- Patrick Kamongi added an answer:10Is there any systematic way to identify assets during threat modeling and risk analysis?
Identifying assets is the primary, and most critical step in threat modeling, because assets are essentially threat targets.
So, How we could determine that the list of assets is complete and be sure that we have not overlooked relevant assets?
In addition to the above great feedbacks, you should also take in consideration all dependencies(1st, 2nd, etc... Order Levels) that each asset leverages and how many assets may share common dependencies.Following
- Ryan Heartfield added an answer:5Are there any new Social Engineering detection techniques?It seems that not much work - too little in fact, is being done to find solutions to detect SE attacks. I would appreciate any references to the latest SE detection techniques research.
I have recently had a journal paper approved for publication in ACM Computing Surveys titled "A taxonomy of attacks and survey of defence mechanisms for semantic social engineering attacks".
The taxonomy proposed provides a generic, linear classification structure for technically classifying any semantic attack. It is designed to inform developers/researchers of the key technical concepts that should be considered when implementing SE defence mechanisms. The paper also includes a literature on current defenses mechanisms for semantic attacks, contrasting the threat landscape and the associated mitigation techniques in a single comparative matrix.
For the pre-publication copy of the journal paper please see:
I expect it to be available in ACM CSUR early next year. I hope it helps!Following
- 2Has single/dual n-back training any lasting effects?
Does single or dual-n-back training have any lasting, transferable effects on other cognitive skills, apart from improving the performance in running the dual-n-back game? Some research studies indicate that it may have some effect for some people with some conditions (e.g. older people, people with dysphoria etc.), however larger meta-studies indicate no or very small effect in general as well as methodological problems in the underlying studies. The research therefore seems inconclusive.
What is your research experience with this? Are there any groups or conditions where such training has been shown to have transferable, lasting effects?
Thank you, Luke.
Tiina's work looks very interesting.Following
- Majid Bakhtiari added an answer:12What are the encryption schemes used in SMS?
I would like to know about the encryption systems used in SMS coding (both for the purpose of transmission data security) in mobile modern phones.
1- SMS does not encrypt in GSM .
Related to key management in GSM, this is why they using from IV.Following
- Zakir Khan added an answer:5What are the main parameters used to measure the strength of an information security algorithm?To compare different techniques/algorithm what parameters are used and how can they be implemented in matlab.
for signals processing
Low pass filtering
another aspects parameters
- Natalia G. Miloslavskaya added an answer:13Do we need Information Security Theory?Any thoughts about the need for and possibility of creating a complete IS Theory as a basic science?
I would like to add we should ensure also availability, confidentiality, autenticity, non-repudiation etc. All these qualities of information and IT infrastructure assets are very important, not only integrity.Following
- Mel Griffiths added an answer:2What are the dangers and benefits of "mass" surveillance systems and data profiling?I would like to know the impact on both sides: people's privacy and government security.
In terms of mass surveillance, use of metadata and the security versus privacy implications, have a look at the following papers. All are very recent and offer some insight into the dangers and benefits of mass surveillance and big data.
Lyon, D. (2014). Surveillance, snowden, and big data: capacities, consequences, critique. Big Data & Society, 1(2), 2053951714541861.
Schneier, B. (2014). Metadata= Surveillance. IEEE Security & Privacy, (2), 84-84.
Miller, K. (2014). Total Surveillance, Big Data, and Predictive Crime Technology: Privacy's Perfect Storm. J. Tech. L. & Pol'y, 19, 105.Following
- Quist-Aphetsi Kester added an answer:9How can I process data loss when applying steganography using DCT?
when hide some bits of secret message in DCT coefficients ,we note some lossy in extracting message(sorry for bad English)
Gusharanjeet Singh Kalra is right in his explanationFollowing
- Mehdi Kargar added an answer:7What is penetration testing? How it is implemented in information security?I need information on penetration testing to find out the vulnerabilities in the network.
The action is to find security holes in a company or an organization to protect and secure sensitive informationFollowing
- Abdullah A. Mohamed added an answer:5I aim to design on-line IDS by using nsl-kDD data set. is there any way to extract the features of NSL-KDD from a real packet?NSL-KDD features consist of 42 features, divided into three classes TCP header, domain and 2-Minette connection. The first type is extracted easily, but the last tow type i can't seem to get. Is there any tool, program language lib. C#.net or other that could be of help?
The feature is shown below.
