Download the this issue (complete journal, excluding cover) (~2.6 MB).
Download the cover (Editorial Board Information) (~303 kB).
Table of Contents & Guest editorial (~440 kB)
1. A Source analysis of the Conficker Outbreak From a Network Telescope
2. Towards Ensuring Scalability, Interoperability and Efficient Access Control in a Multi-Domain Grid-based Environment
3. Ignorance to Awareness: Towards an Information Security Awareness Process
4. Multi-Agent Augmneted Computer Vision Technologies to Support Human Monitoring of Secure Computing facilities
A Source analysis of the Conficker Outbreak From a Network Telescope by B. Irwin
Abstract: This paper discusses a dataset of some 16 million packets targeting port 445/tcp collected by a network telescope utilising a /24 netblock in South African IP address space. An initial overview of the collected data is provided. This is followed by a detailed analysis of the packet characteristics observed, including size and TTL. The peculiarities of the observed target selection and the results of the flaw in the Conficker worm’s propagation algorithm are presented. An analysis of the 4 million observed source hosts is reported, grouped by both packet counts and the number of distinct hosts per network address block. Address blocks of size /8, 16 and 24 are used for groupings. The localisation, by geographic region and numerical proximity, of high ranking aggregate netblocks is highlighted. The observed shift in geopolitical origins observed during the evolution of the Conficker worm is also discussed. The paper concludes with some overall analyses, and consideration of the application of network telescopes to the monitoring of such outbreaks in the future.
Download Paper (~614 kB)
Towards Ensuring Scalability, Interoperability and Efficient Access Control in a Multi-Domain Grid-based Environment by N.A. Azeez and I.M. Venter
Abstract: The application of grid computing has been hampered by three basic challenges: scalability, interoperability and efficient access control which need to be optimized before a full-scale adoption of grid computing can take place. To address these challenges, a novel architectural model was designed for a multi-domain grid based environment (built on three domains). It was modelled using the dynamic role-based access control. The architecture’s framework assumes that each domain has an independent local security monitoring unit and a central security monitoring unit that monitors security for the entire grid. The architecture was evaluated using the Grid Security Services Simulator, a meta-query language and Java Runtime Environment 188.8.131.52 for implementing the workflows that define the model’s task. In terms of scalability, the results show that as the number of grid nodes increases, the average turnaround time reduces, and thereby increases the number of service requesters (grid users) on the grid. Grid middleware integration across various domains as well as the appropriate handling of authentication and authorisation through a local security monitoring unit and a central security monitoring unit proved that the architecture is interoperable. Finally, a case study scenario used for access control across the domains shows the efficiency of the role based access control approach used for achieving appropriate access to resources. Based on the results obtained, the proposed framework has proved to be interoperable, scalable and efficiently suitable for enforcing access control within the parameters evaluated.
Download Paper (~1.3 MB)
Ignorance to Awareness: Towards an Information Security Awareness Process by T. Gundu and S.V. Flowerday
Abstract: With most employees in small and medium enterprise (SME) engineering firms now having access to their own personal workstations, the need for information security management to safeguard against loss/alteration or theft of the firms’ important information has increased. These SMEs tend to be more concerned with vulnerabilities from external threats, although industry research suggests that a substantial proportion of security incidents originate from insiders within the firm. Hence, physical preventative measures such as antivirus software and firewalls are proving to solve only part of the problem as the employees using them lack adequate information security knowledge. This tends to expose a firm to risks and costly mistakes made by naïve/uninformed employees. This paper presents an information security awareness process that seeks to cultivate positive security behaviours using a behavioural intention model based on the Theory of Reasoned Action, the Protection Motivation Theory and the Behaviourism Theory. The process and model have been refined, tested through action research at an SME engineering firm in South Africa, and the findings are presented and discussed in this paper.
Download Paper (~544 kB)
Multi-Agent Augmneted Computer Vision Technologies to Support Human Monitoring of Secure Computing facilities
by M. Potgieter and J. van Niekerk
Abstract: Humans are poorly equipped to perform repetitive tasks without adversely affecting the efficiency with which they are performing the task. One such task is the monitoring of CCTV footage to prevent the theft of, or tampering with, computing equipment. This paper introduces an approach towards security monitoring that uses a Computer Vision augmented with Speeded-Up Robust Features (SURF) as the catalyst to provide event-driven object detection to assist in securing an environment. A multi-agent artificial intelligence is used to improve the processing of event detection during the execution of these computer vision algorithms. The scenario of a secure computer environment is used to demonstrate the problems with current approaches and present an alternative to human monitoring using Computer Vision. The paper demonstrates that some of the physical aspects of information security can be improved through the use of SURF algorithms.
Download Paper (~870 KB)