Search results for: threats identification
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 3607

Search results for: threats identification

3607 Application of Directed Acyclic Graphs for Threat Identification Based on Ontologies

Authors: Arun Prabhakar

Abstract:

Threat modeling is an important activity carried out in the initial stages of the development lifecycle that helps in building proactive security measures in the product. Though there are many techniques and tools available today, one of the common challenges with the traditional methods is the lack of a systematic approach in identifying security threats. The proposed solution describes an organized model by defining ontologies that help in building patterns to enumerate threats. The concepts of graph theory are applied to build the pattern for discovering threats for any given scenario. This graph-based solution also brings in other benefits, making it a customizable and scalable model.

Keywords: directed acyclic graph, ontology, patterns, threat identification, threat modeling

Procedia PDF Downloads 139
3606 Analysis of Threats in Interoperability of Medical Devices

Authors: M. Sandhya, R. M. Madhumitha, Sharmila Sankar

Abstract:

Interoperable medical devices (IMDs) face threats due to the increased attack surface accessible by interoperability and the corresponding infrastructure. Initiating networking and coordination functionalities primarily modify medical systems' security properties. Understanding the threats is a vital first step in ultimately crafting security solutions for such systems. The key to this problem is coming up with some common types of threats or attacks with those of security and privacy, and providing this information as a roadmap. This paper analyses the security issues in interoperability of devices and presents the main types of threats that have to be considered to build a secured system.

Keywords: interoperability, threats, attacks, medical devices

Procedia PDF Downloads 333
3605 Towards the Management of Cybersecurity Threats in Organisations

Authors: O. A. Ajigini, E. N. Mwim

Abstract:

Cybersecurity is the protection of computers, programs, networks, and data from attack, damage, unauthorised, unintended access, change, or destruction. Organisations collect, process and store their confidential and sensitive information on computers and transmit this data across networks to other computers. Moreover, the advent of internet technologies has led to various cyberattacks resulting in dangerous consequences for organisations. Therefore, with the increase in the volume and sophistication of cyberattacks, there is a need to develop models and make recommendations for the management of cybersecurity threats in organisations. This paper reports on various threats that cause malicious damage to organisations in cyberspace and provides measures on how these threats can be eliminated or reduced. The paper explores various aspects of protection measures against cybersecurity threats such as handling of sensitive data, network security, protection of information assets and cybersecurity awareness. The paper posits a model and recommendations on how to manage cybersecurity threats in organisations effectively. The model and the recommendations can then be utilised by organisations to manage the threats affecting their cyberspace. The paper provides valuable information to assist organisations in managing their cybersecurity threats and hence protect their computers, programs, networks and data in cyberspace. The paper aims to assist organisations to protect their information assets and data from cyberthreats as part of the contributions toward community engagement.

Keywords: confidential information, cyberattacks, cybersecurity, cyberspace, sensitive information

Procedia PDF Downloads 259
3604 Universality as Opportunity Domain behind the Threats and Challenges of Natural Disasters

Authors: Kunto Wibowo Agung Prodjonoto

Abstract:

Occasionally, opportunities occur not due to chances but threats. This, however, is often not realized because a greater threat is perceived to be anything that threatens, endangers, or harms, resulting in bad impacts that are also part of the risk and consequence. As a result, more focus tends to direct towards the bad impacts. Risk, in this case, shall be seen rather as something challenging, which can turn to be an opportunity to tackle an obstacle. Therefore, it does not seem exaggerating if later, risk can be considered as a challenge that presents an opportunity. So as in the context of the threat of natural disasters which gives an idea that opportunities exist. Nature referred to in a fashion as 'natural disasters' captured an expression to picture the 'threats' aspect, which instructively implying a chance of opportunity. This is quite logical, as SWOT (strengths, weaknesses, opportunities, threats) analysis can evaluate the situation at hand related to the analysis of various factors in formulating strategies to deal with natural disaster situations. The analytical method created by Albert Humphrey is indeed not an analytical tool to provide solutions, but certainly 'opportunities and challenges' are discussed therein on a vertical line, where opportunities are posited on the positive axis, and threats are posed on the negative axis. Observing this dynamism, the challenges and threats of disasters are having opportunity relevance to moralizing opportunities, that by quality poses universalism populist characteristics, universalism characteristics, and regional characteristics. Here, universalism appears as an opportunity domain underneath the threats and challenges of natural disasters.

