the risks and management of the information security, such as computer technology uncertainty,internet viruses and the information security soft outsourcing, then analyze the problems in internet bank information security, we conclude this paper by proposing some measures in controling the information insecurity of internet bank.
23
Sung, Pei-Chen, Cheng-Yuan Ku, and Chien-Yuan Su. "Understanding the propagation dynamics of multipartite computer virus." Industrial Management & Data Systems 114, no. 1 (January 28, 2014): 86–106. http://dx.doi.org/10.1108/imds-04-2013-0197.
Full textAbstract:
Purpose – Understanding the computer-virus propagation is quite essential for the construction and development of anti-virus policy. While researches about the anti-virus policy have been extensively investigated, the viewpoint from sociological perspective is relatively ignored. Therefore, this paper aims to explore the dynamics of computer-virus propagation and evaluate the effectiveness of anti-virus policies through the sociological perspective. Design/methodology/approach – This research constructs a virus-propagation model based on the susceptible-exposed-infective-recovered epidemic concept to simulate and explore the dynamic behavior of multipartite computer viruses through the tool of system dynamics. The effectiveness of various anti-virus policies is then evaluated via this model. Findings – The frequency of media contact has a significant effect on the virus infection rate. The effectiveness of user self-prevention relies on the usefulness of the virus signatures. The reporting/alarm process can enhance the capability of anti-virus software company and the detected intensity of new threat. The quarantine policy can effectively reduce the spread of computer virus. Practical implications – Individuals should strengthen the self-awareness of information security to reduce the negative impact. Managers should construct and implement the information security norm to regulate the behavior of staff. Anti-virus software companies should strengthen the capability of their automatic reporting/alarm mechanism to early detect the exceptional conditions and control new threats in time. Originality/value – Information security management research is still in the growth phase, but it is critically important to establish the groundwork for understanding of computer viruses and the effectiveness of anti-virus policy from assorted perspectives. The major contribution of research is to explore the propagation of multipartite computer viruses and study how to prevent their destruction from the sociological and technical perspectives.
24
Gong, Song Jie, and Xue Mei Zhang. "An Anti-Spam Electronic Commerce Security System in Cloud Computing Environment." Applied Mechanics and Materials 556-562 (May 2014): 5797–800. http://dx.doi.org/10.4028/www.scientific.net/amm.556-562.5797.
Full textAbstract:
The appearance of cloud security system makes the spread of computer viruses possess some new features. The open environment in cloud computing is much more complex, and can not fully adapt to the new application of computer network such as cloud computing. Cloud computing offers the advanced capabilities of sharing, where the computing and storage capabilities are outsourced on demand, With the wide use of cloud computing services, tenants require higher and higher security assurance. Through the research and analyss of security in cloud computing, the design model of anti-spam electronic commerce security system based on cloud computing is presented, and the functional modules of the system are analyzed. Lastly, the construction model of anti-spam electronic commerce security system is advanced.
25
Abu-Musa, Ahmad A. "Perceived Security Threats of Computerized Accounting Information Systems in the Egyptian Banking Industry." Journal of Information Systems 20, no. 1 (March 1, 2006): 187–203. http://dx.doi.org/10.2308/jis.2006.20.1.187.
Full textAbstract:
This paper investigates the perceived security threats to computerized accounting information systems (CAIS) in the Egyptian banking industry (EBI) by surveying the entire population of the EBI. Differences between the respondents' opinions regarding the perceived security threats have been identified and investigated in the context of the EBI. The results of the study reveal that accidental entry of bad data by employees, accidental destruction of data by employees, introduction of computer viruses to the system, natural and human-made disasters, employees' sharing of passwords, and misdirecting prints and distributing information to unauthorized people are the most significant perceived security threats to CAIS in the EBI. In all cases, the heads of internal audit departments reported higher occurrence frequencies of CAIS security threats compared to the heads of computer departments.
26
Liu, Chang Ming, and Yan Jun Sun. "The Application of Data Encryption in Network Security." Applied Mechanics and Materials 513-517 (February 2014): 549–51. http://dx.doi.org/10.4028/www.scientific.net/amm.513-517.549.
