Information Technology Security
VerifiedAdded on 2023/06/09
|13
|3820
|443
AI Summary
This article covers various aspects of information technology security, including cryptography, network security fundamentals, firewalls, and host hardening. It explains the goals of network security, such as confidentiality, integrity, availability, and non-repudiation, and how to prevent replay attacks. Desklib offers solved assignments, essays, and dissertations on this subject.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: INFORMATION TECHNOLOGY SECURITY
Information Technology Security
Name of Student-
Name of University-
Author’s Note-
Information Technology Security
Name of Student-
Name of University-
Author’s Note-
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1Information Technology Security
1. Cryptography
Replay attack is basically a network category where an attacker gets to know about the
data transmission and deliberately makes the data transmission delayed or makes it repeated. The
repeat or delay of data transmission is basically carried out by sender or by some malicious entity
who intercepts data as well as retransmits them (Zhu & Martínez, 2014). The replay attack is
commonly known as a security protocol that uses data transmission replays from different sender
to intended receiving system. By this replay attacks the senders are actually fooled by making
them believe that they have transmitted the data successfully. This type of attack mainly helps
the intruders or the attackers for gaining success on a network, gain all the information that
would not be easily accessible or the attacker even might conduct some duplicate transaction.
Replay attack is most commonly known as playback attack. If the replay attack is not
mitigated, then the computers or the system network are subjected to replay attacks. The victims
would see the progress of attack as the legitimate messages. There are many examples of replay
attack, out of which one is the messages that are send over a particular network to some
particular authorized user are replayed by some attacker and sends out wrong messages to the
user (Smith, Wiliem & Lovell, 2015). The messages that are sent through the network is
expected to be encrypted and the hacker might not use the actual decryption keys. Valid data
retransmission or the logon messages might help the attacker to get access to network. Replay
attack mostly gains access to all the resources by getting access of an authenticated message and
replaying them that can create a confusion to the receiver.
The best technique that can be used for mitigating the replay attacks is by the use of
digital signatures along with timestamps. There is another technique that would use to prevent
1. Cryptography
Replay attack is basically a network category where an attacker gets to know about the
data transmission and deliberately makes the data transmission delayed or makes it repeated. The
repeat or delay of data transmission is basically carried out by sender or by some malicious entity
who intercepts data as well as retransmits them (Zhu & Martínez, 2014). The replay attack is
commonly known as a security protocol that uses data transmission replays from different sender
to intended receiving system. By this replay attacks the senders are actually fooled by making
them believe that they have transmitted the data successfully. This type of attack mainly helps
the intruders or the attackers for gaining success on a network, gain all the information that
would not be easily accessible or the attacker even might conduct some duplicate transaction.
Replay attack is most commonly known as playback attack. If the replay attack is not
mitigated, then the computers or the system network are subjected to replay attacks. The victims
would see the progress of attack as the legitimate messages. There are many examples of replay
attack, out of which one is the messages that are send over a particular network to some
particular authorized user are replayed by some attacker and sends out wrong messages to the
user (Smith, Wiliem & Lovell, 2015). The messages that are sent through the network is
expected to be encrypted and the hacker might not use the actual decryption keys. Valid data
retransmission or the logon messages might help the attacker to get access to network. Replay
attack mostly gains access to all the resources by getting access of an authenticated message and
replaying them that can create a confusion to the receiver.
The best technique that can be used for mitigating the replay attacks is by the use of
digital signatures along with timestamps. There is another technique that would use to prevent
2Information Technology Security
replay attack is through creation of session keys that are generated randomly. These session keys
are mostly time bound as well as process bound. Another method for preventing the replay
attacks is for each request there is one-password generated (Patel et al., 2015). This one-time
password is used frequently by banks in banking operations. There are other methods as well that
includes non-acceptance of the duplicated messages as well as sequencing the messages.
The working process of replay attack is describe below with the help of an example. Fr
example, an employee of a company sends an encrypted message for some financial transfer.