Keywords: universality, opportunities, threats, challenges of natural disasters

Procedia PDF Downloads 151
3603 Cyber Security and Risk Assessment of the e-Banking Services

Authors: Aisha F. Bushager

Abstract:

Today we are more exposed than ever to cyber threats and attacks at personal, community, organizational, national, and international levels. More aspects of our lives are operating on computer networks simply because we are living in the fifth domain, which is called the Cyberspace. One of the most sensitive areas that are vulnerable to cyber threats and attacks is the Electronic Banking (e-Banking) area, where the banking sector is providing online banking services to its clients. To be able to obtain the clients trust and encourage them to practice e-Banking, also, to maintain the services provided by the banks and ensure safety, cyber security and risks control should be given a high priority in the e-banking area. The aim of the study is to carry out risk assessment on the e-banking services and determine the cyber threats, cyber attacks, and vulnerabilities that are facing the e-banking area specifically in the Kingdom of Bahrain. To collect relevant data, structured interviews were taken place with e-banking experts in different banks. Then, collected data where used as in input to the risk management framework provided by the National Institute of Standards and Technology (NIST), which was the model used in the study to assess the risks associated with e-banking services. The findings of the study showed that the cyber threats are commonly human errors, technical software or hardware failure, and hackers, on the other hand, the most common attacks facing the e-banking sector were phishing, malware attacks, and denial-of-service. The risks associated with the e-banking services were around the moderate level, however, more controls and countermeasures must be applied to maintain the moderate level of risks. The results of the study will help banks discover their vulnerabilities and maintain their online services, in addition, it will enhance the cyber security and contribute to the management and control of risks that are facing the e-banking sector.

Keywords: cyber security, e-banking, risk assessment, threats identification

Procedia PDF Downloads 350
3602 SeCloudBPMN: A Lightweight Extension for BPMN Considering Security Threats in the Cloud

Authors: Somayeh Sobati Moghadam

Abstract:

Business processes are crucial for organizations and help businesses to evaluate and optimize their performance and processes against current and future-state business goals. Outsourcing business processes to the cloud becomes popular due to a wide varsity of benefits and cost-saving. However, cloud outsourcing raises enterprise data security concerns, which must be incorporated in Business Process Model and Notation (BPMN). This paper, presents SeCloudBPMN, a lightweight extension for BPMN which extends the BPMN to explicitly support the security threats in the cloud as an outsourcing environment. SeCloudBPMN helps business’s security experts to outsource business processes to the cloud considering different threats from inside and outside the cloud. In this way, appropriate security countermeasures could be considered to preserve data security in business processes outsourcing to the cloud.

Keywords: BPMN, security threats, cloud computing, business processes outsourcing, privacy

Procedia PDF Downloads 269
3601 Taxonomy of Threats and Vulnerabilities in Smart Grid Networks

Authors: Faisal Al Yahmadi, Muhammad R. Ahmed

Abstract:

Electric power is a fundamental necessity in the 21st century. Consequently, any break in electric power is probably going to affect the general activity. To make the power supply smooth and efficient, a smart grid network is introduced which uses communication technology. In any communication network, security is essential. It has been observed from several recent incidents that adversary causes an interruption to the operation of networks. In order to resolve the issues, it is vital to understand the threats and vulnerabilities associated with the smart grid networks. In this paper, we have investigated the threats and vulnerabilities in Smart Grid Networks (SGN) and the few solutions in the literature. Proposed solutions showed developments in electricity theft countermeasures, Denial of services attacks (DoS) and malicious injection attacks detection model, as well as malicious nodes detection using watchdog like techniques and other solutions.

Keywords: smart grid network, security, threats, vulnerabilities

Procedia PDF Downloads 139
3600 Analytical Study on Threats to Wetland Ecosystems and Their Solutions in the Framework of the Ramsar Convention

Authors: Ehsan Daryadel, Farhad Talaie

Abstract:

Wetlands are one of the most important ecosystems on Earth. Nevertheless, various challenges threaten these ecosystems and disrupt their ecological character. Among these, the effects of human-based threats are more devastating. Following mass degradation of wetlands during 1970s, the Ramsar Convention on Wetlands (Ramsar, Iran, 1971) was concluded to conserve wetlands of international importance and prevent destruction and degradation of such ecosystems through wise use of wetlands as a mean to achieve sustainable development in all over the world. Therefore, in this paper, efforts have been made to analyze threats to wetlands and then investigate solutions in the framework of the Ramsar Convention. Finally, in order to operate these mechanisms, this study concludes that all states should in turn make their best effort to improve and restore global wetlands through preservation of environmental standards and close contribution and also through taking joint measures with other states effectively.

