Search results for: Cyber Attacks
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 799

Search results for: Cyber Attacks

529 Efficient and Timely Mutual Authentication Scheme for RFID Systems

Authors: Hesham A. El Zouka, Mustafa M. Hosni ka

Abstract:

The Radio Frequency Identification (RFID) technology has a diverse base of applications, but it is also prone to security threats. There are different types of security attacks that limit the range of the RFID applications. For example, deploying the RFID networks in insecure environments could make the RFID system vulnerable to many types of attacks such as spoofing attack, location traceability attack, physical attack and many more. Therefore, security is often an important requirement for RFID systems. In this paper, RFID mutual authentication protocol is implemented based on mobile agent technology and timestamp, which are used to provide strong authentication and integrity assurances to both the RFID readers and their corresponding RFID tags. The integration of mobile agent technology and timestamp provides promising results towards achieving this goal and towards reducing the security threats in RFID systems.

Keywords: RFID, security, authentication protocols, privacy, agent-based architecture, time-stamp, digital signature

Procedia PDF Downloads 248
528 Variance-Aware Routing and Authentication Scheme for Harvesting Data in Cloud-Centric Wireless Sensor Networks

Authors: Olakanmi Oladayo Olufemi, Bamifewe Olusegun James, Badmus Yaya Opeyemi, Adegoke Kayode

Abstract:

The wireless sensor network (WSN) has made a significant contribution to the emergence of various intelligent services or cloud-based applications. Most of the time, these data are stored on a cloud platform for efficient management and sharing among different services or users. However, the sensitivity of the data makes them prone to various confidentiality and performance-related attacks during and after harvesting. Various security schemes have been developed to ensure the integrity and confidentiality of the WSNs' data. However, their specificity towards particular attacks and the resource constraint and heterogeneity of WSNs make most of these schemes imperfect. In this paper, we propose a secure variance-aware routing and authentication scheme with two-tier verification to collect, share, and manage WSN data. The scheme is capable of classifying WSN into different subnets, detecting any attempt of wormhole and black hole attack during harvesting, and enforcing access control on the harvested data stored in the cloud. The results of the analysis showed that the proposed scheme has more security functionalities than other related schemes, solves most of the WSNs and cloud security issues, prevents wormhole and black hole attacks, identifies the attackers during data harvesting, and enforces access control on the harvested data stored in the cloud at low computational, storage, and communication overheads.

Keywords: data block, heterogeneous IoT network, data harvesting, wormhole attack, blackhole attack access control

Procedia PDF Downloads 57
527 TMBCoI-SIOT: Trust Management System Based on the Community of Interest for the Social Internet of Things

Authors: Oumaima Ben Abderrahim, Mohamed Houcine Elhedhili, Leila Saidane

Abstract:

In this paper, we propose a trust management system based on clustering architecture for the social internet of things called TMBCO-SIOT. The proposed model integrates numerous factors such as direct and indirect trust; transaction factor; precaution factor; and social modeling of trust. The novelty of our approach can be summed up in two aspects. The first aspect concerns the architecture based on the community of interest (CoT) where each community is headed by an administrator (admin). However, the second aspect is the trust management system that tries to prevent On-Off attacks and mitigates dishonest recommendations using the k-means algorithm and guarantor things. The effectiveness of the proposed system is proved by simulation against malicious nodes.

Keywords: IoT, trust management system, attacks, trust, dishonest recommendations, K-means algorithm

Procedia PDF Downloads 199
526 An Earth Mover’s Distance Algorithm Based DDoS Detection Mechanism in SDN

Authors: Yang Zhou, Kangfeng Zheng, Wei Ni, Ren Ping Liu

Abstract:

Software-defined networking (SDN) provides a solution for scalable network framework with decoupled control and data plane. However, this architecture also induces a particular distributed denial-of-service (DDoS) attack that can affect or even overwhelm the SDN network. DDoS attack detection problem has to date been mostly researched as entropy comparison problem. However, this problem lacks the utilization of SDN, and the results are not accurate. In this paper, we propose a DDoS attack detection method, which interprets DDoS detection as a signature matching problem and is formulated as Earth Mover’s Distance (EMD) model. Considering the feasibility and accuracy, we further propose to define the cost function of EMD to be a generalized Kullback-Leibler divergence. Simulation results show that our proposed method can detect DDoS attacks by comparing EMD values with the ones computed in the case without attacks. Moreover, our method can significantly increase the true positive rate of detection.

