List of Articles امنیت

• Open Access Article
  • Abstract Page
  • Full-Text
  
  1 - A Novel Model for detecting intrusion with Mobile Agent and Game theory
  Amin Nezarat mehdi raja Gholamhossein Dastghaibyfard
  The proposed framework applies two game theoretic models for economic deployment of intrusion detection system (IDS). The first scheme models and analyzes the interaction behaviors of between an attacker and intrusion detection agent within a non-cooperative game, and t More

  The proposed framework applies two game theoretic models for economic deployment of intrusion detection system (IDS). The first scheme models and analyzes the interaction behaviors of between an attacker and intrusion detection agent within a non-cooperative game, and then the security risk value is derived from the mixed strategy Nash equilibrium. The second scheme uses the security risk value to compute the Shapley value of intrusion detection agent under the various threat levels. Therefore, the fair agent allocation creates a minimum set of IDS deployment costs. Numerical examples show that the network administrator can quantitatively evaluate the security risk of each intrusion detection agent and easily select the most effective IDS agent deployment to meet the various threat levels. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  2 - Presenting a model for using mobile agents in distributed intrusion detection systems based on game theory
  امین نظارات مهدی رجا Gholamhossein Dastghaibyfard
  20.1001.1.27170411.1395.8.27.6.2
  Network intrusion detection systems are tools used to protect network resources from attacks. Due to the spread of attacks in the Internet space and the change in the form and type of attacks from centralized to distributed, the architecture of such systems is also movi More

  Network intrusion detection systems are tools used to protect network resources from attacks. Due to the spread of attacks in the Internet space and the change in the form and type of attacks from centralized to distributed, the architecture of such systems is also moving towards distribution. In this article, a method based on mobile agents that act as sensors for detecting invalid movements is proposed. Mobile attack detection agents are scattered in the network moving from one node to another and at any time they build a security upper network and use a kind of cooperative game and communicate with each other, after reaching the Shipley value. They can detect and report the extent and origin of the attack. In this article, a method is proposed that WGA in a non-cooperative game with the attacking element tries to establish a revelation communication in order to calculate the value of Nash and reach the maximum utility, so that it can separate the attacks or real requests, the amount and intensity of the attack with Get help from other WGA Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  3 - An access control model for online social networks using user-to-user relationships
  Mohamad Javad Piran mahmud deypir
  20.1001.1.27170411.1399.12.45.1.1
  With the pervasiveness of social networks and the growing information shared on them, users of these networks are exposed to potential threats to data security and privacy. The privacy settings included in these networks do not give users complete control over the manag More

  With the pervasiveness of social networks and the growing information shared on them, users of these networks are exposed to potential threats to data security and privacy. The privacy settings included in these networks do not give users complete control over the management and privatization of access to their shared information by other users. In this article, using the concept of social graph, a new model of user access control was proposed to the user, which allows the expression of privacy policies and more accurate and professional access control in terms of pattern and depth of relationships between users in social networks. In this article, by using the regular index method, indirect relationships among users are examined and analyzed, and more precise policies than previous models are presented. The evaluation of the results showed that for 10 neighbors for each user, the probability accumulation of a qualified path for the first three counter loops is 1, 10.5 and 67.3%, respectively, and finally for the fourth counter it reaches 100%. As the defined counting characteristic increases, the average execution time of the proposed algorithm and previously proposed algorithms increases. However, for the higher limits of the counting characteristic, the proposed algorithm performs better than the previous ones. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  4 - Proposing a New Framework to Decreasing Delay in the Internet of Things by Using Computing Power of Fog
  Mohammad Taghi Shaykhan kianoosh azadi
  20.1001.1.27170414.1400.13.47.2.8
  As the Internet of Things (IoT) expands and becomes more widespread, we will soon see the dependence of human life on its services. At that time, it would be difficult to imagine the survival without the IoT, and disruption of its services would cause great loss of life More

  As the Internet of Things (IoT) expands and becomes more widespread, we will soon see the dependence of human life on its services. At that time, it would be difficult to imagine the survival without the IoT, and disruption of its services would cause great loss of life and property. Disruption of IoT services can occur for two reasons: network errors due to congestion, collision, interruption and noise, and disruption due to the malicious activities of infiltrator. Also, the destructive activities of infiltrators can lead to various cyber attacks and violation of the privacy of individuals. Therefore, before the interdependence between human life and IoT, it is necessary to consider measures to ensure the quality and security of service and privacy. In this study, a solution to reduce service delay (improve quality) and ensure security and privacy of things by relying on the computing power of nodes available in the Fog Layer has been proposed. The proposed solution simultaneously improves service quality and maintains security and privacy. Other features of presented algorithm in proposed solution of fairness between objects are in terms of the quality of service received and minimizing overhead processing and transfer of expired packages (packages that will certainly experience a consumedly threshold delay). Adherence to fairness ensures that the quality of service of any of the things does not be a subject of the reduction of the delay of the service of the entire network; These aforementioned objects may be subjects of critical applications, such as health. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  5 - computer security models and proposing a new perspective: A review paper
  Hadi sadjadi Reza Kalantari
  In this article first the use of computer security models and its benefits are discussed in a novel way. Then, while briefly introducing the space of computer security encounters in the form of ontology, for the first time, three perspectives in the study of patterns in More