Keywords: Ramsar Convention, threats, wetland wcosystems, wise use

Procedia PDF Downloads 401
3599 Efficient and Timely Mutual Authentication Scheme for RFID Systems

Authors: Hesham A. El Zouka, Mustafa M. Hosni ka

Abstract:

The Radio Frequency Identification (RFID) technology has a diverse base of applications, but it is also prone to security threats. There are different types of security attacks that limit the range of the RFID applications. For example, deploying the RFID networks in insecure environments could make the RFID system vulnerable to many types of attacks such as spoofing attack, location traceability attack, physical attack and many more. Therefore, security is often an important requirement for RFID systems. In this paper, RFID mutual authentication protocol is implemented based on mobile agent technology and timestamp, which are used to provide strong authentication and integrity assurances to both the RFID readers and their corresponding RFID tags. The integration of mobile agent technology and timestamp provides promising results towards achieving this goal and towards reducing the security threats in RFID systems.

Keywords: RFID, security, authentication protocols, privacy, agent-based architecture, time-stamp, digital signature

Procedia PDF Downloads 269
3598 Models, Methods and Technologies for Protection of Critical Infrastructures from Cyber-Physical Threats

Authors: Ivan Župan

Abstract:

Critical infrastructure is essential for the functioning of a country and is designated for special protection by governments worldwide. Due to the increase in smart technology usage in every facet of the industry, including critical infrastructure, the exposure to malicious cyber-physical attacks has grown in the last few years. Proper security measures must be undertaken in order to defend against cyber-physical threats that can disrupt the normal functioning of critical infrastructure and, consequently the functioning of the country. This paper provides a review of the scientific literature of models, methods and technologies used to protect from cyber-physical threats in industries. The focus of the literature was observed from three aspects. The first aspect, resilience, concerns itself with the robustness of the system’s defense against threats, as well as preparation and education about potential future threats. The second aspect concerns security risk management for systems with cyber-physical aspects, and the third aspect investigates available testbed environments for testing developed models on scaled models of vulnerable infrastructure.

Keywords: critical infrastructure, cyber-physical security, smart industry, security methodology, security technology

Procedia PDF Downloads 77
3597 Organisational Disclosure: Threats to Individuals' Privacy

Authors: N. A. Badrul

Abstract:

People are concerned that they are vulnerable as a result of what is exposed about them on the internet. Users are increasingly aware of their privacy and are making various efforts to protect their personal information. However, besides individuals themselves, organisations are also exposing personal information of their staff to the general public by publishing it on their official website. This practice may put individuals at risk and particularly vulnerable to threats. This preliminary study explores explicitly the amount and types of personal information disclosure from organisational websites. Threats and risks related to the disclosures are discussed. In general, all the examined organisational websites discloses personal information with varies identifiable degree of data.

Keywords: personal information, privacy, e-government, information disclosure

Procedia PDF Downloads 318
3596 Disability, Stigma and In-Group Identification: An Exploration across Different Disability Subgroups

Authors: Sharmila Rathee

Abstract:

Individuals with disability/ies often face negative attitudes, discrimination, exclusion, and inequality of treatment due to stigmatization and stigmatized treatment. While a significant number of studies in field of stigma suggest that group-identification has positive consequences for stigmatized individuals, ironically very miniscule empirical work in sight has attempted to investigate in-group identification as a coping measure against stigma, humiliation and related experiences among disability group. In view of death of empirical research on in-group identification among disability group, through present work, an attempt has been made to examine the experiences of stigma, humiliation, and in-group identification among disability group. Results of the study suggest that use of in-group identification as a coping strategy is not uniform across members of disability group and degree of in-group identification differs across different sub-groups of disability groups. Further, in-group identification among members of disability group depends on variables like degree and impact of disability, factors like onset of disability, nature, and visibility of disability, educational experiences and resources available to deal with disabling conditions.

