Visible to the public Biblio

Found 736 results

Filters: First Letter Of Last Name is V  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U [V] W X Y Z   [Show ALL]
Z
Korczyński, Maciej, Król, Micha\textbackslashl, van Eeten, Michel.  2016.  Zone Poisoning: The How and Where of Non-Secure DNS Dynamic Updates. Proceedings of the 2016 Internet Measurement Conference. :271–278.

This paper illuminates the problem of non-secure DNS dynamic updates, which allow a miscreant to manipulate DNS entries in the zone files of authoritative name servers. We refer to this type of attack as to zone poisoning. This paper presents the first measurement study of the vulnerability. We analyze a random sample of 2.9 million domains and the Alexa top 1 million domains and find that at least 1,877 (0.065%) and 587 (0.062%) of domains are vulnerable, respectively. Among the vulnerable domains are governments, health care providers and banks, demonstrating that the threat impacts important services. Via this study and subsequent notifications to affected parties, we aim to improve the security of the DNS ecosystem.

X
Sani, Abubakar Sadiq, Yuan, Dong, Bao, Wei, Yeoh, Phee Lep, Dong, Zhao Yang, Vucetic, Branka, Bertino, Elisa.  2019.  Xyreum: A High-Performance and Scalable Blockchain for IIoT Security and Privacy. 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS). :1920–1930.
As cyber attacks to Industrial Internet of Things (IIoT) remain a major challenge, blockchain has emerged as a promising technology for IIoT security due to its decentralization and immutability characteristics. Existing blockchain designs, however, introduce high computational complexity and latency challenges which are unsuitable for IIoT. This paper proposes Xyreum, a new high-performance and scalable blockchain for enhanced IIoT security and privacy. Xyreum uses a Time-based Zero-Knowledge Proof of Knowledge (T-ZKPK) with authenticated encryption to perform Mutual Multi-Factor Authentication (MMFA). T-ZKPK properties are also used to support Key Establishment (KE) for securing transactions. Our approach for reaching consensus, which is a blockchain group decision-making process, is based on lightweight cryptographic algorithms. We evaluate our scheme with respect to security, privacy, and performance, and the results show that, compared with existing relevant blockchain solutions, our scheme is secure, privacy-preserving, and achieves a significant decrease in computation complexity and latency performance with high scalability. Furthermore, we explain how to use our scheme to strengthen the security of the REMME protocol, a blockchain-based security protocol deployed in several application domains.
W
Gayathri, S, Seetharaman, R., Subramanian, L.Harihara, Premkumar, S., Viswanathan, S., Chandru, S..  2019.  Wormhole Attack Detection using Energy Model in MANETs. 2019 2nd International Conference on Power and Embedded Drive Control (ICPEDC). :264—268.
The mobile ad-hoc networks comprised of nodes that are communicated through dynamic request and also by static table driven technique. The dynamic route discovery in AODV routing creates an unsecure transmission as well as reception. The reason for insecurity is the route request is given to all the nodes in the network communication. The possibility of the intruder nodes are more in the case of dynamic route request. Wormhole attacks in MANETs are creating challenges in the field of network analysis. In this paper the wormhole scenario is realized using high power transmission. This is implemented using energy model of ns2 simulator. The Apptool simulator identifies the energy level of each node and track the node of high transmission power. The performance curves for throughput, node energy for different encrypted values, packet drop ratio, and end to end delay are plotted.
Ferguson-Walter, Kimberly, Major, Maxine, Van Bruggen, Dirk, Fugate, Sunny, Gutzwiller, Robert.  2019.  The World (of CTF) is Not Enough Data: Lessons Learned from a Cyber Deception Experiment. 2019 IEEE 5th International Conference on Collaboration and Internet Computing (CIC). :346–353.
The human side of cyber is fundamentally important to understanding and improving cyber operations. With the exception of Capture the Flag (CTF) exercises, cyber testing and experimentation tends to ignore the human attacker. While traditional CTF events include a deeply rooted human component, they rarely aim to measure human performance, cognition, or psychology. We argue that CTF is not sufficient for measuring these aspects of the human; instead, we examine the value in performing red team behavioral and cognitive testing in a large-scale, controlled human-subject experiment. In this paper we describe the pros and cons of performing this type of experimentation and provide detailed exposition of the data collection and experimental controls used during a recent cyber deception experiment-the Tularosa Study. Finally, we will discuss lessons learned and how our experiences can inform best practices in future cyber operations studies of human behavior and cognition.
Ross Koppel, University of Pennsylvania, Sean W. Smith, Dartmouth College, Jim Blythe, University of Southern California, Vijay Kothari, Dartmouth College.  2015.  Workarounds to Computer Access in Healthcare Organizations: You Want My Password or a Dead Patient? Information Technology and Communications in Health.

