Intelligent cryptography approach for secure distributed big data storage in cloud computing
روش رمزنگاری هوشمند برای ذخیره سازی امن داده های بزرگ توزیع شده در محاسبات ابری-2017
Implementing cloud computing empowers numerous paths for Web-based service offer ings to meet diverse needs. However, the data security and privacy has become a critical issue that restricts many cloud applications. One of the major concerns in security and privacy is caused by the fact that cloud operators have chances to reach the sensitive data. This concern dramatically increases users’ anxiety and reduces the adoptability of cloud computing in many fields, such as the financial industry and governmental agencies. This paper focuses on this issue and proposes an intelligent cryptography approach, by which the cloud service operators cannot directly reach partial data. The proposed approach di vides the file and separately stores the data in the distributed cloud servers. An alterna tive approach is designed to determine whether the data packets need a split in order to shorten the operation time. The proposed scheme is entitled Security-Aware Efficient Dis tributed Storage (SA-EDS) model, which is mainly supported by our proposed algorithms, including Alternative Data Distribution (AD2) Algorithm, Secure Efficient Data Distributions (SED2) Algorithm and Efficient Data Conflation (EDCon) Algorithm. Our experimental evalua tions have assessed both security and efficiency performances and the experimental results depict that our approach can effectively defend main threats from clouds and requires with an acceptable computation time.
Keywords:Intelligent cryptography|Cybersecurity|Mass distributed storage|Cloud computing|Big data
Recognizing human behaviours in online social networks
شناخت رفتارهای انسانی در شبکه های اجتماعی آنلاین-2017
Online Social Networks (OSNs) have become a primary area of interest for cutting-edge cybersecurity applications, due to their ever increasing popularity and to the variety of data their interaction models allow for. In this perspective, most of the existing anomaly detection techniques rely on models of normal users’ behaviour as defined by domain experts. However, the identification of “bad” behaviour as a probable deviation of normality still remains an open issue. Here, we propose a method for identifying human behaviour in a social network, based on a “two-step” detection strategy. In particular, we first train Markov chains on a certain number of models of normal human behaviour from social network data; then, we exploit an activity detection framework to identify unexplained activities on the basis of the normal behaviour models. Finally, the validity of our approach is tested through a set of experiments run on data extracted from Facebook.
Keywords: Online Social Network | Cybersecurity | Event detection | Behaviour identification | User interactions in OSNs | Anomaly detection in OSNs
Big Data Analysis-based Security Situational Awareness for Smart Grid
امنیت مبتنی بر تحلیل غیر اگاه موقعیتی داده های بزرگ برای شبکه هوشمند-2016
Advanced communications and data processing technologies bring great benefits to the smart grid. However, cybersecurity threats also extend from the information system to the smart grid. The existing security works for smart grid focus on traditional protection and detection methods. However, a lot of threats occur in a very short time and overlooked by exiting security components. These threats usually have huge impacts on smart gird and disturb its normal operation. Moreover, it is too late to take action to defend against the threats once they are detected, and damages could be difficult to repair. To address this issue, this paper proposes a security situational awareness mechanism based on the analysis of big data in the smart grid. Fuzzy cluster based analytical method, game theory and reinforcement learning are integrated seamlessly to perform the security situational analysis for the smart grid. The simulation and experimental results show the advantages of our scheme in terms of high efficiency and low error rate for security situational awareness.
Index Terms: Smart grid | security situation assessment | big data | game theory | association analysis
Why you should care about the Target data breach
چرا شما باید در مورد نقض داده هدف مراقبت باشید؟-2016
Data breaches are becoming more frequent and more damaging to the bottom line of many businesses. The Target data breach marked the beginning of increased scrutiny of cybersecurity practices. In the past, data breaches were seen as a cost of doing business, but Target’s negligence and the scale of the data loss forced businesses and the courts to reevaluate current practices and regulatory frameworks. Businesses must make strategic use of their chief information officers, adopt cybersecurity best practices, and effectively train their employees to respond to growing security threats. They must also shape the cybersecurity narrative to influence regulatory responses to these threats.
KEYWORDS: Cyberattack | Cybersecurity | Target | Best practices | Internet | Malware | Data | Data breach | Security | Lawsuit | Privacy
A Novel Secure Big Data Cyber Incident Analytics Framework for Cloud-Based Cybersecurity Insurance
رویکرد امن چهارچوب تحلیل برخوردهای سایبری داده های بزرگ داده بزرگ برای بیمه امنیت سایبری مبتنی بر ابر-2016
The remarkable increasing demands of mitigating losses from cyber incidents for financial firms has been driving the rapid development of the Cybersecurity Insurance (CI). The implementations of CI have covered a variety of aspects in cyber incidents, from hacking to frauds. However, CI is still at its exploring stage so that there are a number of dimensions that are uncovered by the current applications. The cyber attack on critical infrastructure is one of the serious issues that prevents the expansions of CI. This paper addresses CI implementations focusing on cloud-based service offerings and proposes a secure cyber incident analytics framework using big data. Our approach is designed for matching different cyber risk scenarios, which uses repository data. Our simulation has provided the theoretical proof of the adoptability and feasibility.
Index Terms: Cybersecurity insurance | incident analytics framework | cloud computing | big data
Cybersecurity in the Internet of Things: Legal aspects
امنیت سایبری در اینترنت اشیاء : جنبه های قانونی-2016
The explosion in the number of smart, connected, and inherently insecure devices is shift ing the security paradigm. While the Internet of Things technological shift will require clear legal frameworks, alternative approaches also need to be developed. This article examines the changing legal cybersecurity environment in the Internet of Things context. It dis cusses selected applicable international regulations as well as alternative approaches to addressing the security issues arising in the Internet of Things.
Keywords: Cybersecurity | Internet of things | Security challenges | Legal instruments