Wyszukiwarka
Wyniki wyszukiwania dla: SECURITY MONITORING
-
Evaluating Security and Resilience of Critical Networked Infrastructures after Stuxnet
PublikacjaThe chapter presents the current configuration of the simulation environment for the evaluations of the security and resilience of critical networked infrastructures, which enables simulations of Stuxnet-like attacks. The configuration includes new features added to the MAlSim - Mobile Agent Malware Simulator after the advent of Stuxnet in reference to the experiments aiming at the security evaluation of a power plant which we...
-
Resilience and Security in Software Defined Networking
PublikacjaThis paper gives an overview of the most important issues on resilience and security in Software Defined Networking
-
Threats to Armenia’s Security in the National Strategy and Practice with Special Emphasis on External Security,
PublikacjaThe national security strategy adopted in 2007 provided a detailed definition of security and identified its threats. The key threat to the Armenian state was considered to be the Nagorno-Karabakh conflict. The document indicated the Collective Security Treaty Organisation main guarantor of security, with Russia being Armenia’s main partner in bilateral relations. The second position in the strategy was assigned to cooperation...
-
Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments
Publikacja[Context] The goal of security is to protect digital assets, devices, and services from being disrupted, exploited or stolen by unauthorized users. It is also about having reliable information available at the right time. [Motivation] Since the inception in 2009 of the first cryptocurrency, few studies have been undertaken to analyze and review the state-of-the-art research and current developments with respect to the security...
-
Towards systemic functional safety and security management in hazardous plants
PublikacjaThe aim of this article is to identify and discuss some issues related to functional safety and security management in hazardous industrial plants. The safety functions are to be realised using the electric / electronic / programmable electronic systems (E/E/PESs) or the safety instrumented systems (SISs) that are designed and operated respectively according to IEC 61508 and IEC 61511 requirements in life cycle. Although the role...
-
Security Information Sharing for the Polish Power System
PublikacjaThe Polish Power System is becoming increasingly more dependent on Information and Communication Technologies which results in its exposure to cyberattacks, including the evolved and highly sophisticated threats such as Advanced Persistent Threats or Distributed Denial of Service attacks. The most exposed components are SCADA systems in substations and Distributed Control Systems in power plants. When addressing this situation...
-
Security Requirements and Controls for Incident Information Sharing in the Polish Power System
PublikacjaAmong the strategies of protecting information assets of the power system, sharing of information about current cybersecurity incidents between energy operators appears to be a prerequisite. Exchange of information leads to the effective detection of attacks and exploited vulnerabilities as well as the identification of countermeasures. This paper presents the results of continuation of our works on developing a secure and efficient...
-
Security of export transactions in the offer of leading banks on the Polish market
PublikacjaThe following article presents the so-called conditioned payment methods, i.e. instruments for securing export transactions, such as letter of credit, documentary collection, bank guarantees, factoring and forfaiting. The characteristics of each particular method are presented as well as the transactions using them are described. In the following paper, the author included also the leading Polish banks, which offer the above- mentioned...
-
Simulating Malware with MAlSim
PublikacjaThis paper describes MAlSim - Mobile Agent Malware Simulator - a mobile agent framework developed to address one of the most important problems related to the simulation of attacks against information systems i.e. the lack of adequate tools for reproducing behaviour of malicious software (malware). The framework can be deployed over the network of an arbitrary information system and it aims at simulating behaviour of each instance...
-
Simulating malware with MAlSim
PublikacjaThis paper describes MAlSim - Mobile Agent Malware Simulator - a mobile agent framework developed to address one of the most important problems related to the simulation of attacks against information systems, i.e. the lack of adequate tools for reproducing behaviour of malicious software (malware). The framework can be deployed over the network of an arbitrary information system and it aims at simulating behaviour of each instance...
-
The symmetric extendibility of quantum states
PublikacjaStudies on the symmetric extendibility of quantum states have become particularly important in the context of the analysis of one-way quantum measures of entanglement, and the distillability and security of quantum protocols. In this paper we analyze composite systems containing a symmetric extendible part, with particular attention devoted to the one-way security of such systems. Further, we introduce a new one-way entanglement...