The employee sends the message to the financial administrator of the company and at that time
the attacker eavesdrops the message, get access to the encrypted message and then resends the
message by changing the content of the message (Alegre, Janicki & Evans,2014). It is not
possible for financial administrator to get to know about the data change and data resending of
the message. The message looks real to the administrator. This will make the financial
administrator to transact money to the attacker’s account.
Preventing a Replay Attack
The only way to prevent a replay attack is proper encryption method that will help to
mitigate replay attack. The encrypted messages that are sent carries keys within them and when
the messages are received by the receiver, the messages are decrypted at the transmission end
and finally the message is opened (Zhang, Lin & Qu, 2015). The work of an attacker for
conducting a replay attack is to get hold of the original message and then replays the message
again. Decrypting the key of the original message is not the work of the attacker. To mitigate
this, the sender as well as receiver has to establish a random key session between them. This key
session consists of one code that is valid only for one transaction and it cannot be reused.
replay attack is through creation of session keys that are generated randomly. These session keys
are mostly time bound as well as process bound. Another method for preventing the replay
attacks is for each request there is one-password generated (Patel et al., 2015). This one-time
password is used frequently by banks in banking operations. There are other methods as well that
includes non-acceptance of the duplicated messages as well as sequencing the messages.
The working process of replay attack is describe below with the help of an example. Fr
example, an employee of a company sends an encrypted message for some financial transfer.
The employee sends the message to the financial administrator of the company and at that time
the attacker eavesdrops the message, get access to the encrypted message and then resends the
message by changing the content of the message (Alegre, Janicki & Evans,2014). It is not
possible for financial administrator to get to know about the data change and data resending of
the message. The message looks real to the administrator. This will make the financial
administrator to transact money to the attacker’s account.
Preventing a Replay Attack
The only way to prevent a replay attack is proper encryption method that will help to
mitigate replay attack. The encrypted messages that are sent carries keys within them and when
the messages are received by the receiver, the messages are decrypted at the transmission end
and finally the message is opened (Zhang, Lin & Qu, 2015). The work of an attacker for
conducting a replay attack is to get hold of the original message and then replays the message
again. Decrypting the key of the original message is not the work of the attacker. To mitigate
this, the sender as well as receiver has to establish a random key session between them. This key
session consists of one code that is valid only for one transaction and it cannot be reused.
3Information Technology Security
2. Network Security Fundamentals
Four general goals for securing networking are confidentiality, integrity, availability, and
non-repudiation. All the goals are stated below with examples.
Confidentiality: To implement a network security, the first goals is to maintain the
confidentiality. The main function of confidentiality is protecting the business data that are
stored in the system from an unauthorized person (Luan et al., 2015). To maintain the
confidentiality in a network security, it is made sure that the data is only available to the intended
as well as authorized person. The business data should only be accessible to the employees of the
companies or the sender and the receiver. The persons who are authorized to access the data
should only get the access of the data. Confidentiality mainly deals with controlling the access of
the files in the storage or the transit. For maintaining the confidentiality, there should be system
configuration or the products configuration.
For example: Taking the example of bank records, all the customers associated with the
bank should be able to access their data along with the employees of the bank who helps to
conduct a transaction. No other person should get the right to access them. Confidentiality fails
when the data is accessed by some other person intentionally or accidentally. Failure of
confidentiality is most commonly known as data breach. If the details of the bank are made
public, then it will be accessible to all others. Majority of the incidents that are reported recently
involves confidentiality loss.
Integrity: Integrity is the second goal for the Network Security. The main aim of
integrity involves assuring as well as maintaining the consistency and accuracy of the data.
Function of integrity is maintaining a proper accurate data and the data should be reliable and
2. Network Security Fundamentals
Four general goals for securing networking are confidentiality, integrity, availability, and
non-repudiation. All the goals are stated below with examples.
Confidentiality: To implement a network security, the first goals is to maintain the
confidentiality. The main function of confidentiality is protecting the business data that are
stored in the system from an unauthorized person (Luan et al., 2015). To maintain the
confidentiality in a network security, it is made sure that the data is only available to the intended
as well as authorized person. The business data should only be accessible to the employees of the
companies or the sender and the receiver. The persons who are authorized to access the data
should only get the access of the data. Confidentiality mainly deals with controlling the access of
the files in the storage or the transit. For maintaining the confidentiality, there should be system
configuration or the products configuration.
