Machine Learning in Network Security Using KNIME Analytics
Munther
Abualkibash
School
of Information Security and Applied Computing, College of Technology, Eastern
Michigan University, Ypsilanti, MI, USA
Abstract
Machine
learning has more and more effect on our every day’s life. This field keeps
growing and expanding into new areas. Machine learning is based on the
implementation of artificial intelligence that gives systems the capability to
automatically learn and enhance from experiments without being explicitly
programmed. Machine Learning algorithms apply mathematical equations to analyze
datasets and predict values based on the dataset. In the field of
cybersecurity, machine learning algorithms can be utilized to train and analyze
the Intrusion Detection Systems (IDSs) on security-related datasets. In this
paper, we tested different machine learning algorithms to analyze NSL-KDD
dataset using KNIME analytics.
Keywords
Network
Security, KNIME, NSL-KDD, and Machine Learning
Quality
Assessment of Access Security Controls over Financial Information
Angel
R. Otero, Christian Sonnenberg and LuAnn Bean
Nathan
M. Bisk College of Business, Florida Institute of Technology, Melbourne,
Florida, USA
Abstract
Information security necessitates the implementation
of safeguards to guarantee an adequate defense against attacks, threats, and
breaches from occurring. Nonetheless, even with “adequate” defensive efforts,
the taste for accessing sensitive and confidential financial information is too
tempting, and attacks continue to escalate. Organizations must plan ahead so
that identified attacks, threats, and breaches are appropriately managed to a
successful resolution. A proven method to address information security problems
is achieved through the effective implementation of access security controls.
This paper proposes a quantitative approach for organizations to evaluate
access security controls over financial information using Analytic Hierarchy
Process (AHP), and determines which controls best suit management’s goals and
objectives. Through a case study, the approach is proven successful in
providing a way for measuring the quality of access security controls over
financial information based on multiple application-specific criteria.
Keywords
Information Security, Access Security Controls,
Internal Controls, Analytic Hierarchy Process, Pairwise Comparisons.
Methods Toward Enhancing RSA
Algorithm : A Survey
Engr. Shaheen Saad Al-Kaabi and
Dr. Samir Brahim Belhaouari
College of Science and
Engineering, Hamad Bin Khalifa University (HBKU), Doha, Qatar
Abstract
Cryptography
defines different methods and technologies used in ensuring communication
between two parties over any communication medium is secure, especially in
presence of a third part. This is achieved through the use of several methods,
such as encryption, decryption, signing, generating of pseudo-random numbers,
among many others. Cryptography uses a key, or some sort of a password to
either encrypt or decrypt a message that needs to be kept secret. This is made
possible using two classes of key-based encryption and decryption algorithms,
namely symmetric and asymmetric algorithms. The best known and the most widely
used public key system is RSA. This algorithm comprises of three phases, which
are the key generation phase, encryption phase, and the decryption phase. Owing
to the advancement in computing technology, RSA is prone to some security
risks, which makes it less secure. The following paper preview different
proposals on different methods used to enhance the RSA algorithm and increase
its security. Some of these enhancements include combining the RSA algorithm
with Diffie-Hellman or ElGamal algorithm, modification of RSA to include three
or four prime numbers, offline storage of generated keys, a secured algorithm
for RSA where the message can be encrypted using dual encryption keys, etc.
Keywords
Cryptography,
RSA Algorithm, Encryption, Decryption, Cryptosystem, Security, Public Key,
Private Key
Security& Privacy Threats, Attacks and
Countermeasures in Internet of Things
Faheem Masoodi1 Shadab Alam2
and Shams Tabrez Siddiqui2
1Department
of Computer Science, University of Kashmir, J&k, India 2Department
of Computer Science, Jazan University, KSA
Abstract
The idea to connect everything to anything and at
any point of time is what vaguely defines the concept of the Internet of Things
(IoT). The IoT is not only about providing connectivity but also facilitating
interaction among these connected things. Though the term IoT was introduced in
1999 but has drawn significant attention during the past few years, the pace at
which new devices are being integrated into the system will profoundly impact
the world in a good way but also poses some severe queries about security and
privacy. IoT in its current form is susceptible to a multitudinous set of
attacks. One of the most significant concerns of IoT is to provide security
assurance for the data exchange because data is vulnerable to some attacks by
the attackers at each layer of IoT. The IoT has a layered structure where each
layer provides a service. The security needs vary from layer to layer as each
layer serves a different purpose. This paper aims to analyze the various
security and privacy threats related to IoT. Some attacks have been discussed
along with some existing and proposed countermeasures.
Keywords
Internet of Things, privacy, attacks, security,
threats, protocols.