Keywords: DDoS detection, EMD, relative entropy, SDN

Procedia PDF Downloads 319
525 Constructing a Semi-Supervised Model for Network Intrusion Detection

Authors: Tigabu Dagne Akal

Abstract:

While advances in computer and communications technology have made the network ubiquitous, they have also rendered networked systems vulnerable to malicious attacks devised from a distance. These attacks or intrusions start with attackers infiltrating a network through a vulnerable host and then launching further attacks on the local network or Intranet. Nowadays, system administrators and network professionals can attempt to prevent such attacks by developing intrusion detection tools and systems using data mining technology. In this study, the experiments were conducted following the Knowledge Discovery in Database Process Model. The Knowledge Discovery in Database Process Model starts from selection of the datasets. The dataset used in this study has been taken from Massachusetts Institute of Technology Lincoln Laboratory. After taking the data, it has been pre-processed. The major pre-processing activities include fill in missed values, remove outliers; resolve inconsistencies, integration of data that contains both labelled and unlabelled datasets, dimensionality reduction, size reduction and data transformation activity like discretization tasks were done for this study. A total of 21,533 intrusion records are used for training the models. For validating the performance of the selected model a separate 3,397 records are used as a testing set. For building a predictive model for intrusion detection J48 decision tree and the Naïve Bayes algorithms have been tested as a classification approach for both with and without feature selection approaches. The model that was created using 10-fold cross validation using the J48 decision tree algorithm with the default parameter values showed the best classification accuracy. The model has a prediction accuracy of 96.11% on the training datasets and 93.2% on the test dataset to classify the new instances as normal, DOS, U2R, R2L and probe classes. The findings of this study have shown that the data mining methods generates interesting rules that are crucial for intrusion detection and prevention in the networking industry. Future research directions are forwarded to come up an applicable system in the area of the study.

Keywords: intrusion detection, data mining, computer science, data mining

Procedia PDF Downloads 283
524 The Study of Security Techniques on Information System for Decision Making

Authors: Tejinder Singh

Abstract:

Information system is the flow of data from different levels to different directions for decision making and data operations in information system (IS). Data can be violated by different manner like manual or technical errors, data tampering or loss of integrity. Security system called firewall of IS is effected by such type of violations. The flow of data among various levels of Information System is done by networking system. The flow of data on network is in form of packets or frames. To protect these packets from unauthorized access, virus attacks, and to maintain the integrity level, network security is an important factor. To protect the data to get pirated, various security techniques are used. This paper represents the various security techniques and signifies different harmful attacks with the help of detailed data analysis. This paper will be beneficial for the organizations to make the system more secure, effective, and beneficial for future decisions making.

Keywords: information systems, data integrity, TCP/IP network, vulnerability, decision, data

Procedia PDF Downloads 286
523 Attack Redirection and Detection using Honeypots

Authors: Chowduru Ramachandra Sharma, Shatunjay Rawat

Abstract:

A false positive state is when the IDS/IPS identifies an activity as an attack, but the activity is acceptable behavior in the system. False positives in a Network Intrusion Detection System ( NIDS ) is an issue because they desensitize the administrator. It wastes computational power and valuable resources when rules are not tuned properly, which is the main issue with anomaly NIDS. Furthermore, most false positives reduction techniques are not performed during the real-time of attempted intrusions; instead, they have applied afterward on collected traffic data and generate alerts. Of course, false positives detection in ‘offline mode’ is tremendously valuable. Nevertheless, there is room for improvement here; automated techniques still need to reduce False Positives in real-time. This paper uses the Snort signature detection model to redirect the alerted attacks to Honeypots and verify attacks.