Workarounds to computer access in healthcare are sufficiently common that they often go unnoticed. Clinicians focus on patient care, not cybersecurity. We argue and demonstrate that understanding workarounds to healthcare workers’ computer access requires not only analyses of computer rules, but also interviews and observations with clinicians. In addition, we illustrate the value of shadowing clinicians and conducing focus groups to understand their motivations and tradeoffs for circumvention. Ethnographic investigation of the medical workplace emerges as a critical method of research because in the inevitable conflict between even well-intended people versus the machines, it’s the people who are the more creative, flexible, and motivated. We conducted interviews and observations with hundreds of medical workers and with 19 cybersecurity experts, CIOs, CMIOs, CTO, and IT workers to obtain their perceptions of computer security. We also shadowed clinicians as they worked. We present dozens of ways workers ingeniously circumvent security rules. The clinicians we studied were not “black hat” hackers, but just professionals seeking to accomplish their work despite the security technologies and regulations.

Ross Koppel, University of Pennsylvania, Sean W. Smith, Dartmouth College, Jim Blythe, University of Southern California, Vijay Kothari, Dartmouth College.  2015.  Workarounds to Computer Access in Healthcare Organizations: You Want My Password or a Dead Patient? Studies in Health Technology and Informatics Driving Quality Informatics: Fulfilling the Promise . 208

Workarounds to computer access in healthcare are sufficiently common that they often go unnoticed. Clinicians focus on patient care, not cybersecurity. We argue and demonstrate that understanding workarounds to healthcare workers’ computer access requires not only analyses of computer rules, but also interviews and observations with clinicians. In addition, we illustrate the value of shadowing clinicians and conducing focus groups to understand their motivations and tradeoffs for circumvention. Ethnographic investigation of the medical workplace emerges as a critical method of research because in the inevitable conflict between even well-intended people versus the machines, it’s the people who are the more creative, flexible, and motivated. We conducted interviews and observations with hundreds of medical workers and with 19 cybersecurity experts, CIOs, CMIOs, CTO, and IT workers to obtain their perceptions of computer security. We also shadowed clinicians as they worked. We present dozens of ways workers ingeniously circumvent security rules. The clinicians we studied were not “black hat” hackers, but just professionals seeking to accomplish their work despite the security technologies and regulations.
 

Reyes, Irwin, Wijesekera, Primal, Reardon, Joel, Elazari, Amit, Razaghpanah, Abbas, Vallina-Rodriguez, Narseo, Egelman, Serge.  2018.  “Won’t Somebody Think of the Children?” Examining COPPA Compliance at Scale Proceedings on Privacy Enhancing Technologies. 2018:63-83.

We present a scalable dynamic analysis framework that allows for the automatic evaluation of the privacy behaviors of Android apps. We use our system to analyze mobile apps’ compliance with the Children’s Online Privacy Protection Act (COPPA), one of the few stringent privacy laws in the U.S. Based on our automated analysis of 5,855 of the most popular free children’s apps, we found that a majority are potentially in violation of COPPA, mainly due to their use of thirdparty SDKs. While many of these SDKs offer configuration options to respect COPPA by disabling tracking and behavioral advertising, our data suggest that a majority of apps either do not make use of these options or incorrectly propagate them across mediation SDKs. Worse, we observed that 19% of children’s apps collect identifiers or other personally identifiable information (PII) via SDKs whose terms of service outright prohibit their use in child-directed apps. Finally, we show that efforts by Google to limit tracking through the use of a resettable advertising ID have had little success: of the 3,454 apps that share the resettable ID with advertisers, 66% transmit other, non-resettable, persistent identifiers as well, negating any intended privacy-preserving properties of the advertising ID.

Goncalves, J. A., Faria, V. S., Vieira, G. B., Silva, C. A. M., Mascarenhas, D. M..  2017.  WIDIP: Wireless distributed IPS for DDoS attacks. 2017 1st Cyber Security in Networking Conference (CSNet). :1–3.

