Your search keyword '"*FIREWALLS (Computer security)"' showing total 1,848 results

1. Methods for using Anaconda on Personally Identifiable Information (PII)-restricted computers

Author

Shires, Dale R.

Subjects

Python (Computer program language), Machine learning -- Usage., Firewalls (Computer security), Computer networks.

Published

2023

2. YEAR IN REVIEW.

Author

EDINGER, JULIA, DAVIDSON, NIKKI, PATTISON-GORDON, JULE, WESTROPE, ANDREW, SILVER, ASHLEY, and RUETER, THAD

Subjects

CHATBOTS, BLOCKCHAINS, GENERATIVE artificial intelligence, ARTIFICIAL intelligence, SWARM intelligence, AMERICAN Community Survey, SCHOOL districts, FIREWALLS (Computer security)

Abstract

The article highlights recent advancements and challenges in digital accessibility and technology within government and education. Topics include the deployment of AI-powered personalized learning platforms in schools; new federal rules from the Department of Justice under the ADA, mandating digital service accessibility for people with disabilities; and state-level digital accessibility initiatives.

Published

2024

3. Enhancing Firewall Packet Classification through Artificial Neural Networks and Synthetic Minority Over-Sampling Technique: An Innovative Approach with Evaluative Comparison.

Author

Korkmaz, Adem, Bulut, Selma, Talan, Tarık, Kosunalp, Selahattin, and Iliev, Teodor

Subjects

MACHINE learning, ARTIFICIAL neural networks, COMPUTER network security, COMMUNICATION infrastructure, INFRASTRUCTURE (Economics), FIREWALLS (Computer security)

Abstract

Firewall packet classification is a critical component of network security, demanding precise and reliable methods to ensure optimal functionality. This study introduces an advanced approach that combines Artificial Neural Networks (ANNs) with various data balancing techniques, including the Synthetic Minority Over-sampling Technique (SMOTE), ADASYN, and BorderlineSMOTE, to enhance the classification of firewall packets into four distinct classes: 'allow', 'deny', 'drop', and 'reset-both'. Initial experiments without data balancing revealed that while the ANN model achieved perfect precision, recall, and F1-Scores for the 'allow', 'deny', and 'drop' classes, it struggled to accurately classify the 'reset-both' class. To address this, we applied SMOTE, ADASYN, and BorderlineSMOTE to mitigate class imbalance, which led to significant improvements in overall classification performance. Among the techniques, the ANN combined with BorderlineSMOTE demonstrated superior efficacy, achieving a 97% overall accuracy and consistently high performance across all classes, particularly in the accurate classification of minority classes. In contrast, while SMOTE and ADASYN also improved the model's performance, the results with BorderlineSMOTE were notably more balanced and reliable. This study provides a comparative analysis with existing machine learning models, highlighting the effectiveness of the proposed approach in firewall packet classification. The synthesized results validate the potential of integrating ANNs with advanced data balancing techniques to enhance the robustness and reliability of network security systems. The findings underscore the importance of addressing class imbalance in machine learning models, particularly in security-critical applications, and offer valuable insights for the design and improvement of future network security infrastructures. [ABSTRACT FROM AUTHOR]

Published

2024

4. Automating cloud virtual machines allocation via machine learning.

Author

Kamoun-Abid, Ferdaous, Frikha, Hounaida, Meddeb-Makhoulf, Amel, and Zarai, Faouzi

Subjects

MACHINE learning, FISHER discriminant analysis, COMPUTER network security, VIRTUAL networks, CLOUD computing, VIRTUAL machine systems, FIREWALLS (Computer security)

Abstract

In the realm of healthcare applications leveraging cloud technology, ongoing progress is evident, yet current approaches are rigid and fail to adapt to the dynamic environment, particularly when network and virtual machine (VM) resources undergo modifications mid-execution. Health data is stored and processed in the cloud as virtual resources supported by numerous VMs, necessitating critical optimization of virtual node and data placement to enhance data application processing time. Network security poses a significant challenge in the cloud due to the dynamic nature of the topology, hindering traditional firewalls' ability to inspect packet contents and leaving the network vulnerable to potential threats. To address this, we propose dividing the cloud topology into zones, each monitored by a controller to oversee individual VMs under firewall protection, a framework termed divided-cloud, aiming to minimize network congestion while strategically placing new VMs. Employing machine learning (ML) techniques, such as decision tree (DT) and linear discriminant analysis (LDA), we achieved improved accuracy rates for adding new controllers, reaching a maximum of 89%, and used the K-neighbours classifier method to determine optimal locations for new VMs, achieving an accuracy of 83%. [ABSTRACT FROM AUTHOR]

Published

2024

5. AI-Based Approach to Firewall Rule Refinement on High-Performance Computing Service Network.

Author

Lee, Jae-Kook, Hong, Taeyoung, and Lee, Gukhua

Subjects

ARTIFICIAL intelligence, FIREWALLS (Computer security), COMPUTER network security, MACHINE learning, SUPPORT vector machines, ACCESS control

Abstract

High-performance computing (HPC) relies heavily on network security, particularly when supercomputing services are provided via public networks. As supercomputer operators, we introduced several security devices, such as anti-DDoS, intrusion prevention systems (IPSs), firewalls, and web application firewalls, to ensure the secure use of supercomputing resources. Potential threats are identified based on predefined security policies and added to the firewall rules for access control after detecting abnormal behavior through anti-DDoS, IPS, and system access logs. After analyzing the status change patterns for rule policies added owing to human errors among these added firewall log events, 289,320 data points were extracted over a period of four years. Security experts and operators must go through a strict verification process to rectify policies that were added incorrectly owing to human error, which adds to their workload. To address this challenge, our research applies various machine- and deep-learning algorithms to autonomously determine the normalcy of detection without requiring administrative intervention. Machine-learning algorithms, including naïve Bayes, K-nearest neighbor (KNN), OneR, a decision tree called J48, support vector machine (SVM), logistic regression, and the implemented neural network (NN) model with the cross-entropy loss function, were tested. The results indicate that the KNN and NN models exhibited an accuracy of 97%. Additional training and feature refinement led to even better improvements, increasing the accuracy to 98%, a 1% increase. By leveraging the capabilities of machine-learning and deep-learning technologies, we have provided the basis for a more robust, efficient, and autonomous network security infrastructure for supercomputing services. [ABSTRACT FROM AUTHOR]

Published

2024

6. Deep Reinforcement Learning Approach for Cyberattack Detection.

Author

Tareq, Imad, Elbagoury, Bassant Mohamed, El-Regaily, Salsabil Amin, and El-Horbaty, El-Sayed M.

Subjects

DEEP reinforcement learning, REINFORCEMENT learning, CYBERTERRORISM, COMPUTER network security, FIREWALLS (Computer security), SAFETY

Abstract

Recently, there has been a growing concern regarding the detrimental effects of cyberattacks on both infrastructure and users. Conventional safety measures, such as encryption, firewalls, and intrusion detection, are inadequate to safeguard cyber systems against emerging and evolving threats. To address this issue, researchers have turned to reinforcement learning (RL) as a potential solution for complex decision-making problems in cybersecurity. However, the application of RL faces various obstacles, including a lack of suitable training data, dynamic attack scenarios, and challenges in modeling real-world complexities. This paper suggests applying deep reinforcement learning (DRL), a deep framework, to simulate malicious cyberattacks and enhance cybersecurity. Our framework utilizes an agent-based model that is capable of continuous learning and adaptation within a dynamic network security environment. The agent determines the most optimal course of action based on the network's state and the corresponding rewards received for its decisions. We present the outcomes of our experimentation with the application of DRL on a specific model, double deep Q-network (DDQN), utilizing policy gradient (PG) on three distinct datasets: NSL-KDD, CIC-IDS-2018, and AWID. Our research demonstrates that DRL can effectively improve cyberattack detection outcomes through our model and specific parameter adjustments. [ABSTRACT FROM AUTHOR]

Published

2024

7. Comparative Analysis of Anomaly Detection Approaches in Firewall Logs: Integrating Light-Weight Synthesis of Security Logs and Artificially Generated Attack Detection †.