Keywords: honeypot, TPOT, snort, NIDS, honeybird, iptables, netfilter, redirection, attack detection, docker, snare, tanner

Procedia PDF Downloads 140
522 Evaluation of the Effectiveness of Barriers for the Control of Rats in Rice Plantation Field

Authors: Melina, Jumardi Jumardi, Erwin Erwin, Sri Nuraminah, Andi Nasruddin

Abstract:

The rice field rat (Rattus argentiventer Robinson and Kloss) is a pest causing the greatest yield loss of rice plants, especially in lowland agroecosystems with intensive cropping patterns (2-3 plantings per year). Field mice damage rice plants at all stages of growth, from seedling to harvest, even in storage warehouses. Severe damage with yield loss of up to 100% occurs if rats attack rice at the generative stage because the plants are no longer able to recover by forming new tillers. Farmers mainly use rodenticides in the form of poisoned baits or as fumigants, which are applied to rat burrow holes. This practice is generally less effective because mice are able to avoid the poison or become resistant after several exposures to it. In addition, excessive use of rodenticides can have negative impacts on the environment and non-target organisms. For this reason, this research was conducted to evaluate the effectiveness of fences as an environmentally friendly mechanical control method in reducing rice yield losses due to rat attacks. This study used a factorial randomized block design. The first factor was the fence material, namely galvanized zinc plate and plastic. The second factor was the height of the fence, namely 25, 50, 75, and 100 cm from the ground level. Each treatment combination was repeated five times. Data shows that zinc fences with a height of 75 and 100 cm are able to provide full protection to plants from rat infestations throughout the planting season. However, zinc fences with a height of 25 and 50 cm failed to prevent rat attacks. Plastic fences with a height of 25 and 50 cm failed to prevent rat attacks during the planting season, whereas 75 and 100 cm were able to prevent rat attacks until all the crops outside of the fence had been eaten by rats. The rat managed to get into the fence by biting the plastic fence close to the ground. Thus, the research results show that fences made of zinc plate with a height of at least 75 cm from the ground surface are effective in preventing plant damage caused by rats. To our knowledge, this research is the first to quantify the effectiveness of fences as a control of field rodents.

Keywords: rice field rat, Rattus argentiventer, fence, rice

Procedia PDF Downloads 15
521 Border Control and Human Rights Violations: Lessons Learned from the United States and Potential Solutions for the European Union

Authors: María Elena Menéndez Ibáñez

Abstract:

After the terrorist attacks of 9/11, new measures were adopted by powerful countries and regions like the United States and the European Union in order to safeguard their security. In 2002, the US created the Department of Homeland Security with one sole objective; to protect American soil and people. The US adopted new policies that made every immigrant a potential terrorist and a threat to their national security. Stronger border control became one of the key elements of the fight against organized crime and terrorism. The main objective of this paper is to compare some of the most important and radical measures adopted by the US, even those that resulted in systematic violations of human rights, with some of the European measures adopted after the 2015 Paris attacks of 2015, such as unlawful detainment of prisoners and other measures against foreigners. Through the Schengen agreement, the European Union has tried to eliminate tariffs and border controls, in order to guarantee successful economic growth. Terrorists have taken advantage of this and have made the region vulnerable to attacks. Authorities need to strengthen their surveillance methods in order to safeguard the region and its stability. Through qualitative methods applied to social sciences, this research will also try to explain why some of the mechanisms proven to be useful in the US would not be so in Europe, especially because they would result in human rights violations. Finally, solutions will be offered that would not put the whole Schengen Agreement at risk. Europe cannot reinstate border control, without making individuals vulnerable to human rights violations.

