Visible to the public Biblio

Filters: Keyword is Data Science  [Clear All Filters]
2023-09-01
Sumoto, Kensuke, Kanakogi, Kenta, Washizaki, Hironori, Tsuda, Naohiko, Yoshioka, Nobukazu, Fukazawa, Yoshiaki, Kanuka, Hideyuki.  2022.  Automatic labeling of the elements of a vulnerability report CVE with NLP. 2022 IEEE 23rd International Conference on Information Reuse and Integration for Data Science (IRI). :164—165.
Common Vulnerabilities and Exposures (CVE) databases contain information about vulnerabilities of software products and source code. If individual elements of CVE descriptions can be extracted and structured, then the data can be used to search and analyze CVE descriptions. Herein we propose a method to label each element in CVE descriptions by applying Named Entity Recognition (NER). For NER, we used BERT, a transformer-based natural language processing model. Using NER with machine learning can label information from CVE descriptions even if there are some distortions in the data. An experiment involving manually prepared label information for 1000 CVE descriptions shows that the labeling accuracy of the proposed method is about 0.81 for precision and about 0.89 for recall. In addition, we devise a way to train the data by dividing it into labels. Our proposed method can be used to label each element automatically from CVE descriptions.
2023-06-30
Subramanian, Rishabh.  2022.  Differential Privacy Techniques for Healthcare Data. 2022 International Conference on Intelligent Data Science Technologies and Applications (IDSTA). :95–100.
This paper analyzes techniques to enable differential privacy by adding Laplace noise to healthcare data. First, as healthcare data contain natural constraints for data to take only integral values, we show that drawing only integral values does not provide differential privacy. In contrast, rounding randomly drawn values to the nearest integer provides differential privacy. Second, when a variable is constructed using two other variables, noise must be added to only one of them. Third, if the constructed variable is a fraction, then noise must be added to its constituent private variables, and not to the fraction directly. Fourth, the accuracy of analytics following noise addition increases with the privacy budget, ϵ, and the variance of the independent variable. Finally, the accuracy of analytics following noise addition increases disproportionately with an increase in the privacy budget when the variance of the independent variable is greater. Using actual healthcare data, we provide evidence supporting the two predictions on the accuracy of data analytics. Crucially, to enable accuracy of data analytics with differential privacy, we derive a relationship to extract the slope parameter in the original dataset using the slope parameter in the noisy dataset.
2023-05-19
Lu, Jie, Ding, Yong, Li, Zhenyu, Wang, Chunhui.  2022.  A timestamp-based covert data transmission method in Industrial Control System. 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). :526—532.
Covert channels are data transmission methods that bypass the detection of security mechanisms and pose a serious threat to critical infrastructure. Meanwhile, it is also an effective way to ensure the secure transmission of private data. Therefore, research on covert channels helps us to quickly detect attacks and protect the security of data transmission. This paper proposes covert channels based on the timestamp of the Internet Control Message Protocol echo reply packet in the Linux system. By considering the concealment, we improve our proposed covert channels, ensuring that changing trends in the timestamp of modified consecutive packets are consistent with consecutive regular packets. Besides, we design an Iptables rule based on the current system time to analyze the performance of the proposed covert channels. Finally, it is shown through experiments that the channels complete the private data transmission in the industrial control network. Furthermore, the results demonstrate that the improved covert channels offer better performance in concealment, time cost, and the firewall test.
2023-04-28
Wang, Man.  2022.  Research on Network Confrontation Information Security Protection System under Computer Deep Learning. 2022 IEEE 2nd International Conference on Data Science and Computer Application (ICDSCA). :1442–1447.
Aiming at the single hopping strategy in the terminal information hopping active defense technology, a variety of heterogeneous hopping modes are introduced into the terminal information hopping system, the definition of the terminal information is expanded, and the adaptive adjustment of the hopping strategy is given. A network adversarial training simulation system is researched and designed, and related subsystems are discussed from the perspective of key technologies and their implementation, including interactive adversarial training simulation system, adversarial training simulation support software system, adversarial training simulation evaluation system and adversarial training Mock Repository. The system can provide a good environment for network confrontation theory research and network confrontation training simulation, which is of great significance.
2023-03-31
Zhang, Junjian, Tan, Hao, Deng, Binyue, Hu, Jiacen, Zhu, Dong, Huang, Linyi, Gu, Zhaoquan.  2022.  NMI-FGSM-Tri: An Efficient and Targeted Method for Generating Adversarial Examples for Speaker Recognition. 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). :167–174.