This paper presents a wireless intrusion prevention tool for distributed denial of service attacks DDoS. This tool, called Wireless Distributed IPS WIDIP, uses a different collection of data to identify attackers from inside a private network. WIDIP blocks attackers and also propagates its information to other wireless routers that run the IPS. This communication behavior provides higher fault tolerance and stops attacks from different network endpoints. WIDIP also block network attackers at its first hop and thus reduce the malicious traffic near its source. Comparative tests of WIDIP with other two tools demonstrated that our tool reduce the delay of target response after attacks in application servers by 11%. In addition to reducing response time, WIDIP comparatively reduces the number of control messages on the network when compared to IREMAC.

Dijkhuis, Sander, van Wijk, Remco, Dorhout, Hidde, Bharosa, Nitesh.  2018.  When Willeke Can Get Rid of Paperwork: A Lean Infrastructure for Qualified Information Exchange Based on Trusted Identities. Proceedings of the 19th Annual International Conference on Digital Government Research: Governance in the Data Age. :89:1-89:10.

As a frequent participant in eSociety, Willeke is often preoccupied with paperwork because there is no easy to use, affordable way to act as a qualified person in the digital world. Confidential interactions take place over insecure channels like e-mail and post. This situation poses risks and costs for service providers, civilians and governments, while goals regarding confidentiality and privacy are not always met. The objective of this paper is to demonstrate an alternative architecture in which identifying persons, exchanging information, authorizing external parties and signing documents will become more user-friendly and secure. As a starting point, each person has their personal data space, provided by a qualified trust service provider that also issues a high level of assurance electronic ID. Three main building blocks are required: (1) secure exchange between the personal data space of each person, (2) coordination functionalities provided by a token based infrastructure, and (3) governance over this infrastructure. Following the design science research approach, we developed prototypes of the building blocks that we will pilot in practice. Policy makers and practitioners that want to enable Willeke to get rid of her paperwork can find guidance throughout this paper and are welcome to join the pilots in the Netherlands.

Neema, Himanshu, Vardhan, Harsh, Barreto, Carlos, Koutsoukos, Xenofon.  2019.  Web-Based Platform for Evaluation of Resilient and Transactive Smart-Grids. 2019 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES). :1–6.
Today's smart-grids have seen a clear rise in new ways of energy generation, transmission, and storage. This has not only introduced a huge degree of variability, but also a continual shift away from traditionally centralized generation and storage to distributed energy resources (DERs). In addition, the distributed sensors, energy generators and storage devices, and networking have led to a huge increase in attack vectors that make the grid vulnerable to a variety of attacks. The interconnection between computational and physical components through a largely open, IP-based communication network enables an attacker to cause physical damage through remote cyber-attacks or attack on software-controlled grid operations via physical- or cyber-attacks. Transactive Energy (TE) is an emerging approach for managing increasing DERs in the smart-grids through economic and control techniques. Transactive Smart-Grids use the TE approach to improve grid reliability and efficiency. However, skepticism remains in their full-scale viability for ensuring grid reliability. In addition, different TE approaches, in specific situations, can lead to very different outcomes in grid operations. In this paper, we present a comprehensive web-based platform for evaluating resilience of smart-grids against a variety of cyber- and physical-attacks and evaluating impact of various TE approaches on grid performance. We also provide several case-studies demonstrating evaluation of TE approaches as well as grid resilience against cyber and physical attacks.
Vhaduri, S., Poellabauer, C..  2017.  Wearable Device User Authentication Using Physiological and Behavioral Metrics. 2017 IEEE 28th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC). :1–6.

Wearables, such as Fitbit, Apple Watch, and Microsoft Band, with their rich collection of sensors, facilitate the tracking of healthcare- and wellness-related metrics. However, the assessment of the physiological metrics collected by these devices could also be useful in identifying the user of the wearable, e.g., to detect unauthorized use or to correctly associate the data to a user if wearables are shared among multiple users. Further, researchers and healthcare providers often rely on these smart wearables to monitor research subjects and patients in their natural environments over extended periods of time. Here, it is important to associate the sensed data with the corresponding user and to detect if a device is being used by an unauthorized individual, to ensure study compliance. Existing one-time authentication approaches using credentials (e.g., passwords, certificates) or trait-based biometrics (e.g., face, fingerprints, iris, voice) might fail, since such credentials can easily be shared among users. In this paper, we present a continuous and reliable wearable-user authentication mechanism using coarse-grain minute-level physical activity (step counts) and physiological data (heart rate, calorie burn, and metabolic equivalent of task). From our analysis of 421 Fitbit users from a two-year long health study, we are able to statistically distinguish nearly 100% of the subject-pairs and to identify subjects with an average accuracy of 92.97%.