Full textAbstract:
. With the rapid development of internet computer viruses, Trojan horses and other safety hazards already have been a serious problem which is not ignored. By analyzing the status of network security, we use data encryption technology to ensure the security of information which is already an accepted, but there are many encryption methods. How to select the appropriate method? In this paper, we purpose corresponding encryption system by the current status of the network, and it prepared for select the encryption algorithm next.
27
Raj, Dr Shaji N. "A Flexible Vulnerability Reduction System Using Machine Learning." Revista Gestão Inovação e Tecnologias 11, no. 4 (July 29, 2021): 3784–91. http://dx.doi.org/10.47059/revistageintec.v11i4.2407.
Full textAbstract:
The human system have an ability to adapt dynamically and protect against biological viruses is amazing. Computer security faces an ever-increasing threat and a system which can prevent any viruses coming in, is an open research problem. We propose a new model, called (RI Secure Web), whic h can be resilient and immune to web application vulnerability for injection and URL manipulation for injection methods using an agent based machine learning system The ability of human immune system to survive and maintain body from different damages and its self curing capabi lity inspires the development of a resilient and adaptive cyber security system. Such system functions proactive and defends itself against viruses as human immune system does. In this paper, an architectural view of a system for reducing application level vulnerabilities to protect cyber attacks, particularly injection method is proposed.
28
Whitson, Roger. "Review: Jussi Parikka, Digital Contagions: A Media Archaeology of Computer Viruses." Theory, Culture & Society 34, no. 7-8 (October 27, 2017): 293–98. http://dx.doi.org/10.1177/0263276417736593.
Full textAbstract:
The second edition of Jussi Parikka’s Digital Contagions: A Media Archaeology of Computer Viruses is both a welcome reissue of a canonical text in media archaeology and an important intervention into contemporary techno-political crises like cyberwarfare. Parikka’s book shows how viruses are central to the history of networked computing, while articulating their social connections to political, medical, and cultural discourses. For him, the notion of contagion in digital networks is inseparable from the rise of the computing security industry and the spread of what he calls ‘viral capitalism’: a system of value that leverages viral methodologies to colonize new markets and appropriate revolutionary impulses. Against the purity and commercialism of contemporary consumer electronics, Digital Contagions instead looks to the experiments of early viral programming as offering alternative histories of digital media.
29
Xu, Wen Jie, Fang Qin Xu, and Hai Feng Lu. "Network Security Management System Based on Digital China." Applied Mechanics and Materials 568-570 (June 2014): 1384–88. http://dx.doi.org/10.4028/www.scientific.net/amm.568-570.1384.
Full textAbstract:
With the popularity of the Internet, web applications have become an essential part of business development. At the same time, network security issues have become increasingly prominent, enterprises feel the convenience brought by the network, while they are also facing a variety of attacks and threats: leaks of confidential, loss of data, network abuse, identity theft, illegal invasion. At present, some enterprises have established the appropriate network security systems, but in actual use, because of the wrong use of various security tools, the phenomenon of system vulnerabilities, illegal software, viruses and malicious code intrusion causes the computer operating system can not reach the required level of standard safety levels.
30
Sastry, K. Narasimha, B. Thirumala Rao, and T. Gunasekhar. "Novel Approach for Control Data Theft Attack in Cloud Computing." International Journal of Electrical and Computer Engineering (IJECE) 5, no. 6 (September 11, 2015): 1545. http://dx.doi.org/10.11591/ijece.v5i6.pp1545-1552.
Full textAbstract:
Information security is a major problem faced by cloud computing around the world. Because of their adverse effects on organizational information systems, viruses, hackers, and attackers insiders can jeopardize organizations capabilities to pursue their undertaken effectively. Although technology based solutions help to mitigate some of the many problems of information security, even the preeminent technology can’t work successfully unless effective human computer communication occurs.IT experts, users and administrators all play crucial role to determine the behavior that occurs as people interact with information technology will support the maintenance of effective security or threaten it. In the present paper we try to apply behavioral science concepts and techniques to understanding problems of information security in organizations.
31
Obiniyi, Afolayan A., Ezugwu E. Absalom, and Mohammed Dikko. "Network Security and Firewall Technology." International Journal of Dependable and Trustworthy Information Systems 2, no. 2 (April 2011): 40–60. http://dx.doi.org/10.4018/jdtis.2011040103.
