首页 > 最新文献

Network Security最新文献

英文 中文
APIs – the hackers delight api——黑客们的喜悦
Network Security
Pub Date : 2022-11-01 DOI: 10.12968/s1353-4858(22)70064-5
C. Tankard
{"title":"APIs – the hackers delight","authors":"C. Tankard","doi":"10.12968/s1353-4858(22)70064-5","DOIUrl":"https://doi.org/10.12968/s1353-4858(22)70064-5","url":null,"abstract":"","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"38 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74130691","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Supply chain security – the biggest overlooked cyber risk 供应链安全——最容易被忽视的网络风险
Network Security
Pub Date : 2022-11-01 DOI: 10.12968/s1353-4858(22)70065-7
J. Griffiths
Every business, no matter how large or small, has some form of supply chain. You could be a manufacturer that supplies goods to a business to sell, or you could be the office water cooler supplier. It really doesn't matter what size the business is – you will tend to have at least one supplier. This, unfortunately, opens all businesses up to the potential risk of cyber attacks and data breaches coming directly from their supplier or suppliers (or any other firms in their supply chain).
每个企业,无论大小,都有某种形式的供应链。你可以是为企业提供商品的制造商,也可以是办公室饮水机的供应商。企业规模有多大并不重要——你至少会有一个供应商。不幸的是,这使所有企业都面临着直接来自其供应商(或其供应链中的任何其他公司)的网络攻击和数据泄露的潜在风险。
{"title":"Supply chain security – the biggest overlooked cyber risk","authors":"J. Griffiths","doi":"10.12968/s1353-4858(22)70065-7","DOIUrl":"https://doi.org/10.12968/s1353-4858(22)70065-7","url":null,"abstract":"Every business, no matter how large or small, has some form of supply chain. You could be a manufacturer that supplies goods to a business to sell, or you could be the office water cooler supplier. It really doesn't matter what size the business is – you will tend to have at least one supplier. This, unfortunately, opens all businesses up to the potential risk of cyber attacks and data breaches coming directly from their supplier or suppliers (or any other firms in their supply chain).","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"239 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80419098","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Talking template injection attacks 讨论模板注入攻击
Network Security
Pub Date : 2022-11-01 DOI: 10.12968/s1353-4858(22)70067-0
Thomas B. McVey
{"title":"Talking template injection attacks","authors":"Thomas B. McVey","doi":"10.12968/s1353-4858(22)70067-0","DOIUrl":"https://doi.org/10.12968/s1353-4858(22)70067-0","url":null,"abstract":"","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"49 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82202550","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Mission-critical data is more complex in a hybrid world 关键任务数据在混合环境中更为复杂
Network Security
Pub Date : 2022-11-01 DOI: 10.12968/s1353-4858(22)70063-3
Robbie Allen
It's hard to think of a bigger disruption to organisations’ overall IT infrastructure than hybrid working. Suddenly, but out of necessity, the comforting assumption that all devices and data would be protected by carefully planned protocols, well-configured firewalls and excellent staff training has gone. In its place is the anxiety of new risks, such as a USB stick with confidential data becoming lost in transit, family members borrowing a work laptop and accessing company files, passwords carelessly being shared, or networks being misused.
很难想象对组织整体It基础设施的破坏比混合工作更大。突然间,所有设备和数据都将受到精心规划的协议、配置良好的防火墙和出色的员工培训的保护,这种令人欣慰的假设(但并非必要)消失了。取而代之的是对新风险的焦虑,比如存储机密数据的u盘在传输过程中丢失,家人借用工作用笔记本电脑访问公司文件,密码不小心被共享,或者网络被滥用。
{"title":"Mission-critical data is more complex in a hybrid world","authors":"Robbie Allen","doi":"10.12968/s1353-4858(22)70063-3","DOIUrl":"https://doi.org/10.12968/s1353-4858(22)70063-3","url":null,"abstract":"It's hard to think of a bigger disruption to organisations’ overall IT infrastructure than hybrid working. Suddenly, but out of necessity, the comforting assumption that all devices and data would be protected by carefully planned protocols, well-configured firewalls and excellent staff training has gone. In its place is the anxiety of new risks, such as a USB stick with confidential data becoming lost in transit, family members borrowing a work laptop and accessing company files, passwords carelessly being shared, or networks being misused.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"41 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76204815","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Rethinking endpoint management for the modern age 重新思考现代端点管理
Network Security
Pub Date : 2022-10-01 DOI: 10.12968/s1353-4858(22)70060-8
Dan Richings
Four decades after the first PC rolled off the production line, today's systems are an order of magnitude faster and more functional than the originals. But how vulnerable are they to attack?
在第一台个人电脑下线40年后,今天的系统比最初的系统要快一个数量级,功能也更强大。但它们有多容易受到攻击呢?
{"title":"Rethinking endpoint management for the modern age","authors":"Dan Richings","doi":"10.12968/s1353-4858(22)70060-8","DOIUrl":"https://doi.org/10.12968/s1353-4858(22)70060-8","url":null,"abstract":"Four decades after the first PC rolled off the production line, today's systems are an order of magnitude faster and more functional than the originals. But how vulnerable are they to attack?","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"30 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74800801","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Driving the legal GRC agenda in a brave new world of compliance 在合规的新世界中推动法律GRC议程
Network Security
Pub Date : 2022-10-01 DOI: 10.12968/s1353-4858(22)70058-x
S. Whitburn
{"title":"Driving the legal GRC agenda in a brave new world of compliance","authors":"S. Whitburn","doi":"10.12968/s1353-4858(22)70058-x","DOIUrl":"https://doi.org/10.12968/s1353-4858(22)70058-x","url":null,"abstract":"","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"7 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76059527","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
The threat from Russia continues to loom large 来自俄罗斯的威胁依然很大
Network Security
Pub Date : 2022-10-01 DOI: 10.12968/s1353-4858(22)70061-x
Richard Staynings
As the threat from cyber attacks originating from Russia continues to grow, every nation must remain vigilant and learn to adapt and respond quickly to the evolving strategies of Russian cyber attackers.
