1,721,050 research outputs found
Finding multi-step attacks in computer networks using heuristic search and mobile ambients
Full text linkAn important aspect of IT security governance is the proactive and continuous identification of possible attacks in computer networks. This is complicated due to the complexity and size of networks, and due to the fact that usually network attacks are performed in several steps. This thesis proposes an approach called MsAMS (Multi-step Attack Modelling and Simulation), demonstrated by a proof-of-concept tool, to automatically find such multi-step attacks. The novelty of MsAMS is the fact that it applies Mobile Ambients and Combinatorial Optimization, more specifically Heuristic Search, to the domain of multi-step network attacks. A variant of ambient calculus is used to model networks, and heuristic search is used to simulate attackers searching for possible attacks in the modelled network. Additionally, and in support to these two aspects, MsAMS uses algorithms from the domain of Link Analysis Ranking, traditionally applied to the domain of Web search. Mobile Ambients allow us to fully represent the hierarchical topology of a network as part of the network model itself. This is essential to relate insights gained from the model to the real network. Furthermore, we can represent dynamics of attacks such as credential theft, what increases the spectrum of possibilities available for attackers since it allows considering non-vulnerable as well as vulnerable hosts as attack steps. Optimization allows managing the complexity of the problem of finding multi-step attacks involving credentials without compromising the scalability of the approach for practical use. Therefore, the MsAMS approach comprises: (i) a formal representation of the solution which allows its automatic computation, in our case, the representation of an attack step in a notation based on Mobile Ambients, (ii) a search engine which implements a heuristic method for composing attack steps into multi-step attacks, and (iii) fitness functions used by the search engine for the selection of attack steps among alternatives, according to automatically computed metrics. Similar to search engines that use the structure of the World Wide Web to score webpages, the MsAMS approach proposes the use of the structure of a network to score network assets. In particular, MsAMS uses PageRank and HITS ranking schemes as sources of scalable metrics to: 1. assign asset value automatically to all ambients represented in the network, based on network connectivity rather than on financial value, providing an absolute and comparable view of asset value. Those values support the network administrator in the process of selecting a target. 2. assign a cost value automatically to all ambients represented in the network, also based on network connectivity rather than on financial value, providing an absolute and comparable view of cost for attack steps. Such a measure of cost allows the incorporation of rationality to the ambient-attacker which simulates a strategy of a real-attacker
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Assessing business-IT alignment in networked organizations
Full text linkConcerns such as identifying ways to control costs, improve quality, increase effectiveness, and manage risk have become increasingly important for organizations as they face more and more pressure to gain and maintain their competitive edge. Business-IT alignment (B-ITa) is recognized as a solution to these concerns. Aligning IT with the business remains one of the top priorities for both business practitioners and researchers. Interest in B-ITa is stimulated by cases of organizations that have successfully aligned their IT to gain competitive advantage and to improve organizational performance. There is a considerable literature on B-ITa in single organizations. Within this broad scope of literature, a number of authors have stressed the importance of assessing B-ITa in order to plan B-ITa improvement actions. In support of this, these authors have developed maturity models (MMs). MMs describe the development of a speci_c domain over time. Based on maturity assessments, organizations know the extent to which processes in such domains are predictable. That is, organizations can be aware of whether a speci_c area is su_ciently re_ned and documented so that the activities in such area now have the potential to achieve their desired outcomes. However, B-ITa in collaborative networked organizations (CNOs) has hardly been studied. Yet, this is important because improved B-ITa entails a more ef- _cient use of IT in the CNO supporting the integration of information systems and processes across organizational boundaries. CNOs form the core of a new discipline that focuses on the structure, behavior, and dynamics of networks of independent organizations that collaborate using IT to better achieve common goals. Notwithstanding the e_ective application of current B-ITa MMs for single organizations, to the best of our knowledge at the time of writing this dissertation, there is no MM that speci_cally addresses the processes needed for achieving alignment between business and IT in CNOs. In response, this dissertation introduces the ICoNOs MM, a MM to assess B-ITa in CNOs. The ICoNOs MM presents a roll up of recommendations { e.g., coordination mechanisms, implementation strategies and organizational changes, in the form of process areas, speci_c goals and practices. Through its maturity levels, the ICoNOs MM provides improvement routes for those domains that are the most important for achieving alignment in CNOs. We believe that achieving B-ITa in CNOs is more complex than in single organizations because in collaborative settings, B-ITa is driven by goals of different independent organizations commonly with no centralized decision-making processes. Throughout this dissertation, we present the results of four literature surveys, one focus group, and six case studies. Based on these conceptual and empirical research activities, we designed and validated the components underlying the ICoNOs MM and the model itself
Variations on the Author
Full text link“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
Appropriate Similarity Measures for Author Cocitation Analysis
Full text linkWe provide a number of new insights into the methodological discussion about author cocitation analysis. We first argue that the use of the Pearson correlation for measuring the similarity between authors’ cocitation profiles is not very satisfactory. We then discuss what kind of similarity measures may be used as an alternative to the Pearson correlation. We consider three similarity measures in particular. One is the well-known cosine. The other two similarity measures have not been used before in the bibliometric literature. Finally, we show by means of an example that our findings have a high practical relevance.information science;Pearson correlation;cosine;similarity measure;author cocitation analysis
Dispelling the Myths Behind First-author Citation Counts
Full text linkWe conducted a full-scale evaluative citation analysis study of scholars in the XML research field to explore just how different from each other author rankings resulting from different citation counting methods actually are, and to demonstrate the capability of emerging data and tools on the Web in supporting more realistic citation counting methods. Our results contest some common arguments for the continued
use of first-author citation counts in the evaluation of scholars, such as high correlations between author rankings by first-author citation counts and other citation
counting methods, and high costs of using more realistic citation counting methods that are not well-supported by the ISI databases. It is argued that increasingly available digital full text research papers make it possible for citation analysis studies to go beyond what the ISI databases have directly supported and to employ more
sophisticated methods
Efficient IR-Style Search over Web Services
No full textIn service-based systems, one of the most important problems is how to discover desired web services. In this paper, we propose a novel IR-Style mechanism for discovering and ranking web services automatically. In particular, we introduce the notion of preference degree for web services and then we define service relevance and service importance as two desired properties for measuring the preference degree. Furthermore, various algorithms are given for computing the relevance and importance of services, respectively. Experimental results show the proposed IR-style search strategy is efficient and practical
Using the REA ontology to create interoperability between e-collaboration modeling standards
No full textE-collaboration modeling standards like ISO/IEC 15944 and the UN/CEFACT Modeling Methodology (UMM) provide techniques, terms and reference models for modeling collaborative business processes. They offer a standardized approach for business partners to codify the business conventions, agreements and rules that govern business collaborations and to share business process information. Although effective in creating interoperability between organizations at the business process level, prospective business partners are required to commit to the same modeling standard. In this paper we show how the REA enterprise ontology can be used to semantically relate the ISO/IEC 15944 and UMM e-collaboration standards. Using the REA ontology as a shared business collaboration ontology, business partners can create interoperability between their respective business process models without having to use the same modeling standard
- …