For example: Taking the example of bank records, all the customers associated with the
bank should be able to access their data along with the employees of the bank who helps to
conduct a transaction. No other person should get the right to access them. Confidentiality fails
when the data is accessed by some other person intentionally or accidentally. Failure of
confidentiality is most commonly known as data breach. If the details of the bank are made
public, then it will be accessible to all others. Majority of the incidents that are reported recently
involves confidentiality loss.
Integrity: Integrity is the second goal for the Network Security. The main aim of
integrity involves assuring as well as maintaining the consistency and accuracy of the data.
Function of integrity is maintaining a proper accurate data and the data should be reliable and
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4Information Technology Security
also ensures that the hackers or any unauthorized person will not be able to change the data (Yan
& Wang, 2017). Data that is received by the receiver is exactly same as the sender sends it
without any changing of data in the way of transmission. To ensure integrity means version
control that makes sure that the documents are changed only by the right people.
Example of Integrity: Taking the example of a website. The main motive of a website
owner is to sell the products online through the website. If somehow an attacker changes the
prices of the product, it hampers the integrity of data. The changing of prices in the website leads
to integrity failure because the data is altered without the consent of the data owner.
Availability: Availability is the third goal of Network security. The main function this
goal in the Network Security is making the data, network services as well network resources
available to all authenticated users (Behringer et al., 2015). Any other unauthenticated users
should not get the access of the network service or the network resource. Availability is a rare
goal of network security. The information or data are to be kept safe from any other unauthorized
hackers. If hackers get hold of the information, then the actual user of the data cannot get it when
needed. So, there is a need to keep backups of all data in the storage with the bandwidth as well
as re-examine the facilities that many of the users leave out even without have a security
planning.
Non-repudiation: The last and the fourth goal of network security is non-repudiation.
The non-repudiation is an ability that proves as well as disproves that some uncommon has
happened in the financial transaction or in the binding signature of the legal agreement (Yan &
Yu, 2015). Non-repudiation has roots in the legal processes that are intended for preventing the
entities from claiming that the hackers have not agreed or signed a document.
also ensures that the hackers or any unauthorized person will not be able to change the data (Yan
& Wang, 2017). Data that is received by the receiver is exactly same as the sender sends it
without any changing of data in the way of transmission. To ensure integrity means version
control that makes sure that the documents are changed only by the right people.
Example of Integrity: Taking the example of a website. The main motive of a website
owner is to sell the products online through the website. If somehow an attacker changes the
prices of the product, it hampers the integrity of data. The changing of prices in the website leads
to integrity failure because the data is altered without the consent of the data owner.
Availability: Availability is the third goal of Network security. The main function this
goal in the Network Security is making the data, network services as well network resources
available to all authenticated users (Behringer et al., 2015). Any other unauthenticated users
should not get the access of the network service or the network resource. Availability is a rare
goal of network security. The information or data are to be kept safe from any other unauthorized
hackers. If hackers get hold of the information, then the actual user of the data cannot get it when
needed. So, there is a need to keep backups of all data in the storage with the bandwidth as well
as re-examine the facilities that many of the users leave out even without have a security
planning.
Non-repudiation: The last and the fourth goal of network security is non-repudiation.
The non-repudiation is an ability that proves as well as disproves that some uncommon has
happened in the financial transaction or in the binding signature of the legal agreement (Yan &
Yu, 2015). Non-repudiation has roots in the legal processes that are intended for preventing the
entities from claiming that the hackers have not agreed or signed a document.
5Information Technology Security
For example: Taking the example of a retailer. A retailer provides their customer with
electronically generated invoices using the integration interface. The interface that is used
confirms by taking confirmation from the partner associated that they have decrypted the
message that was send to them along with the public key that was found in the digital certificate
of the partner. This is done by sending a hash code that is encrypted and requires the partner to
decrypt it and finally sends back the message to the network (Burke et al., 2014). To decrypt the
message with the hash code by its partner needs an audit trail to be created. The partner can only
claim that the transaction have not occur is by saying that the private keys are being
compromised.
