Biblio

A good ecological environment is crucial to attracting talents, cultivating talents, retaining talents and making talents fully effective. This study provides a solution to the current mainstream problem of how to deal with excellent employee turnover in advance, so as to promote the sustainable and harmonious human resources ecological environment of enterprises with a shortage of talents.This study obtains open data sets and conducts data preprocessing, model construction and model optimization, and describes a set of enterprise employee turnover prediction models based on RapidMiner workflow. The data preprocessing is completed with the help of the data statistical analysis software IBM SPSS Statistic and RapidMiner.Statistical charts, scatter plots and boxplots for analysis are generated to realize data visualization analysis. Machine learning, model application, performance vector, and cross-validation through RapidMiner's multiple operators and workflows. Model design algorithms include support vector machines, naive Bayes, decision trees, and neural networks. Comparing the performance parameters of the algorithm model from the four aspects of accuracy, precision, recall and F1-score. It is concluded that the performance of the decision tree algorithm model is the highest. The performance evaluation results confirm the effectiveness of this model in sustainable exploring of enterprise employee turnover prediction in human resource management.

The article describes an analytical model of the actions of an information security violator for the secret extraction of confidential information processed on the protected object in terms of the theory of Markov random processes. The characteristics of the existing models are given, as well as the requirements that are imposed on the model for simulating the process. All model states are described in detail, as well as the data flow that is used in the process simulation. The model is represented as a directed state graph. It also describes the option for evaluating the data obtained during modeling. In the modern world, with the developing methods and means of covert extraction of information, the problem of assessing the damage that can be caused by the theft of the organization's data is acute. This model can be used to build a model of information security threats.

Game theory is a branch of modern mathematics, which is a mathematical method to study how decision-makers should make decisions in order to strive for the maximum interests in the process of competition. In this paper, from the perspective of offensive and defensive confrontation, using game theory for reference, we build a dynamic evaluation model of information system security risk based on static game model. By using heisani transformation, the uncertainty of strategic risk of offensive and defensive sides is transformed into the uncertainty of each other's type. The security risk of pure defense strategy and mixed defense strategy is analyzed quantitatively, On this basis, an information security risk assessment algorithm based on static game model is designed.

To conceive a CPS is a complex and multidisciplinary endeavour involving different stakeholders, potentially using a plethora of different languages to describe their views of the system at different levels of abstraction. Model-Driven Engineering comes, precisely, as a methodological approach to tackle the complexity of systems development with models as first-class citizens in the development process. The measure of realism of these models with respect to the real (sub)system is called fidelity. Usually, different models with different fidelity are then developed during the development process. Additionally, it is very common that the development process of CPS includes an incremental (and collaborative) use of simulations to study the behaviour emerging from the heterogeneous models of the system. Currently, the different models, with different fidelity, are managed in an ad hoc manner. Consequently, when a (Co)simulation is used to study a specific property of the system, the choice of the different models and their setup is made manually in a non-tractable way. In this paper we propose a structured new vision to CPS development, where the notion of simulation goal and multi-fidelity simulation unit are first-class citizens. The goal is to make a clear link between the system requirements, the system properties, the simulation goal and the multi-fidelity simulation unit. The outcome of this framework is a way to automatically determine the model at an adequate fidelity level suitable for answering a specific simulation goal.

In this article we have developed a simulation model in the Mininet environment for analyzing the operation of a software-defined network (SDN) in cloud data centers. The results of the simulation model of the operation of the SDN network on the Mininet emulator and the results of the simulation of the traditional network in the Graphical Network Simulator 3 emulator are presented.

One of the most innovative directions in the Internet is Information Centric Networks, in particular the Named Data Network. This approach should make it easier to find and retrieve the desired information on the network through name-based addressing, intranet caching and other schemes. This article presents Named Data Network modeling, results and performance evaluation of proposed caching policies for Named Data Network research, taking into account the influence of external factors on base of Zipf's law and uniform distribution.

This paper describes the development of a module for calculating security zones in the cloud service of APCS modeling. A mathematical model based on graph theory is used. This allows you to describe access relationships between objects and security policy subjects. A comparative analysis of algorithms for traversing graph vertices is performed in order to select a suitable method for allocating security zones. The implemented algorithm for calculating security zones was added to the cloud service omole.ws.

The increasing using of IoT technologies in the industrial sector creates new challenges for the information security of such systems. Using IoT-devices for building SCADA systems cause standard protocols and public networks for data transmitting. Commercial off-the-shelf devices and systems are a new base for industrial control systems, which have high-security risks. There are some useful models are exist for security analysis of information systems, but they do not take into account IoT architecture. The nested attributed metagraph model for the security of IoT-based solutions is proposed and discussed.

Insider attacks is a well-known problem acknowledged as a threat as early as 1980s. The threat is attributed to legitimate users who take advantage of familiarity with the computational environment and abuse their privileges, can easily cause significant damage or losses. In this paper, we present an active defense model and framework of insider threat detection and sense. Firstly, we describe the hierarchical framework which deal with insider threat from several aspects, and subsequently, show a hierarchy-mapping based insider threats model, the kernel of the threats detection, sense and prediction. The experiments show that the model and framework could sense the insider threat in real-time effectively.