10 hot no. of hot indicators
11 number failed logins no. of failed logins
12 logged in (discrete)
13 number compromised no. of compromised conditions
14 root shell
15 su attempted
16 num root no. of root accesses
17 num file creations no. of file creation operations
18 num shells no. of shell prompts
19 num access files no. of operations on access control files
20 num outbound cmds no. of outbound commands in an ftp sessionc
21 is host login (if the login belongs to the hot List)
22 is guest login
23 count no. of connections to the same host as the current connection in
24 srv count no. of connections to the same service as the current connection in the past two seconds
25 Serror rate % of connections that have SYN errors
26 srv Serror rate % of connections that have SYN errors
27 rerror rate % of connections that have REJ errors
28 srv rerror rate % of connections that have REJ errors
29 same srv rate % of connections to the same ser-vice
30 diff srv rate % of connections to different service
31 srv diff host rate
32 dst host count
33 dst host srv count
thanks Mr. Mahdy. I will.Following
- Sirapat Boonkrong added an answer:3Is there any way to perform manual assocation of random MAC addresses with the access point in a wireless environment?
I wanted to know if an attacker can do manual associations of random MAC addresses with the access point.
Can it be done in case of WPA2 encrypted networks too, i mean the complete four way handshaking involved during authentication?
It depends what type of authentication you are doing.
If you do "open authentication", it is possible for any attacker to fake a MAC address.
If you do "shared-key authentication", then it becomes more difficult because authentication is done using the pre-shared secret key, rather than a MAC address.
Bear in mind that if your wireless network uses DHCP, it is very likely that you will need to have an additional authentication layer to stop DHCP from giving out IP address automatically.Following
- 11What steps should be considered before implementing ISMS in an organization?
I am providing the scope of ISMS for an organization who has contract with us. We are going to test the feasibility before implementing ISMS. Does anyone have any idea about such an issue?
Thank you so much.
We have now released a set of resources from the PRECYSE EU project that are useful for implementing an Information Security Management System:
I have released a course on using the Verinice ISMS:
The YouTube playlist "PRECYSE Verinice Course" with screencast videos is here:
The arftoverinice import filter for importing OpenVAS scans into Verinice is here:
The Magerit control catalogue and OCIL test suite is here:
- 7How can we authenticate a remote program?
Suppose we have a set of API hosted on a local server. I only want legal remote programs to invoke those APIs. If the remote program is, let's say the original program that I uploaded to the remote machine, then I allow the invoke. If the remote program is a version tampered by the attacker, then I disallow it. How can I bind the program's identity to the function invocation to determine whether the remote program is not tampered?
Remote attestation based on trusted computing supports detecting changes of the remote software.Following
- Priti Puri added an answer:3What is the most appropriate classification method to classify qualitative parameters of bank's risk (i.e. reputation, legal and compliance) ?
Regarding to Basel II Pillar 2, they spelled out that bank should notice other inherent risk such as compliance, reputation, legal and strategic risk. These are qualitative (as far as I know, except there is a way to quantify them).
I was thinking about Fuzzy Inference System, but looking at the high dynamic economic condition, this method is no longer applicable or not proper enough to cover the possibilities.
Any answer and discussion are welcome, it will be my pleasure to catch your answer/ideas.
- Louis Brassard added an answer:47Do you support Tom Leinster's call not to help intelligence services through mathematics?"Intelligence agencies hire lots of mathematicians, but would-be employees must realise that their work is misused to snoop on everyone, says Tom Leinster"
New Scientist has published an article recently, where Tom Leinster asks mathematicians to stay away from supporting NSA, CIA, GCHQ, (former) KGB and all the other organizations that spy on us. I even don't know the name of their Chinese colleagues' organization.
What are your thoughts on this?
I recommend the 2014 documentary film (can be freely seen on the internet) : Citizenfour ; it shows the behind the scene of the Edward Snowden and the NSA spying scandal. It was shot during the events. It won the Academy Award for Best Documentary Feature at the 2015 Oscars.Following
- Xavier Bonnaire added an answer:15Can anyone help me to find research in using encryption algorithms to secure Peer to peer network?
I try to find some research papers for securing Peer to peer network,
You can have a look to the following publication. This is a particular case about certification, but you may find useful ideas.Following
- Muhammad Imran Tariq added an answer:2How can I simulate SLA based Information Security metrics for Cloud Computing?
I have made SLA based Information Security Metrics for Cloud Computing and desired to simulate on any simulator..
Would you please suggest me appropriate simulator and the way to simulate it
Thanks Hamza Kheddar, It is really a good material for initial study.....
I installed CloudSim and now working on this.... if you have any other material relates to my request then please send and oblige.
- Muhammad Imran Tariq added an answer:16Which Information Security framework / standard/certification/guide is best for cloud organizations to maintain their security?There are several Information Security frameworks, standards, certifications and guides to maintain security in an organization.
Would you share which one is best for said purpose?
Thanks Vito for your appreciation and Acknowledge. It is Book not paper. I will find out ISO 27001:20013 on internet :)
Muhammad Imran TariqFollowing
- Quist-Aphetsi Kester added an answer:9How to provide better security in our online communication?If it is on internet it is not private!!!
by using the state of the arts cryptographic methods like post quantum cryptographyFollowing
- Ahmad T Siddiqui added an answer:2Is there any article which discussed case study / application of privacy in distributed data mining?