3. Firewalls
The operation that is done by a stateful firewall is usually very complex. The internal
complexity of stateful firewall is capable of making implementation of stateful firewall much
easily. The firewall maintains a state table through conducting operation (Edeline et al., 2016).
The entries for individual configuration are not actually required by an ACL configuration.
Mainly the thing that is required for the firewall sis the need of configuring internal interface as
well as external interface. The firewalls are mostly used by people without noticing the interface
of the firewall. This is because in most of the houses, there are internet routers which implements
the stateful firewall by using the port of LAN as an interface of internal firewall. The port of
WAN is also connected as interface of external firewall (Liet al., 2017). This mainly helps the
traffic to flow freely from internal interface to Internet without allowing the external traffic to
flow in the internal network. This shows the importance of stateful firewall and the operation of
the stateful router and the way it can be used for securing the internal networks.
For example: Taking the example of a retailer. A retailer provides their customer with
electronically generated invoices using the integration interface. The interface that is used
confirms by taking confirmation from the partner associated that they have decrypted the
message that was send to them along with the public key that was found in the digital certificate
of the partner. This is done by sending a hash code that is encrypted and requires the partner to
decrypt it and finally sends back the message to the network (Burke et al., 2014). To decrypt the
message with the hash code by its partner needs an audit trail to be created. The partner can only
claim that the transaction have not occur is by saying that the private keys are being
compromised.
3. Firewalls
The operation that is done by a stateful firewall is usually very complex. The internal
complexity of stateful firewall is capable of making implementation of stateful firewall much
easily. The firewall maintains a state table through conducting operation (Edeline et al., 2016).
The entries for individual configuration are not actually required by an ACL configuration.
Mainly the thing that is required for the firewall sis the need of configuring internal interface as
well as external interface. The firewalls are mostly used by people without noticing the interface
of the firewall. This is because in most of the houses, there are internet routers which implements
the stateful firewall by using the port of LAN as an interface of internal firewall. The port of
WAN is also connected as interface of external firewall (Liet al., 2017). This mainly helps the
traffic to flow freely from internal interface to Internet without allowing the external traffic to
flow in the internal network. This shows the importance of stateful firewall and the operation of
the stateful router and the way it can be used for securing the internal networks.
6Information Technology Security
The toughest part of operation with the stateful firewall is about how the firewall deals
with the UDP (User Datagram Protocol) as well as the ICMP (Internet Control Message
Protocol). The operation becomes tough as none of the protocols is similar to that of the TCP
(Alcock, Möller & Nelson, 2016). With the help of UDP, there must be track state of the firewall
by using the source address as well as the destination address as well as destination and source
port numbers. The UDP connection is not that much secure as state tracking which is much more
easily available with the TCP. With the UDP connection, a mechanism is offered that is much
easier for using as well as maintaining with the ACLs. The UDP as well as ICMP brings
additional complications in state tracking. This happens because the UDP mainly utilizes the
ICMP for the assistance connection and ICMP is mostly inherently one of the many ways of it
operations (Lin et al., 2017). With the ICMP only, it can be tracked truly within the state table
for many operations that takes place. The operations that have been built up includes reply
packets. The reply packets includes echo as well as echo-reply. For all the operations that are
associated with the firewall must maintain a related state. This state is usually used when the
ICMP packet is retransmitted in the response of the existing UDP entry of state table.
There are also information of connectionless sessions that are kept with same session
table as for doing the TCP traffic. The value of timeout mostly allows closing session if the
application layer protocol is kept unknown that does not allow the commands termination or
communication errors (Naik & Jenkins, 2016). If after applying the gateway of application layer
the session gets closed out as soon as possible. After applying the gateway, the firewall gets to
know about the protocol and so can keep a track on the closed session. For example- For an
ICMP Echo Request, there are session information that can be removed when ICMP Echo Reply,
not reachable, timeout and such other messages are received.