Full textAbstract:
With the explosion of the public Internet, corporate networks connected to the Internet, if not adequately secured, are vulnerable to damaging attacks. Hackers, viruses, worms, Trojan horses, and spyware try to invade privacy. This research examines how these threats affect the corporate network and ways to reduce them. MikroTik routerOS was configured as the router to examine these threats. Network Address Translation and packet filtering where the key features configured to make the network hidden for unauthorized users and filter unwanted traffics that might reflect malicious acts. The configuration and test were carried out at Iya Abubakar Computer Center, Ahamdu Bello University, Zaria, Nigeria. At the onset, the targeted network was full of virus, worms, Trojan horses, spyware, and vulnerable to unauthorized users. The signal strength of the network was usually very poor due to the effect from the threats affecting the bandwidth. The firewall was configured to filter out inherently dangerous services, exposing the network to fewer risks. After the research, the performance and efficiency of the network was improved tremendously.
32
Belaissaoui, Mustapha, and József Jurassec. "A Deep Convolutional Neural Network for Image Malware Classification." International Journal of Smart Security Technologies 6, no. 1 (January 2019): 49–60. http://dx.doi.org/10.4018/ijsst.2019010104.
Full textAbstract:
Malware classification and detection is an important factor in computer system security. However, signature-based methods currently used cannot provide an accurate detection of zero-day attacks and polymorphic viruses. This is why there is a need for detection based on machine learning. The purpose of this work is to present a deep neuronal classification method using convolutional and recurrent network layers in order to obtain the best features for classification. The proposed model achieves 98.73% accuracy on the Microsoft malware dataset.
33
Nurdin, Rizki. "ANALISA KEAMANAN INTERNET MENGGUNAKAN NESSUS DAN ETHEREAL UNIVERSITAS PUTRA INDONESIA “YPTK” PADANG." Jurnal Teknologi Informasi dan Pendidikan 10, no. 3 (April 10, 2018): 11–25. http://dx.doi.org/10.24036/tip.v10i3.9.
Full textAbstract:
With the existence of this information will be easily obtained, the exchange of data that occurs in the virtual world will increase. In addition to the development of this technology, unwittingly evolved also crimes that occur in cyberspace that can harm users who access these sites, ranging from the delivery of viruses, spamming or other types of crime. So that institutions connected in an Internet network will be very vulnerable to network security at the institution. This is given that the productivity of an institution or company will depend on the performance of the network in it. Damage that occurs in a network will result in data exchange that occurs on the network will slow or even damage the network system. Therefore a mechanism that is used to analyze network security is required. Computer network security systems connected to the Internet must be planned and well understood in order to protect the resources within the network effectively.
Keywords : Nessus and Ethereal, Internet Security
34
Feng, Liping, Ruifeng Han, Hongbin Wang, Qingshan Zhao, Chengli Fu, and Qi Han. "A Virus Propagation Model and Optimal Control Strategy in the Point-to-Group Network to Information Security Investment." Complexity 2021 (June 3, 2021): 1–7. http://dx.doi.org/10.1155/2021/6612451.
Full textAbstract:
Epidemiological dynamics is a vital method in studying the spread of computer network viruses. In this paper, an optimal control measure is proposed based on the SEIR virus propagation model in point-to-group information networks. First, considering the need for antivirus measures in reality, an optimal control problem is introduced, and then a controlled computer virus spread model in point-to-group information networks is established. Second, the optimal control measure is formulated by making a tradeoff between control cost and network loss caused by virus intrusion. Third, optimal control strategies are theoretically investigated by Pontryagin’s maximum principle and the Hamiltonian function. Finally, through numerical simulations, effective measures for controlling virus spread in point-to-group information networks are proposed.
35
Essouifi, Mohamed, and Abdelfattah Achahbar. "A mixed SIR-SIS model to contain a virus spreading through networks with two degrees." International Journal of Modern Physics C 28, no. 09 (September 2017): 1750114. http://dx.doi.org/10.1142/s0129183117501145.