Most existing deep neural networks (DNNs) are inexplicable and fragile, which can be easily deceived by carefully designed adversarial example with tiny undetectable noise. This allows attackers to cause serious consequences in many DNN-assisted scenarios without human perception. In the field of speaker recognition, the attack for speaker recognition system has been relatively mature. Most works focus on white-box attacks that assume the information of the DNN is obtainable, and only a few works study gray-box attacks. In this paper, we study blackbox attacks on the speaker recognition system, which can be applied in the real world since we do not need to know the system information. By combining the idea of transferable attack and query attack, our proposed method NMI-FGSM-Tri can achieve the targeted goal by misleading the system to recognize any audio as a registered person. Specifically, our method combines the Nesterov accelerated gradient (NAG), the ensemble attack and the restart trigger to design an attack method that generates the adversarial audios with good performance to attack blackbox DNNs. The experimental results show that the effect of the proposed method is superior to the extant methods, and the attack success rate can reach as high as 94.8% even if only one query is allowed.
2023-02-17
Zhou, Qian, Dai, Hua, Liu, Liang, Shi, Kai, Chen, Jie, Jiang, Hong.  2022.  The final security problem in IOT: Don’t count on the canary!. 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). :599–604.
Memory-based vulnerabilities are becoming more and more common in low-power and low-cost devices in IOT. We study several low-level vulnerabilities that lead to memory corruption in C and C++ programs, and how to use stack corruption and format string attack to exploit these vulnerabilities. Automatic methods for resisting memory attacks, such as stack canary and address space layout randomization ASLR, are studied. These methods do not need to change the source program. However, a return-oriented programming (ROP) technology can bypass them. Control flow integrity (CFI) can resist the destruction of ROP technology. In fact, the security design is holistic. Finally, we summarize the rules of security coding in embedded devices, and propose two novel methods of software anomaly detection process for IOT devices in the future.
2023-02-03
Suzumura, Toyotaro, Sugiki, Akiyoshi, Takizawa, Hiroyuki, Imakura, Akira, Nakamura, Hiroshi, Taura, Kenjiro, Kudoh, Tomohiro, Hanawa, Toshihiro, Sekiya, Yuji, Kobayashi, Hiroki et al..  2022.  mdx: A Cloud Platform for Supporting Data Science and Cross-Disciplinary Research Collaborations. 2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :1–7.
The growing amount of data and advances in data science have created a need for a new kind of cloud platform that provides users with flexibility, strong security, and the ability to couple with supercomputers and edge devices through high-performance networks. We have built such a nation-wide cloud platform, called "mdx" to meet this need. The mdx platform's virtualization service, jointly operated by 9 national universities and 2 national research institutes in Japan, launched in 2021, and more features are in development. Currently mdx is used by researchers in a wide variety of domains, including materials informatics, geo-spatial information science, life science, astronomical science, economics, social science, and computer science. This paper provides an overview of the mdx platform, details the motivation for its development, reports its current status, and outlines its future plans.
Kotkar, Aditya, Khadapkar, Shreyas, Gupta, Aniket, Jangale, Smita.  2022.  Multiple layered Security using combination of Cryptography with Rotational, Flipping Steganography and Message Authentication. 2022 IEEE International Conference on Data Science and Information System (ICDSIS). :1–5.
Data or information are being transferred at an enormous pace and hence protecting and securing this transmission of data are very important and have been very challenging. Cryptography and Steganography are the most broadly used techniques for safeguarding data by encryption of data and hiding the existence of data. A multi-layered secure transmission can be achieved by combining Cryptography with Steganography and by adding message authentication ensuring the confidentiality of the message. Different approach towards Steganography implementation is proposed using rotations and flips to prevent detection of encoded messages. Compression of multimedia files is set up for increasing the speed of encoding and consuming less storage space. The HMAC (Hash-based Authentication Code) algorithm is chosen for message authentication and integrity. The performance of the proposed Steganography methods is concluded using Histogram comparative analysis. Simulations have been performed to back the reliability of the proposed method.
2023-01-20
Feng, Guocong, Huang, Qingshui, Deng, Zijie, Zou, Hong, Zhang, Jiafa.  2022.  Research on cloud security construction of power grid in smart era. 2022 IEEE 2nd International Conference on Data Science and Computer Application (ICDSCA). :976—980.
With the gradual construction and implementation of cloud computing, the information security problem of the smart grid has surfaced. Therefore, in the construction of the smart grid cloud computing platform, information security needs to be considered in planning, infrastructure, and management at the same time, and it is imminent to build an information network that is secure from terminal to the platform to data. This paper introduces the concept of cloud security technology and the latest development of cloud security technology and discusses the main strategies of cloud security construction in electric power enterprises.
2023-01-13
Khan, Rida, Barakat, Salma, AlAbduljabbar, Lulwah, AlTayash, Yara, AlMussa, Nofe, AlQattan, Maryam, Jamail, Nor Shahida Mohd.  2022.  WhatsApp: Cyber Security Risk Management, Governance and Control. 2022 Fifth International Conference of Women in Data Science at Prince Sultan University (WiDS PSU). :160–165.
This document takes an in-depth approach to identify WhatsApp's Security risk management, governance and controls. WhatsApp is a communication mobile application that is available on both android and IOS, recently acquired by Facebook and allows us to stay connected. This document identifies all necessary assets, threats, vulnerabilities, and risks to WhatsApp and further provides mitigations and security controls to possibly utilize and secure the application.