Keywords: disability, stigma, in-group identification, social identity

Procedia PDF Downloads 324
3595 Emerging Threats and Adaptive Defenses: Navigating the Future of Cybersecurity in a Hyperconnected World

Authors: Olasunkanmi Jame Ayodeji, Adebayo Adeyinka Victor

Abstract:

In a hyperconnected world, cybersecurity faces a continuous evolution of threats that challenge traditional defence mechanisms. This paper explores emerging cybersecurity threats like malware, ransomware, phishing, social engineering, and the Internet of Things (IoT) vulnerabilities. It delves into the inadequacies of existing cybersecurity defences in addressing these evolving risks and advocates for adaptive defence mechanisms that leverage AI, machine learning, and zero-trust architectures. The paper proposes collaborative approaches, including public-private partnerships and information sharing, as essential to building a robust defence strategy to address future cyber threats. The need for continuous monitoring, real-time incident response, and adaptive resilience strategies is highlighted to fortify digital infrastructures in the face of escalating global cyber risks.

Keywords: cybersecurity, hyperconnectivity, malware, adaptive defences, zero-trust architecture, internet of things vulnerabilities

Procedia PDF Downloads 20
3594 Forensic Challenges in Source Device Identification for Digital Videos

Authors: Mustapha Aminu Bagiwa, Ainuddin Wahid Abdul Wahab, Mohd Yamani Idna Idris, Suleman Khan

Abstract:

Video source device identification has become a problem of concern in numerous domains especially in multimedia security and digital investigation. This is because videos are now used as evidence in legal proceedings. Source device identification aim at identifying the source of digital devices using the content they produced. However, due to affordable processing tools and the influx in digital content generating devices, source device identification is still a major problem within the digital forensic community. In this paper, we discuss source device identification for digital videos by identifying techniques that were proposed in the literature for model or specific device identification. This is aimed at identifying salient open challenges for future research.

Keywords: video forgery, source camcorder, device identification, forgery detection

Procedia PDF Downloads 631
3593 Process for Analyzing Information Security Risks Associated with the Incorporation of Online Dispute Resolution Systems in the Context of Conciliation in Colombia

Authors: Jefferson Camacho Mejia, Jenny Paola Forero Pachon, Luis Carlos Gomez Florez

Abstract:

The innumerable possibilities offered by the use of Information Technology (IT) in the development of different socio-economic activities has made a change in the social paradigm and the emergence of the so-called information and knowledge society. The Colombian government, aware of this reality, has been promoting the use of IT as part of the E-government strategy adopted in the country. However, it is well known that the use of IT implies the existence of certain threats that put the security of information in the digital environment at risk. One of the priorities of the Colombian government is to improve access to alternative justice through IT, in particular, access to Alternative Dispute Resolution (ADR): conciliation, arbitration and friendly composition; by means of which it is sought that the citizens directly resolve their differences. To this end, a trend has been identified in the use of Online Dispute Resolution (ODR) systems, which extend the benefits of ADR to the digital environment through the use of IT. This article presents a process for the analysis of information security risks associated with the incorporation of ODR systems in the context of conciliation in Colombia, based on four fundamental stages identified in the literature: (I) Identification of assets, (II) Identification of threats and vulnerabilities (III) Estimation of the impact and 4) Estimation of risk levels. The methodological design adopted for this research was the grounded theory, since it involves interactions that are applied to a specific context and from the perspective of diverse participants. As a result of this investigation, the activities to be followed are defined to carry out an analysis of information security risks, in the context of the conciliation in Colombia supported by ODR systems, thus contributing to the estimation of the risks to make possible its subsequent treatment.

Keywords: alternative dispute resolution, conciliation, information security, online dispute resolution systems, process, risk analysis

Procedia PDF Downloads 239
3592 Identification of Dynamic Friction Model for High-Precision Motion Control

Authors: Martin Goubej, Tomas Popule, Alois Krejci

Abstract:

This paper deals with experimental identification of mechanical systems with nonlinear friction characteristics. Dynamic LuGre friction model is adopted and a systematic approach to parameter identification of both linear and nonlinear subsystems is given. The identification procedure consists of three subsequent experiments which deal with the individual parts of plant dynamics. The proposed method is experimentally verified on an industrial-grade robotic manipulator. Model fidelity is compared with the results achieved with a static friction model.