Full textAbstract:
Due to the fact that the “nodes” and “links” of real networks are heterogeneous, to model computer viruses prevalence throughout the Internet, we borrow the idea of the reduced scale free network which was introduced recently. The purpose of this paper is to extend the previous deterministic two subchains of Susceptible-Infected-Susceptible (SIS) model into a mixed Susceptible-Infected-Recovered and Susceptible-Infected-Susceptible (SIR–SIS) model to contain the computer virus spreading over networks with two degrees. Moreover, we develop its stochastic counterpart. Due to the high protection and security taken for hubs class, we suggest to treat it by using SIR epidemic model rather than the SIS one. The analytical study reveals that the proposed model admits a stable viral equilibrium. Thus, it is shown numerically that the mean dynamic behavior of the stochastic model is in agreement with the deterministic one. Unlike the infection densities [Formula: see text] and [Formula: see text] which both tend to a viral equilibrium for both approaches as in the previous study, [Formula: see text] tends to the virus-free equilibrium. Furthermore, since a proportion of infectives are recovered, the global infection density [Formula: see text] is minimized. Therefore, the permanent presence of viruses in the network due to the lower-degree nodes class. Many suggestions are put forward for containing viruses propagation and minimizing their damages.
36
Alimboyong, Catherine R. "Modeling virus spread on a network using NetLogo for optimum network management." Indonesian Journal of Electrical Engineering and Computer Science 23, no. 1 (July 1, 2021): 370. http://dx.doi.org/10.11591/ijeecs.v23.i1.pp370-377.
Full textAbstract:
<span>The infections in computer networks are complex. Its spread is analogous to a contagious disease which can cause destruction within a few seconds. Viruses in a computer or computer networks can spread rapidly by various means such as access to online social networking sites like twitter, Facebook, and opening of email attachments. Thus, infections can go from being little dangerous to significantly harmful for a network. This paper proposed a simulation model that can predict the propagation of virus including the trend and the average infection rate using NetLogo software. Observed and simulated data sets were validated using chi-square tests. Results of the experiment have demonstrated accurate performance of the proposed model. The model could be very helpful for network administrators in mitigating the virus propagation and obstruct the spread of computer virus other than the usual prevention scheme particularly the use of antivirus software and inclusion of firewall security. </span>
37
Al-Marghilani, A. "Comprehensive Analysis of IoT Malware Evasion Techniques." Engineering, Technology & Applied Science Research 11, no. 4 (August 21, 2021): 7495–500. http://dx.doi.org/10.48084/etasr.4296.
Full textAbstract:
Malware detection in Internet of Things (IoT) devices is a great challenge, as these devices lack certain characteristics such as homogeneity and security. Malware is malicious software that affects a system as it can steal sensitive information, slow its speed, cause frequent hangs, and disrupt operations. The most common malware types are adware, computer viruses, spyware, trojans, worms, rootkits, key loggers, botnets, and ransomware. Malware detection is critical for a system's security. Many security researchers have studied the IoT malware detection domain. Many studies proposed the static or dynamic analysis on IoT malware detection. This paper presents a survey of IoT malware evasion techniques, reviewing and discussing various researches. Malware uses a few common evasion techniques such as user interaction, environmental awareness, stegosploit, domain and IP identification, code obfuscation, code encryption, timing, and code compression. A comparative analysis was conducted pointing various advantages and disadvantages. This study provides guidelines on IoT malware evasion techniques.
38
Klebanov, Lev R., and Svetlana V. Polubinskaya. "COMPUTER TECHNOLOGIES FOR COMMITTING SABOTAGE AND TERRORISM." RUDN Journal of Law 24, no. 3 (December 15, 2020): 717–34. http://dx.doi.org/10.22363/2313-2337-2020-24-3-717-734.
Full textAbstract:
The article discusses the problems that arise in connection with the crimes against state and public security committed by use of computer and network technologies. This topic is becoming relevant because some states have already experienced the effects of combat computer viruses, which can be regarded as waging war using cyber weapons. The most famous example is the attack by the Stuxnet computer virus on an Iranian uranium enrichment plant. The virus was created specifically to disable industrial control systems. The use of unmanned ground and air vehicles to carry out terrorist acts is of particular danger. The Russian military in Syria is constantly confronted with terrorist attacks: the Khmeimim aerospace forces base is regularly attacked with unmanned air vehicles - drones. Terrorist acts with the use of computer and network technologies are no less dangerous. The destructive potential of cyberterrorism is determined by the widespread computerization of state and public life, the implementation of projects to create smart cities, including smart transportation, as well as the intensive development of the Internet of things. The purpose of the article is to analyze new criminal threats to state and public security, as well as to study high-tech ways of committing crimes such as sabotage, terrorist acts, and other crimes of a terrorist nature. The cost of their consequences for society is very high, and criminals do not always need to attack social objects directly - it is enough to spread panic among the population using online media, social networks and websites of authorities of various levels, after obtaining illegal access to them. The article describes some of the techniques already used to commit crimes of sabotage and terrorism. The authors draw attention to the priority of cybersecurity both for engineers of devices with elements of artificial intelligence, and for lawmakers who should pay attention to methods of technical forecasting when developing legal norms aimed at prevention of new ways of committing such crimes. When writing the article, the authors used a wide range of Russian and foreign sources of legal, statistical, sociological and other information. The authors used such research methods as analysis, synthesis, deduction, induction, formal legal method as well as comparative legal method.
