Information Security Vulnerabilities of NFC Technology and Improvement Programs

2018 ◽  
Author(s):  
Zining Wang
Keyword(s):  
Information Security ◽  
Security Vulnerabilities ◽  
Improvement Programs

Practical Measures for Securing Government Networks

2008 ◽  
pp. 386-394
Author(s):  
Stephen K. Aikins
Keyword(s):  
Information Security ◽  
Denial Of Service ◽  
Cost Effective ◽  
Internet Security ◽  
The State ◽  
Sensitive Information ◽  
Dos Attacks ◽  
Security Vulnerabilities ◽  
Internal Resources ◽  
State And Local

The modern network and Internet security vulnerabilities expose state and local government networks to numerous threats such as denial of service (DoS) attacks, computer viruses, unauthorized access, confidentiality breaches, and so forth. For example, in June 2005, the state of Delaware saw a spike of 141,000 instances of “suspicious activity” due to a variant of the mytopb worm, which could have brought the state’s network to its knees had appropriate steps not been taken (Jarrett, 2005; National Association of State Chief Information Officers [NASCIO], 2006b). On an average day, the state of Michigan blocks 22,059 spam e-mails, 21,702 e-mail viruses, 4,239 Web defacements, and six remote computer takeover attempts. Delaware fends off nearly 3,000 attempts at entering the state’s network daily (NASCIO, 2006b). Governments have the obligation to manage their information security risks by securing mission- critical internal resources such as financial records and taxpayer sensitive information on their networks. Consequently, public-sector information security officers are faced with the challenge to contain damage from compromised systems, prevent internally and Internet-launched attacks, provide systems for logging and intrusion detection, and build frameworks for administrators to securely manage government networks (Oxlenhandler, 2003). This chapter discusses some of the cost-effective measures needed to address government agency information security vulnerabilities and related threats.

Analisis Manajemen Risiko Infrastruktur Dengan Metode NIST (National Institute of Standards and Technology) SP 800-30 (Studi Kasus : STMIK Rosma)

2021 ◽  
Vol 14 (1) ◽  
pp. 141-151
Author(s):  
Anggi Elanda ◽  
Robby Lintang Buana
Keyword(s):  
Operating System ◽  
Risk Assessment ◽  
Information Systems ◽  
Information Security ◽  
Human Resources ◽  
Programming Language ◽  
Academic Community ◽  
Security Vulnerabilities ◽  
Language Data ◽  
Program Software

Infrastructure is an important thing in an organization/company that is used to support activities carried out within the organization. Infrastructure that includes STMIK Rosma, including hardware, software, data, and information, and human resources that support information systems. Hardware resources include PCs that are used for clients with application program software. Windows 10 professional 32 and 64 bit as the operating system. While the software on the server uses Linux OS and PHP programming language. Data and information include infrastructure data, device data, server data and data on staff, students and lecturers at STMIK Rosma. So the need for the sustainability of this system is increasingly important. Problems that have existed in the STMIK Rosma infrastructure, such as those related to information security vulnerabilities. If this problem cannot be fixed in a sustainable manner, it will have an impact or risk on the sustainability of this infrastructure, especially the academic community. This study uses NIST SP 800-30 as the method used to solve these problems. Keywords: Information Security, NIST SP 800-30, Infrastructure, Risk Assessment

The Security Vulnerability Analysis of Nuclear Power Digital Instrument Control Platform NASPIC

2018 ◽  
Author(s):  
Hua Liu ◽  
Xiao-Hua Yang ◽  
Zhao-hui Liu ◽  
Meng Li ◽  
Zhi Chen ◽  
...  
Keyword(s):  
Power Plant ◽  
Nuclear Power Plant ◽  
Information Security ◽  
Nuclear Power ◽  
Industrial Area ◽  
Vulnerability Analysis ◽  
Industrial Control ◽  
Security Vulnerabilities ◽  
Power Plant Control ◽  
Instrument Control

From the general industrial control system to the nuclear power plant control platform, the threat of information security has its own particularity more than continuity. The original dedicated system in general industrial area is gradually replaced by many common protocol, software and equipment. As a result, the security vulnerabilities are more likely to be used illegally. For a specific nuclear power plant digital control platform-NASPIC, the vulnerability analysis of platform is performed. Mainly two aspects of technology and management are to be carried out. For technical aspects, four categories problems-unauthorized execution, unauthorized write, unauthorized reading and reject service-are analyzed. Management is mainly about the lack of management strategy and strategy vulnerability. By analyzing the fragility of the instrument control platform, the key equipments, key channels and key modules are proposed. The qualitative and quantitative rules are deduced for evaluation of NASPIC information security.

scholarly journals Construction of a Security Vulnerability Identification System Based on Machine Learning

2020 ◽  
Vol 2020 ◽  
pp. 1-9
Author(s):  
Kebin Shi ◽  
Yonghui Dai ◽  
Jing Xu
Keyword(s):  
Machine Learning ◽  
Information Security ◽  
The Other ◽  
Identification System ◽  
Security Vulnerabilities ◽  
Security Vulnerability ◽  
Solid Foundation ◽  
System Requirements ◽  
Security Incidents ◽  
Unified Description

In recent years, the frequent outbreak of information security incidents caused by information security vulnerabilities has brought huge losses to countries and enterprises. Therefore, the research related to information security vulnerability has attracted many scholars, especially the research on the identification of information security vulnerabilities. Although some organizations have established information description databases for information security vulnerabilities, the differences in their descriptions and understandings of vulnerabilities have increased the difficulty of information security precautions. This paper studies the construction of a security vulnerability identification system, summarizes the system requirements, and establishes a vulnerability text classifier based on machine learning. It introduces the word segmentation, feature extraction, classification, and verification processing of vulnerability description text. The contribution of this paper is mainly in two aspects: One is to standardize the unified description of vulnerability information, which lays a solid foundation for vulnerability analysis. The other is to explore the research methods of a vulnerability identification system for information security and establish a vulnerability text classifier based on machine learning, which can provide reference for the research of similar systems in the future.

Association Rule Mining and Evaluation Based on Information Security Vulnerabilities Main Body

2014 ◽  
Vol 687-691 ◽  
pp. 1282-1285 ◽  
Author(s):  
Ying Sui
Keyword(s):  
Information Security ◽  
Association Rules ◽  
Association Rule ◽  
Association Rule Mining ◽  
Main Body ◽  
Apriori Algorithm ◽  
User Interest ◽  
Rule Mining ◽  
Security Vulnerabilities ◽  
Evaluation Stage

Information security is a matter of concern in any sector and industry, and the vulnerability is the important factor which caused this issue. Therefore it is necessary to analyze and predict the occurrence of vulnerability. This paper used the datas of CNNVD vulnerability database and Apriori algorithm to analyze and predict the occurrence of software vulnerability. In the data preprocessing stage by changing the level of vulnerability rule we can dig out more concept association. In the evaluation stage of association rules by designing filters we can find the rules in line with the degree of user interest. Finally, this papper could demonstrate the effectiveness of of this method by experiments.

Sign in / Sign up

Export Citation Format

Share Document