Author

Komadina, Adrian, Kovačević, Ivan, Štengl, Bruno, and Groš, Stjepan

Subjects

*ANOMALY detection (Computer security), *SUPERVISED learning, *MACHINE learning, *FIREWALLS (Computer security), *COMPARATIVE studies, *PROBLEM solving

Abstract

Detecting anomalies in large networks is a major challenge. Nowadays, many studies rely on machine learning techniques to solve this problem. However, much of this research depends on synthetic or limited datasets and tends to use specialized machine learning methods to achieve good detection results. This study focuses on analyzing firewall logs from a large industrial control network and presents a novel method for generating anomalies that simulate real attacker actions within the network without the need for a dedicated testbed or installed security controls. To demonstrate that the proposed method is feasible and that the constructed logs behave as one would expect real-world logs to behave, different supervised and unsupervised learning models were compared using different feature subsets, feature construction methods, scaling methods, and aggregation levels. The experimental results show that unsupervised learning methods have difficulty in detecting the injected anomalies, suggesting that they can be seamlessly integrated into existing firewall logs. Conversely, the use of supervised learning methods showed significantly better performance compared to unsupervised approaches and a better suitability for use in real systems. [ABSTRACT FROM AUTHOR]

Published

2024

8. Toward a modern secure network based on next-generation firewalls: recommendations and best practices.

Author

Lamdakkar, Oussama, Ameur, Ismail, Eleyatt, Mohamed Mbarek, Carlier, Fabien, and Ibourek, Lahcen Ait

Subjects

NEXT generation networks, MODERN architecture, FIREWALLS (Computer security), BEST practices, BUSINESS size, SMALL business, ACCESS control

Abstract

The security architecture of modern networks undergoes periodic changes, given (i) the diversity of security solutions, (ii) the emergence of new attack vectors, and (iii) corporate needs in terms of access control (ZTNA: Zero Trust Network Access). The complexity of setting up a secure infrastructure lies in the design of the network architecture, on the one hand, and the choice of configurations appropriate to the company's security policy, on the other. Indeed, misconfiguration is considered a vulnerability, which makes the task of setting up a secure network somewhat critical, given the technical skills it requires. In this paper, we will address this problem by proposing a modern security architecture applied to all sizes of enterprises: medium-sized, large, and sometimes even small companies. Therefore, we will describe the equipment required and their roles in the security layer, the security technologies adopted, and best practices for optimal deployment. To evaluate our proposal, we generated malicious traffic using the firewall inspection tester based on the "fit.py" script to study the architecture's resilience and behavior in the face of multiple attacks. [ABSTRACT FROM AUTHOR]

Published

2024

9. A Hierarchical Security Event Correlation Model for Real-Time Threat Detection and Response.

Author

Maosa, Herbert, Ouazzane, Karim, and Ghanem, Mohamed Chahine

Subjects

INTRUSION detection systems (Computer security), FIREWALLS (Computer security), DATA security failures, CLUSTER analysis (Statistics), DATA reduction

Abstract

An intrusion detection system (IDS) perform postcompromise detection of security breaches whenever preventive measures such as firewalls do not avert an attack. However, these systems raise a vast number of alerts that must be analyzed and triaged by security analysts. This process is largely manual, tedious, and time-consuming. Alert correlation is a technique that reduces the number of intrusion alerts by aggregating alerts that are similar in some way. However, the correlation is performed outside the IDS through third-party systems and tools, after the IDS has already generated a high volume of alerts. These third-party systems add to the complexity of security operations. In this paper, we build on the highly researched area of alert and event correlation by developing a novel hierarchical event correlation model that promises to reduce the number of alerts issued by an intrusion detection system. This is achieved by correlating the events before the IDS classifies them. The proposed model takes the best features from similarity and graph-based correlation techniques to deliver an ensemble capability not possible by either approach separately. Further, we propose a correlation process for events rather than alerts as is the case in the current art. We further develop our own correlation and clustering algorithm which is tailor-made to the correlation and clustering of network event data. The model is implemented as a proof of concept with experiments run on standard intrusion detection sets. The correlation achieves an 87% data reduction through aggregation, producing nearly 21,000 clusters in about 30 s. [ABSTRACT FROM AUTHOR]

Published

2024

10. From Zero to 100: Demystifying zero trust and its implications on enterprise people, process, and technology.

Author

BUSH, MATTHEW and MASHATAN, ATEFEH

Subjects

*INTERNET security, *COMPUTER security, *COMPUTER network security, *INFORMATION technology security, *FIREWALLS (Computer security)

Abstract

The article focuses on the history and development of the strategic approach to cybersecurity known as "zero trust." The authors discuss the use of firewalls and how they are no longer sufficient, examine data breaches at credit reporting company Equifax and financial company Capital One, and explore how zero trust can impact people, process, and technology (PPT).

Published

2023

11. The Cost of Inaction: Exploring the Consequences of Ignoring IIoT Security Risks.

Author

Baliga, Prashasth Bantwal

Subjects

RANSOMWARE, FIREWALLS (Computer security), MULTI-factor authentication, SOCIAL engineering (Fraud), INFORMATION technology

Abstract

The article explores the growing security concerns surrounding Industrial IoT (IIoT) integration, emphasizing the critical need for robust security measures to protect against cyber threats. It discusses the rise of IIoT and the challenges it poses, such as ransomware attacks and state-sponsored cyberattacks, highlighting the importance of addressing security gaps and implementing comprehensive security strategies.

Published

2024

12. Think like a hacker.

Author

Adam, David

Subjects

*COMPUTER hacking, *UNITED States presidential election, 2016, *COMPUTER hackers, *FIREWALLS (Computer security), *EMAIL hacking, *YOUNG adults

Abstract

At the time, Morris's dad was chief scientist for cybersecurity at the US National Security Agency (NSA). Features Scott Shapiro wants to teach the world how to hack. Shapiro talks to New Scientist about what we can learn from hackers, why he wants to teach the world to hack in a free online course and just how close he came to committing cybercrime himself. [Extracted from the article]

Published

2023

13. Anomaly detection of policies in distributed firewalls using data log analysis.

Author

Andalib, Azam and Babamir, Seyed Morteza

Subjects

*DATA logging, *FIREWALLS (Computer security), *DATA analysis, *DATA mining, *TRAFFIC monitoring, *TRAFFIC engineering, *BIG data

Abstract

A distributed firewall is a security application that monitors and controls traffic on an organization's network. While centralized firewalls are used against attacks coming from outside a network, distributed firewalls are considered for inside attacks from internal networks such as wireless access and VPN tunnel. Distributed firewalls use policies, which are stated by rules, to find anomalous packets. However, such static rules may be incomplete. In this case, by monitoring firewall logs, the anomalies can be detected. Such logs become big when networks have high traffic, but their hidden knowledge contains valuable information about existing anomalies. In this paper, to detect the anomalies, we extract patterns from big data logs of distributed firewalls using data mining and machine learning. The proposed method is applied to big logs from distributed firewalls in a real security environment, and results are analyzed. [ABSTRACT FROM AUTHOR]