39
Hunter, Philip. "Microsoft tackles viruses and spyware at last, but will it be trusted on security?" Network Security 2005, no. 2 (February 2005): 16–17. http://dx.doi.org/10.1016/s1353-4858(05)00201-1.
Full text
40
Li, Pengdeng, Lu-Xing Yang, Xiaofan Yang, Xiang Zhong, Junhao Wen, and Qingyu Xiong. "Energy-Efficient Patching Strategy for Wireless Sensor Networks." Sensors 19, no. 2 (January 10, 2019): 262. http://dx.doi.org/10.3390/s19020262.
Full textAbstract:
Wireless sensor networks (WSNs) are vulnerable to computer viruses. To protect WSNs from virus attack, the virus library associated with each sensor node must be updated in a timely way. This article is devoted to developing energy-efficient patching strategies for WSNs. First, we model the original problem as an optimal control problem in which (a) each control stands for a patching strategy, and (b) the objective functional to be optimized stands for the energy efficiency of a patching strategy. Second, we prove that the optimal control problem is solvable. Next, we derive the optimality system for solving the optimal control problem, accompanied with a few examples. Finally, we examine the effects of some factors on the optimal control. The obtained results help improve the security of WSNs.
41
Liu, Lan, Ryan K. L. Ko, Guangming Ren, and Xiaoping Xu. "Malware Propagation and Prevention Model for Time-Varying Community Networks within Software Defined Networks." Security and Communication Networks 2017 (2017): 1–8. http://dx.doi.org/10.1155/2017/2910310.
Full textAbstract:
As the adoption of Software Defined Networks (SDNs) grows, the security of SDN still has several unaddressed limitations. A key network security research area is in the study of malware propagation across the SDN-enabled networks. To analyze the spreading processes of network malware (e.g., viruses) in SDN, we propose a dynamic model with a time-varying community network, inspired by research models on the spread of epidemics in complex networks across communities. We assume subnets of the network as communities and links that are dense in subnets but sparse between subnets. Using numerical simulation and theoretical analysis, we find that the efficiency of network malware propagation in this model depends on the mobility rate q of the nodes between subnets. We also find that there exists a mobility rate threshold qc. The network malware will spread in the SDN when the mobility rate q>qc. The malware will survive when q>qc and perish when q<qc. The results showed that our model is effective, and the results may help to decide the SDN control strategy to defend against network malware and provide a theoretical basis to reduce and prevent network security incidents.
42
Bavishi, Ujaliben Kalpesh, and Bhavesh Madanlal Jain. "Malware Analysis." International Journal of Advanced Research in Computer Science and Software Engineering 7, no. 12 (January 3, 2018): 27. http://dx.doi.org/10.23956/ijarcsse.v7i12.507.
Full textAbstract:
Malware, also known as malicious software affects the user’s computer system or mobile devices by exploiting the system’s vulnerabilities. It is a major threat to the security of the computer systems. Some of the types of malwares that are most commonly used are viruses, trojans, worms, etc. Nowadays, there is a widespread use of malware which allows malware author to get sensitive information like bank details, contact information which is a serious threat in the world. Most of the malwares are spread through internet because of its frequent use which can destroy large systems piercing through network. Hence, in this paper, we focus on analyzing malware using different tools which can analyze the malware in a restricted environment. Since many malware authors uses self-modifying code and obfuscation, it is very difficult for the traditional antivirus software to detect the malware which identifies that it is under scan and it can change its execution sequence. So, in order to address the shortcomings of the traditional antivirus software, we will be discussing some of the analysis tools which runs analysis on the malware in an effective manner and helps us to analyze the malware which can help us to protect our system’s information.
