Bichen Che¹, Long Liu^2,*, Huali Zhang¹

Journal on Internet of Things, Vol.2, No.4, pp. 145-162, 2020, DOI:10.32604/jiot.2020.010035

Abstract With the rapid development and widespread application of the IoT, the at-tacks against IoT vulnerabilities have become more complex and diverse. Most of the previous research focused on node vulnerability and its risk analysis. There is little information available about the importance of the location of the node in the system. Therefore, an estimation mechanism is proposed to assess the key node of the IoT system. The estimation of the key node includes two parts: one is the utilization relationship between nodes, and the other is the impact on the system after the node is conquered. We use the node… More >

Weiwei Liu¹, Yang Tang², Fei Yang², Chennan Zhang¹, Dun Cao³, Gwang-jun Kim^{4, *}

CMC-Computers, Materials & Continua, Vol.65, No.3, pp. 2511-2527, 2020, DOI:10.32604/cmc.2020.09113

Abstract Intelligent Transportation System (ITS) is essential for effective identification of vulnerable units in the transport network and its stable operation. Also, it is necessary to establish an urban transport network vulnerability assessment model with solutions based on Internet of Things (IoT). Previous research on vulnerability has no congestion effect on the peak time of urban road network. The cascading failure of links or nodes is presented by IoT monitoring system, which can collect data from a wireless sensor network in the transport environment. The IoT monitoring system collects wireless data via Vehicle-to-Infrastructure (V2I) channels to simulate key segments and their… More >

Tianjun Wu, Yuexiang Yang

Intelligent Automation & Soft Computing, Vol.25, No.4, pp. 755-766, 2019, DOI:10.31209/2019.100000079

Abstract While many research efforts have been around auditing individual android apps, the security issues related to the interaction among multiple apps are less studied. Due to the hidden nature of Inter-App communications, few existing security tools are able to detect such related vulnerable behaviors. This paper proposes to perform overall security auditing using dynamic analysis techniques. We focus on data leakage as it is one of the most common vulnerabilities for Android applications. We present an app auditing system AppWalker, which uses concolic execution on a set of apps. We use static Inter-App taint analysis to guide the dynamic auditing… More >

Joo-Chan Lee¹, Hyun-Pyo Choi¹, Jang-Hoon Kim¹, Jun-Won Kim¹, Da-Un Jung¹, Ji-Ho Shin¹, Jung-Taek Seo^{1, *}

CMC-Computers, Materials & Continua, Vol.65, No.1, pp. 53-67, 2020, DOI:10.32604/cmc.2020.011251

Abstract Cyberattacks on the Industrial Control System (ICS) have recently been increasing, made more intelligent by advancing technologies. As such, cybersecurity for such systems is attracting attention. As a core element of control devices, the Programmable Logic Controller (PLC) in an ICS carries out on-site control over the ICS. A cyberattack on the PLC will cause damages on the overall ICS, with Stuxnet and Duqu as the most representative cases. Thus, cybersecurity for PLCs is considered essential, and many researchers carry out a variety of analyses on the vulnerabilities of PLCs as part of preemptive efforts against attacks. In this study,… More >

Juan R. Bermejo Higuera^{1, *}, Javier Bermejo Higuera¹, Juan A. Sicilia Montalvo¹, Javier Cubo Villalba¹, Juan José Nombela Pérez¹

CMC-Computers, Materials & Continua, Vol.64, No.3, pp. 1555-1577, 2020, DOI:10.32604/cmc.2020.010885

Abstract To detect security vulnerabilities in a web application, the security analyst must choose the best performance Security Analysis Static Tool (SAST) in terms of discovering the greatest number of security vulnerabilities as possible. To compare static analysis tools for web applications, an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project (OWASP) Top Ten project is required. The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows that the different design and… More >

Tiantian Tan^1,*, Baosheng Wang¹, Yong Tang¹, Xu Zhou¹, Jingwen Han²

CMC-Computers, Materials & Continua, Vol.61, No.3, pp. 1129-1144, 2019, DOI:10.32604/cmc.2019.06051

Abstract During system development, implementation and operation, vulnerability database technique is necessary to system security; there are many vulnerability databases but a lack of quality standardization and general evaluation method are needed. this paper summarized current international popular vulnerability databases, systematically introduced the present situation of current vulnerability databases, and found the problems of vulnerability database technology, extracted common metrics by analyzing vulnerability data of current popular vulnerability databases, introduced 4 measure indexes: the number scale of vulnerabilities, the independence level, the standardization degree and the integrity of vulnerability description, proposed a method for vulnerability database quantitative evaluation using SCAP protocol… More >

Peirong Jiang¹, Zhensen Chen², Daniel S. Hippe², Hiroko Watase³, Bin Sun¹, Ruolan Lin¹, Zheting Yang¹, Yunjing Xue^1,*, Xihai Zhao^4,*, Chun Yuan^2,4

Molecular & Cellular Biomechanics, Vol.16, Suppl.2, pp. 34-35, 2019, DOI:10.32604/mcb.2019.07394

Abstract This article has no abstract. More >

Rui Lv¹, Liang Wang¹, Dalin Tang^1,*,2

Molecular & Cellular Biomechanics, Vol.16, Suppl.2, pp. 27-28, 2019, DOI:10.32604/mcb.2019.06829

Abstract Medical imaging and image-based computational modeling have been used by many researchers in recent years to quantify atherosclerotic plaque morphological and biomechanical characteristics and predict the coronary plaque growth and rupture processes. However, it has been hard to validate model predictions due to imaging resolution limitation, lack of clinical events and plaque rupture data. This article reviews recent advances in coronary plaque research over the past decade, including medical imaging techniques represented by intravascular ultrasound (IVUS) and optical coherence tomography (OCT), computational modeling and their applications in plaque progression and vulnerability analyses and predictions. The clinical application and future development… More >

Qingyu Wang¹, Dalin Tang^1,2,*, Gador Canton³, Zheyang Wu², Thomas S. Hatsukami⁴, Kristen L Billiar⁵, Chun Yuan⁶

Molecular & Cellular Biomechanics, Vol.16, Suppl.1, pp. 81-82, 2019, DOI:10.32604/mcb.2019.05748

Abstract This article has no abstract. More >

Tiantian Tan^1,*, Baosheng Wang¹, Yong Tang¹, Xu Zhou¹, Jingwen Han²

CMC-Computers, Materials & Continua, Vol.61, No.2, pp. 629-641, 2019, DOI:10.32604/cmc.2019.06049

Abstract Vulnerability technology is the basic of network security technology, vulnerability quantitative grading methods, such as CVSS, WIVSS, ICVSS, provide a reference to vulnerability management, but the problems of ignoring the risk elevation caused by a group of vulnerabilities and low accuracy of exploitable level evaluation exist in current vulnerability quantitative grading methods. To solve problems above in current network security quantitative evaluation methods, this paper verified the high relevance degree between type and exploitable score of vulnerability, proposed a new vulnerability quantitative grading method ICVSS, ICVSS can explore attack path using continuity level defined by privilege, add vulnerability type to… More >