The toughest part of operation with the stateful firewall is about how the firewall deals
with the UDP (User Datagram Protocol) as well as the ICMP (Internet Control Message
Protocol). The operation becomes tough as none of the protocols is similar to that of the TCP
(Alcock, Möller & Nelson, 2016). With the help of UDP, there must be track state of the firewall
by using the source address as well as the destination address as well as destination and source
port numbers. The UDP connection is not that much secure as state tracking which is much more
easily available with the TCP. With the UDP connection, a mechanism is offered that is much
easier for using as well as maintaining with the ACLs. The UDP as well as ICMP brings
additional complications in state tracking. This happens because the UDP mainly utilizes the
ICMP for the assistance connection and ICMP is mostly inherently one of the many ways of it
operations (Lin et al., 2017). With the ICMP only, it can be tracked truly within the state table
for many operations that takes place. The operations that have been built up includes reply
packets. The reply packets includes echo as well as echo-reply. For all the operations that are
associated with the firewall must maintain a related state. This state is usually used when the
ICMP packet is retransmitted in the response of the existing UDP entry of state table.
There are also information of connectionless sessions that are kept with same session
table as for doing the TCP traffic. The value of timeout mostly allows closing session if the
application layer protocol is kept unknown that does not allow the commands termination or
communication errors (Naik & Jenkins, 2016). If after applying the gateway of application layer
the session gets closed out as soon as possible. After applying the gateway, the firewall gets to
know about the protocol and so can keep a track on the closed session. For example- For an
ICMP Echo Request, there are session information that can be removed when ICMP Echo Reply,
not reachable, timeout and such other messages are received.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7Information Technology Security
4. Host Hardening
Security Baseline can be defined as group of basic objectives of security that must
satisfied given by and service or any system. The main objective that are chosen for security
baseline are needed to be pragmatic as well as complete. These objectives do not impose
technical means. So, how the security objectives are achieved are particularly mentioned in the
document separately. The document which mentions the objective is known as Security
Implementation Document (Bauer et al., 2016). The details that are mentioned in the security
baseline document depends on operational environment on which the service or the system is
deployed in and so the details can be used creatively used as well as applied with any particular
security measure. Derogations from baseline are expected as well as possible that are marked
explicitly.
All the systems or the services that are implemented or deployed in the compliance with
the Security Implementation Document. Any kind of non-compliance with mostly lead to the
reduced connectivity network for affective systems and the services. This involves closure of the
CERN firewall openings, access many other network domains or disconnect the network from
the CERN network.
The standards of security baseline mainly refers to some individual sets consisting of
necessary procedures for security as well as objectives that are set aside for some given system
or the service that are to be meet. The choices of the objectives should confirm the completeness
as well as pragmatism and the objective should not impose the technical means. So, all details
that are involved in the objective of security baseline are then set as well as fulfilled by some
particular system or some services (DiMase et al., 2015). The details are then documented in
4. Host Hardening
Security Baseline can be defined as group of basic objectives of security that must
satisfied given by and service or any system. The main objective that are chosen for security
baseline are needed to be pragmatic as well as complete. These objectives do not impose
technical means. So, how the security objectives are achieved are particularly mentioned in the
document separately. The document which mentions the objective is known as Security
Implementation Document (Bauer et al., 2016). The details that are mentioned in the security
baseline document depends on operational environment on which the service or the system is
deployed in and so the details can be used creatively used as well as applied with any particular
security measure. Derogations from baseline are expected as well as possible that are marked
explicitly.
All the systems or the services that are implemented or deployed in the compliance with
the Security Implementation Document. Any kind of non-compliance with mostly lead to the
reduced connectivity network for affective systems and the services. This involves closure of the
CERN firewall openings, access many other network domains or disconnect the network from
the CERN network.