Sun, Jun, Liu, Dong, Liu, Yang, Li, Chuang, Ma, Yumeng.  2022.  Research on the Characteristics and Security Risks of the Internet of Vehicles Data. 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). :299–305.
As a new industry integrated by computing, communication, networking, electronics, and automation technology, the Internet of Vehicles (IoV) has been widely concerned and highly valued at home and abroad. With the rapid growth of the number of intelligent connected vehicles, the data security risks of the IoV have become increasingly prominent, and various attacks on data security emerge in an endless stream. This paper firstly introduces the latest progress on the data security policies, regulations, standards, technical routes in major countries and regions, and international standardization organizations. Secondly, the characteristics of the IoV data are comprehensively analyzed in terms of quantity, standard, timeliness, type, and cross-border transmission. Based on the characteristics, this paper elaborates the security risks such as privacy data disclosure, inadequate access control, lack of identity authentication, transmission design defects, cross-border flow security risks, excessive collection and abuse, source identification, and blame determination. And finally, we put forward the measures and suggestions for the security development of IoV data in China.
Lin, Xinrong, Hua, Baojian, Fan, Qiliang.  2022.  On the Security of Python Virtual Machines: An Empirical Study. 2022 IEEE International Conference on Software Maintenance and Evolution (ICSME). :223—234.
Python continues to be one of the most popular programming languages and has been used in many safety-critical fields such as medical treatment, autonomous driving systems, and data science. These fields put forward higher security requirements to Python ecosystems. However, existing studies on machine learning systems in Python concentrate on data security, model security and model privacy, and just assume the underlying Python virtual machines (PVMs) are secure and trustworthy. Unfortunately, whether such an assumption really holds is still unknown.This paper presents, to the best of our knowledge, the first and most comprehensive empirical study on the security of CPython, the official and most deployed Python virtual machine. To this end, we first designed and implemented a software prototype dubbed PVMSCAN, then use it to scan the source code of the latest CPython (version 3.10) and other 10 versions (3.0 to 3.9), which consists of 3,838,606 lines of source code. Empirical results give relevant findings and insights towards the security of Python virtual machines, such as: 1) CPython virtual machines are still vulnerable, for example, PVMSCAN detected 239 vulnerabilities in version 3.10, including 55 null dereferences, 86 uninitialized variables and 98 dead stores; Python/C API-related vulnerabilities are very common and have become one of the most severe threats to the security of PVMs: for example, 70 Python/C API-related vulnerabilities are identified in CPython 3.10; 3) the overall quality of the code remained stable during the evolution of Python VMs with vulnerabilities per thousand line (VPTL) to be 0.50; and 4) automatic vulnerability rectification is effective: 166 out of 239 (69.46%) vulnerabilities can be rectified by a simple yet effective syntax-directed heuristics.We have reported our empirical results to the developers of CPython, and they have acknowledged us and already confirmed and fixed 2 bugs (as of this writing) while others are still being analyzed. This study not only demonstrates the effectiveness of our approach, but also highlights the need to improve the reliability of infrastructures like Python virtual machines by leveraging state-of-the-art security techniques and tools.
2023-01-06
Fan, Jiaxin, Yan, Qi, Li, Mohan, Qu, Guanqun, Xiao, Yang.  2022.  A Survey on Data Poisoning Attacks and Defenses. 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). :48—55.
With the widespread deployment of data-driven services, the demand for data volumes continues to grow. At present, many applications lack reliable human supervision in the process of data collection, which makes the collected data contain low-quality data or even malicious data. This low-quality or malicious data make AI systems potentially face much security challenges. One of the main security threats in the training phase of machine learning is data poisoning attacks, which compromise model integrity by contaminating training data to make the resulting model skewed or unusable. This paper reviews the relevant researches on data poisoning attacks in various task environments: first, the classification of attacks is summarized, then the defense methods of data poisoning attacks are sorted out, and finally, the possible research directions in the prospect.
2022-11-18
Islam, Md Rofiqul, Cerny, Tomas.  2021.  Business Process Extraction Using Static Analysis. 2021 36th IEEE/ACM International Conference on Automated Software Engineering (ASE). :1202–1204.
Business process mining of a large-scale project has many benefits such as finding vulnerabilities, improving processes, collecting data for data science, generating more clear and simple representation, etc. The general way of process mining is to turn event data such as application logs into insights and actions. Observing logs broad enough to depict the whole business logic scenario of a large project can become very costly due to difficult environment setup, unavailability of users, presence of not reachable or hardly reachable log statements, etc. Using static source code analysis to extract logs and arranging them perfect runtime execution order is a potential way to solve the problem and reduce the business process mining operation cost.
2022-07-13
Zuo, Jinxin, Guo, Ziyu, Gan, Jiefu, Lu, Yueming.  2021.  Enhancing Continuous Service of Information Systems Based on Cyber Resilience. 2021 IEEE Sixth International Conference on Data Science in Cyberspace (DSC). :535—542.