Published

2023

14. Data-Driven Network Analysis for Anomaly Traffic Detection.

Author

Alam, Shumon, Alam, Yasin, Cui, Suxia, and Akujuobi, Cajetan

Subjects

*ANOMALY detection (Computer security), *TRAFFIC monitoring, *CONVOLUTIONAL neural networks, *MACHINE learning, *LOCOMOTIVES, *SUPERVISED learning, *FIREWALLS (Computer security)

Abstract

Cybersecurity is a critical issue in today's internet world. Classical security systems, such as firewalls based on signature detection, cannot detect today's sophisticated zero-day attacks. Machine learning (ML) based solutions are more attractive for their capabilities of detecting anomaly traffic from benign traffic, but to develop an ML-based anomaly detection system, we need meaningful or realistic network datasets to train the detection engine. There are many public network datasets for ML applications. Still, they have limitations, such as the data creation process and the lack of diverse attack scenarios or background traffic. To create a good detection engine, we need a realistic dataset with various attack scenarios and various types of background traffic, such as HTTPs, streaming, and SMTP traffic. In this work, we have developed realistic network data or datasets considering various attack scenarios and diverse background/benign traffic. Furthermore, considering the importance of distributed denial of service (DDoS) attacks, we have compared the performance of detecting anomaly traffic of some classical supervised and our prior developed unsupervised ML algorithms based on the convolutional neural network (CNN) and pseudo auto-encoder (AE) architecture based on the created datasets. The results show that the performance of the CNN-Pseudo-AE is comparable to that of many classical supervised algorithms. Hence, the CNN-Pseudo-AE algorithm is promising in actual implementation. [ABSTRACT FROM AUTHOR]

Published

2023

15. Optimal Control Strategy for SLBRS with Two Control Inputs.

Author

Zhao, Xiangqing

Subjects

*PONTRYAGIN'S minimum principle, *COMPUTER networks, *FIREWALLS (Computer security), *COMPUTER viruses, *ANTIVIRUS software, *CYBERTERRORISM

Abstract

Computer virus attacks result in significant losses each year, drawing considerable attention from enterprises, governments, academic institutions, and various other sectors. Researchers have proposed various approaches to fight against computer viruses, including antivirus software and internet firewalls. In this paper, we focus on investigating computer virus transmission from the perspective of mathematical modeling. Our main contributions in this paper are threefold: (1) we improve the classical SLBRS model by incorporating cure rates, effectively capturing the dynamics of computer network maintenance; (2) we introduce an optimal control system within the SLBRS framework, with the dual objectives of minimizing network detoxification costs and reducing the proportion of broken-out nodes; and (3) by employing Pontryagin's Maximum Principle, we establish the existence and uniqueness of an optimal control strategy for the proposed control system. Furthermore, we perform numerical simulations to demonstrate the effectiveness of our theoretical analyses. [ABSTRACT FROM AUTHOR]

Published

2023

16. Application of artificial intelligence and machine learning in a security operations center.

Author

Islam, Mohammad Anwarul

Subjects

ARTIFICIAL intelligence, MACHINE learning, SOFTWARE development tools, FIREWALLS (Computer security), INTRUSION detection systems (Computer security), INFORMATION resources management, CYBERTERRORISM

Abstract

The security operations center's (SOC) mission is to protect digital assets (data, applications, infrastructure) from malicious attacks and breaches. The SOC accomplishes its mission through people, processes, and technologies in detecting, responding, and recovering from cyber-attacks. SOC depends on several hardware appliances and software tools such as firewalls, intrusion detection and prevention systems, sensors-based events, system logs, endpoint detection and response, threat intelligence, vulnerabilities scanner, etc. These tools and appliances generate an enormous volume of data in real-time. Therefore, tools such as security events and information management (SIEM) must analyze large volumes of data to detect malicious activities and security incidents. Machine learning and artificial intelligence technologies have the potential to detect anomalies and cyberattacks. This research focuses on how AI/ML is embedded in SOC tools. [ABSTRACT FROM AUTHOR]

Published

2023

17. An Information Security Engineering Framework for Modeling Packet Filtering Firewall Using Neutrosophic Petri Nets.

Author

Madhloom, Jamal Khudair, Noori, Zainab Hammoodi, Ebis, Sif K., Hassen, Oday A., and Darwish, Saad M.

Subjects

PETRI nets, INFORMATION technology security, ENGINEERING models, COMPUTER network traffic, FIREWALLS (Computer security), LOCAL area networks

Abstract

Due to the Internet's explosive growth, network security is now a major concern; as a result, tracking network traffic is essential for a variety of uses, including improving system efficiency, fixing bugs in the network, and keeping sensitive data secure. Firewalls are a crucial component of enterprise-wide security architectures because they protect individual networks from intrusion. The efficiency of a firewall can be negatively impacted by issues with its design, configuration, monitoring, and administration. Recent firewall security methods do not have the rigor to manage the vagueness that comes with filtering packets from the exterior. Knowledge representation and reasoning are two areas where fuzzy Petri nets (FPNs) receive extensive usage as a modeling tool. Despite their widespread success, FPNs' limitations in the security engineering field stem from the fact that it is difficult to represent different kinds of uncertainty. This article details the construction of a novel packet-filtering firewall model that addresses the limitations of current FPN-based filtering methods. The primary contribution is to employ Simplified Neutrosophic Petri nets (SNPNs) as a tool for modeling discrete event systems in the area of firewall packet filtering that are characterized by imprecise knowledge. Because of SNPNs' symbolic ability, the packet filtration model can be quickly and easily established, examined, enhanced, and maintained. Based on the idea that the ambiguity of a packet's movement can be described by if–then fuzzy production rules realized by the truth-membership function, the indeterminacy-membership function, and the falsity-membership functional, we adopt the neutrosophic logic for modelling PN transition objects. In addition, we simulate the dynamic behavior of the tracking system in light of the ambiguity inherent in packet filtering by presenting a two-level filtering method to improve the ranking of the filtering rules list. Results from experiments on a local area network back up the efficacy of the proposed method and illustrate how it can increase the firewall's susceptibility to threats posed by network traffic. [ABSTRACT FROM AUTHOR]

Published

2023

18. Deep Learning-Based Bloom Filter for Efficient Multi-key Membership Testing.

Author

Chen, Haitian, Wang, Ziwei, Li, Yunchuan, Yang, Ruixin, Zhao, Yan, Zhou, Rui, and Zheng, Kai

Subjects

FIREWALLS (Computer security), COMPUTER systems, INTERNET searching, DATA distribution, MACHINE learning, DATABASES

Abstract

Multi-key membership testing plays a crucial role in computing systems and networking applications, encompassing web search, mail systems, distributed databases, firewalls, and network routing. Traditional approaches, such as the Bloom filter, encounter limitations within this specific context. Addressing these challenges, we propose the Multi-key Learned Bloom Filter (MLBF), a hybrid method that combines machine learning techniques with the Bloom filter. The MLBF introduces a value-interaction-based multi-key classifier and a multi-key Bloom filter. Furthermore, we introduce an Interval-based MLBF approach, which categorizes keys into specific intervals based on data distribution to minimize the False Positive Rate (FPR). Additionally, MLBF incorporates an out-of-distribution (OOD) detection component to identify data shifts. Through extensive experimental evaluations on three authentic datasets, we demonstrate the superiority of the proposed MLBF in terms of FPR and query efficiency. [ABSTRACT FROM AUTHOR]

Published

2023

19. How Secure Are You? Australia & India will contribute about 25% each to the region's cybersecurity spending this year.