Keywords: mechanical friction, LuGre model, friction identification, motion control

Procedia PDF Downloads 413
3591 Analysis Rescuers' Viewpoint about Victims Tracking in Earthquake by Using Radio Frequency Identification (RFID)

Authors: Sima Ajami, Batool Akbari

Abstract:

Background: Radio frequency identification (RFID) system has been successfully applied to the areas of manufacturing, supply chain, agriculture, transportation, healthcare, and services. The RFID is already used to track and trace the victims in a disaster situation. Data can be collected in real time and be immediately available to emergency personnel and saves time by the RFID. Objectives: The aim of this study was, first, to identify stakeholders and customers for rescuing earthquake victims, second, to list key internal and external factors to use RFID to track earthquake victims, finally, to assess SWOT for rescuers' viewpoint. Materials and Methods: This study was an applied and analytical study. The study population included scholars, experts, planners, policy makers and rescuers in the "red crescent society of Isfahan province", "disaster management Isfahan province", "maintenance and operation department of Isfahan", "fire and safety services organization of Isfahan municipality", and "medical emergencies and disaster management center of Isfahan". After that, researchers held a workshop to teach participants about RFID and its usages in tracking earthquake victims. In the meanwhile of the workshop, participants identified, listed, and weighed key internal factors (strengths and weaknesses; SW) and external factors (opportunities and threats; OT) to use RFID in tracking earthquake victims. Therefore, participants put weigh strengths, weaknesses, opportunities, and threats (SWOT) and their weighted scales were calculated. Then, participants' opinions about this issue were assessed. Finally, according to the SWOT matrix, strategies to solve the weaknesses, problems, challenges, and threats through opportunities and strengths were proposed by participants. Results: The SWOT analysis showed that the total weighted score for internal and external factors were 3.91 (Internal Factor Evaluation) and 3.31 (External Factor Evaluation) respectively. Therefore, it was in a quadrant SO strategies cell in the SWOT analysis matrix and aggressive strategies were resulted. Organizations, scholars, experts, planners, policy makers and rescue workers should plan to use RFID technology in order to save more victims and manage their life. Conclusions: Researchers suppose to apply SO strategies and use a firm’s internal strength to take advantage of external opportunities. It is suggested, policy maker should plan to use the most developed technologies to save earthquake victims and deliver the easiest service to them. To do this, education, informing, and encouraging rescuers to use these technologies is essential. Originality/ Value: This study was a research paper that showed how RFID can be useful to track victims in earthquake.

Keywords: frequency identification system, strength, weakness, earthquake, victim

Procedia PDF Downloads 322
3590 Identification of Nonlinear Systems Structured by Hammerstein-Wiener Model

Authors: A. Brouri, F. Giri, A. Mkhida, A. Elkarkri, M. L. Chhibat

Abstract:

Standard Hammerstein-Wiener models consist of a linear subsystem sandwiched by two memoryless nonlinearities. Presently, the linear subsystem is allowed to be parametric or not, continuous- or discrete-time. The input and output nonlinearities are polynomial and may be noninvertible. A two-stage identification method is developed such the parameters of all nonlinear elements are estimated first using the Kozen-Landau polynomial decomposition algorithm. The obtained estimates are then based upon in the identification of the linear subsystem, making use of suitable pre-ad post-compensators.

Keywords: nonlinear system identification, Hammerstein-Wiener systems, frequency identification, polynomial decomposition

Procedia PDF Downloads 511
3589 Forecasting Future Society to Explore Promising Security Technologies

Authors: Jeonghwan Jeon, Mintak Han, Youngjun Kim

Abstract:

Due to the rapid development of information and communication technology (ICT), a substantial transformation is currently happening in the society. As the range of intelligent technologies and services is continuously expanding, ‘things’ are becoming capable of communicating one another and even with people. However, such “Internet of Things” has the technical weakness so that a great amount of such information transferred in real-time may be widely exposed to the threat of security. User’s personal data are a typical example which is faced with a serious security threat. The threats of security will be diversified and arose more frequently because next generation of unfamiliar technology develops. Moreover, as the society is becoming increasingly complex, security vulnerability will be increased as well. In the existing literature, a considerable number of private and public reports that forecast future society have been published as a precedent step of the selection of future technology and the establishment of strategies for competitiveness. Although there are previous studies that forecast security technology, they have focused only on technical issues and overlooked the interrelationships between security technology and social factors are. Therefore, investigations of security threats in the future and security technology that is able to protect people from various threats are required. In response, this study aims to derive potential security threats associated with the development of technology and to explore the security technology that can protect against them. To do this, first of all, private and public reports that forecast future and online documents from technology-related communities are collected. By analyzing the data, future issues are extracted and categorized in terms of STEEP (Society, Technology, Economy, Environment, and Politics), as well as security. Second, the components of potential security threats are developed based on classified future issues. Then, points that the security threats may occur –for example, mobile payment system based on a finger scan technology– are identified. Lastly, alternatives that prevent potential security threats are proposed by matching security threats with points and investigating related security technologies from patent data. Proposed approach can identify the ICT-related latent security menaces and provide the guidelines in the ‘problem – alternative’ form by linking the threat point with security technologies.