The standards of security baseline mainly refers to some individual sets consisting of
necessary procedures for security as well as objectives that are set aside for some given system
or the service that are to be meet. The choices of the objectives should confirm the completeness
as well as pragmatism and the objective should not impose the technical means. So, all details
that are involved in the objective of security baseline are then set as well as fulfilled by some
particular system or some services (DiMase et al., 2015). The details are then documented in
8Information Technology Security
different document of implementation of security baseline. The details of the security baseline
mainly depends on the background of specific or particular operational environment where the
service or the system runs. The type of security measures that are used is limited to the creativity
as well as relevant application of the developer. There are derogations from security baselines
also that are always expected as well as possible to occur, the most appropriate way is to note
them periodically as well as mark them to avoid any other further derogations.
The most primary as well as primary objective for establishing as well as following up
the security baseline is done so that the baseline is strengthened as well as promoted by an
organization’s security specifically related to the computing assets (Lestari et al., 2016). The first
way that are necessary for successfully achieving the objective is adopting MSB (Minimum
Security Baselines). The implementation as well adoption of different security systems helps to
enhance the host of the system. The MSB helps to allow the use of time much efficiently as well
as makes provision of the technical support of system and the service that makes the user to use
the objective easily (Qi et al., 2014). These compliances will be possible because of the
compliance of system that is known and is tested for some application set that is used by the
organizations.
Security baseline are basically some set of principles in a particular way where there is no
way of conflict with the security system. The objectives of the security baseline are mostly
optimized as the tools that are used for implementing the ideas and the goals that are stipulated
for the security system. The goals of security baseline reflects the ways as well as the means that
makes the prevailing security to work more efficiently (Layton, 2016). The baseline of security
mostly reflects the provisions of security policy and then highlights all such necessary guidelines
different document of implementation of security baseline. The details of the security baseline
mainly depends on the background of specific or particular operational environment where the
service or the system runs. The type of security measures that are used is limited to the creativity
as well as relevant application of the developer. There are derogations from security baselines
also that are always expected as well as possible to occur, the most appropriate way is to note
them periodically as well as mark them to avoid any other further derogations.
The most primary as well as primary objective for establishing as well as following up
the security baseline is done so that the baseline is strengthened as well as promoted by an
organization’s security specifically related to the computing assets (Lestari et al., 2016). The first
way that are necessary for successfully achieving the objective is adopting MSB (Minimum
Security Baselines). The implementation as well adoption of different security systems helps to
enhance the host of the system. The MSB helps to allow the use of time much efficiently as well
as makes provision of the technical support of system and the service that makes the user to use
the objective easily (Qi et al., 2014). These compliances will be possible because of the
compliance of system that is known and is tested for some application set that is used by the
organizations.
Security baseline are basically some set of principles in a particular way where there is no
way of conflict with the security system. The objectives of the security baseline are mostly
optimized as the tools that are used for implementing the ideas and the goals that are stipulated
for the security system. The goals of security baseline reflects the ways as well as the means that
makes the prevailing security to work more efficiently (Layton, 2016). The baseline of security
mostly reflects the provisions of security policy and then highlights all such necessary guidelines
9Information Technology Security
that are necessary for the preparation of many individual system that are applicable for the
production purpose.
that are necessary for the preparation of many individual system that are applicable for the
production purpose.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10Information Technology Security
References
Alcock, S., Möller, J. P., & Nelson, R. (2016, November). Sneaking Past the Firewall:
Quantifying the Unexpected Traffic on Major TCP and UDP Ports. In Proceedings of the
2016 Internet Measurement Conference (pp. 231-237). ACM.
Alegre, F., Janicki, A., & Evans, N. (2014, September). Re-assessing the threat of replay
spoofing attacks against automatic speaker verification. In Biometrics Special Interest
Group (BIOSIG), 2014 International Conference of the (pp. 1-6). IEEE.
Bauer, E., Schluga, O., Maksuti, S., Bicaku, A., Hofbauer, D., Ivkić, I., ... & Tauber, M. (2016).
Towards a Security Baseline for IaaS-Cloud Back-Ends in Industry 4.0.
Behringer, M., Pritikin, M., Bjarnason, S., Clemm, A., Carpenter, B., Jiang, S., & Ciavaglia, L.
(2015). Autonomic networking: Definitions and design goals (No. RFC 7575).