I want to know about real case study of privacy threat cause of association rule mining (Distributed or centralized database).
try these links:
Hope it helps...Following
- Vanessa Ayala-Rivera asked a question:OpenHi, could someone please point me to a numerical example showing how Mantaras distance is used to compare two partitions?
As additional context, I am planning to use this metric in clustering evaluation to calculate the distance between two partitions (each one with a set of clusters). However, I am always getting a distance of 1 (regardless of the input clusters). This issue leads me to believe that I might be interpreting incorrectly a part of the equation: Dist(Pa,Pb) = 2 - (I(Pa) + I(Pb)/I(Pa ∩ Pb)). Unfortunately, all the references I have found only show the involved equations without a detailed example.Following
- Per M. Gustavsson added an answer:7Can anyone help me with main principles and models usually used for visualization of information security events and incidents?For information security managers in SIEM systems
Look at the start-ups that showed their products at CyberTech2014 as an example (https://www.cybertechisrael.com/) - there you have both common and innovative methods.
Is it real-time monitoring or is it to reconstruct an event chain?
Should it be used for informed decision making? Purpose ?
Real-time monitoring then the process views etc. in ITIL CORBIT may be to complicated. Often different gauge meters dashboards, network views are used, which do not provide with insightin whats happening (compare to balanced score card dashboards or lean dashboards...) In a reconstruction analysis phase ITIL, CORBIT or rather the business process view will add value for visualization.Following
- Devi Thiyagarajan added an answer:4Does anyone know of a simulator that supports implementing cryptography algorithms in the cloud?I’m conducting a research on cloud computing security. I need a cloud computing simulator that supports implementation of cryptography algorithms. Please advise me which simulator to use.
I would like to implement ECC algorithm in for securing files in CLoud.. Wat kind of implementation i can do...Following
- Mojtaba Alizadeh added an answer:3Is this statement correct: "Mobile devices such as laptops, mobile phones, USB memories, and PDAs do not posses tamper-resistant characteristics"?
The problem is that most of authentication methods that use smart card in authentication procedures, are vulnerable against theft. Is it correct?
Ref: "Cryptanalysis and Improvement of “An Efficient and Secure Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems” (Khan and Kumari, 2014)
Thank you so much for your comprehensive answer, and for your time to answer this question. Your answer is completely helpful.
- Marcin Piekarczyk added an answer:3What is an efficient algorithm for arithmetic encoding of biometric data?
Encoding of biometric data to arithmetic for use in cryptographyFollowing
- Mohamed Amine Ferrag added an answer:7Could anyone present some information, survey about the public key encryption with keyword search applied to cloud computing ?
Traditional searchable encryption has been widely studied in the context of cryptography. Could anyone present some information, survey about the public key encryption with keyword search applied to cloud computing?
Thnaks for the link.
- A. Frolov added an answer:20How can we automate penetration testing in order to improve network security?Penetration testing is a very difficult and complex task in network security testing. How can we automate this process? Which tools or demo and test versions are available?
Alexander Frolov, Alexander Vinnikov. FSM Simulation of Cryptographic Protocols Using Algebraic Pr0cessor. In Proceedings of the Ninth International Conference on Dependability and Complex systems DepCoS-RELCOMEX, June 30-Juy 4,2014. P.189-198.
We study FSM model of cryptographic protocols that reflects both the system functionality and strategy of attacks and explored the fact that all data are divided into two classes: public transactions available to all parties and private data available to only party that inputted or originated them. In terms of this model the protocols FSM composition property and operation of composition of protocols FSM models are determined. This approach is supported by created software called algebraic processor that allows computer experiments to identify and demonstrate the leaks. We describe the structure and functionality of algebraic processor and some examples of attacked cryptographic protocols simulations.Following
- David Arroyo added an answer:23Are there any practical application of prediction algorithms to encrypted data?
I am doing a research on prediction analysis of encrypted data. And would like to find out what latest developments (algorithms, tools, methods, practical applications etc.) have been done in this area.
The first scenario determines a less demanding trust model. Therefore, the client achieved better protection against a non-trusted cloud server. Take into account that nowadays the role of the client is more a more relevante, it is advisable to go for solutions focused on the client. In this regard, it is very interesting the SPION project:
Also, you could consider the Websand european project:
- Adil AL-Rammahi added an answer:1Can someone please share reviews on security measurements of Line mobile Messaging Application?
I have a project of analyzing the security level of Line mobile Messaging Application by sniffing the packet and see whether or not I can read it's messages being exchanged between user and the server.
So far, I could not find reviews in the security side expect one review on the application structure and nothing is says about security aspects.
Could someone please share here any relevant reviews on the security measurements being implemented by Line (i.e cryptography implementations) ?
see affine cryptography.Following