Browsing by Author "Dlamini, Moses T"

Now showing 1 - 7 of 7
  • No Thumbnail Available
    Item
    A conflict-aware placement of client VMs in public cloud computing
    (2015-03) Ratsoma , MS; Dlamini, Moses T; Eloff, JHP; Venter, HS
    The usage and adoption of cloud computing as a public deployment model is continuously improving, regardless of the security issues involved. This can be attributed to the huge benefits that the cloud provides such as pay-per-use model, quick deployment, turn-around times, huge cost saving, flexible and on-demand self-service provision to cloud users. Since public cloud makes use of virtualisation technology, VMs belonging to clients who are in competition may be placed within the same physical infrastructure. This raises the issue around hosting VMs from clients who might be in direct conflict on the same physical infrastructure. Malicious clients could exploit and launch inter-VM attacks to leak confidential information with a competitive advantage. A lot could happen once confidential data is illegally disclosed to unauthorized users. This work makes an attempt to eliminate the confidential data leakage threat posed by inter-VM attacks within the cloud. Hence, it sets itself up to investigate and determine an approach to physically separate potentially conflicting client VMs within the cloud in order to mitigate the confidential data leakage threat posed by inter-VM attacks. In this paper, we propose a conflict-aware VM allocation and placement architecture that is implemented with an algorithm modelled using a Chinese Wall Security Policy for physical separation of VMs. The solution is abstracted and applied to different levels of conflict and different levels of the cloud; the data centres, clusters and physical nodes, hence optimizing allocation in terms of conflict of interest. This solution focuses on optimally allocating compute space to client VMs depending on their conflict of interest which then determines the separation distances between conflicting clients’ VM. This guarantees that clients who are in direct conflict will have their VMs placed very far from each other and VMs belonging to clients that are not in conflict may be placed within the same physical node.
  • Thumbnail Image
    Item
    Application of artificial intelligence for detecting derived viruses
    (2017-06) Asiru, OF; Dlamini, Moses T; Blackledge, M
    Computer viruses have become complex and operates in a stealth mode to avoid detection. New viruses are argued to be created each and every day. However, most of these supposedly ‘new’ viruses are not completely new. Most of the supposedly ‘new’ viruses are not necessarily created from scratch with completely new (something novel that has never been seen before) mechanisms. For example, most of these viruses just change their form and signatures to avoid detection. But their operation and the way they infect files and systems is still the same. Hence, such viruses cannot be argued to be new. In this paper, the authors refer to such viruses as derived viruses. Just like new viruses, derived viruses are hard to detect with current scanning-detection methods. Therefore, this paper proposes a virus detection system that detects derived viruses better than existing methods. The proposed system integrates a mutating engine together with neural network to improve the detection rate of derived viruses. Experimental results show that the proposed model can detect derived viruses with an average accuracy detection rate of 80% (this include 91% success rate on first generation, 83% success rate on second generation and 65% success rate on third generation). The results further shows that the correlation between the original virus signature and its derivatives decreases further down along its generations.
  • Thumbnail Image
    Item
    BC3I: towards requirements specification for preparing an information security budget
    (2009-07) Dlamini, Moses T; Eloff, MM; Eloff, JHP; Hone, K
    The entire business landscape finds itself on the verge of a recession because of ongoing global economic turmoil. Thus, there is a heightened need to minimise and mitigate business risk and scrutinise information spending while ensuring compliance with regulatory mandates. This calls for decision makers to become vigilant in their spending and move towards an optimised information security investment. The main aim of this paper is to provide decision makers with a set of requirements to be considered when implementing a cost-effective and optimal information security budget; in a manner that preserve organisations’ information security posture and compliance status. Research reported on in this paper forms part of an ongoing project known as the BC3I (Broad Control Category Cost Indicators) framework.
  • Thumbnail Image
    Item
    Information security : the moving target
    (Elsevier, 2009) Dlamini, Moses T; Eloff, JHP; Eloff, MM
    Information security has evolved from addressing minor and harmless security breaches to managing those with a huge impact on organisations’ economic growth. This paper investigates the evolution of information security; where it came from, where it is today and the direction in which it is moving. It is argued that information security is not about looking at the past in anger of an attack once faced; neither is it about looking at the present in fear of being attacked; nor about looking at the future with uncertainty about what might befall us. The message is that organisations and individuals must be alert at all times. Research conducted for this paper explored literature on past security issues to set the scene. This is followed by the assessment and analysis of information security publications in conjunction with surveys conducted in industry. Results obtained are compared and analysed, enabling the development of a comprehensive view regarding the current status of the information security landscape. Furthermore, this paper also highlights critical information security issues that are being overlooked or not being addressed by research efforts currently undertaken. New research efforts are required that minimise the gap between regulatory issues and technical implementations.
  • Thumbnail Image
    Item
    Internet of people, things and services - the convergence of security, trust and privacy
    (2009-12) Eloff, JHP; Eloff, MM; Dlamini, Moses T; Zielinski, MP
    The Future Internet will consist of billions of people, things and services having the potential to interact with each other and their environment. This highly interconnected global network structure presents new types of challenges from a security, trust and privacy perspective. An example of such a challenge is the handling of an access request to obtain a blood pressure reading: from a monitor (thing) attached to a person (people); supported by a mobile health clinic (service). Furthermore, the patient may request that his/her health data should exclude his/her biographical details and may be released only to trustable health organizations. The IoPTS (security, trust, privacy) structure presented in this paper is a first attempt in simplifying this complex integration of security, trust and privacy issues.
  • Thumbnail Image
    Item
    Internet of things: emerging and future scenarios from an information security perspective
    (Southern Africa Telecommunication Networks and Applications Conference, 2009-08) Dlamini, Moses T; Eloff, MM; Eloff, JHP
    Information security is becoming a major concern for most worldwide telecommunication companies and more so as we move towards the future Internet of Things. In this era, a plethora of digital devices, people and other physical objects have the potential to seamlessly connect and interact on the future Internet of Things. This paper takes a leap forward to proactively discuss the type of threats that we are likely to face in the future Internet of Things. We discuss scenarios of how a botnet of stoves can bring down a power grid, future life threatening health systems and how a distributed denial of service can be used to beat competition and increase revenues of Telcos.
  • Thumbnail Image
    Item
    Is buying and transacting online easier and safer than down town? : an emerging economy perspective
    (2009-03) Martim, E; Dlamini, Moses T; Van Greunen, D; Eloff, J; Herselman, Martha E
    Security and usability are crucial factors for the successful of any e-commerce system. However, they have traditionally been considered a design trade-off. In an effort to align them, this paper highlights the design principles and guidelines for usable and secure systems. These principles and guidelines are used to evaluate and demonstrate several real-life cases of effective and less effective security and usability implementations in an emerging economy (South African) context.