The Internet of Things (IoT) has become widely adopted in businesses, organizations, and daily lives. They are usually characterized by transferring processing sensitive data. Attackers have exploited this prospect IoT devices to compromise user data’s integrity confidentiality. Considering the dynamic nature attacks, artificial intelligence (AI)-based techniques incorporating machine learning ...

one of the main requirements for providing software security is the enforcement of access control policies, which is sometimes referred to as the heart of security. the main purpose of access control policies is to protect resources of the system against unauthorized accesses. any error in the implementation of access control policies may lead to undesirable outcomes. hence, we should ensure th...

Academic and commercial 802.11 hotspots often use an SSLsecured captive portal to authenticate clients. Captive portals provide good usability and interoperability, but poor security. After a captive portal has authenticated a client, session hijacking and freeloading allow attackers to capture or use the client’s session. Freeloading does not require special tools and, surprisingly, is strengt...

The modern multi-tier web applications and information systems store and process various types of data. Some of them are stored in a database, controlled by an external database management system, while other data are stored directly within the server’s file system. The database is secured by the database management system itself, but it is a programmer’s responsibility to design and develop a ...

We can distinguish three basic properties of information security, which should be implemented in nearly all IT systems: confidentiality, integrity and availability. Confidentiality means to protect the information against unauthorized access. Integrity is mentioned as a warranty of authenticity of information; it is also connected with protection against unauthorized interference. Availability...

today? If there is still a need, how might we address it? To define multilevel security, we must first define security, which is “the combination of confidentiality (the prevention of the unauthorized disclosure of information), integrity (the prevention of the unauthorized amendment or deletion of information), and availability (the prevention of the unauthorized withholding of information).” ...

Network in which the unauthorised users are permitted to use vacant quotas of the authorized spectrum for their communication without interrupting the communications of the authorized Users is called Cognitive Radio Networks. But According to the spectrum heterogeneity phenomenon, for the unauthorized users Channel availability is variable, due to the licensed user’s activity. Due to this, it i...

The proliferation of smartphones has changed our life due to the enhanced connectivity, increased storage capacity and innovative functionality they offer. Their increased popularity has drawn the attention of attackers, thus, nowadays their users are exposed to many security and privacy threats. The fact that smartphones store significant data (e.g. personal, business, government, etc.) in com...