Search results for "Security"

showing 10 items of 1693 documents

On Application-Layer DDoS Attack Detection in High-Speed Encrypted Networks

2016

Application-layer denial-of-service attacks have become a serious threat to modern high-speed computer networks and systems. Unlike network-layer attacks, application-layer attacks can be performed by using legitimate requests from legitimately connected network machines which makes these attacks undetectable for signature-based intrusion detection systems. Moreover, the attacks may utilize protocols that encrypt the data of network connections in the application layer making it even harder to detect attacker’s activity without decrypting users network traffic and violating their privacy. In this paper, we present a method which allows us to timely detect various applicationlayer attacks ag…

intrusion detectiondenial of servicenetwork securitytraffic clusteringanomaly detection
researchProduct

Cyber security of vehicle CAN bus

2019

There are currently many research projects underway concerning the intelligent transport system (ITS), with the intent to develop a variety of communication solutions between vehicles, roadside stations and services. In the near future, the roll-out of 5G networks will improve short-range vehicle-to-vehicle traffic and vehicle-to-infrastructure communications. More extensive services can be introduced due to almost non-delayed response time. Cyber security is central for the usability of the services and, most importantly, for car safety. The Controller Area Network (CAN) is an automation bus that was originally designed for real-time data transfer of distributed control systems to cars. La…

intrusion detectionälytekniikkarobottiautotkyberturvallisuuscvbersecurityverkkohyökkäyksetcarCAN bus
researchProduct

Towards an optimal self-assessment tool for information security investment decision-making

2017

Aikaisempi tutkimus keskittyi pääasiallisesti taloudellisiin malleihin, joiden tarkoituksena oli auttaa organisaatioita tunnistamaan kuinka paljon heidän tulisi sijoittaa tietoturvallisuuteen. Nämä mallit pyrkivät tuottojen maksimointiin ja keskittyivät tietoturvainvestointiprosessin tiettyihin osiin. Tästä johtuen, klassiset teoriat ja mallit ovat ongelmallisia tietoturvainvestointien päätösten teossa, jonka myötä tulisi omaksua kokonaisvaltaisempi lähestyminen tietoturvainvestointeihin. Tietoturvallisuuden tutkimuskentältä puuttuu tutkimusta tietoturvallisuuden itsearviointityökalujen käytöstä tietoturvainvestointien päätöksenteossa. Tämä tutkimus pyrki täyttämään tämän aukon tutkimalla o…

itsearviointiinformation securitypäätöksentekotyövälineettoolinvestmentdecision-makingtietoturvaself-assessmentinvestoinnit
researchProduct

Intervención en Libia: La responsabilidad de proteger a debate

2011

Resumen El trabajo analiza el origen y evolución del concepto de la responsabilidad de proteger, sus antecedentes en la década de los noventa del S. XX, su formulación en el Informe sobre La responsabilidad de proteger,  y su consolidación posterior con especial atención al Documento Final de la Cumbre de 2005. Se examina asimismo el modo en que se ha aplicado esta norma emergente en la Resolución 1973 del Consejo de Seguridad, de 17 de marzo de 2011, que ha autorizado el uso de la fuerza en Libia. Y se concluye que casi todas las limitaciones y objeciones que se están planteando en relación con esta intervención, probablemente son consustanciales al modo en que actualmente se ponen en prác…

ius cogens normsResolución 1973 del Consejo de Seguridadlcsh:Jurisprudence. Philosophy and theory of lawHumanitarian interventionK201-487Intervención humanitariaIntervención humanitaria; autoridad competente; normas de ius cogens; Resolución 1973 del Consejo de Seguridad; responsabilidad de prevenir; Humanitarian intervention; right authority; ius cogens norms; Security Council Resolution 1973; responsibilitynormas de ius cogensright authorityresponsabilidad de prevenirSecurity Council Resolution 1973Jurisprudence. Philosophy and theory of lawresponsibilitylcsh:K201-487autoridad competente
researchProduct

Strategic Communication for Cyber-security Leadership

2013

The purpose of this paper is to form a preliminary hypothesis about how to identify characteristics that a leader needs to focus on when aiming at cyber-security leadership. The paper studies the key concepts and terms of cyber security and presents the physical world and the cyber world framework. The paper refers to a system model of a society and uses that model to analyze the results of two limited media surveys about cyber-related newspaper articles. The media surveys indicate a strong need to organize the cyber world. peerReviewed

johtaminenjulkinen keskustelulehdistökirjoittelucyber-securitygovernanceinformation securitytietohallintokyberturvallisuussysteemiajattelucyber security theory
researchProduct