Author

Chellam, Raju

Subjects

COMPUTER passwords, INTERNET security, LANGUAGE models, FIREWALLS (Computer security), INFORMATION technology, VIRTUAL private networks

Abstract

According to an article in Dataquest, the Indo-Pacific region, excluding Japan, is expected to spend $36 billion on cybersecurity this year, with Australia and India each contributing about 25% of the spending. The article highlights the increasing demand for comprehensive security solutions due to the rise in cyberthreats utilizing AI, such as deepfakes and identity theft. It also mentions the opportunities for vendors to provide security services, particularly managed services. The article emphasizes the importance of cybersecurity measures and provides a list of recommendations for businesses to cultivate a robust cybersecurity environment. [Extracted from the article]

Published

2024

20. Are you ready for the AI PC? How can you best leverage AI PCs & smartphones? Here are my dozen tips in alphabetical order.

Author

Chellam, Raju

Subjects

ARTIFICIAL intelligence, LANGUAGE models, GENERATIVE artificial intelligence, SPEECH synthesis, SMARTPHONES, EMAIL systems, FIREWALLS (Computer security)

Abstract

This article explores the growing presence of AI in PCs and smartphones and offers advice on how to make the most of their capabilities. It emphasizes the use of neural processing units (NPUs) in AI PCs, which allow for local AI processing instead of relying on the cloud. The article predicts a significant increase in the sales of NPU-enabled AI PCs and highlights the benefits of running AI tasks on the device, such as improved performance and cost reduction. It also mentions leading companies in the AI PC and smartphone market, including Intel, Google, and Samsung. The article concludes by providing tips on leveraging AI technology, such as device authentication, data backup, choosing devices with dedicated AI processors, and staying updated with software and security measures. [Extracted from the article]

Published

2024

21. OO-MA-KP-ABE-CRF: Online/Offline Multi-Authority Key-Policy Attribute-Based Encryption with Cryptographic Reverse Firewall for Physical Ability Data.

Author

Zhao, You, Fan, Ye, and Bian, Xuefen

Subjects

*FIREWALLS (Computer security), *DATA encryption, *ACCESS control, *DATA security, *INFORMATION sharing, *CONTRACTING out

Abstract

In many universities, students' physical ability data are collected and stored in the cloud through various sensing devices to save computational and storage costs. Therefore, how to effectively access data while ensuring data security has become an urgent issue. Key-policy attribute-based encryption (KP-ABE) not only enables secure one-to-many communication and fine-grained access control but also adapts to data sharing in static scenarios, making it more suitable for the cloud sharing of physical ability data. In this paper, we construct an online/offline multi-authority key-policy attribute-based encryption with a cryptographic reverse firewall for physical ability data. This scheme uses multi-authority to avoid the single point of failure crisis of a single authority, and is combined with a cryptographic reverse firewall to resist backdoor attacks. In addition, the scheme uses outsourcing decryption to save users' computing costs, and utilizes offline/online technology to move a large amount of computing offline, reducing the online burden. Finally, the experiment shows the feasibility of the scheme. [ABSTRACT FROM AUTHOR]

Published

2023

22. Design of Computer Network Security Intrusion Prevention Strategy and Evaluation Algorithm Analysis Technology.

Author

Wang, Fengzheng

Subjects

FIREWALLS (Computer security), COMPUTER engineering, COMPUTER network security, DATA encryption, COMPUTER networks, ALGORITHMS, ANTIVIRUS software, INFORMATION networks

Abstract

With the continuous improvement of global informatization, computer networks have basically reached complete popularization. In today's society, it has become a major application and provides corresponding services for various industries. Therefore, it is necessary to effectively protect various information in the network. Therefore, this article provided a detailed discussion on the problems existing in computer network information security. These issues included their own reasons, hacker intrusion, and spam. Based on this, this article explored computer network information security protection strategies such as deploying data encryption, timely patching system vulnerabilities, and installing firewalls and antivirus software. The experimental results showed that the network output values of the clustering algorithm were: 0.888 for level 1, 0.725 for level 2, 0.678 for level 3, 0.461 for level 4, and 0.211 for level 5. These were all within the scope. [ABSTRACT FROM AUTHOR]

Published

2023

23. Design and Implementation of an Automated Dynamic Rule System for Distributed Firewalls.

Author

TUDOSI, Andrei-Daniel, GRAUR, Adrian, BALAN, Doru Gabriel, POTORAC, Alin Dan, and TARABUTA, Radu-Cezar

Subjects

DYNAMICAL systems, ANTIVIRUS software, FIREWALLS (Computer security), COMPUTER network security, COMPUTER network management, TRAFFIC monitoring

Abstract

Zero-day vulnerabilities are undisclosed security flaws exploited by attackers to gain unauthorized access to vulnerable systems. Firewalls and antivirus software are essential for preventing intrusions. While firewalls monitor network traffic to prevent unauthorized access, they may struggle to filter all incoming traffic due to attacker-generated anomalies. We present a novel approach to automate the generation of dynamic firewall rules, aiming to address this challenge through the utilization of a custom software solution in conjunction with a suitable programming language. This approach autonomously maintains and updates firewall rules, bolstering network security and streamlining the identification and mitigation of zero-day vulnerabilities. We evaluated the approach on a simulated network, demonstrating its efficacy in detecting and preventing unauthorized access through zero-day attacks. Our automated method for dynamic firewall rule creation offers an efficient means to address zero-day vulnerabilities. It empowers businesses to safeguard against cyberattacks and protect sensitive data. With adaptability to changing network requirements, it is valuable for organizations of different scales. In conclusion, our proposed automated approach for dynamic firewall rule generation provides a scientifically validated solution to address zero-day vulnerabilities. It enhances security measures, defends against emerging threats, and enables businesses to protect their systems and data effectively. [ABSTRACT FROM AUTHOR]

Published

2023

24. Analysis of ICS and SCADA Systems Attacks Using Honeypots.

Author

Mesbah, Mohamed, Elsayed, Mahmoud Said, Jurcut, Anca Delia, and Azer, Marianne

Subjects

SUPERVISORY control & data acquisition systems, DIGITAL technology, INFORMATION technology, INDUSTRIAL controls manufacturing, FIREWALLS (Computer security), SUPERVISORY control systems, NEAR field communication

Abstract

Supervisory control and data acquisition (SCADA) attacks have increased due to the digital transformation of many industrial control systems (ICS). Operational technology (OT) operators should use the defense-in-depth concept to secure their operations from cyber attacks and reduce the surface that can be attacked. Layers of security, such as firewalls, endpoint solutions, honeypots, etc., should be used to secure traditional IT systems. The three main goals of IT cybersecurity are confidentiality, integrity, and availability (CIA), but these three goals have different levels of importance in the operational technology (OT) industry. Availability comes before confidentiality and integrity because of the criticality of business in OT. One of the layers of security in both IT and OT is honeypots. SCADA honeypots are used as a layer of security to mitigate attacks, known attackers' techniques, and network and system weaknesses that attackers may use, and to mitigate these vulnerabilities. In this paper, we use SCADA honeypots for early detection of potential malicious tampering within a SCADA device network, and to determine threats against ICS/SCADA networks. An analysis of SCADA honeypots gives us the ability to know which protocols are most commonly attacked, and attackers' behaviors, locations, and goals. We use an ICS/SCADA honeypot called Conpot, which simulates real ICS/SCADA systems with some ICS protocols and ICS/SCADA PLCs. [ABSTRACT FROM AUTHOR]

Published

2023

25. MG Motor Reimagines Driving with AI, Voice Control, and Secure Connectivity.

Author

Ghatak, Aanchal

Subjects

INFORMATION technology, ARTIFICIAL intelligence, INFRASTRUCTURE (Economics), DATA protection, CONSUMER preferences, FIREWALLS (Computer security)