Jain, Harsh, Vikram, Aditya, Mohana, Kashyap, Ankit, Jain, Ayush.  2020.  Weapon Detection using Artificial Intelligence and Deep Learning for Security Applications. 2020 International Conference on Electronics and Sustainable Communication Systems (ICESC). :193—198.
Security is always a main concern in every domain, due to a rise in crime rate in a crowded event or suspicious lonely areas. Abnormal detection and monitoring have major applications of computer vision to tackle various problems. Due to growing demand in the protection of safety, security and personal properties, needs and deployment of video surveillance systems can recognize and interpret the scene and anomaly events play a vital role in intelligence monitoring. This paper implements automatic gun (or) weapon detection using a convolution neural network (CNN) based SSD and Faster RCNN algorithms. Proposed implementation uses two types of datasets. One dataset, which had pre-labelled images and the other one is a set of images, which were labelled manually. Results are tabulated, both algorithms achieve good accuracy, but their application in real situations can be based on the trade-off between speed and accuracy.
Nathezhtha, T., Sangeetha, D., Vaidehi, V..  2019.  WC-PAD: Web Crawling based Phishing Attack Detection. 2019 International Carnahan Conference on Security Technology (ICCST). :1–6.
Phishing is a criminal offense which involves theft of user's sensitive data. The phishing websites target individuals, organizations, the cloud storage hosting sites and government websites. Currently, hardware based approaches for anti-phishing is widely used but due to the cost and operational factors software based approaches are preferred. The existing phishing detection approaches fails to provide solution to problem like zero-day phishing website attacks. To overcome these issues and precisely detect phishing occurrence a three phase attack detection named as Web Crawler based Phishing Attack Detector(WC-PAD) has been proposed. It takes the web traffics, web content and Uniform Resource Locator(URL) as input features, based on these features classification of phishing and non phishing websites are done. The experimental analysis of the proposed WC-PAD is done with datasets collected from real phishing cases. From the experimental results, it is found that the proposed WC-PAD gives 98.9% accuracy in both phishing and zero-day phishing attack detection.
Hoyle, Roberto, Das, Srijita, Kapadia, Apu, Lee, Adam J., Vaniea, Kami.  2017.  Was My Message Read?: Privacy and Signaling on Facebook Messenger Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. :3838–3842.

Major online messaging services such as Facebook Messenger and WhatsApp are starting to provide users with real-time information about when people read their messages, while useful, the feature has the potential to negatively impact privacy as well as cause concern over access to self. We report on two surveys using Mechanical Turk which looked at senders' (N=402\vphantom\\ use of and reactions to the `message seen' feature, and recipients' (N=316) privacy and signaling behaviors in the face of such visibility. Our findings indicate that senders experience a range of emotions when their message is not read, or is read but not answered immediately. Recipients also engage in various signaling behaviors in the face of visibility by both replying or not replying immediately.

V
Lee, W. van der, Verwer, S..  2018.  Vulnerability Detection on Mobile Applications Using State Machine Inference. 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :1–10.

Although the importance of mobile applications grows every day, recent vulnerability reports argue the application's deficiency to meet modern security standards. Testing strategies alleviate the problem by identifying security violations in software implementations. This paper proposes a novel testing methodology that applies state machine learning of mobile Android applications in combination with algorithms that discover attack paths in the learned state machine. The presence of an attack path evidences the existence of a vulnerability in the mobile application. We apply our methods to real-life apps and show that the novel methodology is capable of identifying vulnerabilities.