Reporting in Conflict Zones in Pakistan: Risks and Challenges for Fixers

2020

As a backbone of reporting in war and conflicts, fixers offer essential assistance to the foreign correspondent in conflict zones, also in Pakistan. With valuable local knowledge and contacts, fixers can arrange travel to secure entry of foreign correspondents into conflict zones in addition to securing interviews with otherwise unattainable figures, while offering reliable translation services. Pakistani media, despite being one of the largest and most developed in South Asia, remains under the strict control of powerful military establishment and government, while seeming to mirror the overarching government sentiment with a distinct lack of research-based news. Challenging this state of …

journalistmedia_common.quotation_subjectSüdasien050801 communication & media studiesState of affairspolitischer KonfliktjournalismsecurityPublic administrationSouth AsiaAsset (computer security)Enthüllungsjournalismusddc:070lcsh:Communication. Mass media0508 media and communicationsState (polity)foreign correspondentCommunicator Research JournalismPolitical sciencepolitical conflict050602 political science & public administrationconflict zonesPakistanAuslandskorrespondentmedia_commonNews media journalism publishingfixersBerichterstattungGovernmentreportingpakistansensationalist journalismCommunication05 social sciencesSensationalismCensorshipIslamVDP::Samfunnsvitenskap: 200::Medievitenskap og journalistikk: 310Kommunikatorforschung Journalismuslcsh:P87-960506 political scienceSicherheitJournalismPublizistische Medien JournalismusVerlagswesen
researchProduct

Systemic Management of Architectural Decisions in Enterprise Architecture Planning. Four Dimensions and Three Abstraction Levels

2006

This paper presents a process model for the management of architectural decisions in enterprise architecture planning. First, decisions are made at the enterprise level, with strategic business considerations on the enterprise information, systems and technology strategy and governance issues. The next step is to define the domains, to then go on with domain architecture decisions. At the systems level, the enterprise and domain architecture decisions are collected and converted into architecture descriptions accurate in precision, form and detail to be given as input to the information systems development process, following the architectural planning. The model is derived from previous wor…

järjestelmäarkkitehtuuriEnterprise architecture frameworkProcess managementEA projectArchitecture domainComputer sciencepäätöksentekoyritysstrategiatSolution architecturearchitecture decisionsEnterprise integrationEnterprise architectureFunctional software architectureEnterprise systemEnterprise architecture managementEnterprise life cyclearchitecture managementBusiness architectureInformation systemEnterprise information systemView modelNIST Enterprise Architecture ModelProject managementEnterprise resource planningEnterprise planning systemStrategic planningEnterprise systems engineeringbusiness.industryCorporate governanceTechnology strategyInformation technologyEnterprise information security architectureService-oriented modelingTechnology managementApplications architecturearchitecture processArchitectural planData architecturekokonaisarkkitehtuuribusinessEnterprise softwareProceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06)
researchProduct

Basic Elements of Cyber Security for a Smart Terminal Process

2023

Global maritime transportation and logistics systems are essential parts of critical infrastructures in every society, and a crucial part of maritime logistics processes are seaports. Digitalization helps improve the efficiency of terminal systems in the processes of these ports. In Finland this development is going on and it is called SMARTER research program. In the best cases, digitalization can also promote the reduction of emissions by optimizing port operations and enhancing cargo and people flows while improving the experience for all stakeholders. The improvement of port processes relies on the development of Information and Communication Technology (ICT) and as well as on Industria…

järjestelmäarkkitehtuuricyber security managementlogistiikkamaritime logisticsälytekniikkamerenkulkusatamatSMARTERkyberturvallisuussmart portterminaalit
researchProduct

Development of Network Security Education

2021

Distance education has grown tremendously over the last decade. Internet technologies have enabled a large-scale dispensation of lectures, exercises, and training. Virtual Learning Management Systems (LMSs) offer a number of tools to realize distance education and distance learning. In this work, we present a virtual system architecture for training cyber security professionals with hands-on skills. The architecture is based on a VirtualBox virtualization environment. Guest machines are installed on an instance of VirtualBox. The installed environment offers a safe and isolated workbench for experiments. After installation and configuration of the environment, students perform a number of i…

järjestelmäarkkitehtuurioppimisympäristöComputer scienceNetwork securityDistance educationtietotekniikkacomputer.software_genreetäopetusComputingMilieux_COMPUTERSANDEDUCATIONnetwork securityverkko-opetusArchitecturetietoturvakyberturvallisuusMultimediabusiness.industryhallintajärjestelmätVirtualizationverkko-oppiminendistance educationManagement systemSystems architectureVirtual learning environmentThe Internetbusinesscomputerverkkohyökkäykset
researchProduct

Towards Practical Cybersecurity Mapping of STRIDE and CWE — a Multi-perspective Approach

2021

Software vulnerabilities are identified during their whole life-cycle; some vulnerabilities may be caused by flaws on the design while other appear due to advances on the technologies around the systems. Frameworks such as OWASP are well- known and are used for testing a systems security before or after implementation, and such testing is carried out against the existing system. Threat modeling however focuses on the early stages of the system design when it is feasible and easy to fix security-related flaws and prevent possible damage caused by them. For example, STRIDE is one very popular threat modeling framework. A STRIDE threat modelling specialist deals with abstract categorizations o…

järjestelmäsuunnittelucybersecurityComputer scienceVulnerabilitySTRIDETK5101-6720cveComputer securitycomputer.software_genrethreat lifecyclestrideSoftwaretietokannattietoturvakyberturvallisuushaavoittuvuusweaknessesvulnerabilitiesScope (project management)business.industrytietokoneohjelmatTechnological innovationcwemapping automationohjelmistosuunnitteluSystems development life cycleTask analysisThreat modelTelecommunicationTask analysisManualsSystems designthreat modellingmallit (mallintaminen)ohjelmistokehitysbusinessEstimationcomputervulnerability lifecycleSoftware2021 29th Conference of Open Innovations Association (FRUCT)
researchProduct