The factors on which security depends are of dynamic nature. These include emergence of new vulnerabilities and threats, policy structure and network traffic. Due to the dynamic nature of these factors, objectively identifying and measuring security metrics is a major challenge. However, such an evaluation can significantly help security professionals in decision making such as choosing between...

Use-after-free vulnerabilities have become an important class of security problems due to the existence of mitigations that protect against other types of vulnerabilities. The effects of their exploitation can be just as devastating as exploiting a buffer overflow, potentially resulting in full code execution within the vulnerable program. Few protections exist against these types of vulnerabil...

The prediction of diffuse herbicide losses to surface waters using process-based models is data and time demanding. There is a need for simpler and more efficient catchment screening tools. We developed and tested a new proxy for screening catchments for their vulnerability to diffuse herbicide losses relying on widely available river flow data only. The proxy combines the fast flow index (FFI)...

Buffer over-read vulnerabilities (e.g., Heartbleed) can lead to serious information leakage and monetary lost. Most of previous approaches focus on buffer overflow (i.e., overwrite), which are either infeasible (e.g., canary) or impractical (e.g., bounds checking) in dealing with over-read vulnerabilities. As an emerging type of vulnerability, people need in-depth understanding of buffer over-r...

Buffer over-read vulnerabilities (e.g., Heartbleed) can lead to serious information leakage and monetary lost. Most of previous approaches focus on buffer overflow (i.e., overwrite), which are either infeasible (e.g., canary) or impractical (e.g., bounds checking) in dealing with over-read vulnerabilities. As an emerging type of vulnerability, people need in-depth understanding of buffer over-r...

China is prone to disasters and escalating disaster losses. Effective disaster mitigation is the foundation for efficient disaster response and rescue and for reducing the degree of hazardous impacts on the population. Vulnerability refers to the population's capacity to anticipate, cope with, and recover from the impact of a hazardous event. A hazard vulnerability assessment (HVA) systematical...

The growing use of Internet service in the past few years have facilitated an increase in the denial of service (DoS) attacks. Despite the best preventative measures, DoS attacks have been successfully carried out against high-prole organizations and enterprises, including those that took down Chase, BOA, PNC and other major US banks in September 2009, which reveal the vulnerability of even wel...

Attention has recently been paid to how REDD+ mitigation policies are integrated into other sectoral policies, particularly those dealing with climate adaptation at the national level. But there is less understanding of how subnational policy and local projects are able to incorporate attention to adaptation; therefore, we use a case study in Vietnam to discuss how REDD+ projects and policies a...

Abstract In recent years, due to the rapid urbanization, fire risk in transport infrastructures is becoming more critical. These fires, typically caused by highly flammable materials, can significantly compromise stability of structure, as well cause significant economic and social losses. However, current regulations, no design or verification criteria are provided for bridges buildings prescr...