43
Kamarudin, Nur Khairani, Nur Nazifa Md Hasani, Rafiza Ruslan, Rashidah Ramle, Nurul Hidayah Ahmad Zukri, and Iman Hazwam Abd Halim. "Performance Analysis of Malware Attack." Journal of Computing Research and Innovation 3, no. 4 (November 18, 2018): 19–24. http://dx.doi.org/10.24191/jcrinn.v3i4.72.
Full textAbstract:
People in this new era of modernization nowadays take Internet as one of the vital thing for daily activities. Internet is not only for adults, it is also a needs for people of all ages. However, network vulnerabilities exist in all network that are connec ted to the Internet. The network mostly are exposed to the malicious software or mostly known as malware. In fact, this malware is growing rapidly and giving a bad impact to the human intervention. The number of attack are increasing rapidly and it comes i n various way just to exploit the victims. There are various type of malware attack. For instance, viruses, worms, spyware, rootkits, Trojan horse and botnet are considered as noteworthy threat for the computer network. Some people giving full confidence on the security of data transmission to the network. However, other can access the personal information without them realizing it. The objective of this paper is to detect malware attack using honeypot Dionaea. Malicious file launched was detected by the honeypot and the file was analyzed by using the sandbox tool, Virus Total. This paper found that honeypot Dionaea is helpful in detecting various types of malware attack.
44
Diningrat, Syaiputra Wahyuda Meisa, Meyga Agustia Nindya, and Salwa Salwa. "EMERGENCY ONLINE TEACHING: EARLY CHILDHOOD EDUCATION LECTURERS' PERCEPTION OF BARRIER AND PEDAGOGICAL COMPETENCY." Jurnal Cakrawala Pendidikan 39, no. 3 (October 19, 2020): 705–19. http://dx.doi.org/10.21831/cp.v39i3.32304.
Full textAbstract:
In this COVID-19 situation, online learning has been widely implemented in higher education contexts. This issue inspires the researchers to conduct further study on barriers encountered by lecturers in higher education. This study was carried out to explore how the lecturers perceive the barriers in online teaching practices and the level of pedagogical competencies perceived by the lecturers in conducting online learning in this emergency. The study employed a cross-sectional survey research design. Data were collected from 73 early childhood education lecturers from four regions in East Java, Indonesia. The questionnaires were developed to measure lecturers' perceptions of barriers in online teaching practices adopted from the TIPEC framework and measure the lecturers' pedagogical competencies. Multivariate analysis of variances was used to analyze the data. The results showed that limited bandwidth, connectivity, and security were the first significant barriers perceived by early childhood lecturers. Meanwhile, the second barriers are related to student lack of engagement and lack of feedback. Then, third barriers are computer viruses, the quality of course content, and reliability of the online assessment instrument. ANOVA results showed that there were significant differences between gender and technological factors, gender and instructional design factors, as well as educational qualification and strategy implementation of factors.
45
Liu, Guiyun, Junqiang Li, Zhongwei Liang, and Zhimin Peng. "Analysis of Time-Delay Epidemic Model in Rechargeable Wireless Sensor Networks." Mathematics 9, no. 9 (April 27, 2021): 978. http://dx.doi.org/10.3390/math9090978.
Full textAbstract:
With the development of wireless rechargeable sensor networks (WRSNs), many scholars began to attach attention to network security under the spread of viruses. This paper mainly studies a novel low-energy-status-based model SISL (Susceptible, Infected, Susceptible, Low-Energy). The conversion process from low-energy nodes to susceptible nodes is called charging. It is noted that the time delay of the charging process in WRSNs should be considered. However, the charging process and its time delay have not been investigated in traditional epidemic models in WRSNs. Thus, the model SISL is proposed. The basic reproduction number, the disease-free equilibrium point, and the endemic equilibrium point are discussed here. Meanwhile, local stability and global stability of the disease-free equilibrium point and the endemic equilibrium point are analyzed. The addition of the time-delay term needs to be analyzed to determine whether it affects the stability. The intervention treatment strategy under the optimal control is obtained through the establishment of the Hamiltonian function and the application of the Pontryagin principle. Finally, the theoretical results are verified by simulations.