Keywords: future society, information and communication technology, security technology, technology forecasting

Procedia PDF Downloads 468
3588 Productivity of Construction Companies Using the Management of Threats and Opportunities ‎in Construction Projects of Iran

Authors: Nima Amani, Ali Salehi Dastjerdi, Fatemeh Ahmadi, Ardalan Sabamehr

Abstract:

The cost overrun of the construction projects has always been one of the main problems of the construction companies caused by the risky nature of the construction projects. Therefore, today, the application of risk management is inevitable. Although in theory, the issue of risk management is divided into the opportunities and threats management, in practice, most of the projects have been focused on the threats management. However, considering the opportunities management and applying the opportunities-response strategies can lead to the improved profitability of the construction projects of the companies. In this paper, a new technique is developed to identify the opportunities in the construction projects using an improved protocol and propose the appropriate opportunities-response strategies to the construction companies to provide them with higher profitability. To evaluate the effectiveness of the protocol for selecting the most appropriate strategies in ‎response to the opportunities and threats, two projects from a construction company in Iran were ‎studied. Both projects selected were in mid-range in terms of size and similar in terms of time, ‎run time and costs. Finally, the output indicates that using the proposed opportunities-response strategies show that the company's profitability in the future can be increased approximately for similar projects.

Keywords: opportunities management, risk-response strategy, opportunity-response strategy, productivity, risk management

Procedia PDF Downloads 228
3587 Prototyping Exercise for the Construction of an Ancestral Violentometer in Buenaventura, Valle Del Cauca

Authors: Mariana Calderón, Paola Montenegro, Diana Moreno

Abstract:

Through this study, it was possible to identify the different levels and types of violence, both individual and collective, experienced by women, girls, and the sexually diverse population of Buenaventura translated from the different tensions and threats against ancestrality and accounting for a social and political context of violence related to race and geopolitical location. These threats are related to: the stigma and oblivion imposed on practices and knowledge; the imposition of the hegemonic culture; the imposition of external customs as a way of erasing ancestrality; the singling out and persecution of those who practice it; the violence that the health system has exercised against ancestral knowledge and practices, especially in the case of midwives; the persecution of the Catholic religion against this knowledge and practices; the difficulties in maintaining the practices in the displacement from rural to urban areas; the use and control of ancestral knowledge and practices by the armed actors; the rejection and stigma exercised by the public forces; and finally, the murder of the wise women at the hands of the armed actors. This research made it possible to understand the importance of using tools such as the violence meter to support processes of resistance to violence against women, girls, and sexually diverse people; however, it is essential that these tools be adapted to the specific contexts of the people. In the analysis of violence, it was possible to identify that these not only affect women, girls, and sexually diverse people individually but also have collective effects that threaten the territory and the ancestral culture to which they belong. Ancestrality has been the object of violence, but at the same time, it has been the place from which resistance has been organized. The identification of the violence suffered by women, girls, and sexually diverse people is also an opportunity to make visible the forms of resistance of women and communities in the face of this violence. This study examines how women, girls, and sexually diverse people in Buenaventura have been exposed to sexism and racism, which historically have been translated into specific forms of violence, in addition to the other forms of violence already identified by the traditional models of the violentometer. A qualitative approach was used in the study. The study included the participation of more than 40 people and two women's organizations from Buenaventura. The participants came from both urban and rural areas of the municipality of Buenaventura and were over 15 years of age. The participation of such a diverse group allowed for the exchange of knowledge and experiences, particularly between younger and older people. The instrument used for the exercise was previously defined with the leaders of the organizations and consisted of four moments that referred to i) ancestry, ii) threats to ancestry, iii) identification of resistance and iv) construction of the ancestral violentometer.