Vincur, J., Navrat, P., Polasek, I..  2017.  VR City: Software Analysis in Virtual Reality Environment. 2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C). :509–516.
This paper presents software visualization tool that utilizes the modified city metaphor to represent software system and related analysis data in virtual reality environment. To better address all three kinds of software aspects we propose a new layouting algorithm that provides a higher level of detail and position the buildings according to the coupling between classes that they represent. Resulting layout allows us to visualize software metrics and source code modifications at the granularity of methods, visualize method invocations involved in program execution and to support the remodularization analysis. To further reduce the cognitive load and increase efficiency of 3D visualization we allow users to observe and interact with our city in immersive virtual reality environment that also provides a source code browsing feature. We demonstrate the use of our approach on two open-source systems.
R. Saravanan, V. Saminadan, V. Thirunavukkarasu.  2015.  "VLSI implementation of BER measurement for wireless communication system". 2015 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS). :1-5.

This paper presents the Bit Error Rate (BER) performance of the wireless communication system. The complexity of modern wireless communication system are increasing at fast pace. It becomes challenging to design the hardware of wireless system. The proposed system consists of MIMO transmitter and MIMO receiver along with the along with a realistic fading channel. To make the data transmission more secure when the data are passed into channel Crypto-System with Embedded Error Control (CSEEC) is used. The system supports data security and reliability using forward error correction codes (FEC). Security is provided through the use of a new symmetric encryption algorithm, and reliability is provided by the use of FEC codes. The system aims at speeding up the encryption and encoding operations and reduces the hardware dedicated to each of these operations. The proposed system allows users to achieve more security and reliable communication. The proposed BER measurement communication system consumes low power compared to existing systems. Advantage of VLSI based BER measurement it that they can be used in the Real time applications and it provides single chip solution.

V. Mishra, K. Choudhary, S. Maheshwari.  2015.  "Video Streaming Using Dual-Channel Dual-Path Routing to Prevent Packet Copy Attack". 2015 IEEE International Conference on Computational Intelligence Communication Technology. :645-650.

The video streaming between the sender and the receiver involves multiple unsecured hops where the video data can be illegally copied if the nodes run malicious forwarding logic. This paper introduces a novel method to stream video data through dual channels using dual data paths. The frames' pixels are also scrambled. The video frames are divided into two frame streams. At the receiver side video is re-constructed and played for a limited time period. As soon as small chunk of merged video is played, it is deleted from video buffer. The approach has been tried to formalize and initial simulation has been done over MATLAB. Preliminary results are optimistic and a refined approach may lead to a formal designing of network layer routing protocol with corrections in transport layer.

Velmurugan, K.Jayasakthi, Hemavathi, S..  2019.  Video Steganography by Neural Networks Using Hash Function. 2019 Fifth International Conference on Science Technology Engineering and Mathematics (ICONSTEM). 1:55–58.

Video Steganography is an extension of image steganography where any kind of file in any extension is hidden into a digital video. The video content is dynamic in nature and this makes the detection of hidden data difficult than other steganographic techniques. The main motive of using video steganography is that the videos can store large amount of data in it. This paper focuses on security using the combination of hybrid neural networks and hash function for determining the best bits in the cover video to embed the secret data. For the embedding process, the cover video and the data to be hidden is uploaded. Then the hash algorithm and neural networks are applied to form the stego video. For the extraction process, the reverse process is applied and the secret data is obtained. All experiments are done using MatLab2016a software.

Vaibhavi Deshmukh, Swarnima Deshmukh, Shivani Deosatwar, Reva Sarda, Lalit Kulkarni.  2020.  Versatile CAPTCHA Generation Using Machine Learning and Image Processing.

Due to the significant increase in the size of the internet and the number of users on this platform there has been a tremendous increase in load on various websites and web-based applications. This load is from the user end which causes unforeseen conditions which leads to unacceptable consequences such as crash or a data loss scenario at the webserver end. Therefore, there is a need to reduce the load on the server as well as the chances of network attacks that increase with the increased user base. The undue consequences such as data loss and server crash are caused due to two main reasons: the first one being an overload of users and the second due to an increased number of automatic programs or robots. A technique can be utilized to overcome this scenario by introducing a delay in the operation speed on the user end through the use of a CAPTCHA mechanism. Most of the classical approaches use a single method for the generation of the CAPTCHA, to overcome this proposed model uses the versatile image CAPTCHA generation mechanism. We have introduced a system that utilizes manualbased, face detection-based, colour based and random object insertion technique to generate 4 different random types of CAPTCHA. The proposed methodology implements a region of interest and convolutional neural networks to achieve the generation of the CAPTCHA effectively.