Keywords: border control, immigration, international cooperation, national security

Procedia PDF Downloads 121
520 Machine Learning Approach for Anomaly Detection in the Simulated Iec-60870-5-104 Traffic

Authors: Stepan Grebeniuk, Ersi Hodo, Henri Ruotsalainen, Paul Tavolato

Abstract:

Substation security plays an important role in the power delivery system. During the past years, there has been an increase in number of attacks on automation networks of the substations. In spite of that, there hasn’t been enough focus dedicated to the protection of such networks. Aiming to design a specialized anomaly detection system based on machine learning, in this paper we will discuss the IEC 60870-5-104 protocol that is used for communication between substation and control station and focus on the simulation of the substation traffic. Firstly, we will simulate the communication between substation slave and server. Secondly, we will compare the system's normal behavior and its behavior under the attack, in order to extract the right features which will be needed for building an anomaly detection system. Lastly, based on the features we will suggest the anomaly detection system for the asynchronous protocol IEC 60870-5-104.

Keywords: Anomaly detection, IEC-60870-5-104, Machine learning, Man-in-the-Middle attacks, Substation security

Procedia PDF Downloads 347
519 Towards a Secure Storage in Cloud Computing

Authors: Mohamed Elkholy, Ahmed Elfatatry

Abstract:

Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.

Keywords: access control, data integrity, data confidentiality, Kerberos authentication, cloud security

Procedia PDF Downloads 318
518 A Survey on Countermeasures of Cache-Timing Attack on AES Systems

Authors: Settana M. Abdulh, Naila A. Sadalla, Yaseen H. Taha, Howaida Elshoush

Abstract:

Side channel attacks are based on side channel information, which is information that is leaked from encryption systems. This includes timing information, power consumption as well as electromagnetic or even sound leaking which can exploited by an attacker. Implementing side channel attacks are possible if and only if an attacker has access to a cryptosystem. In this case, the attacker can exploit bad implementation in software or hardware which is not controlled by encryption implementer. Thus, he/she will represent a real threat to the security system. Several countermeasures have been proposed to eliminate side channel information vulnerability.Cache timing attack is a special type of side channel attack. Here, timing information is collected and analyzed by an attacker to guess sensitive information such as encryption key or plaintext. This paper reviews the technique applied in this attack and surveys the countermeasures against it, evaluating the feasibility and usability of each. Based on this evaluation, finally we pose several recommendations about using these countermeasures.

Keywords: AES algorithm, side channel attack, cache timing attack, cache timing countermeasure

Procedia PDF Downloads 281
517 Tag Impersonation Attack on Ultra-lightweight Radio Frequency Identification Authentication Scheme (ESRAS)

Authors: Reham Al-Zahrani, Noura Aleisa

Abstract:

The proliferation of Radio Frequency Identification (RFID) technology has raised concerns about system security, particularly regarding tag impersonation attacks. Regarding RFID systems, an appropriate authentication protocol must resist active and passive attacks. A tag impersonation occurs when an adversary's tag is used to fool an authenticating reader into believing it is a legitimate tag. This paper analyzed the security of the efficient, secure, and practical ultra-lightweight RFID Authentication Scheme (ESRAS). Then, the paper presents a comprehensive analysis of the Efficient, Secure, and Practical Ultra-Lightweight RFID Authentication Scheme (ESRAS) in the context of radio frequency identification (RFID) systems that employed the Scyther tool to examine the protocol's security against a tag impersonation attack.

Keywords: RFID, impersonation attack, authentication, ultra-lightweight protocols

Procedia PDF Downloads 47
516 Stackelberg Security Game for Optimizing Security of Federated Internet of Things Platform Instances

Authors: Violeta Damjanovic-Behrendt

Abstract:

This paper presents an approach for optimal cyber security decisions to protect instances of a federated Internet of Things (IoT) platform in the cloud. The presented solution implements the repeated Stackelberg Security Game (SSG) and a model called Stochastic Human behaviour model with AttRactiveness and Probability weighting (SHARP). SHARP employs the Subjective Utility Quantal Response (SUQR) for formulating a subjective utility function, which is based on the evaluations of alternative solutions during decision-making. We augment the repeated SSG (including SHARP and SUQR) with a reinforced learning algorithm called Naïve Q-Learning. Naïve Q-Learning belongs to the category of active and model-free Machine Learning (ML) techniques in which the agent (either the defender or the attacker) attempts to find an optimal security solution. In this way, we combine GT and ML algorithms for discovering optimal cyber security policies. The proposed security optimization components will be validated in a collaborative cloud platform that is based on the Industrial Internet Reference Architecture (IIRA) and its recently published security model.