Burke, J., Gasti, P., Nathan, N., & Tsudik, G. (2014, August). Secure sensing over named data
networking. In 2014 IEEE 13th International Symposium on Network Computing and
Applications (NCA) (pp. 175-180). IEEE.
DiMase, D., Collier, Z. A., Heffner, K., & Linkov, I. (2015). Systems engineering framework for
cyber physical security and resilience. Environment Systems and Decisions, 35(2), 291-
300.
Edeline, K., Kühlewind, M., Trammell, B., Aben, E., & Donnet, B. (2016). Using UDP for
internet transport evolution. arXiv preprint arXiv:1612.07816.
Layton, T. P. (2016). Information Security: Design, implementation, measurement, and
compliance. Auerbach Publications.
References
Alcock, S., Möller, J. P., & Nelson, R. (2016, November). Sneaking Past the Firewall:
Quantifying the Unexpected Traffic on Major TCP and UDP Ports. In Proceedings of the
2016 Internet Measurement Conference (pp. 231-237). ACM.
Alegre, F., Janicki, A., & Evans, N. (2014, September). Re-assessing the threat of replay
spoofing attacks against automatic speaker verification. In Biometrics Special Interest
Group (BIOSIG), 2014 International Conference of the (pp. 1-6). IEEE.
Bauer, E., Schluga, O., Maksuti, S., Bicaku, A., Hofbauer, D., Ivkić, I., ... & Tauber, M. (2016).
Towards a Security Baseline for IaaS-Cloud Back-Ends in Industry 4.0.
Behringer, M., Pritikin, M., Bjarnason, S., Clemm, A., Carpenter, B., Jiang, S., & Ciavaglia, L.
(2015). Autonomic networking: Definitions and design goals (No. RFC 7575).
Burke, J., Gasti, P., Nathan, N., & Tsudik, G. (2014, August). Secure sensing over named data
networking. In 2014 IEEE 13th International Symposium on Network Computing and
Applications (NCA) (pp. 175-180). IEEE.
DiMase, D., Collier, Z. A., Heffner, K., & Linkov, I. (2015). Systems engineering framework for
cyber physical security and resilience. Environment Systems and Decisions, 35(2), 291-
300.
Edeline, K., Kühlewind, M., Trammell, B., Aben, E., & Donnet, B. (2016). Using UDP for
internet transport evolution. arXiv preprint arXiv:1612.07816.
Layton, T. P. (2016). Information Security: Design, implementation, measurement, and
compliance. Auerbach Publications.
11Information Technology Security
Lestari, F., Kurniawidjaja, M. L., & Hartono, B. (2016). Baseline survey on the implementation
of laboratory chemical safety, health and security within health faculties laboratories at
Universitas Indonesia. Journal of Chemical Health and Safety, 23(4), 38-43.
Li, H., Deng, J., Hu, H., Wang, K. C., Ahn, G. J., Zhao, Z., & Han, W. (2017, June). Poster: On
the Safety and Efficiency of Virtual Firewall Elasticity Control. In Proceedings of the
22nd ACM on Symposium on Access Control Models and Technologies (pp. 129-131).
ACM.
Lin, S., Zhang, D., Fu, Y., & Wang, S. (2017, October). A design of the ethernet firewall based
on FPGA. In Image and Signal Processing, BioMedical Engineering and Informatics
(CISP-BMEI), 2017 10th International Congress on (pp. 1-5). IEEE.
Luan, T. H., Lu, R., Shen, X., & Bai, F. (2015). Social on the road: Enabling secure and efficient
social networking on highways. IEEE Wireless Communications, 22(1), 44-51.
Naik, N., & Jenkins, P. (2016, July). Fuzzy reasoning based windows firewall for preventing
denial of service attack. In Fuzzy Systems (FUZZ-IEEE), 2016 IEEE International
Conference on (pp. 759-766). IEEE.
Patel, K., Han, H., Jain, A. K., & Ott, G. (2015, May). Live face video vs. spoof face video: Use
of moiré patterns to detect replay video attacks. In Biometrics (ICB), 2015 International
Conference on (pp. 98-105). IEEE.