Published

2024

26. Enhancement of QoS in Internet of Things Wearable Devices Dependent on 5G Technology.

Author

Savithri, M., Pradeepa, M., Prasad, D. Rajendra, Gangodkar, Durgaprasad, Rajalakshmi, R., Shafi, Shaik, Sinchana, N. M., Prasanna Kumar, K. R., and Selvam, Nagarajan

Subjects

INTERNET of things, SMART devices, INTERNET security, COMPUTER network security, 5G networks, FIREWALLS (Computer security), COMPUTER hacking

Abstract

In general, the malicious hackers can infiltrate tens of thousands or millions of insecure computers, disable infrastructure, shut down networks, and access personal information. The hackers use some security vulnerabilities in the network to steal and use the required data. And things like the buck they do with advanced technologies are constantly providing them with the data they need, not just once and no matter how protective the firewalls on the Internet are, there is still an increase in cybercrime. This was affected the Quality of Service (QoS) of a wearable device. In this paper, an improved QoS model was proposed to enhance the IoT smart systems. This algorithm was helpful to prevent the smart IoT device from the vulnerable hacking. This system was compared with the existing algorithms, and the results are displayed the below sections. The suggested method performs more than 96 percent of input entry authentication and about 3 percent of password cracking actions. The source code security management was then upgraded to 99.9%. Finally, the number of updating difficulties for various device entries was decreased by 0.02 percent, and the number of privacy breaches was reduced by up to 0.32 percent. Hence, the proposed method was more secured and free from cyber security issues. [ABSTRACT FROM AUTHOR]

Published

2023

27. Cancer Research Line (CAREL): Development of Expanded Distributed Research Networks for Prostate Cancer and Lung Cancer.

Author

Park, Jihwan, Lee, Ji Youl, Moon, Mi Hyoung, Park, Yong Hyun, and Rho, Mi Jung

Subjects

LUNG cancer, PROSTATE cancer, CANCER research, PROSTATE cancer patients, MEDICAL research, BLOCKCHAINS, FIREWALLS (Computer security)

Abstract

Objectives: Big data-based multicenter medical research is expected to bring significant advances to cancer treatment worldwide. However, there are concerns related to data sharing among multicenter networks. Clinical data can be shielded by firewalls using distributed research networks (DRNs). We attempted to develop DRNs for multicenter research that can be easily installed and used by any institution. Patients and Methods: We propose a DRN for multicenter cancer research called the cancer research line (CAREL) and present a data catalog based on a common data model (CDM). CAREL was validated using 1723 patients with prostate cancer and 14 990 patients with lung cancer in a retrospective study. We used the attribute-value pairs and array data type JavaScript object notation (JSON) format to interface third-party security solutions such as blockchain. Results: We developed visualized data catalogs of prostate and lung cancer based on the observational medical outcomes partnership (OMOP) CDM, from which researchers can easily browse and select relevant data. We made the CAREL source code readily available for download and application for relevant purposes. In addition, it is possible to realize a multicenter research network using CAREL development sources. Conclusion: CAREL source can enable medical institutions to participate in multicenter cancer research. Our technology is open source, so small institutions that cannot afford to spend high costs can use it to develop a platform for multicenter research. [ABSTRACT FROM AUTHOR]

Published

2023

28. FortiGate firewall : practical guidance and hands-on labs

Author

Talebi, Hamid, author and BCcampus, publisher

Subjects

Firewalls (Computer security)

Abstract

"This book explains step-by-step how to configure a FortiGate firewall in the network. Each chapter begins with learning objectives and contains step-by-step explanations for GNS3 beginners on how to build different security scenarios from scratch."--BCcampus website

Published

2023

29. Palo Alto firewall : practical guidance and hands-on labs

Author

Talebi, Hamid, author, Cawley, Xavier, author, and BCcampus, publisher

Subjects

Firewalls (Computer security)

Abstract

"This book explains step-by-step how to configure a Palo Alto firewall in the network. Each chapter begins with learning objectives and contains step-by-step explanations for GNS3 beginners on how to build different security scenarios from scratch."--BCcampus website

Published

2023

30. Deep Learning Technique-Enabled Web Application Firewall for the Detection of Web Attacks †.

Author

Dawadi, Babu R., Adhikari, Bibek, and Srivastava, Devesh K.

Subjects

*WEB-based user interfaces, *DEEP learning, *FIREWALLS (Computer security), *HTTP (Computer network protocol), *DENIAL of service attacks, *SQL

Abstract

New techniques and tactics are being used to gain unauthorized access to the web that harm, steal, and destroy information. Protecting the system from many threats such as DDoS, SQL injection, cross-site scripting, etc., is always a challenging issue. This research work makes a comparative analysis between normal HTTP traffic and attack traffic that identifies attack-indicating parameters and features. Different features of standard datasets ISCX, CISC, and CICDDoS were analyzed and attack and normal traffic were compared by taking different parameters into consideration. A layered architecture model for DDoS, XSS, and SQL injection attack detection was developed using a dataset collected from the simulation environment. In the long short-term memory (LSTM)-based layered architecture, the first layer was the DDoS detection model designed with an accuracy of 97.57% and the second was the XSS and SQL injection layer with an obtained accuracy of 89.34%. The higher rate of HTTP traffic was investigated first and filtered out, and then passed to the second layer. The web application firewall (WAF) adds an extra layer of security to the web application by providing application-level filtering that cannot be achieved by the traditional network firewall system. [ABSTRACT FROM AUTHOR]

Published

2023

31. A Proposed Multi-Layer Firewall to Improve the Security of Software Defined Networks.

Author

Hussein, Mohammed AbdulRidha

Subjects

SOFTWARE-defined networking, COMPUTER software security, FIREWALLS (Computer security), COMPUTER software development

Abstract

One of the most important motivations behind software-defined networking (SDN) is the desire to move from the approach of traditional networks to a more flexible and intelligent software development technology. This paper focuses on the importance of the SDN-based platform POX controller security firewall modules and their effectiveness on networks, including the central administration of the SDN-based platform controller for protecting the network from possible attacks. The work is performed using the Mininet emulator with the Iperf bandwidth measurement tool. Result reveals that the proposed multilayer firewall does not compromise the flexibility of the network in any way. [ABSTRACT FROM AUTHOR]

Published

2023

32. A Probabilistic Analysis of Cyber Risks.

Author

Pate-Cornell, M.-Elisabeth and Kuypers, Marshall A.

Subjects

*RISK assessment, *COMPUTER crimes, *RESOURCE allocation, *COMPUTER security, *COST effectiveness, *FIREWALLS (Computer security)

Abstract

Cyber risk affects all organizations. Cyber risk management has generally been based on the heuristics and the availability of protective tools, such as firewalls and passwords. Only recently have there been quantitative analyses of these tools’ costs and benefits. This article presents a probabilistic method based on the existing data in an organization and on their extension to assess the probabilities of new attack scenarios. The objective is to set priorities among risk management measures and to optimize the allocation of limited resources. The model is illustrated first by a statistical analysis of 60 000 incidents, such as lost or stolen laptops, over six years in a specific organization. This analysis is then expanded to the probabilistic domain to cover threats that have not occurred yet. This requires a systematic construction of new attack scenarios and an assessment both of their probability of success and of subsequent losses. The conjunction of statistics and probabilities of more extreme scenarios yields full risk curves. These curves represent the overall cyber risk for the organization and its insurers and unable assessment of the benefits of a spectrum of protective options. [ABSTRACT FROM AUTHOR]

Published

2023

33. Abstracting network policies

Author

Abubakar, Ahmed

Subjects

004, networking devices, Abstraction, Routing measurements, Firewalls (Computer security), Cyber War Game

Abstract

Almost every human activity in recent years relies either directly or indirectly on the smooth and efficient operation of the Internet. The Internet is an interconnection of multiple autonomous networks that work based on agreed upon policies between various institutions across the world. The network policies guiding an institution's computer infrastructure both internally (such as firewall relationships) and externally (such as routing relationships) are developed by a diverse group of lawyers, accountants, network administrators, managers amongst others. Network policies developed by this group of individuals are usually done on a white-board in a graph-like format. It is however the responsibility of network administrators to translate and configure the various network policies that have been agreed upon. The configuration of these network policies are generally done on physical devices such as routers, domain name servers, firewalls and other middle boxes. The manual configuration process of such network policies is known to be tedious, time consuming and prone to human error which can lead to various network anomalies in the configuration commands. In recent years, many research projects and corporate organisations have to some level abstracted the network management process with emphasis on network devices (such as Cisco VIRL) or individual network policies (such as Propane).