Keywords: security, internet of things, cloud computing, stackelberg game, machine learning, naive q-learning

Procedia PDF Downloads 337
515 Data Poisoning Attacks on Federated Learning and Preventive Measures

Authors: Beulah Rani Inbanathan

Abstract:

In the present era, it is vivid from the numerous outcomes that data privacy is being compromised in various ways. Machine learning is one technology that uses the centralized server, and then data is given as input which is being analyzed by the algorithms present on this mentioned server, and hence outputs are predicted. However, each time the data must be sent by the user as the algorithm will analyze the input data in order to predict the output, which is prone to threats. The solution to overcome this issue is federated learning, where the models alone get updated while the data resides on the local machine and does not get exchanged with the other local models. Nevertheless, even on these local models, there are chances of data poisoning, and it is crystal clear from various experiments done by many people. This paper delves into many ways where data poisoning occurs and the many methods through which it is prevalent that data poisoning still exists. It includes the poisoning attacks on IoT devices, Edge devices, Autoregressive model, and also, on Industrial IoT systems and also, few points on how these could be evadible in order to protect our data which is personal, or sensitive, or harmful when exposed.

Keywords: data poisoning, federated learning, Internet of Things, edge computing

Procedia PDF Downloads 73
514 Children Protection in the Digital Space

Authors: Beverly Komen

Abstract:

Online crimes have been on the rise in the recent days, especially with the hit of the covid-19 pandemic. The coronavirus pandemic has led to an unprecedented rise in screen time, this means more families are relying on technology and digital solutions to keep children learning, spending more time on the virtual platforms can leave children vulnerable to online abuse and exploitation. With ease access of affordable phones, internet, and increased online activities, all children are at risk of being abused online hence making the digital space unsafe for children. With these increased use of technology and its accessibility, children are at risk of facing challenges such as access to inappropriate content, online grooming, identity theft, cyber bullying, among other risks. The big question is; as we enjoy the benefits brought in by technology, how do we ensure that our children are save in this digital space? With the analysis of the current trends, there is a gap in knowledge on people’s understanding on child online protection and safety measures when using the digital space. A survey conducted among 50 parents in Nairobi in Kenya indicated that there is a gap in knowledge on online protection of children and over 50 % of the participants shared that for sure they have no idea on how to protect children online. This paper seeks to address the concept of child protection in the digital space and come up with viable solutions in protecting children from online vices.

Keywords: child protection, digital space, online risks, online grooming, cyber bulying, online child sexual exploitation, and abuse

Procedia PDF Downloads 174
513 Information Technology and the Challenges Facing the Legal Profession in Nigeria

Authors: Odoh Ben Uruchi

Abstract:

Information Technology is an outcome of the nexus between the computer technology and the communication technology which has grown as silver fiber in Nigeria. Information Technology represents the fourth generation of human communication after sight, oral and written communications. The internet, as with all path-breaking technological developments gives us all the ample privileges to act as a global community; advertise and operate across all frontiers; over boarders and beyond the control of any government. The security concerns, computer abuse and the side effects of this technology have moved to the forefront of the consciousness of law enforcement agencies. Unfortunately, Nigeria is one of the very few countries in the world to have not legislated Cyber Laws, although several unsuccessful attempts have been made in recent times at providing the legal framework for regulating the activities in Nigerian cyberspace. Traditional legal systems have led to great difficulty in keeping pace with the rapid growth of the internet and its impact throughout Nigeria. The only existing legal frameworks are constantly being challenged by technological advancement. This has created a need to constantly update and adapt the way in which we organize ourselves as Legal Practitioners in order to maintain overall control of its domestic and national interests. This paper seeks to appraise the challenges facing the legal profession in Nigeria because of want of Cyber Laws. In doing this, the paper shall highlight the loopholes in the existing laws and recommends the way forward.

