With thousands of incidents identified by security appliances every day, the process of distinguishing which incidents are important and which are trivial is complicated. This paper proposes an incident prioritisation...
详细信息
ISBN:
(纸本)9780729806985
With thousands of incidents identified by security appliances every day, the process of distinguishing which incidents are important and which are trivial is complicated. This paper proposes an incident prioritisation model, the Risk Index Model (RIM), which is based on risk assessment and the Analytic Hierarchy Process (AHP). The model uses indicators, such as criticality, maintainability, replaceability, and dependability as decision factors to calculate incidents' risk index. The RIM was validated using the MIT DARPA LLDOS 1.0 dataset, and the results were compared against the combined priorities of the Common Vulnerability Scoring System (CVSS) v2 and Snort Priority. The experimental results have shown that 100% of incidents could be rated with RIM, compared to only 17.23% with CVSS. In addition, this study also improves the limitation of group priority in the Snort Priority (e.g. high, medium and low priority) by quantitatively ranking, sorting and listing incidents according to their risk index. The proposed study has also investigated the effect of applying weighted indicators at the calculation of the risk index, as well as the effect of calculating them dynamically. The experiments have shown significant changes in the resultant risk index as well as some of the top priority rankings.
Discovering the root key bits in the cryptanalysis of 16-rounded data Encryption Standard (DES-160 is considered to be a hard problem. In this paper we present an approach for cryptanalysis of DES-16 based on Particle...
详细信息
AAA (Authentication, Authorization, and Accounting) is one of the important functions indispensable for providing services on the Internet. Diameter Base Protocol was standardized in IETF as a successor of RADIUS, whi...
详细信息
AAA (Authentication, Authorization, and Accounting) is one of the important functions indispensable for providing services on the Internet. Diameter Base Protocol was standardized in IETF as a successor of RADIUS, which is a widely used AAA protocol in the current Internet. Diameter solves the problems that RADIUS has such as support of multiple realms, reliable and secure message transport, and failover. There are several open source implementations of Diameter Base Protocol. However, none of them completely conforms to the specification. The first contribution of freeDiameter is that it is an open source of Diameter Base Protocol that completely conforms to the specification. It is written in C and based on a BSD-like license. In the Diameter architecture, a particular service on Diameter Base Protocol is defined as a Diameter application such as Diameter EAP application for WiFi network access control. The second contribution of freeDiameter is that the software architecture of freeDiameter makes it easy to implement Diameter applications as additional plug-ins. freeDiameter has already been distributed through our home page. freeDiameter with Diameter EAP application has been used in our laboratory for WiFi network access. It was also used for network control in the WIDE camp held in September 2010 for four days in which approximately 200 researchers attended. There was no problem on freeDiameter. This is good evidence of the stability of freeDiameter.
Particle Swarm Optimisation (PSO) algorithm is known to be better than Genetic Algorithm (GA) as fewer operators are needed in its algorithm. However, it still has some weaknesses such as immature convergence;a condit...
详细信息
The objective of condition based maintenance (CBM) is typically to determine an optimal maintenance policy to minimize the overall maintenance cost based on condition monitoring information. In Aircraft operator and t...
详细信息
This article proposes a novel Hybrid Differential Artificial Bee Colony Algorithm (HDABCA), which combines Differential Evolution with Artificial Bee Colony Algorithm (ABCA), for designing the fractional order proport...
详细信息
The scale, diversity, and decentralized administration of the Internet mean that to continuously acquire the global status of the network and to timely identify the causes of communication performance degradation is r...
详细信息
The scale, diversity, and decentralized administration of the Internet mean that to continuously acquire the global status of the network and to timely identify the causes of communication performance degradation is reasonably difficult. However, emerging advanced network applications, which are often sensitive to communication quality and bandwidth consumption, as well as increasing security threats, strongly require a higher quality of network measurement and analysis in terms of granularity (spatial and temporal), timeliness, continuity, coverage, and reliability. Integrating multiple-location, diverse-type, and long-term measurements has been considered a key means for coping with such difficulties. In addition, the measured data and analyzed results should be flexibly shared and reused for efficiency. Therefore, a multi-domain network measurement platform should be realized, as it can provide integrated network monitoring and analysis functionality over the Internet on demand and can adapt to the purposes of the individual users (applications) and operators. In this paper, we thus briefly introduce the design principles and software implementation for a perfSONAR-based integrated network measurement system aiming at "Internet Monitoring As aService", together with a preliminary experiment using a prototype system on the Internet. With help of a function we newly designed and developed, our system can easily utilize new measurement tools and flexibly integrate and provide the measurement results of those tools to users.
In this research, a new multiple selection algorithm, which is known as "static range statistical multiple selection algorithm" is proposed. This algorithm is developed based on the statistical knowledge abo...
详细信息
ISBN:
(纸本)9789881821034
In this research, a new multiple selection algorithm, which is known as "static range statistical multiple selection algorithm" is proposed. This algorithm is developed based on the statistical knowledge about the uniform distribution nature of the data which has been arranged according to certain order in the file. A global file with n keys is distributed evenly among n peers in the peer-to-peer network. The selection algorithm can performs multiple selections concurrently to find multiple target keys with different predefined target ranks. The algorithm uses a fixed filter approach in which the algorithm is able to make sure that the target key is within certain filter range in each local file. The range is made smaller and smaller as the selection process iterates until all target keys are found. The algorithm is able to reduce the number of messages needed and increases the success rate of all multiple selections in the selection process compared to the previous multiple selection algorithms proposed by Loo in 2005.
This paper introduces an approach to build a geographical ontology of countries at the global scale. Our approach is based on the free online encyclopedia Wikipedia to extract lists of places, then rebuild a hierarchy...
详细信息
暂无评论