IJCNIS Vol. 12, No. 2, Apr. 2020
Cover page and Table of Contents: PDF (size: 174KB)
REGULAR PAPERS
Operating system (OS) security is a key component of computer security. Assessing and improving OSs strength to resist against vulnerabilities and attacks is a mandatory requirement given the rate of new vulnerabilities discovered and attacks occur. Frequency and the number of different kinds of vulnerabilities found in an OS can be considered an index of its information security level. In the present study we assess five mostly used OSs, Microsoft Windows (windows 7, windows 8 and windows 10), Apple’s Mac and Linux for their discovered vulnerabilities and the risk associated in each. Each discovered and reported vulnerability has an Exploitability score assigned in CVSS [27] of the national vulnerability data base. We compare the risk from vulnerabilities in each of the five Operating Systems. The Risk Indexes used are developed based on the Markov model to evaluate the risk of each vulnerability [11, 21, 22]. Statistical methodology and underlying mathematical approach is described. The analysis includes all the reported vulnerabilities in the National Vulnerability Database [19] up to October 30, 2018. Initially, parametric procedures are conducted and measured. There are however violations of some assumptions observed. Therefore, authors recognized the need for non-parametric approaches. 6838 vulnerabilities recorded were considered in the analysis.
According to the risk associated with all the vulnerabilities considered, it was found that there is a statistically significant difference among average risk level for some operating systems. This indicates that according to our method some operating systems have been more risk vulnerable than others given the assumptions and limitations. Relevant Test results revealing a statistically significant difference in the Risk levels of different OSs are presented.
The paper describes the organization of the unified information space which is based on the uniform principles and the general rules that ensure the informational interaction of objects.
In practice, in case when the communication with an information object of the unified information space is lost, the necessary information about this object should be collected by the analysis of previous interactions of the information object with the other information objects. The goal of this paper article is to develop a mechanism that will allow restore the missing parameters of information objects in case of communication loss with this object.
There was performed the experimental researches with the proposed mechanisms. The experiments have shown that there is an unequivocal relationship between the quality of restoration of an information object and the topology of links within an unified information space.
Efficient Resource management in an Vehicular Cloud Networks (VCN) results in an increase resource utilization and reduction of the cost. Proper resource allocation schemes in VCN provides the better performance in terms the reduction of cost, reduction in the waiting time of vehicle (client) and also the waiting queue length. Resources are required to provide more efficiently by the cloud providers for the requested services by the vehicle. For this reason it is necessary to design proper resource allocation schemes in VCN. The aim of resource allocation scheme in VCN is to allocate the appropriate computing resources for the client vehicle application. Efficient resource allocation scheme in VCN plays a major role in the overall performance of the system. Members of VCN change dynamically due to the mobility in their movement. Vehicles may face high costs or issue related to the performance parameter when proper resource allocation schemes are not applied. In this work, we proposed the cost effective based resource allocation in VCN. The proposed cost model provides the resource to vehicle by considering the lesser expensive approach hence by achieving in the reduction of cost. We compare the results of the cost optimization with the generic algorithm that uses a combination of best fit and first fit techniques for resource allocation in VCN.
[...] Read more.The rapid development of information technology has also accompanied by an increase in activities classified as dangerous and irresponsible, such as information theft. In the field of network systems, this kind of activity is called intrusion. Intrusion Detection System (IDS) is a system that prevents intrusion and protecting both hosts and network assets. At present, the development of various techniques and methods for implementing IDS is a challenge, along with the increasing pattern of intrusion activities. The various methods used in IDS have generally classified into two types, namely Signature-Based Intrusion Detection System (SIDS) and the Anomaly-Based Intrusion Detection System (AIDS).
When a personal computer (PC) connected to the Internet, a malicious attacker tries to enter and exploit it. One of the most commonly used techniques in accessing open ports which are the door for applications and services that use connections in TCP/IP networks. Open ports indicate a particular process where the server provides certain services to clients and vice versa.
This study applies the Naïve Bayes classifier to predict port numbers that have the potential to change activity status from "close" to "open" and vice versa. Predictable potential port numbers can be a special consideration for localizing monitoring activities in the future. The method applied is classified as AIDS because it based on historical data of port activity obtained through the port scan process, regardless of the type of attack. Naïve Bayes classifier is determined to have two event conditions that predict the occurrence of specific port numbers when they occur in specified duration and activity status. The study results have shown a 70% performance after being applied to selected test data.
Until the inception of Web 1.0, the Information Retrieval was the center of the stage for library and it was defined as search and passive. Later on, the emergence of Web 2.0 was encouraged into the community, social interaction and user-generated content. Web 3.0 is a modern phenomenon and also known to “3D Web or the Semantic Web”, and it often used for specifically to formats and the technologies. The advanced Web 4.0 is the Ultra-Intelligent Agent Interactions between humans and machines. Semantic web technology finds meanings from various sources to enabling the machines and people to understand and share knowledge. The semantic web technology helps to add, change and implement the new relationships or interconnecting programs in a different way which can be as simple as changing the external model that these programs are shared. To give an information need, the semantic technologies can directly search, capture, aggregate, and make a deduction to satisfy the user needs. The paper presents a framework for knowledge representation assembling semantic technology based on ontology, semantic web, and an intelligent agent algorithm as a connectivity framework to share the appropriate knowledge representation which includes the web ontology language that discovers related information's from various sources to serve the information needs. The research addresses the intelligent agent algorithm is the key contribution that reveals appropriate information and empowers Web 3.0 and embraces Web 4.0 into the coming semantic web technology.
[...] Read more.