Abstract The majority of learning systems usually assume that training sets are balanced, however, in real world data this hypothesis is not always true. The problem of between-class imbalance is a challenge that has attracted growing attention from both academia and industry, because of its critical influence on the performance of learning systems. Many solutions were proposed to resolve this problem:... The majority of learning systems usually assume that training sets are balanced, however, in real world data this hypothesis is not always true. The problem of between-class imbalance is a challenge that has attracted growing attention from both academia and industry, because of its critical influence on the performance of learning systems. Many solutions were proposed to resolve this problem: Generally, the common practice for dealing with imbalanced data sets is to rebalance them artificially by using sampling methods. Unfortunately, these methods can’t give a high performance of learning. In this paper, we propose a new method based on Sample Selection (SS), to deal with the problem of between class imbalance. We consider that creating balance between classes by maintaining those examples located near the border line improves the performance of the classifier. To reduce the computational cost of selecting all samples, we propose a clustering method as a first step in order to determine the critical centers, and then select samples from those critical clusters. Experimental results with Multi-Layer Perceptron (MLP) architecture, on well known Intrusion Detection data set, show that our approach allows to attend the precision of Boosting methods, that we will explain how it can be considered like a SS method. Read More Read Less

Abstract The problem of modern network security becomes more and more difficult, and request security methods more efficient and adapted to current circumstances. Since the firewall is one of the most used components in any network architectures, policy deployment is a very important step to move from one policy to another without presenting any flaws. For this case, researchers have proposed... The problem of modern network security becomes more and more difficult, and request security methods more efficient and adapted to current circumstances. Since the firewall is one of the most used components in any network architectures, policy deployment is a very important step to move from one policy to another without presenting any flaws. For this case, researchers have proposed several algorithms that solve this problem safely. In this paper we will see two types of policy deployment often used, study one of the type II language, and show that it can provide some security holes. We will propose some changes to transform this strategy to a new very efficient algorithm, which respect the safety criteria. Read More Read Less

Abstract Today, many hardware and software solutions are available to enhance information security, but there is limited research regarding the human factor in information security. Other researchers have revealed that the application of information security technologies alone does not always result in improved security. Human factors immensely contribute to the security of information systems. This research study therefore addresses the missing... Today, many hardware and software solutions are available to enhance information security, but there is limited research regarding the human factor in information security. Other researchers have revealed that the application of information security technologies alone does not always result in improved security. Human factors immensely contribute to the security of information systems. This research study therefore addresses the missing link in information security, that is, the end-user working with the information system. In this study, a survey was carried out in two state universities in order to establish the human factors that compromise information security. The major factors established were divided into four categories namely, Social Engineering, Carelessness, Bad Password behavior and Security training. Results showed that Failure to refer to Information Technology (IT) policy (under Social Engineering) and lack of information security training (security training) were the major drivers in compromising information security. Findings from the survey were used to design a model aimed at reducing human factors in information security, called the Human Factors Collaboration Reinforcement model (HFCRM). Since this proposed model is based on collaborative monitoring of security policy violation, an information security policy was consequently designed, so as to facilitate the implementation of the model. Read More Read Less

Abstract Use of biometric systems is becoming an important alternative to replace traditional authentication such as password. Yet most of biometric authentication systems store original biometric features, unfortunately, without any encryption, threatening though the security and privacy of user’s identity. When biometric data is compromised, unlike a password, it cannot be changed. Therefore, the security of biometric models is essential in... Use of biometric systems is becoming an important alternative to replace traditional authentication such as password. Yet most of biometric authentication systems store original biometric features, unfortunately, without any encryption, threatening though the security and privacy of user’s identity. When biometric data is compromised, unlike a password, it cannot be changed. Therefore, the security of biometric models is essential in designing an authentication system. To achieve this protection of biometric models, two approaches are used: methods based on transformation of user characteristics and biometric cryptosystems. Although biometric cryptosystems are used in several applications (e.g. smart cards), they include several components that have limitations such as risk of falsification and poor performance. A performance evaluation is then compulsory for comparison between different biometric systems. For this reason we proposed in this paper several criteria to assess the security strength and we defined several measures that facilitate overall security evaluation of biometric cryptosystems. In this analysis we considered Fuzzy Vault scheme, a well known approach of biometric cryptosystems, in order to provide security and protection risks associated with this approach. We proposed in this work four distinct classes of attacks against Fuzzy Vault technique, including Intrusion attacks, Correlation attacks, Combination attacks and Injection attacks. Our experimental results indicate that the Fuzzy Vault technique is vulnerable to some proposed attacks because of the easiness to obtain the user model using the elements known to the attacker. This vulnerability is increased especially in the intrusion attacks and correlation attacks where attacker can match multiple helper data generated from the same biometric traits. The proposed attacks can reach a 100% success to access the system, making the Fuzzy Vault based protection approach easily compromised. Read More Read Less

Abstract The increasing sophistication of information security threats and the ever-growing body of regulation has made information security a critical function within Higher Education Institutions. The aim of the research was to investigate the implementation of information security strategies in Further Education and Training (FET) colleges in Limpopo South Africa. The study has shown that there was lack of information security... The increasing sophistication of information security threats and the ever-growing body of regulation has made information security a critical function within Higher Education Institutions. The aim of the research was to investigate the implementation of information security strategies in Further Education and Training (FET) colleges in Limpopo South Africa. The study has shown that there was lack of information security strategies matter which may be addressed by awareness and education for all staff of FETs. A survey questionnaire was administered to the personnel of Further Education and Training in Limpopo Province of South Africa. The researchers have proposed a technical model that might be used at FETs to address security breaches and awareness among employees. Read More Read Less