Published

2018

34. An Efficient Stabbing Based Intrusion Detection Framework for Sensor Networks.

Author

Arivazhagi, A. and Kumar, S. Raja

Subjects

INTRUSION detection systems (Computer security), FIREWALLS (Computer security), SUPPORT vector machines, RANDOM forest algorithms, RESEARCH methodology, COMPUTER network security

Abstract

Intelligent Intrusion Detection System (IIDS) for networks provide a resourceful solution to network security than conventional intrusion defence mechanisms like a firewall. The efficiency of IIDS highly relies on the algorithm performance. The enhancements towards these methods are utilized to enhance the classification accuracy and diminish the testing and training time of these algorithms. Here, a novel and intelligent learning approach are known as the stabbing of intrusion with learning framework (SILF), is proposed to learn the attack features and reduce the dimensionality. It also reduces the testing and training time effectively and enhances Linear Support Vector Machine (l-SVM). It constructs an auto-encoder method, an efficient learning approach for feature construction unsupervised manner. Here, the inclusive certified signature (ICS) is added to the encoder and decoder to preserve the sensitive data without being harmed by the attackers. By training the samples in the preliminary stage, the selected features are provided into the classifier (lSVM) to enhance the prediction ability for intrusion and classification accuracy. Thus, the model efficiency is learned linearly. The multi-classification is examined and compared with various classifier approaches like conventional SVM, Random Forest (RF), Recurrent Neural Network (RNN), STL-IDS and game theory. The outcomes show that the proposed l-SVM has triggered the prediction rate by effectual testing and training and proves that the model is more efficient than the traditional approaches in terms of performance metrics like accuracy, precision, recall, F-measure, pvalue, MCC and so on. The proposed SILF enhances network intrusion detection and offers a novel research methodology for intrusion detection. Here, the simulation is done with a MATLAB environment where the proposed model shows a better trade-off compared to prevailing approaches. [ABSTRACT FROM AUTHOR]

Published

2022

35. Performance Evaluation of Stateful Firewall-Enabled SDN with Flow-Based Scheduling for Distributed Controllers.

Author

P., Senthil, Kavin, Balasubramanian Prabhu, Srividhya, S. R., V., Ramachandran, C., Kavitha, and Lai, Wen-Cheng

Subjects

FIREWALLS (Computer security), SOFTWARE-defined networking, REAL-time programming, TRAFFIC flow, SCHEDULING, NETWORK performance

Abstract

Software-defined networking (SDN) is a network approach achieved by decoupling of the control and data planes. The control plane is logically centralized and the data plane is distributed across the network elements. The real-time network is in need of the incorporation of distributed controllers to maintain distributed state information of the traffic flows. Software-based solutions aid distributed SDN controllers to handle fluctuating network traffic and the controller's configurations are dynamically programmed in real time. In this study, SDN controllers were programmed with a stateful firewall application to provide firewall functionalities without the support of committed hardware. A stateful firewall filtered traffic based on the complete context of incoming packets; it continuously evaluated the entire context of traffic flows, looking for network entry rather than specific traffic flows. In addition, a flow-based scheduling module was implemented in the distributed controllers to improve network scalability. A network cluster was configured with three distributed controllers and we experimented with three independent network topologies. The performance of the proposed network model was evaluated by measuring and analyzing metrics such as network throughput (kbps), delay (ms) and network overhead (pkt/ms) for various combinations of controllers and topologies. The results of the analysis were determined using the mininet emulator. The findings of the performance evaluation indicate that the distributed SDN controllers performs better than a centralized controller. When comparing distributed SDN with two controllers and distributed SDN with three controllers the overall network throughput is increased by 64%, the delay is decreased by 43% and network overhead is reduced by 39%. [ABSTRACT FROM AUTHOR]

Published

2022

36. A Deep Neural Network Architecture for Intrusion Detection in Software-Defined Networks.

Author

Horestani, Somayeh Jafari, Soltani, Somayeh, and Seno, Seyed Amin Hosseini

Subjects

SOFTWARE-defined networking, INTRUSION detection systems (Computer security), COMPUTER architecture, FIREWALLS (Computer security), LOSS functions (Statistics)

Abstract

For more comprehensive security of a computer network as well as the use of firewall and anti-virus security equipment, intrusion detection systems (IDSs) are needed to detect the malicious activity of intruders. Therefore, the introduction of a high-precision intrusion detection system is critical for the network. Generally, the general framework of the proposed intrusion detection models is the use of text classification, and today deep neural networks (DNNs) are one of the top classifiers. A variety of DNN-based intrusion detection models have been proposed for software-defined networks (SDNs); however, these methods often report performance metrics solely on one well-known dataset. In this paper, we present a DNN-based IDS model with a 12-layer arrangement which works well on three datasets, namely, NSL-KDD, KDD99, and UNSW-NB15. The layered layout of the proposed model is considered the same for all the three datasets, which is one of the strengths of the proposed model. To evaluate the proposed solution, six other DNN-based IDS models have been designed. The values of the evaluation metrics, including accuracy, precision, recall, F-measure, and loss function, show the superiority of the proposed model over these six models. In addition, the proposed model is compared with several recent articles in this field, and the superiority of the proposed solution is shown. [ABSTRACT FROM AUTHOR]

Published

2022

37. Study and development of an autopsy module for automated analysis of image metadata

Author

Universitat Politècnica de Catalunya. Doctorat en Enginyeria Telemàtica, Universitat Politècnica de Catalunya. Departament d'Enginyeria Telemàtica, Universitat Politècnica de Catalunya. ISG-MAK - Information Security Group - Mathematics Applied to Cryptography, Doménech Fons, Jordi, Pegueroles Vallés, Josep R., Universitat Politècnica de Catalunya. Doctorat en Enginyeria Telemàtica, Universitat Politècnica de Catalunya. Departament d'Enginyeria Telemàtica, Universitat Politècnica de Catalunya. ISG-MAK - Information Security Group - Mathematics Applied to Cryptography, Doménech Fons, Jordi, and Pegueroles Vallés, Josep R.