Keywords: information technology, challenges, legal profession, Nigeria

Procedia PDF Downloads 506
512 Hereditary Angioedema: Case Presentation and Review of Anaesthetic Implications

Authors: Joshua Chew, Vesa Cheng, David Thomson

Abstract:

Background: Hereditary angioedema (HAE) or C1 esterase deficiency is a relatively rare entity that has a potential for significant anesthetic complications. Methods: A literature review was performed of published cases of surgery in patients with HAE. Results were limited to English language only and cases were examined for management strategies and successful prevention of acute attacks. Results: The literature revealed the successful use of C1 esterase inhibitors as the most common agent in surgical prophylaxis therapy. Other therapeutic targets described included kallikrein inhibitors and bradykinin B2 receptor antagonists. Conclusions: Therapeutic targets that exist for the management of acute attacks in HAE have been successfully employed in the setting of surgery. The data is currently limited and could not be used as a firm evidence base, but the limited outcomes seen are positive and reassuring for the prospective anesthetic management of this potentially fatal condition.

Keywords: anesthesia, C1 esterase deficiency, hereditary angioedema, surgical prophylaxis

Procedia PDF Downloads 384
511 Experimental Investigation of Cup Anemometer under Static and Dynamic Wind Direction Changes: Evaluation of Directional Sensitivity

Authors: Vaibhav Rana, Nicholas Balaresque

Abstract:

The 3-cup anemometer is the most commonly used instrument for wind speed measurement and, consequently, for the wind resource assessment. Though the cup anemometer shows accurate measurement under quasi-static conditions, there is uncertainty in the measurement when subjected to field measurement. Sensitivity to the angle of attacks with respect to horizontal plane, dynamic response, and non-linear behavior in calibration due to friction. The presented work aimed to identify the sensitivity of anemometer to non-horizontal flow. The cup anemometer was investigated under low wind speed wind tunnel, first under the static flow direction changes and second under the dynamic direction changes, at a different angle of attacks, under the similar conditions of reference wind tunnel speeds. The cup anemometer response under both conditions was evaluated and compared. The results showed the anemometer under dynamic wind direction changes is highly sensitive compared to static conditions.

Keywords: wind energy, cup anemometer, directional sensitivity, dynamic behavior, wind tunnel

Procedia PDF Downloads 133
510 Challenges for Interface Designers in Designing Sensor Dashboards in the Context of Industry 4.0

Authors: Naveen Kumar, Shyambihari Prajapati

Abstract:

Industry 4.0 is the fourth industrial revolution that focuses on interconnectivity of machine to machine, human to machine and human to human via Internet of Things (IoT). Technologies of industry 4.0 facilitate communication between human and machine through IoT and forms Cyber-Physical Production System (CPPS). In CPPS, multiple shop floors sensor data are connected through IoT and displayed through sensor dashboard to the operator. These sensor dashboards have enormous amount of information to be presented which becomes complex for operators to perform monitoring, controlling and interpretation tasks. Designing handheld sensor dashboards for supervision task will become a challenge for the interface designers. This paper reports emerging technologies of industry 4.0, changing context of increasing information complexity in consecutive industrial revolutions and upcoming design challenges for interface designers in context of Industry 4.0. Authors conclude that information complexity of sensor dashboards design has increased with consecutive industrial revolutions and designs of sensor dashboard causes cognitive load on users. Designing such complex dashboards interfaces in Industry 4.0 context will become main challenges for the interface designers.

Keywords: Industry4.0, sensor dashboard design, cyber-physical production system, Interface designer

Procedia PDF Downloads 116
509 A Survey on the Blockchain Smart Contract System: Security Strengths and Weaknesses

Authors: Malaw Ndiaye, Karim Konate

Abstract:

Smart contracts are computer protocols that facilitate, verify, and execute the negotiation or execution of a contract, or that render a contractual term unnecessary. Blockchain and smart contracts can be used to facilitate almost any financial transaction. Thanks to these smart contracts, the settlement of dividends and coupons could be automated. Smart contracts have become lucrative and profitable targets for attackers because they can hold a great amount of money. Smart contracts, although widely used in blockchain technology, are far from perfect due to security concerns. Since there are recent studies on smart contract security, none of them systematically study the strengths and weaknesses of smart contract security. Some have focused on an analysis of program-related vulnerabilities by providing a taxonomy of vulnerabilities. Other studies are responsible for listing the series of attacks linked to smart contracts. Although a series of attacks are listed, there is a lack of discussions and proposals on improving security. This survey takes stock of smart contract security from a more comprehensive perspective by correlating the level of vulnerability and systematic review of security levels in smart contracts.

