Search results for "Security"

showing 10 items of 1693 documents

A Network-Based Framework for Mobile Threat Detection

2018

Mobile malware attacks increased three folds in the past few years and continued to expand with the growing number of mobile users. Adversary uses a variety of evasion techniques to avoid detection by traditional systems, which increase the diversity of malicious applications. Thus, there is a need for an intelligent system that copes with this issue. This paper proposes a machine learning (ML) based framework to counter rapid evolution of mobile threats. This model is based on flow-based features, that will work on the network side. This model is designed with adversarial input in mind. The model uses 40 timebased network flow features, extracted from the real-time traffic of malicious and…

ta113Computer scienceintrusion detectionmobile threatsFeature extractionEvasion (network security)concept-driftAdversaryComputer securitycomputer.software_genreFlow networkMobile malwareanomaly detectionVariety (cybernetics)haittaohjelmatmachine learningkoneoppiminenmobiililaitteetMalwaretietoturvacomputerHumanoid robot
researchProduct

Revisiting rainfall to explore exam questions and performance on CS1

2015

The Rainfall problem comprises small tasks that have been used to investigate student performance in introductory programming. We conducted several kinds of analyses to inform our understandings of student performance in CS1 relating to this problem. We analyzed implementation approaches and program errors, as in related studies, and also explored the role of test writing vis-a-vis the most common student error. Finally, using correlation analyses and manual inspection of the exam answers, we studied how well the Rainfall problem served as an exam question. The students' implementation choices reflected their familiarity with particular loop constructs, while the single most common error co…

ta113Guard (information security)novice programmersUnit testingCommon errorRainfall problemDivision by zeroCode (semiotics)Test (assessment)PedagogyComputingMilieux_COMPUTERSANDEDUCATIONMathematics educationta516CS1PsychologyKnowledge transferProceedings of the 15th Koli Calling Conference on Computing Education Research
researchProduct

Comparing the cost-efficiency of CoAP and HTTP in Web of Things applications

2014

Abstract Constrained Application Protocol (CoAP) has been introduced as a simpler alternative to the Hypertext Transfer Protocol (HTTP) for connecting constrained smart objects to the Web. The adoption of the protocol depends on its relative advantage, and the cost–benefit associated with the use of the protocol is a significant factor affecting a protocol adoption decision. This paper aims at deepening the understanding of the cost–benefits of CoAP and identifies the application scenarios where its use is likely to be economically justifiable. The paper analyzes the costs of using CoAP and HTTP in the Web of Things (WoT) applications, by identifying the components of the total cost of owne…

ta113Information Systems and ManagementHypertext Transfer Protocolta213Cost efficiencyComputer scienceSmart objectsbusiness.industrycomputer.internet_protocolta111Computer securitycomputer.software_genreManagement Information SystemsConstrained Application ProtocolWeb of ThingsArts and Humanities (miscellaneous)Developmental and Educational PsychologyOverhead (computing)businessta512Protocol (object-oriented programming)computerInformation SystemsComputer networkDecision Support Systems
researchProduct

Guidelines for improving the contextual relevance of field surveys: the case of information security policy violations

2014

The information systems (IS) field continues to debate the relative importance of rigor and relevance in its research. While the pursuit of rigor in research is important, we argue that further effort is needed to improve practical relevance, not only in terms of topics, but also by ensuring contextual relevance. While content validity is often performed rigorously, validated survey instruments may still lack contextual relevance and be out of touch with practice. We argue that IS behavioral research can improve its practical relevance without loss of rigor by carefully addressing a number of contextual issues in instrumentation design. In this opinion article, we outline five guidelines – …

ta113Knowledge managementbusiness.industryComputer science05 social sciences02 engineering and technologyInformation securityLibrary and Information SciencesData scienceManagement information systems020204 information systems0502 economics and business0202 electrical engineering electronic engineering information engineeringContent validityInformation systemStrategic information systemSoft systems methodologyRelevance (information retrieval)Instrumentation (computer programming)business050203 business & managementInformation SystemsEuropean Journal of Information Systems
researchProduct

Support vector machine integrated with game-theoretic approach and genetic algorithm for the detection and classification of malware

2013

Abstract. —In the modern world, a rapid growth of mali- cious software production has become one of the most signifi- cant threats to the network security. Unfortunately, wides pread signature-based anti-malware strategies can not help to de tect malware unseen previously nor deal with code obfuscation te ch- niques employed by malware designers. In our study, the prob lem of malware detection and classification is solved by applyin g a data-mining-based approach that relies on supervised mach ine- learning. Executable files are presented in the form of byte a nd opcode sequences and n-gram models are employed to extract essential features from these sequences. Feature vectors o btained are…

ta113Network securitybusiness.industryComputer scienceFeature vectorFeature extractionuhatBytecomputer.file_formatMachine learningcomputer.software_genrehaittaohjelmatSupport vector machineObfuscation (software)ComputingMethodologies_PATTERNRECOGNITIONnetworknetwork securityMalwareData miningArtificial intelligenceExecutabletietoturvabusinesscomputer2013 IEEE Globecom Workshops (GC Wkshps)
researchProduct