  In this article first the use of computer security models and its benefits are discussed in a novel way. Then, while briefly introducing the space of computer security encounters in the form of ontology, for the first time, three perspectives in the study of patterns in this field have been identified and distinguished from each other. These three perspectives include the view of secure models, the view of security models, and the view of the framework and system to security models. The first and third perspectives are briefly explained and the second perspective is studied in detail from the perspective of the organization of patterns, including the five types of organization. The five types mentioned include software-based lifecycle organization, logical-level organization-based organization, threat-based classification-based organization, attack-based classification-based organization, and application-based organization. In this type of introduction of patterns, the audience acquires a comprehensive view of the discourse of computer security patterns and acquires the necessary knowledge to make better use of these patterns. Finally, the analysis and idea of this research is presented in the form of introducing a new type of organization in order to facilitate the proper use and addressing of patterns. In this idea, it is stated that the existing categories are mostly static and forward-looking and do not have the necessary dynamism and backwardness, and the idea of covering all stakeholders and security ontology can have this feature and, in addition, include agile patterns as well. . Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  6 - Identifying the Key Drivers of Digital Signature Implementation in Iran (using fuzzy Delphi method)
  Ghorbanali Mehrabani Fatemeh Zargaran khouzani
  iThe purpose of this article is to identify and analyze the key drivers of digital signature implementation in Iran with a fuzzy Delphi approach. In terms of practical purpose and in terms of information gathering, the research has benefited from a hybrid approach. The More

  iThe purpose of this article is to identify and analyze the key drivers of digital signature implementation in Iran with a fuzzy Delphi approach. In terms of practical purpose and in terms of information gathering, the research has benefited from a hybrid approach. The statistical community consists of all experts and specialists in the field of information technology and digital signature and articles in this field. The sample size of the statistical community of experts is 13 people who were selected by the purposeful sampling method. 30 articles were selected based on their availability and downloadable, non-technical nature, and relevance to the topic. The method of data analysis was done according to the fuzzy Delphi approach. Validity and reliability were calculated and confirmed using the CVR index and Cohen's kappa test with coefficients of 0.83 and 0.93, respectively. The results prove that the key drivers of digital signature implementation in Iran include 5 main dimensions and 30 concepts, which are 1) security (information confidentiality, information security, sender authentication, document authentication, privacy protection, trust between parties), 2) business (digital business models, communication needs, staff management, organization size, organizational structure, organization resources, organizational culture, top managers, competition ecosystem, e-governance), 3) user (perceived convenience, perceived benefit, consumer behavior, consumer literacy, consumer lifestyle), 4) technical (development of technical infrastructure, systems integration, system complexity, system tanks, design quality, technical speed of certificate production and verification, impermeability of hackers) and 5) Legal (legal licenses, penal laws, legislative body, e-commerce laws). Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  7 - Identifying the Key Drivers of Digital Signature Implementation in Iran (Using Fuzzy Delphi Method)
  Ghorbanali Mehrabani Fatemeh Zargaran khouzani
  Despite the emphasis of researchers and experts on the need to implement digital signatures and the progress of technology towards the digitization of all affairs and electronic governance, Iran is still facing the challenge of implementing digital signatures. The purpo More

  Despite the emphasis of researchers and experts on the need to implement digital signatures and the progress of technology towards the digitization of all affairs and electronic governance, Iran is still facing the challenge of implementing digital signatures. The purpose of this article is to identify and analyze the key drivers of digital signature implementation in Iran with a fuzzy Delphi approach. In terms of practical purpose and in terms of information gathering, the research has benefited from a hybrid approach. The statistical community consists of all experts and specialists in the field of information technology and digital signature and articles in this field. The sample size of the statistical community of experts is 13 people who were selected by the purposeful sampling method. 31 articles were selected based on their availability and downloadable, non-technical nature, and relevance to the topic. The method of data analysis was done according to the fuzzy Delphi approach. Validity and reliability were calculated and confirmed using the CVR index and Cohen's kappa test with coefficients of 0.83 and 0.93, respectively. The results prove that the key drivers of digital signature implementation in Iran include 5 main dimensions and 30 concepts, which are 1) security (information confidentiality, information security, sender authentication, document authentication, privacy protection, trust between parties), 2) business (digital business models, communication needs, staff management, organization size, organizational structure, organization resources, organizational culture, top managers, competition ecosystem, e-governance), 3) user (perceived convenience, perceived benefit, consumer behavior, consumer literacy, consumer lifestyle), 4) technical (development of technical infrastructure, systems integration, system complexity, system tanks, design quality, technical speed of certificate production and verification, impermeability of hackers) and 5) Legal (legal licenses, penal laws, legislative body, e-commerce laws). It is suggested that in the field of digital signature implementation, special attention should be paid to rewriting rules, training users, creating a security culture, and digital signature policymakers should invite knowledge-based companies to cooperate in developing infrastructure and making relevant software competitive. Manuscript profile