Qi, L., Zhan, S., Xiao, Y., Jie, H., Xie, Y. G., Zhe, Q., & Juan, W. (2014, December). A
Simulation-based Approach to Acquire Information Security Baseline of Network
Device. In Information Engineering (Vol. 3, pp. 49-52). Science and Engineering
Publishing Company.
Lestari, F., Kurniawidjaja, M. L., & Hartono, B. (2016). Baseline survey on the implementation
of laboratory chemical safety, health and security within health faculties laboratories at
Universitas Indonesia. Journal of Chemical Health and Safety, 23(4), 38-43.
Li, H., Deng, J., Hu, H., Wang, K. C., Ahn, G. J., Zhao, Z., & Han, W. (2017, June). Poster: On
the Safety and Efficiency of Virtual Firewall Elasticity Control. In Proceedings of the
22nd ACM on Symposium on Access Control Models and Technologies (pp. 129-131).
ACM.
Lin, S., Zhang, D., Fu, Y., & Wang, S. (2017, October). A design of the ethernet firewall based
on FPGA. In Image and Signal Processing, BioMedical Engineering and Informatics
(CISP-BMEI), 2017 10th International Congress on (pp. 1-5). IEEE.
Luan, T. H., Lu, R., Shen, X., & Bai, F. (2015). Social on the road: Enabling secure and efficient
social networking on highways. IEEE Wireless Communications, 22(1), 44-51.
Naik, N., & Jenkins, P. (2016, July). Fuzzy reasoning based windows firewall for preventing
denial of service attack. In Fuzzy Systems (FUZZ-IEEE), 2016 IEEE International
Conference on (pp. 759-766). IEEE.
Patel, K., Han, H., Jain, A. K., & Ott, G. (2015, May). Live face video vs. spoof face video: Use
of moiré patterns to detect replay video attacks. In Biometrics (ICB), 2015 International
Conference on (pp. 98-105). IEEE.
Qi, L., Zhan, S., Xiao, Y., Jie, H., Xie, Y. G., Zhe, Q., & Juan, W. (2014, December). A
Simulation-based Approach to Acquire Information Security Baseline of Network
Device. In Information Engineering (Vol. 3, pp. 49-52). Science and Engineering
Publishing Company.
12Information Technology Security
Smith, D. F., Wiliem, A., & Lovell, B. C. (2015). Face recognition on consumer devices:
Reflections on replay attacks. IEEE Transactions on Information Forensics and
Security, 10(4), 736-745.
Yan, Q., & Yu, F. R. (2015). Distributed denial of service attacks in software-defined
networking with cloud computing. IEEE Communications Magazine, 53(4), 52-59.
Yan, Z., & Wang, M. (2017). Protect pervasive social networking based on two-dimensional
trust levels. IEEE Systems Journal, 11(1), 207-218.
Zhang, J., Lin, Y., & Qu, G. (2015). Reconfigurable binding against FPGA replay attacks. ACM
Transactions on Design Automation of Electronic Systems (TODAES), 20(2), 33.
Zhu, M., & Martínez, S. (2014). On the performance analysis of resilient networked control
systems under replay attacks. IEEE Transactions on Automatic Control, 59(3), 804-808.
Smith, D. F., Wiliem, A., & Lovell, B. C. (2015). Face recognition on consumer devices:
Reflections on replay attacks. IEEE Transactions on Information Forensics and
Security, 10(4), 736-745.
Yan, Q., & Yu, F. R. (2015). Distributed denial of service attacks in software-defined
networking with cloud computing. IEEE Communications Magazine, 53(4), 52-59.
Yan, Z., & Wang, M. (2017). Protect pervasive social networking based on two-dimensional
trust levels. IEEE Systems Journal, 11(1), 207-218.
Zhang, J., Lin, Y., & Qu, G. (2015). Reconfigurable binding against FPGA replay attacks. ACM
Transactions on Design Automation of Electronic Systems (TODAES), 20(2), 33.
Zhu, M., & Martínez, S. (2014). On the performance analysis of resilient networked control
systems under replay attacks. IEEE Transactions on Automatic Control, 59(3), 804-808.
1 out of 13
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.