A Novel Model for Cybersecurity Economics and Analysis

2017

In recent times, major cybersecurity breaches and cyber fraud had huge negative impact on victim organisations. The biggest impact made on major areas of business activities. Majority of organisations facing cybersecurity adversity and advanced threats suffers from huge financial and reputation loss. The current security technologies, policies and processes are providing necessary capabilities and cybersecurity mechanism to solve cyber threats and risks. However, current solutions are not providing required mechanism for decision making on impact of cybersecurity breaches and fraud. In this paper, we are reporting initial findings and proposing conceptual solution. The paper is aiming to pr…

ta113Value (ethics)Computer sciencemedia_common.quotation_subjectComputingMilieux_LEGALASPECTSOFCOMPUTING020207 software engineering02 engineering and technologyBusiness activitiesComputer securitycomputer.software_genrecybersecurity economicscyber fraudadvanced cyber threatstaloudelliset vaikutuksetcost-benefit model020204 information systemsCyber-security regulation0202 electrical engineering electronic engineering information engineeringResearch developmentkyberturvallisuuscomputercybersecurity impactReputationmedia_common2017 IEEE International Conference on Computer and Information Technology (CIT)
researchProduct

Online anomaly detection using dimensionality reduction techniques for HTTP log analysis

2015

Modern web services face an increasing number of new threats. Logs are collected from almost all web servers, and for this reason analyzing them is beneficial when trying to prevent intrusions. Intrusive behavior often differs from the normal web traffic. This paper proposes a framework to find abnormal behavior from these logs. We compare random projection, principal component analysis and diffusion map for anomaly detection. In addition, the framework has online capabilities. The first two methods have intuitive extensions while diffusion map uses the Nyström extension. This fast out-of-sample extension enables real-time analysis of web server traffic. The framework is demonstrated using …

ta113Web serverComputer Networks and Communicationsbusiness.industryComputer scienceRandom projectionDimensionality reductionRandom projectionPrincipal component analysisIntrusion detection systemAnomaly detectionMachine learningcomputer.software_genreCyber securityWeb trafficPrincipal component analysisDiffusion mapAnomaly detectionIntrusion detectionArtificial intelligenceData miningWeb servicebusinesskyberturvallisuuscomputer
researchProduct

Health care and cyber threats

2019

ta113critical infrastructurecyber threatkyberuhkaterveydenhuoltocyber securitykyberturvallisuushealth carekriittinen infrastruktuuriFinnish Journal of eHealth and eWelfare
researchProduct

Towards the cyber security paradigm of ehealth: Resilience and design aspects

2017

Digital technologies have significantly changed the role of healthcare clients in seeking and receiving medical help, as well as brought up more cooperative policy issues in healthcare cross-border services. Citizens continue to take a more co-creative role in decisions about their own healthcare, and new technologies can enable and facilitate this emergent trend. In this study, healthcare services have been intended as a critical societal sector and therefore healthcare systems are focused on as critical infrastructures that ought to be protected from all types of fears, including cyber security threats and attacks. Despite continual progress in the systemic risk management of cyber domain…

ta113e-healthcareEmerging technologiesbusiness.industrycyber securityComputer securitycomputer.software_genreAnticipation (artificial intelligence)Critical information infrastructureHealth careSystemic riskeHealthBusinessteleterveydenhuoltoResilience (network)kyberturvallisuuscomputerHealthcare system
researchProduct

Towards enabling privacy preserving smart city apps

2016

Smart city applications are increasingly relying on personally identifiable data. A disclosure of such a data to a platform provider and possible 3rd parties represents a risk to the privacy of the application users. To mitigate the privacy risk, two-layer privacy-preserving platform architecture is introduced, wherein the personally identifiable information is dealt with at the inner layer (executed in a trusted environment), whereas only generic and personally unidentifiable information is made available to the apps at the outer layer of the architecture — e.g., in a form of app-specific events. The essential requirements for the platform are described, and the architectural implications …

ta113smart city application platformInformation privacyPrivacy by DesignComputer sciencebusiness.industryPrivacy softwareMultitier architectureInternet privacy020206 networking & telecommunications02 engineering and technologyComputer securitycomputer.software_genreprivacylayered architecture020204 information systemsSmart city0202 electrical engineering electronic engineering information engineeringLayer (object-oriented design)ArchitecturebusinessPersonally identifiable informationcomputerpersonally identifiable information
researchProduct