Abstract

The importance of cybersecurity is raising every day with the development of new technologies. Accordingly, cybercrimes are increasing notably and more than ever qualified people is needed to protect the rest of people from these type of infractions. Digital forensics is a very important part of the cybersecurity world, furthermore, the ultimate goal of a digital forensics investigation is to preserve, identify, acquire and document digital evidence to be used in the court of law. As a result, our paper will go in deep with the Digital Forensics field, especially with the analysis of image metadata employing the most important software used by digital forensics investigators: Autopsy. Nowadays, Autopsy cannot extract and analyze all type of metadata found in pictures, but thankfully to this paper, investigators will not be forced to run another external software only to analyze image metadata; they will be able to do it withAutopsy., Peer Reviewed, Postprint (author's final draft)

Published

2024

38. Using a Combined Fuzzy-AHP and TOPSIS Decision Model for Selecting the Best Firewall Alternative.

Author

Cubukcu, Ceren and Cantekin, Cem

Subjects

FUZZY numbers, COVID-19 pandemic, DIGITAL technology, FIREWALLS (Computer security), DECISION making

Abstract

Covid-19 pandemic forced all the world to make significant changes in their daily routines. As a result, internet and digital technologies started to be used more actively by individuals and businesses. Due to this digitalization, everyone is more open to digital threats. In order to provide the security of the network, firewalls should be used. Firewalls act as a barrier between the internal and the external networks. Thus, it is more important than ever to choose the right firewall for each network. In this study, an integrated Fuzzy-Analytic Hierarchy Process (AHP) and TOPSIS model is introduced to find out the most suitable firewall. A survey is designed and used to generate the data of this study. This study distinguishes from other studies by proposing a solution which ranks the firewall alternatives using a combination of fuzzy-AHP and TOPSIS models. As a result, among the five different firewall alternatives, the second one is found out to be the best. A solution proposal ranking the firewall alternatives is new in the literature. This approach is used in many different Multi-Criteria Decision Making (MCDM) problems before but not in firewall selection. Hence, this study can be considered quite innovative in terms of the problem it handles and the model used. It offers a new solution related to a decision making problem that has started to gain more importance with the current digitalization process due to Covid-19 pandemic. [ABSTRACT FROM AUTHOR]

Published

2022

39. An Optimization Model for Appraising Intrusion-Detection Systems for Network Security Communications: Applications, Challenges, and Solutions.

Author

Abdel-Basset, Mohamed, Gamal, Abduallah, Sallam, Karam M., Elgendi, Ibrahim, Munasinghe, Kumudu, and Jamalipour, Abbas

Subjects

*INTRUSION detection systems (Computer security), *COMPUTER network security, *SECURITY systems, *TELECOMMUNICATION systems, *WORK structure, *AMBIGUITY, *FIREWALLS (Computer security), *FUZZY sets

Abstract

Cyber-attacks are getting increasingly complex, and as a result, the functional concerns of intrusion-detection systems (IDSs) are becoming increasingly difficult to resolve. The credibility of security services, such as privacy preservation, authenticity, and accessibility, may be jeopardized if breaches are not detected. Different organizations currently utilize a variety of tactics, strategies, and technology to protect the systems' credibility in order to combat these dangers. Safeguarding approaches include establishing rules and procedures, developing user awareness, deploying firewall and verification systems, regulating system access, and forming computer-issue management groups. The effectiveness of intrusion-detection systems is not sufficiently recognized. IDS is used in businesses to examine possibly harmful tendencies occurring in technological environments. Determining an effective IDS is a complex task for organizations that require consideration of many key criteria and their sub-aspects. To deal with these multiple and interrelated criteria and their sub-aspects, a multi-criteria decision-making (MCMD) approach was applied. These criteria and their sub-aspects can also include some ambiguity and uncertainty, and thus they were treated using q-rung orthopair fuzzy sets (q-ROFS) and q-rung orthopair fuzzy numbers (q-ROFNs). Additionally, the problem of combining expert and specialist opinions was dealt with using the q-rung orthopair fuzzy weighted geometric (q-ROFWG). Initially, the entropy method was applied to assess the priorities of the key criteria and their sub-aspects. Then, the combined compromised solution (CoCoSo) method was applied to evaluate six IDSs according to their effectiveness and reliability. Afterward, comparative and sensitivity analyses were performed to confirm the stability, reliability, and performance of the proposed approach. The findings indicate that most of the IDSs appear to be systems with high potential. According to the results, Suricata is the best IDS that relies on multi-threading performance. [ABSTRACT FROM AUTHOR]

Published

2022

40. Empirical Study of Adaptive Serious Games in Enhancing Learning Outcome.

Author

Gaurav, Devottam, Kaushik, Yash, Supraja, Santhoshi, Yadav, Manav, Gupta, M. P., and Chaturvedi, Manmohan

Subjects

EDUCATIONAL outcomes, EDUCATIONAL games, FIREWALLS (Computer security), EMPIRICAL research, ONLINE databases, MACHINE learning

Abstract

Use of serious games to teach concepts of various important topics including Cybersecurity is growing. With enhanced learning outcome and user experience, the player is likely to gain from engaging in game play. We report an empirical comparison of two cybersecurity games namely ; Use of Firewalls for network protection and concepts of Structured Query Language (SQL) injections to get unauthorised access to online databases. We have designed these games in two versions. The version without using adaptive features provide a baseline to compare efficacy of the machine learning based adaptive game while comparing the learning outcomes and user experience (UX). The efficacy of the Machine Learning (ML) agent in providing the adaptability to the game play is based on classification of player to two categories viz. Beginner and Expert using historical player data on three relevant attributes. The game dynamics is changed based on the player classification to ensure that game challenge is optimally suited to player type and the player continues to experience playful flow in different stages of the game. The analysis of the results in terms of objective evaluation of learning outcomes and subjective feedback from players for UX tend to show a marginal improvement by introduction of adaptive behaviour in both games. [ABSTRACT FROM AUTHOR]

Published

2022

41. PureDome VPN.

Author

Williams, Mike

Subjects

MICROSOFT Azure (Computing platform), ACCESS control, TEAMS in the workplace, PRICES, VALUE (Economics), VIRTUAL private networks, FIREWALLS (Computer security)

Abstract

PureDome VPN is a business-oriented VPN service offered by PureVPN. It provides all the benefits of PureVPN, including easy-to-use apps for various platforms, a large number of servers across multiple countries, and support for WireGuard. PureDome also offers additional features such as business-friendly security, remote access, and team management tools. However, it has a minimum subscription requirement of five team members and lacks advanced management and reporting tools. While it may be suitable for small teams in need of a simple VPN with centralized billing and user access controls, those requiring more advanced features should consider other options. [Extracted from the article]

Published

2024

42. Bitdefender Total Security: Good protection, extras could be better.

Author

PAUL, IAN

Subjects

*PASSWORD software, *SECURITY management, *FIREWALLS (Computer security), *SCREEN time, *PENETRATION testing (Computer security), *RANSOMWARE, *DARKNETS (File sharing)

Abstract

The vulnerability scan is Bitdefender's take on what is an increasingly common approach to security scanning: It checks whether you're behind on operating system updates, the strength of your Windows account passwords, the security of the browser and other applications, network issues, and more. BOTTOM LINE Bitdefender Total Security offers top protection with a number of extra features including a safe payment environment, VPN, and a secure file deletion utility. [Extracted from the article]

Published

2022

43. Many‐field packet classification with decomposition and reinforcement learning.

Author

Jamil, Hasibul, Yang, Ning, and Weng, Ning

Subjects

REINFORCEMENT learning, FIREWALLS (Computer security), DECOMPOSITION method, DECISION trees, DATA structures, CLASSIFICATION

Abstract

Scalable packet classification is a key requirement to support scalable network applications such as firewalls, intrusion detection, and differentiated services. With the ever increasing line‐rate in core networks, it becomes a great challenge to design a scalable packet classification solution using hand‐tuned heuristic approaches. The authors present a scalable learning‐based packet classification engine by building an efficient data structure for different rulesets with many fields. This method consists of the decomposition of fields into subsets and building separate decision trees on those subsets using a deep reinforcement learning procedure. To decompose given fields of a ruleset, the authors consider different grouping metrics such as standard deviation of individual fields and introduce a novel metric called diversity index (DI). The authors examine different decomposition schemes and construct decision trees for each scheme using deep reinforcement learning and compare the results. The results show that the SD decomposition metrics results in 11.5% faster than DI metrics, 25% faster than random 2 and 40% faster than random 1. Furthermore, the authors' learning‐based selection method can be applied to varying rulesets due to its ruleset independence. [ABSTRACT FROM AUTHOR]

Published

2022

44. Validation pipeline for machine learning algorithm assessment for multiple vendors.

Author

Bizzo, Bernardo C., Ebrahimian, Shadi, Walters, Mark E., Michalski, Mark H., Andriole, Katherine P., Dreyer, Keith J., Kalra, Mannudeep K., Alkasab, Tarik, and Digumarthy, Subba R.