46
Azeez, Nureni Ayofe, Oluwanifise Ebunoluwa Odufuwa, Sanjay Misra, Jonathan Oluranti, and Robertas Damaševičius. "Windows PE Malware Detection Using Ensemble Learning." Informatics 8, no. 1 (February 10, 2021): 10. http://dx.doi.org/10.3390/informatics8010010.
Full textAbstract:
In this Internet age, there are increasingly many threats to the security and safety of users daily. One of such threats is malicious software otherwise known as malware (ransomware, Trojans, viruses, etc.). The effect of this threat can lead to loss or malicious replacement of important information (such as bank account details, etc.). Malware creators have been able to bypass traditional methods of malware detection, which can be time-consuming and unreliable for unknown malware. This motivates the need for intelligent ways to detect malware, especially new malware which have not been evaluated or studied before. Machine learning provides an intelligent way to detect malware and comprises two stages: feature extraction and classification. This study suggests an ensemble learning-based method for malware detection. The base stage classification is done by a stacked ensemble of fully-connected and one-dimensional convolutional neural networks (CNNs), whereas the end-stage classification is done by a machine learning algorithm. For a meta-learner, we analyzed and compared 15 machine learning classifiers. For comparison, five machine learning algorithms were used: naïve Bayes, decision tree, random forest, gradient boosting, and AdaBoosting. The results of experiments made on the Windows Portable Executable (PE) malware dataset are presented. The best results were obtained by an ensemble of seven neural networks and the ExtraTrees classifier as a final-stage classifier.
47
Kalyaev, I. A., and E. V. Melnik. "Trusted Control Systems." Mekhatronika, Avtomatizatsiya, Upravlenie 22, no. 5 (May 17, 2021): 227–36. http://dx.doi.org/10.17587/mau.22.227-236.
Full textAbstract:
Nowadays, the problem of ensuring security of systems with a critical mission has become particularly relevant. An increased opportunity for unauthorized exposure on such systems via hardware, software and communication networks is the main reason to discuss this problem. It is confirmed by a plenty of accidents when equipment is out of order by means of malicious embedded elements and viruses. Currently, in the Russian Federation the majority of control systems are based on foreign hardware and software platforms, including strategic enterprises and objects with a critical mission. Herewith, the proportion of foreign microelectronic components in such systems is more than 85 %. The article is devoted to the development of scientific basis and techniques of the assurance assessment to control systems of objects with a critical mission. It was shown, that assurance assessment to a control system is a broader index than its reliability and fault tolerance. Such index must integrate various evidences and approvals, which can be objective, based on physical and mathematical assurance assessment methods, as well as they can be subjective, based on the experts experience. A method of assurance assessment to a control system of objects with a critical mission, based on Shortliffe’s scheme, was proposed in this paper. The Shortliffe’s scheme is used in the theories of fuzzy logic for assurance assessment to a hypothesis on the basis of various evidences and statements. An important advantage of a Shortliffe’s scheme is the set of evidences, which can be broadened and augmented (for instance, on the basis of obtained experience). It allows us to clarify a certainty factor. The assessment methods of truth degree of terminal statements of various types, including those, which require the combination of objective and subjective methods of their truth degree assessment, are proposed. The proposed assurance assessment method for national development and creation standards of control systems of objects with a critical mission allows to significantly increase their functional security.
48
Kaddoura, Sanaa, Ramzi A. Haraty, Karam Al Kontar, and Omar Alfandi. "A Parallelized Database Damage Assessment Approach after Cyberattack for Healthcare Systems." Future Internet 13, no. 4 (March 31, 2021): 90. http://dx.doi.org/10.3390/fi13040090.
