Visible to the public Biblio

Filters: Keyword is Security test  [Clear All Filters]
2022-11-18
Sun, Xiaohan, Cheng, Yunchang, Qu, Xiaojie, Li, Hang.  2021.  Design and Implementation of Security Test Pipeline based on DevSecOps. 2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC). 4:532—535.
In recent years, a variety of information security incidents emerge in endlessly, with different types. Security vulnerability is an important factor leading to the security risk of information system, and is the most common and urgent security risk in information system. The research goal of this paper is to seamlessly integrate the security testing process and the integration process of software construction, deployment, operation and maintenance. Through the management platform, the security testing results are uniformly managed and displayed in reports, and the project management system is introduced to develop, regress and manage the closed-loop security vulnerabilities. Before the security vulnerabilities cause irreparable damage to the information system, the security vulnerabilities are found and analyzed Full vulnerability, the formation of security vulnerability solutions to minimize the threat of security vulnerabilities to the information system.
2022-01-31
Tewari, Naveen, Datt, Gopal.  2021.  A Study On The Systematic Review Of Security Vulnerabilities Of Popular Web Browsers. 2021 International Conference on Technological Advancements and Innovations (ICTAI). :314—318.
Internet browser is the most normally utilized customer application and speed and proficiency of our online work rely upon program generally. As the market is immersed with new programs there is a ton of disarray in everybody’s psyche regarding which is the best program. Our task intends to respond to this inquiry. We have done a relative investigation of the most well-known internet browsers specifically Google Chrome, Mozilla Firefox, Internet Explorer, Microsoft Edge, Opera, etc. In the main period of our task different correlation boundaries are chosen which can be comprehensively classified into - General Features, Security highlights, and program extensibility highlights. Utilizing the chose benchmarking instruments every program is tried. The main objective of this study is to identify the security vulnerabilities of popular web browsers. We have also discussed and analyzed each potential security vulnerability found in the web browsers. The study also tries to recommend viable measures to slow down the security breach in web browsers.
2021-03-15
Chang, H.-C., Lin, C.-Y., Liao, D.-J., Koo, T.-M..  2020.  The Modbus Protocol Vulnerability Test in Industrial Control Systems. 2020 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). :375—378.

Industrial Control Systems (ICSs) are widely used in critical infrastructure around the world to provide services that sustain peoples' livelihoods and economic operations. However, compared with the critical infrastructure, the security of the ICS itself is still insufficient, and there will be a degree of damage, if it is attacked or invaded. In the past, an ICS was designed to operate in a traditional closed network, so the industrial equipment and transmission protocol lacked security verification. In addition, an ICS has high availability requirements, so that its equipment is rarely replaced and upgraded. Although many scholars have proposed the defense mechanism that is applicable to ICS in the past, there is still a lack of tested means to verify these defense technologies. The purpose of this study is to analyze the security of a system using the Modbus transmission protocol in an ICS, to establish a modular security test system based on four types of attacks that have been identified in the past literature, namely, a detection attack, a command injection attack, a response injection attack and a denial of service, to implement the attack results and to display the process in the virtual environment of Conpot and Rapid SCADA, and finally, to adopt the ICS security standards mentioned by previous scholars, namely, confidentiality, integrity and availability, as the performance evaluation criteria of this study.