Subjects

*FIREWALLS (Computer security), *IMAGE databases, *MACHINE learning, *RECEIVER operating characteristic curves, *PULMONARY nodules, *COMPUTED tomography

Abstract

A standardized objective evaluation method is needed to compare machine learning (ML) algorithms as these tools become available for clinical use. Therefore, we designed, built, and tested an evaluation pipeline with the goal of normalizing performance measurement of independently developed algorithms, using a common test dataset of our clinical imaging. Three vendor applications for detecting solid, part-solid, and groundglass lung nodules in chest CT examinations were assessed in this retrospective study using our data-preprocessing and algorithm assessment chain. The pipeline included tools for image cohort creation and de-identification; report and image annotation for ground-truth labeling; server partitioning to receive vendor "black box" algorithms and to enable model testing on our internal clinical data (100 chest CTs with 243 nodules) from within our security firewall; model validation and result visualization; and performance assessment calculating algorithm recall, precision, and receiver operating characteristic curves (ROC). Algorithm true positives, false positives, false negatives, recall, and precision for detecting lung nodules were as follows: Vendor-1 (194, 23, 49, 0.80, 0.89); Vendor-2 (182, 270, 61, 0.75, 0.40); Vendor-3 (75, 120, 168, 0.32, 0.39). The AUCs for detection of solid (0.61–0.74), groundglass (0.66–0.86) and part-solid (0.52–0.86) nodules varied between the three vendors. Our ML model validation pipeline enabled testing of multi-vendor algorithms within the institutional firewall. Wide variations in algorithm performance for detection as well as classification of lung nodules justifies the premise for a standardized objective ML algorithm evaluation process. [ABSTRACT FROM AUTHOR]

Published

2022

45. Effectiveness Evaluation of Different IDSs Using Integrated Fuzzy MCDM Model.

Author

Alyami, Hashem, Ansari, Md Tarique Jamal, Alharbi, Abdullah, Alosaimi, Wael, Alshammari, Majid, Pandey, Dhirendra, Agrawal, Alka, Kumar, Rajeev, and Khan, Raees Ahmad

Subjects

ANALYTIC hierarchy process, INTRUSION detection systems (Computer security), MULTIPLE criteria decision making, TOPSIS method, INFORMATION technology security, FIREWALLS (Computer security)

Abstract

Cyber-attacks are becoming progressively complicated; hence, the functional issues of intrusion-detection systems (IDSs) present ever-growing challenges. Failing to detect intrusions may jeopardize the trustworthiness of security services, such as privacy preservation, authenticity, and accessibility. To fight these risks, different organizations nowadays use a variety of approaches, techniques, and technologies to safeguard the systems' credibility. Establishing policies and procedures, raising user awareness, implementing firewall and verification systems, controlling system access, and building computer-issue management groups are all examples of safeguarding methods. There is a lack of sufficient emphasis on the effectiveness of intrusion-detection systems. In enterprises, IDS is used to analyze the potentially dangerous activities taking place within the technological settings. The selection of efficient IDS is a challenging task for organizations. This research evaluates the impact of five popular IDSs for their efficiency and effectiveness in information security. The authors used the fuzzy analytical hierarchy process (AHP) and fuzzy technique for order performance by similarity to ideal solution (TOPSIS)-based integrated multi-criteria decision-making (MCDM) methodology to evaluate the efficacy of the popular IDSs. The findings of this research suggest that most of the IDSs appear to be highly potential tools. Even though Snort is extensively deployed, Suricata has a substantial advantage over Snort. Suricata uses multi-threading functionality in comparison to Snort to boost the processing performance. [ABSTRACT FROM AUTHOR]

Published

2022

46. NFV-COIN: Unleashing The Power of In-Network Computing with Virtualization Technologies.

Author

Venâncio, Giovanni, Turchetti, Rogério C., and Duarte Jr., Elias P.

Subjects

COINS, DETECTORS, FIREWALLS (Computer security), HARDWARE

Abstract

Network Functions Virtualization (NFV) allows the implementation in software of middleboxes traditionally available as specialized hardware. Network services can be implemented as SFCs (Service Function Chains) based on virtualization technologies that run on commodity hardware. Although most virtualized functions have classic middlebox functionalities (e.g. firewalls or intrusion detectors) NFV technology can be used to leverage the network to provide novel types of services to end-users. Actually, NFV can be very convenient to deploy traditional enduser services in the network, in the paradigm that has been called Computing In the Network (COIN). This article discusses the requirements to deploy COIN services using NFV technologies, which we call NFV-COIN. We also present case studies and an NFV-COIN architecture that is compliant with the NFV-MANO reference model. [ABSTRACT FROM AUTHOR]

Published

2022

47. INDIA ON TRACK TO BECOME DIGITAL-FIRST ECONOMY.

Author

Ghatak, Aanchal

Subjects

MULTI-factor authentication, CHIEF information officers, DATA security failures, TRANSBORDER data flow, FIREWALLS (Computer security), INTERNATIONAL business enterprises, FLOW control (Data transmission systems)

Published

2022

48. BACnet Secure Connect Offers Next-Level BAS Cybersecurity.

Author

LANE, CHRIS

Subjects

*INTERNET security, *INFORMATION technology, *SECURE Sockets Layer (Computer network protocol), *COMPUTER network protocols, *DIGITAL technology, *FIREWALLS (Computer security), *WATER filtration, INFORMATION technology personnel

Abstract

The article highlights the improvement of building information systems (BAS) cybersecurity offered by the BACnet Secure Connect (BACnet/SC) Internet protocol standard. It describes how BACnet/SC works to establish secure and encrypted connection between devices and systems. Benefits of adopting BACnet/SC for building owners, facility managers and information technology (IT) professionals include security, reliability, ease of implementation, and compatibility.

Published

2023

49. Strengthening Cybersecurity The Right Way.

Author

Shashtrula, Manoj

Subjects

INTERNET security, BUSINESS enterprises, COMPUTER passwords, VIRTUAL private networks, FIREWALLS (Computer security), DATA security failures, ANTIVIRUS software

Abstract

The article reviews various cyber security strategies given by chief executive officer of Socly.io Manoj Shashtrula to strengthen and safeguard a brand's reputation and helping businesses in eliminating operational disruptions. Topics include protecting internet connection by encrypting information, all important organizational information and applications are stored and backed up in cloud server storage, and having the latest version of antivirus software.

Published

2022

50. IEE im Gespräch mit Christian Fiebach, Geschäftsführer ipf electronic.

Author

hw

Subjects

ELECTRONIC systems, SECURITY systems, LEAK detection, COMPRESSED air, SUPPLY chain disruptions, FIREWALLS (Computer security), ANTIVIRUS software

Abstract

Copyright of IEE: Industrie, Engineering, Effizienz is the property of Dokumentations- und Informationszentrum (DIZ) Munchen GmbH and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2022