-
Extendable Safety and Security Ontology
PublikacjaSecurity plays an increasingly important role in our everyday life, and research and users of computer systems point out that the need arises for a common, formalised model capable of integrating different solutions. In this paper we show that an ontology can be designed and created in a way that will make it suitable for interoperability and integration. A security and safety ontology and the methodology for creating a common...
-
Areas of research in maritime security
PublikacjaW referacie przedstawiono analizę ważniejszych aspektów dotyczących ochrony żeglugi (maritime security) oraz zaproponowano nowe kierunki rozwoju.
-
Software Agents for Computer Network Security
PublikacjaThe chapter presents applications of multi-agent technology for design and implementation of agent-based systems intended to cooperatively solve several critical tasks in the area of computer network security. These systems are Agent-based Generator of Computer Attacks (AGCA), Multi-agent Intrusion Detection and Protection System (MIDPS), Agent-based Environment for Simulation of DDoS Attacks and Defense (AESAD) and Mobile Agent...
-
WIKI-WS as a C2 NIWA Web Service Management Platform
PublikacjaThe Wiki-WS platform was implemented within the C2 NIWA project for production purposes. Wiki-WS stands for developing, managing and maintaining web services. The production deployment needed implementation of several functional improvements and establishing a strong security 7 safety policy. The WikiWS platform has to be used as an educational environmement for developing web sevices and production environment for execution of...
-
Quantum key distribution based on private states: Unconditional security over untrusted channels with zero quantum capacity
PublikacjaIn this paper, we prove unconditional security for a quantum key distribution (QKD) protocol based on distilling pbits (twisted ebits) from an arbitrary untrusted state that is claimed to contain distillable key. Our main result is that we can verify security using only public communication-via parameter estimation of the given untrusted state. The technique applies even to bound-entangled states, thus extending QKD to the regime...
-
AUTONOMOUS PLATFORM TO PROTECT MARITIME INFRASTRUCTURE FACILITIES
PublikacjaProblems regarding the security of maritime infrastructure, especially harbours and offshore infrastructure, are currently a very hot topic. Due to these problems, there are some research projects in which the main goal is to decrease the gap and improve the methods of observation in the chosen area, for both in-air and underwater areas. The main goal of the paper is to show a new complex system for improving the security of the...
-
Security and Anonymity in Agent Systems
PublikacjaMany agent systems have been developed and suggested for commercial application. However, in spite of the significant potential offered by the agent paradigm, the lack of such important properties as security, anonymity and untracebility especially in open dynamical environment, such as the Internet, has blocked the active implementation of agent technologies. Protecting agent systems poses a more demanding challenge comparing...
-
Situational Awareness Network for the Electric Power System: the Architecture and Testing Metrics
PublikacjaThe contemporary electric power system is highly dependent on Information and Communication Technologies which results in its exposure to new types of threats, such as Advanced Persistent Threats (APT) or Distributed-Denial-of-Service (DDoS) attacks. The most exposed components are Industrial Control Systems in substations and Distributed Control Systems in power plants. Therefore, it is necessary to ensure the cyber security of...
-
Wybrane problemy ochrony żeglugi (Maritime Security)
Publikacjaprzedstawiono zagadnienia ochrony żeglugi w aspekcie uwarunkowań związanych z radiokomunikacją morską. Opisano Międzynarodowy Kodeks Ochrony Statków i Urządzeń Portowych - ISPS (International Ship and Port Facility Security Code) i Statkowy System Alarmowania - SSAS (Ship Security Alert System) oraz także scharakteryzowano system AIS (Automated Information System) i System Identyfikacji i Śledzenia Dalekiego Zasięgu - LRIT (Long...
-
Signatures and acoustic images of objects moving in water
PublikacjaObservation of underwater space is part of a generaltrend, which primary purpose is to protect and increasesafety in the selected area. The basic aim of the paper ispresentation of designated acoustic characteristics typicalfor objects moving on the water surface and under water,which represent some knowledge about detection of theseobjects. Create a catalog of acoustic signature and not onlyacoustic, as well as acoustic images...
