Title: Securing computerised models and data against integrity attacks
Author: Sanjay Bapna, Sandip C. Patel
Information Science and Systems Department, Morgan State University, 1700 E. Cold Spring Lane, Baltimore, MD 21251, USA.
Information Science and Systems Department, Morgan State University, 1700 E. Cold Spring Lane, Baltimore, MD 21251, USA
Abstract: Many computerised systems use electronic models that get triggered when certain business conditions arise. Unauthorised triggering of such computerised models has been overlooked in the security literature. In this paper, we propose two frameworks to analyse the security of systems that have the data-triggering computerised model architecture. The frameworks help understand how to mitigate the cyber attacks that can be launched against the data-model systems, by modifying the computerised models or the data. We then propose a Deterministic Specification distributed intrusion Detection System (DSdIDS) to secure the data-triggering model systems from internal as well as external cyber threats.
Keywords: computerised models; cyber security; finance models; electronic security; e-security; cyber crimes; unauthorised access; data triggering; data models; deterministic specifications; distributed intrusion; detection systems; DSdIDS; internal threats; external threats; integrity attacks; electronic finance; e-finance.
Int. J. of Electronic Finance, 2010 Vol.4, No.4, pp.343 - 354
Available online: 03 Oct 2010