Farag Azzedin^*, Husam Suwad, Md Mahfuzur Rahman

CMC-Computers, Materials & Continua, Vol.73, No.2, pp. 3003-3020, 2022, DOI:10.32604/cmc.2022.028646

Abstract This article presents an asset-based security system where security practitioners build their systems based on information they own and not solicited by observing attackers’ behavior. Current security solutions rely on information coming from attackers. Examples are current monitoring and detection security solutions such as intrusion prevention/detection systems and firewalls. This article envisions creating an imbalance between attackers and defenders in favor of defenders. As such, we are proposing to flip the security game such that it will be led by defenders and not attackers. We are proposing a security system that does not observe the behavior of the attack. On… More >

Dongyang Zhan^1,*, Kai Tan¹, Lin Ye^1,2, Haining Yu^1,3, Hao Liu⁴

CMC-Computers, Materials & Continua, Vol.69, No.3, pp. 3783-3794, 2021, DOI:10.32604/cmc.2021.019432

Abstract Cloud computing plays an important role in today's Internet environment, which meets the requirements of scalability, security and reliability by using virtualization technologies. Container technology is one of the two mainstream virtualization solutions. Its lightweight, high deployment efficiency make container technology widely used in large-scale cloud computing. While container technology has created huge benefits for cloud service providers and tenants, it cannot meet the requirements of security monitoring and management from a tenant perspective. Currently, tenants can only run their security monitors in the target container, but it is not secure because the attacker is able to detect and compromise… More >

Tauqeer ul Amin^1,*, Basit Shahzad¹, Fazal-e-Amin², Muhammad Shoaib²

CMC-Computers, Materials & Continua, Vol.67, No.2, pp. 2665-2680, 2021, DOI:10.32604/cmc.2021.013263

Abstract Requirements elicitation is a fundamental phase of software development in which an analyst discovers the needs of different stakeholders and transforms them into requirements. This phase is cost- and time-intensive, and a project may fail if there are excessive costs and schedule overruns. COVID-19 has affected the software industry by reducing interactions between developers and customers. Such a lack of interaction is a key reason for the failure of software projects. Projects can also fail when customers do not know precisely what they want. Furthermore, selecting the unsuitable elicitation technique can also cause project failure. The present study, therefore, aimed… More >

Hongbin Zhang^{1, 2}, Yuzi Yi^{1, *}, Junshe Wang¹, Ning Cao^{3, *}, Qiang Duan⁴

CMC-Computers, Materials & Continua, Vol.56, No.3, pp. 381-399, 2018, DOI: 10.3970/cmc.2018.03787

Abstract Network security situation awareness is an important foundation for network security management, which presents the target system security status by analyzing existing or potential cyber threats in the target system. In network offense and defense, the network security state of the target system will be affected by both offensive and defensive strategies. According to this feature, this paper proposes a network security situation awareness method using stochastic game in cloud computing environment, uses the utility of both sides of the game to quantify the network security situation value. This method analyzes the nodes based on the network security state of… More >