-
Evaluation of Open Source SIEM for Situation Awareness Platform in the Smart Grid Environment
PublikacjaThe smart grid as a large-scale system of systems has an exceptionally large surface exposed to cyber-attacks, including highly evolved and sophisticated threats such as Advanced Persistent Threats (APT) or Botnets. When addressing this situation the usual cyber security technologies are prerequisite, but not sufficient. The smart grid requires developing and deploying an extensive ICT infrastructure that supports significantly...
-
Modelling the malware propagation in mobile computer devices
PublikacjaNowadays malware is a major threat to the security of cyber activities. The rapid develop- ment of the Internet and the progressive implementation of the Internet of Things (IoT) increase the security needs of networks. This research presents a theoretical model of malware propagation for mobile computer devices. It is based on the susceptible-exposed- infected-recovered-susceptible (SEIRS) epidemic model. The scheme is based on...
-
ENISA Study: Challenges in Securing Industrial Control Systems
PublikacjaIn 2011, the European Network and Information Security Agency (ENISA) conducted a study in the domain of Industrial Control Systems (ICS). Its objective was to obtain the current view on the ICS protectionprimarily in Europe but also in the international context. The portrait' included threats, risks, and challenges in the area of ICS protection as well as national, pan European, and international initiatives on ICS security. The...
-
Enhancing Security of Advanced Metering Infrastructure by Introducing Threshold Attendance Protocol
PublikacjaThe industry pushes towards smart grid systems in order to resolve current limitations of the unidirectional legacy power grid infrastructure. By introducing Advanced Metering Infrastructure (AMI) as an integral part of the smart grid solution, the utility company obtains an invaluable tool to optimize its network, lower the operational costs, and improve quality of service. Unfortunately, introducing two-way communication poses...
-
Device-independent quantum key distribution based on measurement inputs
PublikacjaWe provide an analysis of a family of device-independent quantum key distribution (QKD) protocols that has the following features. (a) The bits used for the secret key do not come from the results of the measurements on an entangled state but from the choices of settings. (b) Instead of a single security parameter (a violation of some Bell inequality) a set of them is used to estimate the level of trust in the secrecy of the key....
-
Facilitating free travel in the Schengen area—A position paper by the European Association for Biometrics
PublikacjaDue to migration, terror-threats and the viral pandemic, various EU member states have re-established internal border control or even closed their borders. European Association for Biometrics (EAB), a non-profit organisation, solicited the views of its members on ways which biometric technologies and services may be used to help with re-establishing open borders within the Schengen area while at the same time mitigating any adverse...
-
Security Assessment of a Turbo-Gas Power Plant
PublikacjaCritical infrastructures are exposed to new threats due to the large number of vulnerabilities and architectural weaknesses introduced by the extensive use of information and communication technologies. This paper presents the results of an exhaustive security assessment for a turbo-gas power plant.
-
INTEGRATED FUNCTIONAL SAFETY AND CYBERSECURITY ANALYSIS METHOD FOR SMART MANUFACTURING SYSTEMS
PublikacjaThis article addresses integrated functional safety and cybersecurity analysis with regard to: the generic functional safety standard IEC 61508 and the cyber security standard IEC 62443 concerning an industrial automation and control system (IACS). The objective is to mitigate the vulnerability of information technology (IT) and operational technology (OT) systems, and reduce relevant risks taking into account a set of fundamental...
-
Trust Management Method for Wireless Sensor Networks
PublikacjaA Wireless Sensor Network (WSN) is a network of spatially distributed autonomous sensors to monitor physical or environmental conditions, such as temperature, sound, pressure, etc. and to cooperatively pass their data to the main location. The first wireless network that bore any real resemblance to a modern WSN is the Sound Surveillance System (SOSUS), developed by the United States Military in the 1950s to detect and track Soviet...
