Search results

In the last a few years a number of highly publicized incidents of Distributed Denial of Service (DDoS) attacks against high‐profile government and commercial websites have made people aware of the importance of providing data and services security to users. A DDoS attack is an availability attack, which is characterized by an explicit attempt from an attacker to prevent legitimate users of a service from using the desired resources. This paper introduces the vulnerability of web applications to DDoS attacks, and presents an active distributed defense system that has a deployment mixture of sub‐systems to protect web applications from DDoS attacks. According to the simulation experiments, this system is effective in that it is able to defend web applications against attacks. It can avoid overall network congestion and provide more resources to legitimate web users.

With the growing penetration of financial technology, financial firms and banking institutions have seen a rise in the volume of cyber-attacks in recent years. Cyber criminals are using more sophisticated techniques to beat traditional passive defences. The purpose of this paper is to explore, analyse and recommend various active cyber defence strategies and techniques that can be implemented by organizations in financial sector to secure and safeguard their assets and cyber space.

This paper adopts a secondary research approach on the various techniques that can be used effectively to adopt active cyber defence strategy.

Based on the existing strategies and techniques available and those being currently developed, this paper proposes a holistic approach that can be adopted by banks and financial institutions to secure their cyber space. This involves a combination of active and passive cyber defence techniques and effective threat intelligence.

The following paper has been checked for plagiarism and is within the acceptable standards for publishing in this journal. Appropriate references have been duly cited, and the formulation of the final recommendation is the original work of the authors.

This paper proposes an approach to deal with malware and botnets, which in recent years have become one of the major threats in the cyber world. These malicious pieces of software can cause harm not only to the infected victims but also to actors at a much larger scale. For this reason, defenders, namely, security researchers and analysts, and law enforcement have fought back and contained the spreading infections. However, the fight is fundamentally asymmetric.

In this paper, the authors argue the need to equip defenders with more powerful active defence tools such as malware and botnets, called antidotes, which must be used as last resort to mitigate malware epidemics. Additionally, the authors argue the validity of this approach by considering the ethical and legal concerns of leveraging sane and compromised hosts to mitigate malware epidemics. Finally, the authors further provide evidence of the possible success of these practices by applying their approach to Hlux, Sality and Zeus malware families.

Although attackers have neither ethical nor legal constraints, defenders are required to follow much stricter rules and develop significantly more intricate tools. Additionally, attackers have been improving their malware to make them more resilient to takeovers.

By combining existing research, the authors provide an analysis and possible implication of a more intrusive yet effective solution for fighting the spreading of malware.

Private persons and entities are increasingly adopting aggressive “active defense” measures (i.e., “hack back”) against Internet‐based attacks that can infringe the rights of innocent persons. In this paper, I argue that aggressive active defense cannot be justified by the Necessity Principle, which defines a moral liberty to infringe the right of an innocent person if necessary to achieve a significantly greater moral good. It is a necessary condition for justifiably acting under an ethical principle that we have adequate reason to believe its application‐conditions are satisfied. Since, absent special knowledge, the victim of a hacker attack will not be able to reliably predict the direct or indirect consequences of aggressive countermeasures, she lacks adequate reason to think that those measures will achieve a good that significantly outweighs the evil that is done to innocent parties.

Examines national, local and European policy responses to defence cuts by considering a case study of the defence‐dependent region of Devon and Cornwall. It is shown that in the absence of a coherent national government policy and the constraints on local authority finance, European programmes have played an important role in assisting the process of local restructuring. Moreover, the process of bidding for European funds has fostered local cooperation and generated a considerable amount of information concerning the local defence sector.

This study proposes targeted modernization of the Department of Defense (DoD's) Joint Forces Ammunition Logistics information system by implementing the optimized innovative information technology open architecture design and integrating Radio Frequency Identification Device data technologies and real-time optimization and control mechanisms as the critical technology components of the solution. The innovative information technology, which pursues the focused logistics, will be deployed in 36 months at the estimated cost of $568 million in constant dollars. We estimate that the Systems, Applications, Products (SAP)-based enterprise integration solution that the Army currently pursues will cost another $1.5 billion through the year 2014; however, it is unlikely to deliver the intended technical capabilities.

The purpose of this study is to evaluate Department of Defense (DoD)-backed innovation programs as a means of enhancing the adoption of new technology throughout the armed forces.

The distribution of 1.29 million defense contract awards over seven years was analyzed across a data set of more than 8,000 DoD-backed innovation program award recipients. Surveys and interviews of key stakeholder groups were conducted to contextualize the quantitative results and garner additional insights.

Nearly half of DoD innovation program participants achieve no meaningful growth in direct defense business after program completion, and most small, innovative companies that win follow-on defense contracts solely support their initial sponsor branch. Causes for these program failures include the fact that programs do not market participants’ capabilities to the defense community and do not track participant companies after program completion.

Because the DoD does not market the capabilities of its innovation program participants internally, prospective DoD customers conduct redundant market research or fail to modernize. Program participants become increasingly unwilling to invest in the DoD market long term after the programs fail to deliver their expected benefits.

Limited scholarship evaluates the efficacy of DoD-backed innovation programs as a means of enhancing force readiness. This research not only uses a vast data set to demonstrate the failures of these programs but also presents concrete recommendations for improving them – including establishing an “Innovators Database” to track program participants and an incentive to encourage contracting entities and contractors to engage with them.