Dynamic Ontologies in Information Security Systems

Different types of ontologies and knowledge or metaknowledge connected to them are considered and analyzed aiming at realization in contemporary information security systems (ISS) and especially the case of intrusion detection systems (IDS) or intrusion prevention systems (IPS). Human-centered methods INCONSISTENCY, FUNNEL, CALEIDOSCOPE and CROSSWORD are algorithmic or data-driven methods based on ontologies. All of them interact on a competitive principle ‘survival of the fittest’. They are controlled by a Synthetic MetaMethod SMM. It is shown that the data analysis frequently needs an act of creation especially if it is applied to knowledge-poor environments. It is shown that human-centered methods are very suitable for resolutions in case, and often they are based on the usage of dynamic ontologies

Verification and Application of Conceptual Model and Security Requirements on Practical DRM Systems in E-Learning

The paper represents a verification of a previously developed conceptual model of security related processes in DRM implementation. The applicability of established security requirements in practice is checked as well by comparing these requirements to four real DRM implementations (Microsoft Media DRM, Apple's iTunes, SunnComm Technologies’s MediaMax DRM and First4Internet’s XCP DRM). The exploited weaknesses of these systems resulting from the violation of specific security requirements are explained and the possibilities to avoid the attacks by implementing the requirements in designing step are discussed.

Agent-based Anomalies Monitoring in Distributed Systems

In this paper an agent-based approach for anomalies monitoring in distributed systems such as computer networks, or Grid systems is proposed. This approach envisages on-line and off-line monitoring in order to analyze users’ activity. On-line monitoring is carried in real time, and is used to predict user actions. Off-line monitoring is done after the user has ended his work, and is based on the analysis of statistical information obtained during user’s work. In both cases neural networks are used in order to predict user actions and to distinguish normal and anomalous user behavior.

Conceptual Model and Security Requirements for DRM Techniques Used for e-Learning Objects Protection

This paper deals with the security problems of DRM protected e-learning content. After a short review of the main DRM systems and methods used in e-learning, an examination is made of participators in DRM schemes (e-learning object author, content creator, content publisher, license creator and end user). Then a conceptual model of security related processes of DRM implementation is proposed which is improved afterwards to reflect some particularities in DRM protection of e-learning objects. A methodical way is used to describe the security related motives, responsibilities and goals of the main participators involved in the DRM system. Taken together with the process model, these security properties are used to establish a list of requirements to fulfill and a possibility for formal verification of real DRM systems compliance with these requirements.

Google - Security Testing Tool

Using Google as a security testing tool, basic and advanced search techniques using advanced google search operators. Examples of obtaining control over security cameras, VoIP systems, web servers and collecting valuable information as: Credit card details, cvv codes – only using Google.

Analysis of Spatial-temporal Dynamics in the System of Economic Security of Different Subjects of Economic Management

The importance to solve the problem of spatial-temporal dynamics analysis in the system of economic security of different subjects of economic management is substantiated. Various methods and approaches for carrying out analysis of spatial-temporal dynamics in the system of economic security are considered. The basis of the generalized analysis of spatial-temporal dynamics in economic systems is offered.

Image Sensors in Security and Medical Applications

This paper briefly reviews CMOS image sensor technology and its utilization in security and medical applications. The role and future trends of image sensors in each of the applications are discussed. To provide the reader deeper understanding of the technology aspects the paper concentrates on the selected applications such as surveillance, biometrics, capsule endoscopy and artificial retina. The reasons for concentrating on these applications are due to their importance in our daily life and because they present leading-edge applications for imaging systems research and development. In addition, review of image sensors implementation in these applications allows the reader to investigate image sensor technology from the technical and from other views as well.

On Handling Replay Attacks in Intrusion Detection Systems

We propose a method for detecting and analyzing the so-called replay attacks in intrusion detection systems, when an intruder contributes a small amount of hostile actions to a recorded session of a legitimate user or process, and replays this session back to the system. The proposed approach can be applied if an automata-based model is used to describe behavior of active entities in a computer system.

Classification Trees as a Technique for Creating Anomaly-Based Intrusion Detection Systems

Intrusion detection is a critical component of security information systems. The intrusion detection process attempts to detect malicious attacks by examining various data collected during processes on the protected system. This paper examines the anomaly-based intrusion detection based on sequences of system calls. The point is to construct a model that describes normal or acceptable system activity using the classification trees approach. The created database is utilized as a basis for distinguishing the intrusive activity from the legal one using string metric algorithms. The major results of the implemented simulation experiments are presented and discussed as well.

Optimal Control of Heterogeneous Systems

Цветомир Цачев - В настоящия доклад се прави преглед на някои резултати от областта на оптималното управление на непрекъснатите хетерогенни системи, публикувани в периодичната научна литература в последните години. Една динамична система се нарича хетерогенна, ако всеки от нейните елементи има собствена динамиката. Тук разглеждаме оптимално управление на системи, чиято хетерогенност се описва с едномерен или двумерен параметър – на всяка стойност на параметъра отговаря съответен елемент на системата. Хетерогенните динамични системи се използват за моделиране на процеси в икономиката, епидемиологията, биологията, опазване на обществената сигурност (ограничаване на използването на наркотици) и др. Тук разглеждаме модел на оптимално инвестиране в образование на макроикономическо ниво [11], на ограничаване на последствията от разпространението на СПИН [9], на пазар на права за въглеродни емисии [3, 4] и на оптимален макроикономически растеж при повишаване на нивото на върховите технологии [1]. Ключови думи: оптимално управление, непрекъснати хетерогенни динамични системи, приложения в икономиката и епидемиолегията