Application of rank correlation, clustering and classification in information security

This article is devoted to experimental investigation of a novel application of a clustering technique introduced by the authors recently in order to use robust and stable consensus functions in information security, where it is often necessary to process large data sets and monitor outcomes in real time, as it is required, for example, for intrusion detection. Here we concentrate on a particular case of application to profiling of phishing websites. First, we apply several independent clustering algorithms to a randomized sample of data to obtain independent initial clusterings. Silhouette index is used to determine the number of clusters. Second, rank correlation is used to select a subset of features for dimensionality reduction. We investigate the effectiveness of the Pearson Linear Correlation Coefficient, the Spearman Rank Correlation Coefficient and the Goodman--Kruskal Correlation Coefficient in this application. Third, we use a consensus function to combine independent initial clusterings into one consensus clustering. Fourth, we train fast supervised classification algorithms on the resulting consensus clustering in order to enable them to process the whole large data set as well as new data. The precision and recall of classifiers at the final stage of this scheme are critical for the effectiveness of the whole procedure. We investigated various combinations of several correlation coefficients, consensus functions, and a variety of supervised classification algorithms.

Drugs, ships and containers : how anti-terrorism benefits shipping security

Using ships to transport illicit drugs is not new; nor is the practice of concealing them
in shipping containers decreasing – or is it? This article questions whether recent container security initiatives created to stop terrorism have also achieved a decrease in the use of containers for smuggling illicit drugs. Or, are these maritime security regimes creating a false sense of achievement, being too limited in scope to be truly useful in this secondary role? Logically, improved detection of illicit drugs in containers shipped by sea is more likely when port personnel are better trained, x-ray scanners installed, port fencing improved and official collaboration encouraged. However, since the number of containers being electronically screened and physically searched has only marginally improved, the question is, is it enough?

Regional security and regional conflict

This chapter raises the following main points:
• Regions are groupings of states that share either geographic proximity or have sufficient cultural/historic ties that bind them together.
• Regionalization occurs within a region as interdependence is developed among the regional states.
• The development of regionalism is dependent on the support of the regional great power(s), the extent of reciprocity that exists in the relations of the states in the region, and the level of strategic reassurance that exists among these states.
• Regionalization is not a lineal process, that is, it can increase or decrease.
• The pace of regionalism is different in each region but a basic pattern exists where economic integration precedes political and security integration.
• Regional threats to security can be divided into four categories. The first two comprise traditional military threats such as balance of power contests between regional powers and ‘grass fire’ conflicts between smaller powers or over more localized issues. The
third category includes, for example, intra-state conflicts for ethnic, religious, nationalist or ideological, issues. Finally, transnational threats such as environmental degradation or resource scarcity can also cause regional instability and conflict.

Why it is hard to fight against cyber criminals?

We are witnessing numerous cyber attacks every day, however, we do not see many cyber criminals are brought to justice. One reason is that it is technically hard to identify and trace cyber criminals. One reason for this passive situation is our limited or even inappropriate understanding of the cyber space. In this paper, we survey the challenges and opportunities in this research field for interested readers. We also list promising tools and directions based on our understanding.

Security risks/vulnerability in a RFID system and possible defenses

Remote technologies are changing our way of life. The radio frequency identification (RFJD) system is a new technology which uses the open air to transmit information. This information transmission needs to be protected to provide user safety and privacy. Business will look for a 5ystem that hasfraud resilience to prevent the misuse of information to take dishonest advantage. The business and the user need to be assured that the transmitted information has no content which is capable of undertaking malicious activities. Public awareness of RFID security will help users and organizations to understand the need for security protection. Publishing a security guideline from the regulating body and monitoring implementation of that guideline in RFID 5ystems will ensure that businesses and users are protected. This chapter explains the importance of security in a RFID system and will outline the protective measures. It also points out the research direction of RFID 5ystems.