Keywords: blockchain, Bitcoin, smart contract, criminal smart contract, security

Procedia PDF Downloads 153
508 Literature Review: Adversarial Machine Learning Defense in Malware Detection

Authors: Leidy M. Aldana, Jorge E. Camargo

Abstract:

Adversarial Machine Learning has gained importance in recent years as Cybersecurity has gained too, especially malware, it has affected different entities and people in recent years. This paper shows a literature review about defense methods created to prevent adversarial machine learning attacks, firstable it shows an introduction about the context and the description of some terms, in the results section some of the attacks are described, focusing on detecting adversarial examples before coming to the machine learning algorithm and showing other categories that exist in defense. A method with five steps is proposed in the method section in order to define a way to make the literature review; in addition, this paper summarizes the contributions in this research field in the last seven years to identify research directions in this area. About the findings, the category with least quantity of challenges in defense is the Detection of adversarial examples being this one a viable research route with the adaptive approach in attack and defense.

Keywords: Malware, adversarial, machine learning, defense, attack

Procedia PDF Downloads 44
507 Blockchain in Saudi E-Government: A Systematic Literature Review

Authors: Haitham Assiri, Priyadarsi Nanda

Abstract:

The world is gradually entering the fourth industrial revolution. E-Government services are scaling government operations across the globe. However, as promising as an e-Government system would be, it is also susceptible to malicious attacks if not properly secured. This study found out that, in Saudi Arabia, the e-Government website, Yesser is vulnerable to external attacks. Obviously, this can lead to a breach of data integrity and privacy. In this paper, a Systematic Literature Review was conducted to explore possible ways the Kingdom of Saudi Arabia can take necessary measures to strengthen its e-Government system using Blockchain. Blockchain is one of the emerging technologies shaping the world through its applications in finance, elections, healthcare, etc. It secures systems and brings more transparency. A total of 28 papers were selected for this SLR, and 19 of the papers significantly showed that blockchain could enhance the security and privacy of Saudi’s e-government system. Other papers also concluded that blockchain is effective, albeit with the integration of other technologies like IoT, AI and big data. These papers have been analysed to sieve out the findings and set the stage for future research into the subject.

Keywords: blockchain, data integrity, e-government, security threats

Procedia PDF Downloads 231
506 A Second Look at Gesture-Based Passwords: Usability and Vulnerability to Shoulder-Surfing Attacks

Authors: Lakshmidevi Sreeramareddy, Komalpreet Kaur, Nane Pothier

Abstract:

For security purposes, it is important to detect passwords entered by unauthorized users. With traditional alphanumeric passwords, if the content of a password is acquired and correctly entered by an intruder, it is impossible to differentiate the password entered by the intruder from those entered by the authorized user because the password entries contain precisely the same character set. However, no two entries for the gesture-based passwords, even those entered by the person who created the password, will be identical. There are always variations between entries, such as the shape and length of each stroke, the location of each stroke, and the speed of drawing. It is possible that passwords entered by the unauthorized user contain higher levels of variations when compared with those entered by the authorized user (the creator). The difference in the levels of variations may provide cues to detect unauthorized entries. To test this hypothesis, we designed an empirical study, collected and analyzed the data with the help of machine-learning algorithms. The results of the study are significant.