Cyber resilience has become a strategic point of information security in recent years. In the face of complex attack means and severe internal and external threats, it is difficult to achieve 100% protection against information systems. It is necessary to enhance the continuous service of information systems based on network resiliency and take appropriate compensation measures in case of protection failure, to ensure that the mission can still be achieved under attack. This paper combs the definition, cycle, and state of cyber resilience, and interprets the cyber resiliency engineering framework, to better understand cyber resilience. In addition, we also discuss the evolution of security architecture and analyze the impact of cyber resiliency on security architecture. Finally, the strategies and schemes of enhancing cyber resilience represented by zero trust and endogenous security are discussed.

2022-06-30
Zhou, Ziyue.  2021.  Digit Character CAPTCHA recognition Based on Deep Convolutional Neural Network. 2021 2nd International Conference on Computing and Data Science (CDS). :154—160.
With the developing of computer technology, Convolutional Neural Network (CNN) has made big development in both application region and research field. However, CAPTCHA (one Turing Test to tell difference between computer and human) technology is also widely used in many websites verification process and it has received great attention from researchers. In this essay, we introduced the CNN based on tensorflow framework and use the MINIST data set which is used in handwritten digit recognition to analyze the parameters and the structure of the CNN model. Moreover, we use different activation functions and compares them with different epochs. We also analyze many problems during the experiment to make the original data and the result more accurate.
2022-06-14
Kim, Seongsoo, Chen, Lei, Kim, Jongyeop.  2021.  Intrusion Prediction using Long Short-Term Memory Deep Learning with UNSW-NB15. 2021 IEEE/ACIS 6th International Conference on Big Data, Cloud Computing, and Data Science (BCD). :53–59.
This study shows the effectiveness of anomaly-based IDS using long short-term memory(LSTM) based on the newly developed dataset called UNSW-NB15 while considering root mean square error and mean absolute error as evaluation metrics for accuracy. For each attack, 80% and 90% of samples were used as LSTM inputs and trained this model while increasing epoch values. Furthermore, this model has predicted attack points by applying test data and produced possible attack points for each attack at the 3rd time frame against the actual attack point. However, in the case of an Exploit attack, the consecutive overlapping attacks happen, there was ambiguity in the interpretation of the numerical values calculated by the LSTM. We presented a methodology for training data with binary values using LSTM and evaluation with RMSE metrics throughout this study.
2022-06-09
Pour, Morteza Safaei, Watson, Dylan, Bou-Harb, Elias.  2021.  Sanitizing the IoT Cyber Security Posture: An Operational CTI Feed Backed up by Internet Measurements. 2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :497–506.