-
Generalized access control in hierarchical computer network
PublikacjaThe paper presents the design of the security layer for a distributed system located in the multizone hierarchical computer network. Depending on the zone from which a client’s request comes to the system and the type of the request, it will be either authorized or rejected. There is one common layer for the access to all the business services and interactions between them. Unlike the commonly used RBAC model, this system enforces...
-
Choosing the Right Cybersecurity Solution: A Review of Selection and Evaluation Criteria
PublikacjaInformation technologies evolve continuously reaching pioneering areas that bring in new cybersecurity challenges. Security engineering needs to keep pace with the advancing cyberthreats by providing innovative solutions. At the same time, the foundations that include security and risk assessment methodologies should remain stable. Experts are offered with an extensive portfolio of solutions and an informed choice of a particular...
-
Validation of a virtual test environment for C2X communication under radio jamming conditions
PublikacjaIn this paper, we propose a novel car-2-x communication security testing methodology in the physical layer of wireless systems. The approach is dedicated to automated testing of autonomous vehicles and it is essential for such complex systems operation, especially with regard to safety and security issues. It is based on scenario-driven testing in virtual and real test environments created from collected or simulated data. The...
-
The role of rewards and demands in burnout among surgical nurses
PublikacjaObjective: Job rewards have both, an intrinsic and an extrinsic motivational potential, and lead to employees’ development as well as help them to achieve work goals. Rewards can balance job demands and protect from burnout. Due to changes on the labour market, new studies are needed. The aim of our study was to examine the role of demands and individual rewards (and their absence) in burnout among surgical nurses. Materials and...
-
Performance and Security Testing for Improving Quality of Distributed Applications Working in Public/Private Network Environments
PublikacjaThe goal of this dissertation is to create an integrated testing approach to distributed applications, combining both security and performance testing methodologies, allowing computer scientist to achieve appropriate balance between security and performance charakterstics from application requirements point of view. The constructed method: Multidimensional Approach to Quality Analysis (MA2QA) allows researcher to represent software...
-
Guaranteeing Threshold Attendance of W/WSAN nodes in a reverted security paradigm
PublikacjaWe consider a Wireline/Wireless Sensor and Actor Network composed of sensor/actor nodes and a data sink/command center (DSCC). Each node controls a generic device that can be in- or out-of-service, corresponding to the ENABLED or DISABLED node state. The node senses the device's intention to change state, and notifies and/or requests the DSCC for authorization to act upon the device. Motivated by requirements for critical infrastructures...
-
Enhancing the bioconversion rate and end products of black soldier fly (BSF) treatment – A comprehensive review
PublikacjaFood security remains a pressing concern in the face of an increasing world population and environmental challenges. As climate change, biodiversity loss, and water scarcity continue to impact agricultural productivity, traditional livestock farming faces limitations in meeting the growing global demand for meat and dairy products. In this context, black soldier fly larvae (BSFL) have emerged as a promising alternative for sustainable...
-
On IPSec Performance Testing of IPv4/IPv6 IPSec Gateway
PublikacjaZapewnienie, że brama IPSec (ang. Internet Protocol Security) spełnia oczekiwania wydajnościowe jest jednym z najważniejszych wyzwań, przed jakimi stoi zespół projektowy tworzący ten produkt. Jedynie odpowiednie podejście do walidacji może zagwarantować, że przepustowość ruchu IPSec bramy jest na oczekiwanym poziomie, czas dodawania/usuwania konfiguracji SA (ang. Security Associations) jest akceptowalny, brama IPSec jest w stanie...
-
Graph security testing
PublikacjaSet S ⊂ V is called secure set iff ∀ X ⊂ S | N [ X ] ∩ S | ≥ | N ( X ) \ S | [3]. That means that every subset of a secure set has at least as many friends (neighbour vertices in S) as enemies (neighbour vertices outside S) and will be defended in case of attack. Problem of determining if given set is secure is co −NP -complete, there is no efficient algorithm solving it [3]. Property testers are algorithms that distinguish inputs...
