International Scientific Journals
of Scientific Technical Union of Mechanical Engineering "Industry 4.0"

There are numerous methodological approaches for modelling, numerical analysis and/or simulation of the behaviour of individual systems. However, modelling the interdependencies between task-oriented or dedicated systems (the so-called system of systems) and describing their complex behaviour, necessarily through simulation, is still an unsolved issue.

With the evolution of the digital world and the constant interaction in the real time world, even the casual user must be constantly aware of all possible threats and all possible protection actions or at least follow the trends. The vulnerabilities’ definit ions depend on their attacking area but with the huge space of data we never know what exactly is happening and to what is the harmed area. This article is going to provide a basic definition on the term cybersecurity and some of the most common threats along with giving some real vulnerabilities with their impact for the past decade. And as each action needs the actor, at the end there are some of the most popular academies which provide qualitative education to those who want.

Content management systems become more popular and due to the speed provided during the development the number of websites developed with a CMS growns extremely. This is the reason the sites developed with a CMS become a more attractive target for cybercriminals. The CMSes are divided in 2 categories: free open-source and paid. According to that categorization the security level of the system is limitless. As part of my research, we are investigating only the free tools supporting the application development process and the presented tools and softwares are only from personal experience! So for the present article, we are going to present the Umbraco CMS with its integrated security tools and some other free to use tricks in order for the system we develop to be secure.

This report focuses on vulnerabilities on web-applications and web-sites from Cross-Site Scripting attacks (XSS). The different types of XSS attacks are examined: DOM-based, active and passive attacks. The spread of XSS attacks across platforms – government and financial institutions, transportation companies, hospitality and entertainment has been analyzed. Research and analysis of the security of corporate websites and their resistance to XSS attacks have been carried out. The basic guidelines for preventing valuable data theft and unauthorized access to websites and applications from XSS attacks are reviewed and systematized.

There are numerous methodical approaches to model, numerically analyses or/and simulate single systems’ behavior. However, modeling interdependencies between different systems (so called system-of-systems) and to describe their complex behavior, necessarily by simulation, is still an unresolved issue.

Study outlines the contours and the magnitude of the asymmetry in the opposition of cyber defense against hackers. Propose a
model that reflects the dynamics of the opposition on both sides and the impact of the listed disproportions. It consist a functional analysis of the differences between organizational and technical approaches applied from both sides. Contains research into why even the most highly protected systems suffer from successful hacking attacks. The analysis sheds light on the magnitude of pressure exerted by malicious actors on cyber security for organizations and the disproportionate response from experts who protect information systems and networks.

Detecting vulnerabilities for a network is an important procedure which ensures that all the data, network-based applications and information communicated in this network, is secure. Detection of network vulnerabilities is used to determine weaknesses of the network, the risk evaluation of attacks, the diagnosis and suggestions to solve the problems. There are several types of scanning tools used to detect vulnerabilities, offering different features. In this paper, we will present a performance comparative study between two most used free, software based, network vulnerability scanning tools: Nessus and Retina. The comparison will be based on three main features: The ability to search, Scanning Time, The ability to detect vulnerabilities. In the conclusions of this paper, both scanners performed very well in vulnerability identification. In terms of speed without active Web Application feature, Nessus performed much faster than Retina; (on the other hand, with active Web Application module, Nessus performs much slower than Retina. In terms of scan depth, Nessus has a small advantage, since it includes a web mirroring tool that is very helpful in HTTP.

The purpose of this article is to study and analyze the security threats in cloud environment and the applicability of cryptographic systems to protect the access to information resources. The threats to information security and the corresponding means for protection in cloud environment are discussed. Based on research and analysis of asymmetric and symmetric encryption are proposed flowcharts for secure communication over the Internet when using cloud services. The speed of different encryption and decryption of algorithms in cloud environment is measured, and are given recommendations for improving security.