The Internet-of-Things (IoT) paradigm at large continues to be compromised, hindering the privacy, dependability, security, and safety of our nations. While the operational security communities (i.e., CERTS, SOCs, CSIRT, etc.) continue to develop capabilities for monitoring cyberspace, tools which are IoT-centric remain at its infancy. To this end, we address this gap by innovating an actionable Cyber Threat Intelligence (CTI) feed related to Internet-scale infected IoT devices. The feed analyzes, in near real-time, 3.6TB of daily streaming passive measurements ( ≈ 1M pps) by applying a custom-developed learning methodology to distinguish between compromised IoT devices and non-IoT nodes, in addition to labeling the type and vendor. The feed is augmented with third party information to provide contextual information. We report on the operation, analysis, and shortcomings of the feed executed during an initial deployment period. We make the CTI feed available for ingestion through a public, authenticated API and a front-end platform.

2022-06-07
He, Weiyu, Wu, Xu, Wu, Jingchen, Xie, Xiaqing, Qiu, Lirong, Sun, Lijuan.  2021.  Insider Threat Detection Based on User Historical Behavior and Attention Mechanism. 2021 IEEE Sixth International Conference on Data Science in Cyberspace (DSC). :564–569.
Insider threat makes enterprises or organizations suffer from the loss of property and the negative influence of reputation. User behavior analysis is the mainstream method of insider threat detection, but due to the lack of fine-grained detection and the inability to effectively capture the behavior patterns of individual users, the accuracy and precision of detection are insufficient. To solve this problem, this paper designs an insider threat detection method based on user historical behavior and attention mechanism, including using Long Short Term Memory (LSTM) to extract user behavior sequence information, using Attention-based on user history behavior (ABUHB) learns the differences between different user behaviors, uses Bidirectional-LSTM (Bi-LSTM) to learn the evolution of different user behavior patterns, and finally realizes fine-grained user abnormal behavior detection. To evaluate the effectiveness of this method, experiments are conducted on the CMU-CERT Insider Threat Dataset. The experimental results show that the effectiveness of this method is 3.1% to 6.3% higher than that of other comparative model methods, and it can detect insider threats in different user behaviors with fine granularity.
Meng, Fanzhi, Lu, Peng, Li, Junhao, Hu, Teng, Yin, Mingyong, Lou, Fang.  2021.  GRU and Multi-autoencoder based Insider Threat Detection for Cyber Security. 2021 IEEE Sixth International Conference on Data Science in Cyberspace (DSC). :203–210.
The concealment and confusion nature of insider threat makes it a challenging task for security analysts to identify insider threat from log data. To detect insider threat, we propose a novel gated recurrent unit (GRU) and multi-autoencoder based insider threat detection method, which is an unsupervised anomaly detection method. It takes advantage of the extremely unbalanced characteristic of insider threat data and constructs a normal behavior autoencoder with low reconfiguration error through multi-level filter behavior learning, and identifies the behavior data with high reconfiguration error as abnormal behavior. In order to achieve the high efficiency of calculation and detection, GRU and multi-head attention are introduced into the autoencoder. Use dataset v6.2 of the CERT insider threat as validation data and threat detection recall as evaluation metric. The experimental results show that the effect of the proposed method is obviously better than that of Isolation Forest, LSTM autoencoder and multi-channel autoencoders based insider threat detection methods, and it's an effective insider threat detection technology.
2022-06-06
Assarandarban, Mona, Bhowmik, Tanmay, Do, Anh Quoc, Chekuri, Surendra, Wang, Wentao, Niu, Nan.  2021.  Foraging-Theoretic Tool Composition: An Empirical Study on Vulnerability Discovery. 2021 IEEE 22nd International Conference on Information Reuse and Integration for Data Science (IRI). :139–146.

Discovering vulnerabilities is an information-intensive task that requires a developer to locate the defects in the code that have security implications. The task is difficult due to the growing code complexity and some developer's lack of security expertise. Although tools have been created to ease the difficulty, no single one is sufficient. In practice, developers often use a combination of tools to uncover vulnerabilities. Yet, the basis on which different tools are composed is under explored. In this paper, we examine the composition base by taking advantage of the tool design patterns informed by foraging theory. We follow a design science methodology and carry out a three-step empirical study: mapping 34 foraging-theoretic patterns in a specific vulnerability discovery tool, formulating hypotheses about the value and cost of foraging when considering two composition scenarios, and performing a human-subject study to test the hypotheses. Our work offers insights into guiding developers' tool usage in detecting software vulnerabilities.

2022-04-26
Zhai, Hongqun, Zhang, Juan.  2021.  Research on Application of Radio Frequency Identification Technology in Intelligent Maritime Supervision. 2021 IEEE International Conference on Data Science and Computer Application (ICDSCA). :433–436.