Keywords: violence against women, intersectionality, sexual and reproductive rights, black communities

Procedia PDF Downloads 80
3586 Hierarchical Filtering Method of Threat Alerts Based on Correlation Analysis

Authors: Xudong He, Jian Wang, Jiqiang Liu, Lei Han, Yang Yu, Shaohua Lv

Abstract:

Nowadays, the threats of the internet are enormous and increasing; however, the classification of huge alert messages generated in this environment is relatively monotonous. It affects the accuracy of the network situation assessment, and also brings inconvenience to the security managers to deal with the emergency. In order to deal with potential network threats effectively and provide more effective data to improve the network situation awareness. It is essential to build a hierarchical filtering method to prevent the threats. In this paper, it establishes a model for data monitoring, which can filter systematically from the original data to get the grade of threats and be stored for using again. Firstly, it filters the vulnerable resources, open ports of host devices and services. Then use the entropy theory to calculate the performance changes of the host devices at the time of the threat occurring and filter again. At last, sort the changes of the performance value at the time of threat occurring. Use the alerts and performance data collected in the real network environment to evaluate and analyze. The comparative experimental analysis shows that the threat filtering method can effectively filter the threat alerts effectively.

Keywords: correlation analysis, hierarchical filtering, multisource data, network security

Procedia PDF Downloads 201
3585 Improving Security by Using Secure Servers Communicating via Internet with Standalone Secure Software

Authors: Carlos Gonzalez

Abstract:

This paper describes the use of the Internet as a feature to enhance the security of our software that is going to be distributed/sold to users potentially all over the world. By placing in a secure server some of the features of the secure software, we increase the security of such software. The communication between the protected software and the secure server is done by a double lock algorithm. This paper also includes an analysis of intruders and describes possible responses to detect threats.

Keywords: internet, secure software, threats, cryptography process

Procedia PDF Downloads 333
3584 Structural Damage Detection Using Sensors Optimally Located

Authors: Carlos Alberto Riveros, Edwin Fabián García, Javier Enrique Rivero

Abstract:

The measured data obtained from sensors in continuous monitoring of civil structures are mainly used for modal identification and damage detection. Therefore when modal identification analysis is carried out the quality in the identification of the modes will highly influence the damage detection results. It is also widely recognized that the usefulness of the measured data used for modal identification and damage detection is significantly influenced by the number and locations of sensors. The objective of this study is the numerical implementation of two widely known optimum sensor placement methods in beam-like structures

Keywords: optimum sensor placement, structural damage detection, modal identification, beam-like structures.

Procedia PDF Downloads 431
3583 The Challenge of Assessing Social AI Threats

Authors: Kitty Kioskli, Theofanis Fotis, Nineta Polemi

Abstract:

The European Union (EU) directive Artificial Intelligence (AI) Act in Article 9 requires that risk management of AI systems includes both technical and human oversight, while according to NIST_AI_RFM (Appendix C) and ENISA AI Framework recommendations, claim that further research is needed to understand the current limitations of social threats and human-AI interaction. AI threats within social contexts significantly affect the security and trustworthiness of the AI systems; they are interrelated and trigger technical threats as well. For example, lack of explainability (e.g. the complexity of models can be challenging for stakeholders to grasp) leads to misunderstandings, biases, and erroneous decisions. Which in turn impact the privacy, security, accountability of the AI systems. Based on the NIST four fundamental criteria for explainability it can also classify the explainability threats into four (4) sub-categories: a) Lack of supporting evidence: AI systems must provide supporting evidence or reasons for all their outputs. b) Lack of Understandability: Explanations offered by systems should be comprehensible to individual users. c) Lack of Accuracy: The provided explanation should accurately represent the system's process of generating outputs. d) Out of scope: The system should only function within its designated conditions or when it possesses sufficient confidence in its outputs. Biases may also stem from historical data reflecting undesired behaviors. When present in the data, biases can permeate the models trained on them, thereby influencing the security and trustworthiness of the of AI systems. Social related AI threats are recognized by various initiatives (e.g., EU Ethics Guidelines for Trustworthy AI), standards (e.g. ISO/IEC TR 24368:2022 on AI ethical concerns, ISO/IEC AWI 42105 on guidance for human oversight of AI systems) and EU legislation (e.g. the General Data Protection Regulation 2016/679, the NIS 2 Directive 2022/2555, the Directive on the Resilience of Critical Entities 2022/2557, the EU AI Act, the Cyber Resilience Act). Measuring social threats, estimating the risks to AI systems associated to these threats and mitigating them is a research challenge. In this paper it will present the efforts of two European Commission Projects (FAITH and THEMIS) from the HorizonEurope programme that analyse the social threats by building cyber-social exercises in order to study human behaviour, traits, cognitive ability, personality, attitudes, interests, and other socio-technical profile characteristics. The research in these projects also include the development of measurements and scales (psychometrics) for human-related vulnerabilities that can be used in estimating more realistically the vulnerability severity, enhancing the CVSS4.0 measurement.