Chadha, R., Sistla, A. P., Viswanathan, M..  2017.  Verification of Randomized Security Protocols. 2017 32nd Annual ACM/IEEE Symposium on Logic in Computer Science (LICS). :1–12.

We consider the problem of verifying the security of finitely many sessions of a protocol that tosses coins in addition to standard cryptographic primitives against a Dolev-Yao adversary. Two properties are investigated here - secrecy, which asks if no adversary interacting with a protocol P can determine a secret sec with probability textgreater 1 - p; and indistinguishability, which asks if the probability observing any sequence 0$øverline$ in P1 is the same as that of observing 0$øverline$ in P2, under the same adversary. Both secrecy and indistinguishability are known to be coNP-complete for non-randomized protocols. In contrast, we show that, for randomized protocols, secrecy and indistinguishability are both decidable in coNEXPTIME. We also prove a matching lower bound for the secrecy problem by reducing the non-satisfiability problem of monadic first order logic without equality.

Johnson, Claiborne, MacGahan, Thomas, Heaps, John, Baldor, Kevin, von Ronne, Jeffery, Niu, Jianwei.  2017.  Verifiable Assume-Guarantee Privacy Specifications for Actor Component Architectures. Proceedings of the 22Nd ACM on Symposium on Access Control Models and Technologies. :167–178.

Many organizations process personal information in the course of normal operations. Improper disclosure of this information can be damaging, so organizations must obey privacy laws and regulations that impose restrictions on its release or risk penalties. Since electronic management of personal information must be held in strict compliance with the law, software systems designed for such purposes must have some guarantee of compliance. To support this, we develop a general methodology for designing and implementing verifiable information systems. This paper develops the design of the History Aware Programming Language into a framework for creating systems that can be mechanically checked against privacy specifications. We apply this framework to create and verify a prototypical Electronic Medical Record System (EMRS) expressed as a set of actor components and first-order linear temporal logic specifications in assume-guarantee form. We then show that the implementation of the EMRS provably enforces a formalized Health Insurance Portability and Accountability Act (HIPAA) policy using a combination of model checking and static analysis techniques.

Bruno Korbar, Dartmouth College, Jim Blythe, University of Southern California, Ross Koppel, University of Pennsylvania, Vijay Kothari, Dartmouth College, Sean Smith, Dartmouth College.  2016.  Validating an Agent-Based Model of Human Password Behavior. AAAI-16 Workshop on Artificial Intelligence for Cyber Security .

Effective reasoning about the impact of security policy decisions requires understanding how human users actually behave, rather than assuming desirable but incorrect behavior. Simulation could help with this reasoning, but it requires building computational models of the relevant human behavior and validating that these models match what humans actually do. In this paper we describe our progress on building agent-based models of human behavior with passwords, and we demonstrate how these models reproduce phenomena
shown in the empirical literature.
 

U
Vaarandi, R., Pihelgas, M..  2014.  Using Security Logs for Collecting and Reporting Technical Security Metrics. Military Communications Conference (MILCOM), 2014 IEEE. :294-299.

During recent years, establishing proper metrics for measuring system security has received increasing attention. Security logs contain vast amounts of information which are essential for creating many security metrics. Unfortunately, security logs are known to be very large, making their analysis a difficult task. Furthermore, recent security metrics research has focused on generic concepts, and the issue of collecting security metrics with log analysis methods has not been well studied. In this paper, we will first focus on using log analysis techniques for collecting technical security metrics from security logs of common types (e.g., Network IDS alarm logs, workstation logs, and Net flow data sets). We will also describe a production framework for collecting and reporting technical security metrics which is based on novel open-source technologies for big data.
 

Leon, Diego, Mayorga, Franklin, Vargas, Javier, Toasa, Renato, Guevara, David.  2018.  Using of an anonymous communication in e-government services: In the prevention of passive attacks on a network. 2018 13th Iberian Conference on Information Systems and Technologies (CISTI). :1—4.

Nowadays citizens live in a world where communication technologies offer opportunities for new interactions between people and society. Clearly, e-government is changing the way citizens relate to their government, moving the interaction of physical environment and management towards digital participation. Therefore, it is necessary for e-government to have procedures in place to prevent and lessen the negative impact of an attack or intrusion by third parties. In this research work, he focuses on the implementation of anonymous communication in a proof of concept application called “Delta”, whose function is to allow auctions and offers of products, thus marking the basis for future implementations in e-government services.