The increasing volume of domestic and foreign trade brings new challenges to the efficiency and safety supervision of transportation. With the rapid development of Internet technology, it has opened up a new era of intelligent Internet of Things and the modern marine Internet of Vessels. Radio Frequency Identification technology strengthens the intelligent navigation and management of ships through the unique identification function of “label is object, object is label”. Intelligent Internet of Vessels can achieve the function of “limited electronic monitoring and unlimited electronic deterrence” combined with marine big data and Cyber Physical Systems, and further improve the level of modern maritime supervision and service.

2022-04-19
Zukran, Busra, Siraj, Maheyzah Md.  2021.  Performance Comparison on SQL Injection and XSS Detection using Open Source Vulnerability Scanners. 2021 International Conference on Data Science and Its Applications (ICoDSA). :61–65.

Web technologies are typically built with time constraints and security vulnerabilities. Automatic software vulnerability scanners are common tools for detecting such vulnerabilities among software developers. It helps to illustrate the program for the attacker by creating a great deal of engagement within the program. SQL Injection and Cross-Site Scripting (XSS) are two of the most commonly spread and dangerous vulnerabilities in web apps that cause to the user. It is very important to trust the findings of the site vulnerability scanning software. Without a clear idea of the accuracy and the coverage of the open-source tools, it is difficult to analyze the result from the automatic vulnerability scanner that provides. The important to do a comparison on the key figure on the automated vulnerability scanners because there are many kinds of a scanner on the market and this comparison can be useful to decide which scanner has better performance in term of SQL Injection and Cross-Site Scripting (XSS) vulnerabilities. In this paper, a method by Jose Fonseca et al, is used to compare open-source automated vulnerability scanners based on detection coverage and a method by Yuki Makino and Vitaly Klyuev for precision rate. The criteria vulnerabilities will be injected into the web applications which then be scanned by the scanners. The results then are compared by analyzing the precision rate and detection coverage of vulnerability detection. Two leading open source automated vulnerability scanners will be evaluated. In this paper, the scanner that being utilizes is OW ASP ZAP and Skipfish for comparison. The results show that from precision rate and detection rate scope, OW ASP ZAP has better performance than Skipfish by two times for precision rate and have almost the same result for detection coverage where OW ASP ZAP has a higher number in high vulnerabilities.

2022-02-22
Zhou, Tianyang.  2021.  Performance comparison and optimization of mainstream NIDS systems in offline mode based on parallel processing technology. 2021 2nd International Conference on Computing and Data Science (CDS). :136—140.
For the network intrusion detection system (NIDS), improving the performance of the analysis process has always been one of the primary goals that NIDS needs to solve. An important method to improve performance is to use parallel processing technology to maximize the usage of multi-core CPU resources. In this paper, by splitting Pcap data packets, the NIDS software Snort3 can process Pcap packets in parallel mode. On this basis, this paper compares the performance between Snort2, Suricata, and Snort3 with different CPU cores in processing different sizes of Pcap data packets. At the same time, a parallel unpacking algorithm is proposed to further improve the parallel processing performance of Snort3.
2022-02-04
Sharif, Amer, Ginting, Dewi S., Dias, Arya D..  2021.  Securing the Integrity of PDF Files using RSA Digital Signature and SHA-3 Hash Function. 2021 International Conference on Data Science, Artificial Intelligence, and Business Analytics (DATABIA). :154–159.
Signatures are used on documents as written proof that the document was verified by the person indicated. Signature also indicated that the document originated from the signer if the document is transferred to another party. A document maybe in physical print form but may also be a digital print. A digital print requires additional security since a digital document may easily be altered by anyone although the said document is signed using a photographed or scanned signature. One of the means of security is by using the RSA Digital Signature method which is a combination of the RSA algorithm with Digital Signature. RSA algorithm is one of the public key cryptography algorithms, while Digital Signature is a security scheme which may guarantee the authenticity, non-repudiation, and integrity of a file by means of a hash function. This research implemented a web-based combination of RSA Digital Signature with SHA-3 hash function to secure the integrity of PDF files using PHP programming language. The result is a web-based system which could guarantee the authenticity, non repudiation and integrity of PDF files. Testing were carried out on six different sizes of PDF files ranging from 6 KB, up to 23285 KB on three different web browsers: Google Chrome, Microsoft Edge, and Mozilla Firefox. Average processing times of signing and verifying on each browsers were 1.3309 seconds, 1.2565 seconds, and 1.2667 seconds.