Keywords: social threats, artificial Intelligence, mitigation, social experiment

Procedia PDF Downloads 65
3582 Self-Tuning Robot Control Based on Subspace Identification

Authors: Mathias Marquardt, Peter Dünow, Sandra Baßler

Abstract:

The paper describes the use of subspace based identification methods for auto tuning of a state space control system. The plant is an unstable but self balancing transport robot. Because of the unstable character of the process it has to be identified from closed loop input-output data. Based on the identified model a state space controller combined with an observer is calculated. The subspace identification algorithm and the controller design procedure is combined to a auto tuning method. The capability of the approach was verified in a simulation experiments under different process conditions.

Keywords: auto tuning, balanced robot, closed loop identification, subspace identification

Procedia PDF Downloads 380
3581 Review of Cyber Security in Oil and Gas Industry with Cloud Computing Perspective: Taxonomy, Issues and Future Direction

Authors: Irfan Mohiuddin, Ahmad Al Mogren

Abstract:

In recent years, cloud computing has earned substantial attention in the Oil and Gas Industry and provides services in all the phases of the industry lifecycle. Oil and gas supply infrastructure, in particular, is more vulnerable to accidental, natural and intentional threats because of its widespread distribution. Numerous surveys have been conducted on cloud security and privacy. However, to the best of our knowledge, hardly any survey is carried out that reviews cyber security in all phases with a cloud computing perspective. Moreover, a distinctive classification is performed for all the cloud-based cyber security measures based on the cloud component in use. The classification approach will enable researchers to identify the required technique used to enhance the security in specific cloud components. Also, the limitation of each component will allow the researchers to design optimal algorithms. Lastly, future directions are given to point out the imminent challenges that can pave the way for researchers to further enhance the resilience to cyber security threats in the oil and gas industry.

Keywords: cyber security, cloud computing, safety and security, oil and gas industry, security threats, oil and gas pipelines

Procedia PDF Downloads 143
3580 Towards a Security Model against Denial of Service Attacks for SIP Traffic

Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla

Abstract:

Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.

Keywords: Denial-of-Service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities

Procedia PDF Downloads 203
3579 Distributed Perceptually Important Point Identification for Time Series Data Mining

Authors: Tak-Chung Fu, Ying-Kit Hung, Fu-Lai Chung

Abstract:

In the field of time series data mining, the concept of the Perceptually Important Point (PIP) identification process is first introduced in 2001. This process originally works for financial time series pattern matching and it is then found suitable for time series dimensionality reduction and representation. Its strength is on preserving the overall shape of the time series by identifying the salient points in it. With the rise of Big Data, time series data contributes a major proportion, especially on the data which generates by sensors in the Internet of Things (IoT) environment. According to the nature of PIP identification and the successful cases, it is worth to further explore the opportunity to apply PIP in time series ‘Big Data’. However, the performance of PIP identification is always considered as the limitation when dealing with ‘Big’ time series data. In this paper, two distributed versions of PIP identification based on the Specialized Binary (SB) Tree are proposed. The proposed approaches solve the bottleneck when running the PIP identification process in a standalone computer. Improvement in term of speed is obtained by the distributed versions.

Keywords: distributed computing, performance analysis, Perceptually Important Point identification, time series data mining

Procedia PDF Downloads 435
3578 Genetic Algorithms for Parameter Identification of DC Motor ARMAX Model and Optimal Control

Authors: A. Mansouri, F. Krim

Abstract:

This paper presents two techniques for DC motor parameters identification. We propose a numerical method using the adaptive extensive recursive least squares (AERLS) algorithm for real time parameters estimation. This algorithm, based on minimization of quadratic criterion, is realized in simulation for parameters identification of DC motor autoregressive moving average with extra inputs (ARMAX). As advanced technique, we use genetic algorithms (GA) identification with biased estimation for high dynamic performance speed regulation. DC motors are extensively used in variable speed drives, for robot and solar panel trajectory control. GA effectiveness is derived through comparison of the two approaches.

Keywords: ARMAX model, DC motor, AERLS, GA, optimization, parameter identification, PID speed regulation

Procedia PDF Downloads 381