Down under and in between : Australian security perspectives in the 'Asian Century'

This chapter will provide an overview of Australian perspectives on the US alliance in light of ongoing and emerging challenges in the Asia-Pacific region. After a brief discussion of the motivations behind the signing of the ANZUS treaty, the first part of the chapter examines the historical context of the alliance, with a particular focus on the longstanding and ongoing tussle in Australia between independence in foreign policy making vis-à-vis broader structural constraints. While this debate has been a constant feature of the political scene in Australia, it has come into particular focus since the US withdrawal from Vietnam, which marked a turning point in Australian perspectives with regard to its own role in Asia. The collision of ideas surrounding Australian identity and Australian national interest has been reflected in policy approaches as successive governments have sought to strike a balance between the two exigencies and thus, most optimally ensure Australia’s strategic future. The chapter concludes by examining current perspectives through the lens of an ongoing debate taking place in Australian academic circles about what the rise of China means for Australia and its commitment to the US alliance, and considers options for caucus-style cooperation with fellow US allies beyond the hub-and-spokes model.

Critical analysis and comparative study of security for networked RFID systems

The Radio frequency identification (RFID) system is a new technology which uses the open air to transmit information. RFID technology is one of the most promising technologies in the field of ubiquitous computing which is revolutionizing the supply chain. It has already been applied by many major retail chains such as Target, Wal-Mart, etc. The networked RFID system such as supply chain has very unique and special business needs which lead to special sets of RFID security requirements and security models. However, very little work has been done to analyze RFID security parameters in relation to networked RFID systems business needs. This paper presents a critical analysis of the networked application's security requirements in relation to their business needs. It then presents a comparative study of existing literature and the ability of various models to protect the security of the supply chain in a RFID deployment.

Security in uncertain times: policies for increasing the popularity of life annuities among retirees

Life annuities offer retirees an assured income stream for as long as they live. This makes it surprising that they are unpopular in most markets where their purchase is not compelled by government policy. With the numbers of retirees in the population set to increase dramatically, this low take-up rate of life annuities could exacerbate financial insecurity. Consequently, it is in society’s interest to implement non-coercive policies that increase annuitization levels. Although there is research that has focused on the possible causes of low annuitization rates, much of this research falls short of suggesting comprehensive strategies for persuading retirees to annuitize their savings.

Surveillance, Security and Sporting Mega Events: Toward a Research Agenda on the Organisation of Security Networks

Surveillance and security at sports mega events have been the subject of considerable scholarly attention. Events such as the Olympic Games and Fédération Internationale de Football Association (FIFA) World Cups have become occasions of almost unparalleled economic, political and social significance. In the lead up to the London 2012 Olympic Games, scholars have examined issues such as the ‘security legacies’ of sports mega events, the infrastructures and technologies used in an attempt to secure these events, and the planning mentalities underpinning the staggering ‘security spectacle’ of these globally televised events. This paper deals with the subject of how surveillance and security practices at sports mega events are organised. It uses the emerging paradigm of ‘security networks’ to call attention to some important issues involving the entire ‘security assemblage’ that accompanies these mega events. The paper presents five levels of analysis—structural, cultural, policy, technological and relational—to examine these practices and documents several key areas for further research on sports mega events.

Security concerns and remedy in a cloud based e-learning system

Cloud computing is an emerging technology and it utilizes the cloud power to many technical solutions. The e-learning solution is one of those technologies where it implements the cloud power in its existing system to enhance the functionality providing to e-learners. Cloud technology has numerous advantages over the existing traditional e-learning systems. However security is a major concern in cloud based e-learning. Therefore security measures are unavoidable to prevent the loss of users’ valuable data from the security vulnerabilities. This paper investigates various security issues involved in cloud based e-learning technology with an aim to suggest remedial in the form of security measures and security management standards. These will help to overcome the security threats in cloud based e-learning technology. Solving the key problems will also encourage the widespread adoption of cloud computing in educational institutes.

Advanced science and technology letters : advanced researches on security and assurance

We would like to welcome you to the Regular Papers proceedings of the 7th International Conference on Information Security and Assurance (ISA 2013) which was held on April 26-28, 2013 at Waterfront Airport Hotel and Casino, Cebu, Philippines. ISA 2013 is focused on various aspects of advances in researches on Security and Assurance. It provided a chance for academic and industry professionals to discuss recent progress in the related areas. We expect that the conference and its publications will be a trigger for further related research and technology improvements in this important subject. We would like to acknowledge the great effort of all the Chairs and members of the Editorial Committee. We would like to express our gratitude to all of the authors of submitted papers and to all attendees, for their contributions and participation. We believe in the need for continuing this undertaking in the future.

