Pakistan’s twin interrelated challenges : economic development and security

The 2010 devastating floods in Pakistan have starkly reminded the world of the two critical, interrelated challenges confronting Pakistan: economic development and security. And whilst the Pakistan government's capacity to deal with these two issues before the flood was already shaky at best, its position now is even more precarious given the enormity of the task of rebuilding the infrastructure that has been destroyed in this latest natural disaster. Nuclear-armed Pakistan is a large and strategically important country, critically located on one of the world's most important geopolitical crossroads. It is a pivotal player in a region—covering the Middle East, Central Asia and South Asia—which has much potential, but which also has unresolved conflicts and various degrees of instability. Accordingly, because Pakistan is so important to the stability of the region and the world at large, it is vital that it be able to address successfully these twin challenges.

Wi-Fi security : wireless with confidence

Since the IEEE ratification of the 802.11 standard in 1999, continuous exploits have been discovered compromising the confidentiality, integrity and availability of 802.11 networks. This paper describes the justification for a project to assess the security status of wireless network usage in society. It reviews the status of both commercial and residential approaches to wireless network security in three major Victorian cities, Melbourne, Geelong and Mornington, in Australia. By War Driving these suburbs, actual data was gathered to indicate the security status of wireless networks and give a representation of modern attitudes towards wireless security for the sample population. Preliminary results are presented to demonstrate the extent to which commercial or residential suburbs address wireless security. At this stage in the research further work is required to completely analyse the results. It is anticipated that the results will be useful for providing input into a defence and attack methodology for improving the security of both residential and commercial use of wireless networks.

An application of novel clustering technique for information security

This article presents experimental results devoted to a new application of the novel clustering technique introduced by the authors recently. Our aim is to facilitate the application of robust and stable consensus functions in information security, where it is often necessary to process large data sets and monitor outcomes in real time, as it is required, for example, for intrusion detection. Here we concentrate on the particular case of application to profiling of phishing websites. First, we apply several independent clustering algorithms to a randomized sample of data to obtain independent initial clusterings. Silhouette index is used to determine the number of clusters. Second, we use a consensus function to combine these independent clusterings into one consensus clustering . Feature ranking is used to select a subset of features for the consensus function. Third, we train fast supervised classification algorithms on the resulting consensus clustering in order to enable them to process the whole large data set as well as new data. The precision and recall of classifiers at the final stage of this scheme are critical for effectiveness of the whole procedure. We investigated various combinations of three consensus functions, Cluster-Based Graph Formulation (CBGF), Hybrid Bipartite Graph Formulation (HBGF), and Instance-Based Graph Formulation (IBGF) and a variety of supervised classification algorithms. The best precision and recall have been obtained by the combination of the HBGF consensus function and the SMO classifier with the polynomial kernel.

vPELS : an eLearning social environment for VLSI design with content security using DRM

This paper provides a proposal for personal e-learning system (vPELS) architecture in the context of social network environment for VLSI Design. The main objective of vPELS is to develop individual skills on a specific subject, say, VLSI and share resources with peers. Our system architecture defines organization and management of personal learning environment that aids in creating, verifying and sharing learning artifacts and making money at the same time. We also focus on in our research one of the most interesting arenas in digital content or document management called Digital Right Management (DRAM) and its application to eLearning.

A Grobner-Shirshov algorithm for applications in internet security

The design of multiple classification and clustering systems for the detection of malware is an important problem in internet security. Grobner-Shirshov bases have been used recently by Dazeley et al. [15] to develop an algorithm for constructions with certain restrictions on the sandwich-matrices. We develop a new Grobner Shirshov algorithm which applies to a larger variety of constructions based on combinatorial Rees matrix semigroups without any restrictions on the sandwich matrices.

Application of rank correlation, clustering and classification in information security

This article is devoted to experimental investigation of a novel application of a clustering technique introduced by the authors recently in order to use robust and stable consensus functions in information security, where it is often necessary to process large data sets and monitor outcomes in real time, as it is required, for example, for intrusion detection. Here we concentrate on a particular case of application to profiling of phishing websites. First, we apply several independent clustering algorithms to a randomized sample of data to obtain independent initial clusterings. Silhouette index is used to determine the number of clusters. Second, rank correlation is used to select a subset of features for dimensionality reduction. We investigate the effectiveness of the Pearson Linear Correlation Coefficient, the Spearman Rank Correlation Coefficient and the Goodman--Kruskal Correlation Coefficient in this application. Third, we use a consensus function to combine independent initial clusterings into one consensus clustering. Fourth, we train fast supervised classification algorithms on the resulting consensus clustering in order to enable them to process the whole large data set as well as new data. The precision and recall of classifiers at the final stage of this scheme are critical for the effectiveness of the whole procedure. We investigated various combinations of several correlation coefficients, consensus functions, and a variety of supervised classification algorithms.

User preference of cyber security awareness delivery methods

Operating systems and programmes are more protected these days and attackers have shifted their attention to human elements to break into the organisation's information systems. As the number and frequency of cyber-attacks designed to take advantage of unsuspecting personnel are increasing, the significance of the human factor in information security management cannot be understated. In order to counter cyber-attacks designed to exploit human factors in information security chain, information security awareness with an objective to reduce information security risks that occur due to human related vulnerabilities is paramount. This paper discusses and evaluates the effects of various information security awareness delivery methods used in improving end-users’ information security awareness and behaviour. There are a wide range of information security awareness delivery methods such as web-based training materials, contextual training and embedded training. In spite of efforts to increase information security awareness, research is scant regarding effective information security awareness delivery methods. To this end, this study focuses on determining the security awareness delivery method that is most successful in providing information security awareness and which delivery method is preferred by users. We conducted information security awareness using text-based, game-based and video-based delivery methods with the aim of determining user preferences. Our study suggests that a combined delivery methods are better than individual security awareness delivery method.

An agile IT security model for project risk assessment

There are two fundamental challenges in effectively performing security risk assessment in today's IT projects.The first is the project manager's need to know what IT security risks face the project before the project begins. At this stage IT security staff are unable to answer this question without first knowing the system requirements for the project which are yet to be defined. Second organisations that deal with a large project throughput each year find the current IT security risk assessment process to be tedious and expensive, especially when the same process has to be repeated for each individual project. This also makes it difficult for an organisation to prioritise which projects require more investment in IT security in order to fit within budget constraints. This paper presents a conceptual model that is based on an agile approach to alleviate these challenges. We do this by first analysing two online database resources of vulnerabilities by comparing them to each other, and then compare them to the agile criteria of the conceptual model which we define. The conceptual model is then presented and an example is given of how it can be applied to an actual project. We then briefly discuss what further work needs to be done to implement the conceptual model and validate it against an existing IT project.