-
Threat intelligence platform for the energy sector
PublikacjaIn recent years, critical infrastructures and power systems in particular have been subjected to sophisticated cyberthreats, including targeted attacks and advanced persistent threats. A promising response to this challenging situation is building up enhanced threat intelligence that interlinks information sharing and fine-grained situation awareness. In this paper a framework which integrates all levels of threat intelligence...
-
A place of school in the idea of the sustainable development
PublikacjaWell designed school space enables social contacts, increases activity of pupils and improves the condition of their health. However, the best design would not bring the expected benefits if it is not integrated with the surroundings in terms of transportation, security and local needs. In the sustainable development, the social goals are in harmony with ecological aims according to the rule of "3 r" (reduce, reuse, recycle).
-
Deep Learning-Based Intrusion System for Vehicular Ad Hoc Networks
PublikacjaThe increasing use of the Internet with vehicles has made travel more convenient. However, hackers can attack intelligent vehicles through various technical loopholes, resulting in a range of security issues. Due to these security issues, the safety protection technology of the in-vehicle system has become a focus of research. Using the advanced autoencoder network and recurrent neural network in deep learning, we investigated...
-
Implementing decisional trust: a first approach for smart reliable systems
PublikacjaIn this article, we introduce the necessary elements that must be integrated in order to achieve a decisional technology that is trustworthy. Thus, we refer to such technology as decisional trust. For us, decisional trust can be achieved through the use of elements such as the decisional DNA, reflexive ontologies, and security models; and therefore, we present in this article a framework that was used for the implementation of...
-
CIP Security Awareness and Training: Standards and Practice
PublikacjaThese are critical infrastructure employees who have access to the critical cyber assets in the first place. This situation is well recognized by international and national standardization bodies which recommend security education, training and awareness as one of the key elements of critical infrastructure protection. In this chapter the standards are identified and their relevant areas are described. A practical implementation...
-
CIP Security Awareness and Training: Standards and Practice
PublikacjaThese are critical infrastructure employees who have access to the critical cyber assets in the first place. This situation is well recognised by international and national standardisation bodies which recommend security education, training and awareness as one of the key elements of critical infrastructure protection. In this chapter the standards are identified and their relevant areas are described. A practical implementation...
-
Resolving conflicts in object tracking for automatic detection of events in video
PublikacjaAn algorithm for resolving conflicts in tracking of moving objects is presented. The proposed approach utilizes predicted states calculated by Kalman filters for estimation of trackers position, then it uses color and texture descriptors in order to match moving objects with trackers. Problematic situations, such as splitting objects, are addressed. Test results are presented and discussed. The algorithm may be used in the system...
-
Nodal cooperation equilibrium analysis in multi-hop wireless ad hoc networks with a reputation system
PublikacjaMotivated by the concerns of cooperation security, this work examines selected principles of state-of-the-art reputation systems for multi-hop ad hoc networks and their impact upon optimal strategies for rational nodes. An analytic framework is proposed and used for identification of effective cooperation-enforcement schemes. It is pointed out that optimum rather than high reputation can be expected to be sought by rational nodes.
-
User Trust Levels and Their Impact on System Security and Usability
PublikacjaA multilateral trust between a user and a system is considered. First of all we concentrate on user trust levels associated with the context-oriented CoRBAC model. Consequently, there were computed user profiles on the basis of its implementation in the information processing system “My GUT”. Furthermore, analysis of these profiles and the impact of user trust levels on system security and usability have been discussed.
-
Towards Cognitive and Perceptive Video Systems
PublikacjaIn this chapter we cover research and development issues related to smart cameras. We discuss challenges, new technologies and algorithms, applications and the evaluation of today’s technologies. We will cover problems related to software, hardware, communication, embedded and distributed systems, multi-modal sensors, privacy and security. We also discuss future trends and market expectations from the customer’s point of view.
-
Secure Quaternion Feistel Cipher for DICOM Images
PublikacjaAn improved and extended version of a quaternion-based lossless encryption technique for digital image and communication on medicine (DICOM) images is proposed. We highlight and address several security flaws present in the previous version of the algorithm originally proposed by Dzwonkowski et al. (2015). The newly proposed secure quater- nion Feistel cipher (S-QFC) algorithm...