Certificate-based signature : security model and efficient construction

In Eurocrypt 2003, Gentry introduced the notion of certificate-based encryption. The merit of certificate-based encryption lies in the following features: (1) providing more efficient public-key infrastructure (PKI) that requires less infrastructure, (2) solving the certificate revocation problem, and (3) eliminating third-party queries in the traditional PKI. In addition, it also solves the inherent key escrow problem in the identity-based cryptography. In this paper, we first introduce a new attack called the “Key Replacement Attack” in the certificate-based system and refine the security model of certificate-based signature. We show that the certificate-based signature scheme presented by Kang, Park and Hahn in CT-RSA 2004 is insecure against key replacement attacks. We then propose a new certificate-based signature scheme, which is shown to be existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model. Compared with the certificate-based signature scheme in CT-RSA 2004, our scheme enjoys shorter signature length and less operation cost, and hence, our scheme outperforms the existing schemes in the literature.

Security testing in Android networks : a practical case study

Android is a new generation of an open operating system directed at mobile devices that are carried every day. The openness of this architecture is leading to new applications and opportunities including a host of multimedia services, new interfaces and browsers, multitasking including support for wireless local, personal and wide area networking services. Security with mobility and wireless connectivity thus becomes even more important with all these exciting developments. Vital security issues such as leakage of private information, file stealing and spambots abound in networks in practice and Android networks continue to be subject to these same families of vulnerabilities. This paper provides a demonstration of such vulnerabilities in spite of the best efforts of designers and implementers. In particular it describes examples of data leakage and file stealing (address books, contact lists, SMS messages, pictures) as well as demonstrating how Android devices can create spambots. © 2013 IEEE.

The geo-historical legacies of urban security governance and the Vancouver 2010 Olympics

In 2004, the discourse of ‘legacy’ was woven into the constitutional fabric of the International Olympic Committee (IOC). Bidding for Olympic events is now premised on procuring post-event legacies that will resonate through local communities and host countries long after the flame is extinguished. Given vast expenditures in security, policing, and emergency management operations at major sporting events, it is notable that the IOC and its official partners have disproportionately under-represented security and policing legacies. This paper addresses research into security and policing legacies of major events by turning much needed empirical attention towards institutional level geographies of security and policing – particularly on legacies of policing and militarisation in Olympic host cities. Accordingly, the paper traces the institutional trajectory of the Military Liaison Unit (MLU) in the Vancouver Police Department who were heavily involved in coordinating the joint civilian–military effort throughout the lifecycle of the Vancouver 2010 Winter Games. Theoretically, the paper furthers Stephen Graham’s (2010) New Military Urbanism that considers the circulation of military expertise between neo-colonial frontiers of military intervention with Western urban spaces. In doing so, this paper unpacks an empirically guided temporal approach that discerns key drivers of militarisation as localised, empirical-based ‘trajectories’ of development of security and policing institutions, which are linked to, and circumscribed by, critical juncture episodes in the context of mega event security. The paper traces processes of the MLU to explain how conditions underpinning the civil–military divide in urban policing, as a series of jurisdictional, institutional, and by extension, geographical configurations have continued, changed or been abandoned in the context of the Vancouver 2010 Olympics. As such, this paper contributes to much needed debate on the controversies and opportunities inherent in security legacies and major events, which implicate the wider securitisation and militarisation of Western cities.

Large iterative multitier ensemble classifiers for security of big data

This paper introduces and investigates large iterative multitier ensemble (LIME) classifiers specifically tailored for big data. These classifiers are very large, but are quite easy to generate and use. They can be so large that it makes sense to use them only for big data. They are generated automatically as a result of several iterations in applying ensemble meta classifiers. They incorporate diverse ensemble meta classifiers into several tiers simultaneously and combine them into one automatically generated iterative system so that many ensemble meta classifiers function as integral parts of other ensemble meta classifiers at higher tiers. In this paper, we carry out a comprehensive investigation of the performance of LIME classifiers for a problem concerning security of big data. Our experiments compare LIME classifiers with various base classifiers and standard ordinary ensemble meta classifiers. The results obtained demonstrate that LIME classifiers can significantly increase the accuracy of classifications. LIME classifiers performed better than the base classifiers and standard ensemble meta classifiers.