– Currently, there is an enormous need to better understand the underlying data being examined (or not examined) by intrusion and attack detection techniques. This lack of understanding leads to enormous amounts of extraneous information being collected, resulting in data sets in the gigabyte to terabyte range and creating scalability issues in terms of how to collect, collate, store, and analy...

Security is one of the most important issues in computer networks. A common view of networks security is based on technical measures. Cryptographic models, firewalls and intrusion detection models are implemented in every information framework of an organization. Although deployment of such technologies may reduce security vulnerabilities and losses from security breaches, it is not clear to or...

As computers have become widely used, software vulnerability is now one of the most serious security threats. In particular, viruses and worms that use buffer overflow vulnerabilities are serious threats to computers. Therefore, techniques to detect the execution of malicious code are required when taking measures to prevent intrusion using such software vulnerabilities. An intrusion detection ...

cloud security is one of the buzz words in cloud computing. Since virtualization is the fundamental of the cloud computing, needs to study it more deeply to avoid attacks and system failure. In this research is focused on virtualization vulnerabilities. In addition it is attempted to propose a model to secure and proper mechanism to react reasonable against the detected attack by intrusion dete...

For open source software, security attention frequently focuses on the discovery of vulnerabilities prior to release. The large number of diverse people who view the source code may find vulnerabilities before the software product is release. Therefore, open source software has the potential to be more secure than closed source software. Unfortunately, for vulnerabilities found after release, t...

An insider-robust approach to file integrity verification is developed using interacting strata of mobile agents. Previous approaches relied upon monolithic architectures, or more recently, agent frameworks using a centralized control mechanism or common reporting repository. However, any such distinct tampering-point introduces vulnerabilities, especially from knowledgeable insiders capable of...

he “market” for digital attacks is growing rapidly as the number of networked devices and software vulnerabilities continues to increase. Organizations are already so deluged with attacks that the current strategy of responding to intrusions no longer works because the alarms are turning into a new source of organizational white noise. Proactive network security offers a new strategy by combini...

Attacks using vulnerabilities are considered nowadays a severe threat. Thus, a host needs a device that monitors system activities for malicious behaviors and blocks those activities to protect itself. In this paper, we introduce PROcess BEhavior (PROBE), which monitors processes running on a host to identify abnormal process behaviors. PROBE makes a process tree using only process creation rel...

Many institutions rely on open systems to provide services to the public via the Internet. Unanticipated software vulnerabilities expose such services to malicious actors, and make them susceptible to attacks. Therefore, security is critical in order to ensure confidentiality, integrity, and availability for system data and services. The fact that security attacks have become increasingly sophi...

The paper analyzes the characteristics of various types of Web application system security vulnerabilities. Based on the deformation of Web attack , according to the principle of Web application vulnerabilities occur, attack methods and targets, the attack characteristics is extended, Proposed a structural model of IPS intrusion prevention based on the feature recognition. The experiments showe...