Full textAbstract:
In the current Internet of things era, all companies shifted from paper-based data to the electronic format. Although this shift increased the efficiency of data processing, it has security drawbacks. Healthcare databases are a precious target for attackers because they facilitate identity theft and cybercrime. This paper presents an approach for database damage assessment for healthcare systems. Inspired by the current behavior of COVID-19 infections, our approach views the damage assessment problem the same way. The malicious transactions will be viewed as if they are COVID-19 viruses, taken from infection onward. The challenge of this research is to discover the infected transactions in a minimal time. The proposed parallel algorithm is based on the transaction dependency paradigm, with a time complexity O((M+NQ+N^3)/L) (M = total number of transactions under scrutiny, N = number of malicious and affected transactions in the testing list, Q = time for dependency check, and L = number of threads used). The memory complexity of the algorithm is O(N+KL) (N = number of malicious and affected transactions, K = number of transactions in one area handled by one thread, and L = number of threads). Since the damage assessment time is directly proportional to the denial-of-service time, the proposed algorithm provides a minimized execution time. Our algorithm is a novel approach that outperforms other existing algorithms in this domain in terms of both time and memory, working up to four times faster in terms of time and with 120,000 fewer bytes in terms of memory.
49
Jung, Dong-Seob, Sang-Joon Lee, and Ieck-Chae Euom. "ImageDetox: Method for the Neutralization of Malicious Code Hidden in Image Files." Symmetry 12, no. 10 (September 30, 2020): 1621. http://dx.doi.org/10.3390/sym12101621.
Full textAbstract:
Malicious codes may cause virus infections or threats of ransomware through symmetric encryption. Moreover, various bypassing techniques such as steganography, which refers to the hiding of malicious code in image files, have been devised. Unknown or new malware hidden in an image file in the form of malicious code is difficult to detect using most representative reputation- or signature-based antivirus methods. In this paper, we propose the use of ImageDetox method to neutralize malicious code hidden in an image file even in the absence of any prior information regarding the signatures or characteristics of the code. This method is composed of four modules: image file extraction, image file format analysis, image file conversion, and the convergence of image file management modules. To demonstrate the effectiveness of the proposed method, 30 image files with hidden malicious codes were used in an experiment. The malicious codes were selected from 48,220 recent malicious codes purchased from VirusTotal (a commercial application programming interface (API)). The experimental results showed that the detection rate of viruses was remarkably reduced. In addition, image files from which the hidden malicious code had previously been removed using a nonlinear transfer function maintained nearly the same quality as that of the original image; in particular, the difference could not be distinguished by the naked eye. The proposed method can also be utilized to prevent security threats resulting from the concealment of confidential information in image files with the aim of leaking such threats.
50
CHEN, ZHONGQIANG, ALEX DELIS, and PETER WEI. "IDENTIFICATION AND MANAGEMENT OF SESSIONS GENERATED BY INSTANT MESSAGING AND PEER-TO-PEER SYSTEMS." International Journal of Cooperative Information Systems 17, no. 01 (March 2008): 1–51. http://dx.doi.org/10.1142/s0218843008001750.
Full textAbstract:
Sessions generated by Instant Messaging and Peer-to-Peer systems (IM/P2Ps) not only consume considerable bandwidth and computing resources but also dramatically change the characteristics of data flows affecting both the operation and performance of networks. Most IM/P2Ps have known security loopholes and vulnerabilities making them an ideal platform for the dissemination of viruses, worms, and other malware. The lack of access control and weak authentication on shared resources further exacerbates the situation. Should IM/P2Ps be deployed in production environments, performance of conventional applications may significantly deteriorate and enterprise data may be contaminated. It is therefore imperative to identify, monitor and finally manage IM/P2P traffic. Unfortunately, this task cannot be easily attained as IM/P2Ps resort to advanced techniques to hide their traces including multiple channels to deliver services, port hopping, message encapsulation and encryption. In this paper, we propose an extensible framework that not only helps to identify and classify IM/P2P-generated sessions in real time but also assists in the manipulation of such traffic. Consisting of four modules namely, session manager, traffic assembler, IM/P2P dissector, and traffic arbitrator, our proposed framework uses multiple techniques to improve its traffic classification accuracy and performance. Through fine-tuned splay and interval trees that help organize IM/P2P sessions and packets in data streams, we accomplish stateful inspection, traffic re-assembly, data stream correlation, and application layer analysis that combined will boost the framework's identification precision. More importantly, we introduce IM/P2Ps "plug-and-play" protocol analyzers that inspect data streams according to their syntax and semantics; these analyzers render our framework easily extensible. Identified IM/P2P sessions can be shaped, blocked, or disconnected, and corresponding traffic can be stored for forensic analysis and threat evaluation. Experiments with our prototype show high IM/P2Ps detection accuracy rates under diverse settings and excellent overall performance in both controlled and real-world environments.