随着来自俄罗斯的网络攻击威胁持续增长,每个国家都必须保持警惕,学会适应并迅速应对俄罗斯网络攻击者不断变化的战略。
{"title":"The threat from Russia continues to loom large","authors":"Richard Staynings","doi":"10.12968/s1353-4858(22)70061-x","DOIUrl":"https://doi.org/10.12968/s1353-4858(22)70061-x","url":null,"abstract":"As the threat from cyber attacks originating from Russia continues to grow, every nation must remain vigilant and learn to adapt and respond quickly to the evolving strategies of Russian cyber attackers.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"25 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90403480","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DDoS – does size matter? DDoS -大小重要吗?
Network Security
Pub Date : 2022-10-01 DOI: 10.12968/s1353-4858(22)70062-1
Ashley Stephenson
We see frequent headlines about distributed denial of service (DDoS) of ever greater volumes. But does this reflect a true image of the DDoS problem? We can look at recent history to gain some insights into this obsession with attack size.
我们经常看到有关分布式拒绝服务(DDoS)的新闻头条。但这是否反映了DDoS问题的真实情况呢?我们可以看看最近的历史,对这种对攻击规模的痴迷有所了解。
{"title":"DDoS – does size matter?","authors":"Ashley Stephenson","doi":"10.12968/s1353-4858(22)70062-1","DOIUrl":"https://doi.org/10.12968/s1353-4858(22)70062-1","url":null,"abstract":"We see frequent headlines about distributed denial of service (DDoS) of ever greater volumes. But does this reflect a true image of the DDoS problem? We can look at recent history to gain some insights into this obsession with attack size.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"35 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76279977","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
What you don't know can hurt you 你不知道的事情会伤害到你
Network Security
Pub Date : 2022-10-01 DOI: 10.12968/s1353-4858(22)70059-1
Gemma Moore
{"title":"What you don't know can hurt you","authors":"Gemma Moore","doi":"10.12968/s1353-4858(22)70059-1","DOIUrl":"https://doi.org/10.12968/s1353-4858(22)70059-1","url":null,"abstract":"","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"29 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78218477","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An improved filter against injection attacks using regex and machine learning 使用正则表达式和机器学习改进的针对注入攻击的过滤器
Network Security
Pub Date : 2022-09-01 DOI: 10.12968/s1353-4858(22)70055-4
Sujan Chegu, Gautam U Reddy, Bharath S Bhambore, KA Adeab, Prasad B. Honnavalli, Sivaraman Eswaran
Injection-based attacks have consistently made the Open Web Application Security Project (OWASP)Top 10 vulnerabilities for years. 1 Common types of injection attacks include SQL injection, cross-site scripting (XSS) and code injection. Filter engines are used to detect and sanitise user inputs for these malicious attacks. The user input is assumed to be tainted by default. Thus, the ability of a filter in terms of accuracy and latency is important. There exist various approaches to improve filters, primarily including techniques based on regular expressions (regexes), abstract syntax tree, machine learning and so on. However, the testing of modern solutions has achieved no more than 98.5% accuracy for XSS. This article looks at ways to improve accuracy.
多年来,基于注入的攻击一直是开放Web应用程序安全项目(OWASP)十大漏洞之一。1常见的注入攻击包括SQL注入、跨站脚本攻击和代码注入。过滤引擎用于检测和过滤这些恶意攻击的用户输入。默认情况下,假定用户输入是受污染的。因此,过滤器在准确性和延迟方面的能力很重要。有很多改进过滤器的方法,主要包括基于正则表达式、抽象语法树、机器学习等的技术。然而,现代解决方案的测试对XSS的准确率不超过98.5%。本文着眼于提高准确性的方法。
{"title":"An improved filter against injection attacks using regex and machine learning","authors":"Sujan Chegu, Gautam U Reddy, Bharath S Bhambore, KA Adeab, Prasad B. Honnavalli, Sivaraman Eswaran","doi":"10.12968/s1353-4858(22)70055-4","DOIUrl":"https://doi.org/10.12968/s1353-4858(22)70055-4","url":null,"abstract":"Injection-based attacks have consistently made the Open Web Application Security Project (OWASP)Top 10 vulnerabilities for years. 1 Common types of injection attacks include SQL injection, cross-site scripting (XSS) and code injection. Filter engines are used to detect and sanitise user inputs for these malicious attacks. The user input is assumed to be tainted by default. Thus, the ability of a filter in terms of accuracy and latency is important. There exist various approaches to improve filters, primarily including techniques based on regular expressions (regexes), abstract syntax tree, machine learning and so on. However, the testing of modern solutions has achieved no more than 98.5% accuracy for XSS. This article looks at ways to improve accuracy.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"67 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84042736","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
类型
全部 化学•材料 生命科学 医学 物理 工程技术 环境•农林 材料科学 地球科学 法学 管理学 化学 环境科学与生态学 计算机科学 教育学 经济学 农林科学 人文科学 生物学 数学 物理与天体物理 心理学 综合性期刊 其他 工业工程 理学 历史学 农学 文学 信息工程
数据库
全部 ACS Publications Elsevier ieeexplore Springer The Royal Society of Chemistry Wiley
期刊
Network Security
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1