List of Articles آسيب‌پذيري

• Open Access Article
  • Abstract Page
  • Full-Text
  
  1 - Analyzing Weighted Attack Graphs Using Genetic Algorithms
  M. Abadi Saeed Jalili
  Each attack graph represents a collection of possible attack scenarios in a computer network. In this paper, we use weighted attack graphs (WAGs) for vulnerability assessment of computer networks. In these directed graphs, a weight is assigned to each exploit by the sec More

  Each attack graph represents a collection of possible attack scenarios in a computer network. In this paper, we use weighted attack graphs (WAGs) for vulnerability assessment of computer networks. In these directed graphs, a weight is assigned to each exploit by the security analyst. The weight of an exploit is proportionate to the cost required to prevent that exploit. The aim of analyzing a weighted attack graph is to find a critical set of exploits such that the sum of their weights is minimum and by preventing them no attack scenario is possible. In this paper, we propose a greedy algorithm, a genetic algorithm with a greedy mutation operator, and a genetic algorithm with a dynamic fitness function for analyzing the weighted attack graphs. The proposed algorithms are used to analyze a sample weighted attack graph and several randomly generated large-scale weighted attack graphs. The results of experiments show that the proposed genetic algorithms outperform the greedy algorithm and find a critical set of exploits with less total weight. Finally, we compare the performance of the second genetic algorithm with an approximation algorithm for analyzing several randomly generated large-scale simple attack graphs. The results of experiments show that our proposed genetic algorithm has better performance than the approximation algorithm and finds a critical set of exploits with less cardinality. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  2 - Investigating the effect of Servicescape on Customer Dysfunction Behaviors respect to the Moderating Role ‎ of Customer Vulnerability
  Alireza Rajabipoor Roghaye  Quchani Maryam Ahmadi Zahrani
  The purpose of this study is to identify the effect of servicescape on dysfunctional customer behavior‎ with respect to the moderating role was customer vulnerability in restaurants in Yazd. The statistical population in the present study is the customers of a collectio More

  The purpose of this study is to identify the effect of servicescape on dysfunctional customer behavior‎ with respect to the moderating role was customer vulnerability in restaurants in Yazd. The statistical population in the present study is the customers of a collection of selected restaurants in Yazd in 1399. The sample size of 250 participants was considered and selected by the available sampling method. Measurement tools were standard questionnaires. The results related to the direct effects of the components of the servicescape with the customer vulnerability showed the direct paths of the layout and design component to the vulnerability and the direct path of the restaurant's interior component to be significant. The results related to indirect effects showed that the indirect path of the layout and design component to the customer dysfunction behaviors ‎ is significant due to the mediating role of vulnerability, but the indirect path of the exterior environment component to the customer dysfunction behaviors is not significant due to the mediating role of vulnerability. The results related to the moderating effects of customer vulnerability in predicting customer dysfunction behaviors‎ concerning environmental components with customer dysfunction behaviors ‎are not significant. it can be said that the servicescape leads to customer satisfaction with the services received and at the same time can reduce the vulnerability that is caused by the loss of well-being in receiving services and the satisfaction that reduces the sense of loss of well-being can lead to a reduction in customer dysfunction behaviors. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  3 - A Survey on Computer Security Patterns and Proposing a New Perspective
  Hadi sadjadi Reza Kalantari
  In this article, at the beginning, the use of computer security models and its benefits are discussed in a new way. Then, while briefly introducing the space of computer security encounters in the form of ontology, three perspectives in the study of patterns in this fie More

  In this article, at the beginning, the use of computer security models and its benefits are discussed in a new way. Then, while briefly introducing the space of computer security encounters in the form of ontology, three perspectives in the study of patterns in this field have been identified and distinguished from each other. These three perspectives are secure models, security models, and the framework and system to security models. The first and last perspectives are briefly explained and the second perspective is studied in detail from the perspective of the organization of patterns, including the five types of organization. The five types mentioned include software-based lifecycle organization, logical-level organization-based organization, threat-based classification-based organization, attack-based classification-based organization, and application-based organization. In this type of introduction of patterns, the audience acquires a comprehensive view of the discourse of computer security patterns and acquires the necessary knowledge to make better use of these patterns. Finally, the analysis and idea of this research are presented in the form of introducing a new type of organization in order to facilitate the proper use and addressing of patterns. It is stated that the existing categories are mostly static and forward-looking and do not have the necessary dynamism and backwardness, and the idea of covering all stakeholders and security ontology can have this feature and, include agile patterns as well. Based on this idea and related analyzes, the atmosphere of future research activities will be revealed to the audience. Manuscript profile