Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
82,844
result(s) for
"Systems and Data Security"
Sort by:
Information assurance handbook : effective computer security and risk management strategies
\"Information Assurance Handbook: Effective Computer Security and Risk Management Strategies discusses the tools and techniques required to prevent, detect, contain, correct, and recover from security breaches and other information assurance failures. This practical resource explains how to integrate information assurance into your enterprise planning and IT strategy and offers an organizational approach to identifying, implementing, and controlling information assurance initiatives for small business and global enterprises alike\"-- Provided by publisher.
Book
Intrusion Detection in Internet of Things Systems: A Review on Design Approaches Leveraging Multi-Access Edge Computing, Machine Learning, and Datasets
The explosive growth of the Internet of Things (IoT) applications has imposed a dramatic increase of network data and placed a high computation complexity across various connected devices. The IoT devices capture valuable information, which allows the industries or individual users to make critical live dependent decisions. Most of these IoT devices have resource constraints such as low CPU, limited memory, and low energy storage. Hence, these devices are vulnerable to cyber-attacks due to the lack of capacity to run existing general-purpose security software. It creates an inherent risk in IoT networks. The multi-access edge computing (MEC) platform has emerged to mitigate these constraints by relocating complex computing tasks from the IoT devices to the edge. Most of the existing related works are focusing on finding the optimized security solutions to protect the IoT devices. We believe distributed solutions leveraging MEC should draw more attention. This paper presents a comprehensive review of state-of-the-art network intrusion detection systems (NIDS) and security practices for IoT networks. We have analyzed the approaches based on MEC platforms and utilizing machine learning (ML) techniques. The paper also performs a comparative analysis on the public available datasets, evaluation metrics, and deployment strategies employed in the NIDS design. Finally, we propose an NIDS framework for IoT networks leveraging MEC.
Journal Article
A Key-Based Mutual Authentication Framework for Mobile Contactless Payment System Using Authentication Server
This paper presents a framework for mutual authentication between a user device and a point of sale (POS) machine using magnetic secure transmission (MST) to prevent the wormhole attack in Samsung pay. The primary attribute of this method is authenticating the POS terminals by an authentication server to bind the generated token to a single POS machine. To secure the system from eavesdropping attack, the data transmitted between the user device and the machine is encrypted by using the Elgamal encryption method. The keys used in the method are dynamic in nature. Furthermore, comparison and security analysis are presented with previously proposed systems.
Journal Article
A Survey of Traffic Prediction: from Spatio-Temporal Data to Intelligent Transportation
Intelligent transportation (e.g., intelligent traffic light) makes our travel more convenient and efficient. With the development of mobile Internet and position technologies, it is reasonable to collect spatio-temporal data and then leverage these data to achieve the goal of intelligent transportation, and here, traffic prediction plays an important role. In this paper, we provide a comprehensive survey on traffic prediction, which is from the spatio-temporal data layer to the intelligent transportation application layer. At first, we split the whole research scope into four parts from bottom to up, where the four parts are, respectively, spatio-temporal data, preprocessing, traffic prediction and traffic application. Later, we review existing work on the four parts. First, we summarize traffic data into five types according to their difference on spatial and temporal dimensions. Second, we focus on four significant data preprocessing techniques: map-matching, data cleaning, data storage and data compression. Third, we focus on three kinds of traffic prediction problems (i.e., classification, generation and estimation/forecasting). In particular, we summarize the challenges and discuss how existing methods address these challenges. Fourth, we list five typical traffic applications. Lastly, we provide emerging research challenges and opportunities. We believe that the survey can help the partitioners to understand existing traffic prediction problems and methods, which can further encourage them to solve their intelligent transportation applications.
Journal Article
DB-GPT: Large Language Model Meets Database
Large language models (LLMs) have shown superior performance in various areas. And LLMs have the potential to revolutionize data management by serving as the \"brain\" of next-generation database systems. However, there are several challenges that utilize LLMs to optimize databases. First, it is challenging to provide appropriate prompts (e.g., instructions and demonstration examples) to enable LLMs to understand the database optimization problems. Second, LLMs only capture the logical database characters (e.g., SQL semantics) but are not aware of physical characters (e.g., data distributions), and it requires to fine-tune LLMs to capture both physical and logical information. Third, LLMs are not well trained for databases with strict constraints (e.g., query plan equivalence) and privacy-preserving requirements, and it is challenging to train database-specific LLMs while ensuring database privacy. To overcome these challenges, this vision paper proposes a LLM-based database framework (DB-GPT), including automatic prompt generation, DB-specific model fine-tuning, and DB-specific model design and pre-training. Preliminary experiments show that DB-GPT achieves relatively good performance in database tasks like query rewrite and index tuning. The source code and datasets are available at github.com/TsinghuaDatabaseGroup/DB-GPT.
