The notion of Computer Policy is fundamental to the study of computer security models, the analysis of computer vulnerabilities, the development of intrusion detection tools, and the development of misuse detection tools. Security only makes sense in relation to security policies that specify what is being protected, how it must be protected, who has access to what is being protected, etc. Poli...

The continuous growth of attacks in the Internet causes to generate a number of rules in security devices such as Intrusion Prevention Systems, firewalls, etc. Policy anomalies in security devices create security holes and prevent the system from determining quickly whether allow or deny a packet. Policy anomalies exist among the rules in multiple security devices as well as in a single securit...

Distributed Denial of Service (DDoS) is a common attack in recent years that can deplete the bandwidth of victim nodes by flooding packets. Based on the type and quantity of traffic used for the attack and the exploited vulnerability of the target, DDoS attacks are grouped into three categories as Volumetric attacks, Protocol attacks and Application attacks. The volumetric attack, which the pro...

Vulnerability to malicious fault attacks is an emerging concern for hardware circuits that process sensitive data. We describe a new methodology to assess the vulnerability to such attacks, taking into account built-in protection mechanisms. Our method is based on accurate modeling of fault effects and their detection status expressed as Boolean satisfiability (SAT) formulae. Vulnerability is q...

Le Havre agglomeration (CODAH) includes 16 establishments classified Seveso with high threshold. In the literature, we construct vulnerability maps to help decision makers assess the risk. Such approaches remain static and do take into account the population displacement in the estimation of the vulnerability. We propose a decision making tool based on a dynamic vulnerability map to evaluate th...

Information about vulnerabilities spread too slow and allow for a significant attack window during which applications are virtually unprotected. Zero-day attacks jeopardise the security of any IT-system due to the lack of an effective remedy. Recent work has suggested automated approaches to vulnerability distribution, but are limited to memory-corruption detection techniques and disallow custo...

Face manipulation attacks have drawn the attention of biometric researchers because their vulnerability to Recognition Systems (FRS). This paper proposes a novel scheme generate Composite Image Attacks (CFIA) based on facial attributes using Generative Adversarial Networks (GANs). Given face images corresponding two unique data subjects, proposed CFIA method will independently segmented attribu...

Automated detection of software vulnerabilities is a fundamental problem in security. Existing program analysis techniques either suffer from high false positives or negatives. Recent progress Deep Learning (DL) has resulted surge interest applying DL for automated vulnerability detection. Several recent studies have demonstrated promising results achieving an accuracy up to 95 percent at detec...