The paper presents a comprehensive model of cybersecurity threats for a system of autonomous and remotely controlled vehicles (AV) in the environment of a smart city. The main focus in the security context is given to the “integrity” property. That property is of higher importance for industrial control systems in comparison with other security properties (availability and confidentiality). The security graph, which is part of the model, is dynamic, and, in real cases, its analysis may require significant computing resources for AV systems with a large number of assets and connections. The simplified example of the security graph for the AV system is presented.

The purpose of this work is to analyze the security model of a robotized system, to analyze the approaches to assessing the security of this system, and to develop our own framework. The solution to this problem involves the use of developed frameworks. The analysis will be conducted on a robotic system of robots. The prefix structures assume that the robotic system is divided into levels, and after that it is necessary to directly protect each level. Each level has its own characteristics and drawbacks that must be considered when developing a security system for a robotic system.

The digital low dropout regulators are widely used because it can operate at low supply voltage. In the digital low drop-out regulators, the high sampling frequency circuit has a short setup time, but it will produce overshoot, and then the output can be stabilized; although the low sampling frequency circuit output can be directly stabilized, the setup time is too long. This paper proposes a two sampling frequency circuit model, which aims to include the high and low sampling frequencies in the same circuit. By controlling the sampling frequency of the circuit under different conditions, this allows the circuit to combine the advantages of the circuit operating at different sampling frequencies. This shortens the circuit setup time and the stabilization time at the same time.

Scheduling in the cloud is a complex task due to the number and variety of resources available and the volatility of usage-patterns of resources considering that the resource setting is on the service provider. This complexity is compounded further when Security issues and Quality of Service (QoS) are also factored in. The aim of this paper is to describe a model that based on Security (SSM) as a key element that cloud services rely on which affects the performance, cost and time concerns within the security constraints of the cloud service. Definition of the Scheduling Security Model (SSM), and evaluation through worked example that can meet the customer requirements of cost and the quality of service in the required time.

In the open network environment, the strange entities can establish the mutual trust through Automated Trust Negotiation (ATN) that is based on exchanging digital credentials. In traditional ATN, the attribute certificate required to either satisfied or not, and in the strategy, the importance of the certificate is same, it may cause some unnecessary negotiation failure. And in the actual situation, the properties is not just 0 or 1, it is likely to between 0 and 1, so the satisfaction degree is different, and the negotiation strategy need to be quantified. This paper analyzes the fuzzy negotiation process, in order to improve the trust establishment in high efficiency and accuracy further.

Smartphones nowadays are customized to help users with their daily tasks such as storing important data or making transactions through the internet. With the sensitivity of the data involved, authentication mechanism such as fixed-text password, PIN, or unlock patterns are used to safeguard these data against intruders. However, these mechanisms have the risk from security threats such as cracking or shoulder surfing. To enhance mobile and/or information security, this study aimed to develop a free-form handwriting gesture user authentication for smartphones. It also tried to discover the static and dynamic handwriting features that significantly influence the recognition of a legitimate user. The experiment was then conducted by asking thirty (30) individuals to draw or swipe using their fingertip their desired free-form security pattern ten (10) times. These patterns were then cleaned and processed, and extracted seven (7) static and eleven (11) dynamic handwriting features. By means of Neural Network classifier of the RapidMiner data mining tool, these features were used to develop, validate, and test a model for user authentication. The model showed a very promising recognition rate of 96.67%. The model is further tested through a prototype, and it still gave a very satisfactory result.

Among most of the cyber attacks that occured, the most drastic are advanced persistent threats. APTs are differ from other attacks as they have multiple phases, often silent for long period of time and launched by adamant, well-funded opponents. These targeted attacks mainly concentrated on government agencies and organizations in industries, as are those involved in international trade and having sensitive data. APTs escape from detection by antivirus solutions, intrusion detection and intrusion prevention systems and firewalls. In this paper we proposes a classification model having 99.8% accuracy, for the detection of APT.

Threats which come from database insiders or database outsiders have formed a big challenge to the protection of integrity and confidentiality in many database systems. To overcome this situation a new domain called a Database Forensic (DBF) has been introduced to specifically investigate these dynamic threats which have posed many problems in Database Management Systems (DBMS) of many organizations. DBF is a process to identify, collect, preserve, analyse, reconstruct and document all digital evidences caused by this challenge. However, until today, this domain is still lacks having a standard and generic knowledge base for its forensic investigation methods / tools due to many issues and challenges in its complex processes. Therefore, this paper will reveal an approach adapted from a software engineering domain called metamodelling which will unify these DBF complex knowledge processes into an artifact, a metamodel (DBF Metamodel). In future, the DBF Metamodel could benefit many DBF investigation users such as database investigators, stockholders, and other forensic teams in offering various possible solutions for their problem domain.