Search results for "soft"
showing 10 items of 9809 documents
Understanding the Importance of Proper Incentives for Critical Infrastructures Management – How System Dynamics Can Help
2016
International audience; Computer and information systems are now at the core of numerous critical infrastructures. However, their security management is by far not a trivial issue. Further, these systems, by their very nature, belong to the domain of complex systems, where system dynamics (SD) is an established method, which aims at modelling such systems, their analysis and understanding. Further, on this basis it enables simulation of various policies to properly manage complex systems. More precisely, through understanding of the basic elements of the whole mosaic and their interplay, proper incentives can be tested. And this is important, because proper incentives can lead to the desire…
Selection of time windows in the horizontal-to-vertical noise spectral ratio by means of cluster analysis
2016
The selection of the elementary analysis windows in continuous noise recordings for optimal estimation of the mean horizontal‐to‐vertical spectral ratio (HVSR) curve is generally performed by visual inspection of HVSR curves considered as functions of time. Starting from full‐length records, HVSR curves are determined in consecutive time windows of appropriate lengths. Time windows with HVSR curves that are anomalous on the basis of a simple visual inspection are generally ignored in the computation of the average HVSR curve. It is often very difficult to optimize the selection of time windows to be used for the calculation of the HVSR curve representative of a site. The use of nonobjective…
Event Management and Terrorism in a Global Order
2020
Over the recent years, the public spectacle and media events have become fertile grounds for terrorist attacks. Particularly, media events play a leading role enhancing the social cohesion as well as revitalizing the psychological frustrations that happened during the working days. Paradoxically, terrorism needs to maximize its gains while the costs are minimized. The spectacularisation tourism and events offer a double-edge sword. The same attractiveness that makes global cities a safer place to live are employed by the terrorist cells to cause chaos and uncertainty. The chapter theoretically explores the difficult interrelation between terrorism and event management as well as the concept…
A risk assessment proposal for underground cavities in Hard Soils-Soft Rocks
2018
Abstract Underground calcarenite quarries in Marsala (Sicily) have been involved in a number of collapses that have, seriously damaged numerous buildings. The stability conditions were therefore examined in order to assess risk conditions within the historical centre of the town and the surrounding areas, which are subject to urban expansion. Starting with an extensive collection of historical information, the research was carried out through surveys of the cavities, systematic sampling of material, petrographic analysis and geotechnical testing. The results of laboratory tests and in situ investigations provided a geotechnical characterization of both the intact material and the rock mass.…
Data Sources Handling for Emergency Management: Supporting Information Availability and Accessibility for Emergency Responders
2017
Information is an essential component for better emergency response. Although a lot of information being available at various places during any kind of emergency, many emergency responders (ERs) use only a limited amount of the available information. The reason for this is that the available information heterogeneously distributed, in different formats, and ERs are unable to get access to the relevant information. Moreover, without having access to the needed information, many emergency responders are not able to obtain a sufficient understanding of the emergency situation. Consequently, a lot of time is being used to search for the needed information and poor decisions may be made. Therefo…
HyperWall: A Hypervisor for Detection and Prevention of Malicious Communication
2020
Malicious programs vary widely in their functionality, from key-logging to disk encryption. However, most malicious programs communicate with their operators, thus revealing themselves to various security tools. The security tools incorporated within an operating system are vulnerable to attacks due to the large attack surface of the operating system kernel and modules. We present a kernel module that demonstrates how kernel-mode access can be used to bypass any security mechanism that is implemented in kernel-mode. External security tools, like firewalls, lack important information about the origin of the intercepted packets, thus their filtering policy is usually insufficient to prevent c…
Deep in the Dark: A Novel Threat Detection System using Darknet Traffic
2019
This paper proposes a threat detection system based on Machine Learning classifiers that are trained using darknet traffic. Traffic destined to Darknet is either malicious or by misconfiguration. Darknet traffic contains traces of several threats such as DDoS attacks, botnets, spoofing, probes and scanning attacks. We analyse darknet traffic by extracting network traffic features from it that help in finding patterns of these advanced threats. We collected the darknet traffic from the network sensors deployed at SURFnet and extracted several network-based features. In this study, we proposed a framework that uses supervised machine learning and a concept drift detector. Our experimental res…
Self-validating bundles for flexible data access control
2016
Modern cloud-based services offer free or low-cost content sharing with significant advantages for the users but also new issues in privacy and security. To protect sensitive contents (i.e., copyrighted, top secret, and personal data) from the unauthorized access, sophisticated access management systems or/and decryption schemes have been proposed, generally based on trusted applications at client side. These applications work also as access controllers, verifying specific permissions and restrictions accessing user’s resources. We propose secure bundles (S-bundles), which encapsulate a behavioral model (provided as bytecode) to define versatile stand-alone access controllers and encoding/d…
On Detection of Network-Based Co-residence Verification Attacks in SDN-Driven Clouds
2017
Modern cloud environments allow users to consume computational and storage resources in the form of virtual machines. Even though machines running on the same cloud server are logically isolated from each other, a malicious customer can create various side channels to obtain sensitive information from co-located machines. In this study, we concentrate on timely detection of intentional co-residence attempts in cloud environments that utilize software-defined networking. SDN enables global visibility of the network state which allows the cloud provider to monitor and extract necessary information from each flow in every virtual network in online mode. We analyze the extracted statistics on d…
Towards a Security Competence of Software Developers
2020
Software growth has been explosive as people depend heavily on software on daily basis. Software development is a human-intensive effort, and developers' competence in software security is essential for secure software development. In addition, ubiquitous computing provides an added complexity to software security. Studies have treated security competences of software developers as a subsidiary of security engineers' competence instead of software engineers' competence, limiting the full knowledge of the security competences of software developers. This presents a crucial challenge for developers, educators, and users to maintain developers' competences in security. As a first step in pushi…