Journal Article
IoT cyber risk: a holistic analysis of cyber risk assessment frameworks, risk vectors, and risk ranking process
Security vulnerabilities of the modern Internet of Things (IoT) systems are unique, mainly due to the complexity and heterogeneity of the technology and data. The risks born out of these IoT systems cannot easily fit into an existing risk framework. There are many cybersecurity risk assessment approaches and frameworks that are under deployment in many governmental and commercial organizations. Extending these existing frameworks to IoT systems alone will not address the new risks that have arisen in the IoT ecosystem. This study has included a review of existing popular cyber risk assessment methodologies and their suitability to IoT systems. National Institute of Standards and Technology, Operationally Critical Threat, Asset, and Vulnerability Evaluation, Threat Assessment & Remediation Analysis, and International Standards Organization are the four main frameworks critically analyzed in this research study. IoT risks are presented and reviewed in terms of the IoT risk category and impacted industries. IoT systems in financial technology and healthcare are dealt with in detail, given their high-risk exposure. Risk vectors for IoT and the Internet of Medical Things (IoMT) are discussed in this study. A unique risk ranking method to rank and quantify IoT risk is introduced in this study. This ranking method initiates a risk assessment approach exclusively for IoT systems by quantifying IoT risk vectors, leading to effective risk mitigation strategies and techniques. A unique computational approach to calculate the cyber risk for IoT systems with IoT-specific impact factors has been designed and explained in the context of IoMT systems.
Journal Article
A cross-dataset harmonized intrusion detection framework with statistically validated multi-model learning
Intrusion Detection Systems (IDS) are considered critical security tools in ensuring network infrastructure security. However, recent studies on machine learning-based IDS systems are often constrained by their heavy dependence on a single dataset, lack of reproducibility, and lack of transparency in evaluating their performance. In addressing these challenges, a unified and transparent framework for evaluating IDS systems is proposed, which focuses on integrating feature harmonization, multi-model benchmarking, and statistical validation. In achieving this objective, a preprocessing pipeline is designed to harmonize features of both legacy and contemporary network intrusion datasets, i.e., NSL-KDD and CICIDS2017, respectively. This framework will assess various learning models, including supervised, unsupervised, deep learning, and ensemble-based models, through cross-validation and statistical tests such as Wilcoxon signed-rank, McNemar’s, and DeLong tests. Experimental results demonstrate that the Random Forest model performs best in terms of performance metrics, i.e., 98.0% accuracy and 97.0% F1-score on the harmonized data set. Moreover, feature harmonization is found to be the most important factor in improving performance using ablation analysis. Besides, a novel approach of using a cryptographic logging mechanism using SHA-256 hash chaining is proposed for tamper-evident traceability and reproducibility of results in experiments, though it is not as effective as using a blockchain-based approach. Although effective in its application, it is based on manual feature alignment and hence might not be effective in highly heterogeneous data sets.This work provides a unified, reproducible, and statistically grounded framework for evaluating IDS systems, focusing on generalization and transparency in cybersecurity research.
Journal Article
A hybrid intrusion detection system (HIDS) based on prioritized k-nearest neighbors and optimized SVM classifiers
Intrusion Detection System (IDS) is an effective security tool that helps preventing unauthorized access to network resources through analyzing the network traffic. However, due to the large amount of data flowing over the network, effective real time intrusion detection is almost impossible. The goal of this paper is to design a Hybrid IDS (HIDS) that can be successfully employed in a real time manner and suitable for resolving the multi-class classification problem. HIDS relies on a Naïve Base feature selection (NBFS) technique, which is used to reduce the dimensionality of sample data. Moreover, HIDS has another pioneering issue that other techniques do not have, which is the outlier rejection. Outliers are noisy input samples that can lead to high rate of misclassification if they are applied for model training. Rejecting outliers has been accomplished through applying a distance based methodology to choose the most informative training examples, which are then used to train an Optimized Support Vector Machines (OSVM). Afterward, OSVM is employed for rejecting outliers. Finally, after outlier rejection, HIDS can successfully detect attacks through applying a Prioritized K-Nearest Neighbors (PKNN) classifier. Hence, HIDS is a triple edged strategy as it has three main contributions, which are: (i) NBFS, which has been employed for dimensionality reduction, (ii) OSVM, which is applied for outlier rejection, and (iii) PKNN, which is used for detecting input attacks. HIDS has been compared against recent techniques using three well-known intrusion detection datasets: KDD Cup ’99, NSL-KDD and Kyoto 2006+ datasets. HIDS has the ability to quickly detect attacks and accordingly can be employed for real time intrusion detection. Thanks to OSVM and PKNN, HIDS performed high detection rates specifically for the attacks which are rare such as R2L and U2R. PKNN is also suitable for resolving the multi-label classification problem.
Journal Article
Security enhancement using scalable Blockchain-based Multi-Factor Authentication (BMFA)
As digital interactions continue to expand, securing online systems has become a fundamental priority. Multifactor authentication (MFA) plays a pivotal role in modern cybersecurity frameworks. Traditional approaches often exhibit weaknesses such as centralized vulnerabilities and limited adaptability to emerging threats. To address these concerns, this research introduces a novel Blockchain- based Multifactor Authentication (BMFA) system that enhances security, resilience, and scalability. This study provides an in-depth exploration of BMFA's conceptual architecture, operational mechanisms, and potential applications. By decentralizing authentication processes, BMFA reduces single points of failure and fortifies data integrity through cryptographic safeguards. Unlike conventional models, this approach distributes authentication data across multiple blockchain nodes. This reduces the risk of breaches while ensuring continuous availability. Moreover, BMFA improves user privacy via distributed consensus, minimizing dependency on centralized authentication servers. The proposed system demonstrates enhanced load-balancing (LB)capabilities. This makes it more suitable for high-demand environments as compared to existing MFA methods. The proposed system demonstrates improved load-balancing behavior under simulated conditions and distributes authentication verification across multiple nodes. The results indicate potential resilience improvements compared with centralized MFA approaches. However, the findings are based on analytical and simulation evaluation, and real-world deployment assessment remains future work.
Journal Article