Keywords: authentication, gesture-based passwords, shoulder-surfing attacks, usability

Procedia PDF Downloads 126
505 Smart Sensor Data to Predict Machine Performance with IoT-Based Machine Learning and Artificial Intelligence

Authors: C. J. Rossouw, T. I. van Niekerk

Abstract:

The global manufacturing industry is utilizing the internet and cloud-based services to further explore the anatomy and optimize manufacturing processes in support of the movement into the Fourth Industrial Revolution (4IR). The 4IR from a third world and African perspective is hindered by the fact that many manufacturing systems that were developed in the third industrial revolution are not inherently equipped to utilize the internet and services of the 4IR, hindering the progression of third world manufacturing industries into the 4IR. This research focuses on the development of a non-invasive and cost-effective cyber-physical IoT system that will exploit a machine’s vibration to expose semantic characteristics in the manufacturing process and utilize these results through a real-time cloud-based machine condition monitoring system with the intention to optimize the system. A microcontroller-based IoT sensor was designed to acquire a machine’s mechanical vibration data, process it in real-time, and transmit it to a cloud-based platform via Wi-Fi and the internet. Time-frequency Fourier analysis was applied to the vibration data to form an image representation of the machine’s behaviour. This data was used to train a Convolutional Neural Network (CNN) to learn semantic characteristics in the machine’s behaviour and relate them to a state of operation. The same data was also used to train a Convolutional Autoencoder (CAE) to detect anomalies in the data. Real-time edge-based artificial intelligence was achieved by deploying the CNN and CAE on the sensor to analyse the vibration. A cloud platform was deployed to visualize the vibration data and the results of the CNN and CAE in real-time. The cyber-physical IoT system was deployed on a semi-automated metal granulation machine with a set of trained machine learning models. Using a single sensor, the system was able to accurately visualize three states of the machine’s operation in real-time. The system was also able to detect a variance in the material being granulated. The research demonstrates how non-IoT manufacturing systems can be equipped with edge-based artificial intelligence to establish a remote machine condition monitoring system.

Keywords: IoT, cyber-physical systems, artificial intelligence, manufacturing, vibration analytics, continuous machine condition monitoring

Procedia PDF Downloads 78
504 Combining Transcriptomics, Bioinformatics, Biosynthesis Networks and Chromatographic Analyses for Cotton Gossypium hirsutum L. Defense Volatiles Study

Authors: Ronald Villamar-Torres, Michael Staudt, Christopher Viot

Abstract:

Cotton Gossypium hirsutum L. is one of the most important industrial crops, producing the world leading natural textile fiber, but is very prone to arthropod attacks that reduce crop yield and quality. Cotton cultivation, therefore, makes an outstanding use of chemical pesticides. In reaction to herbivorous arthropods, cotton plants nevertheless show natural defense reactions, in particular through volatile organic compounds (VOCs) emissions. These natural defense mechanisms are nowadays underutilized but have a very high potential for cotton cultivation, and elucidating their genetic bases will help to improve their use. Simulating herbivory attacks by mechanical wounding of cotton plants in greenhouse, we studied by qPCR the changes in gene expression for genes of the terpenoids biosynthesis pathway. Differentially expressed genes corresponded to higher levels of the terpenoids biosynthesis pathway and not to enzymes synthesizing particular terpenoids. The genes were mapped on the G. hirsutum L. reference genome; their global relationships inside the general metabolic pathways and the biosynthesis of secondary metabolites were visualized with iPath2. The chromatographic profiles of VOCs emissions indicated first monoterpenes and sesquiterpenes emissions, dominantly four molecules known to be involved in plant reactions to arthropod attacks. As a result, the study permitted to identify potential key genes for the emission of volatile terpenoids by cotton plants in reaction to an arthropod attack, opening possibilities for molecular-assisted cotton breeding in benefit of smallholder cotton growers.

Keywords: biosynthesis pathways, cotton, mechanisms of plant defense, terpenoids, volatile organic compounds

Procedia PDF Downloads 358
503 Numerical Analysis of Dynamic Responses of the Plate Subjected to Impulsive Loads

Authors: Behzad Mohammadzadeh, Huyk Chun Noh

Abstract:

The plate is one of the popular structural elements used in a wide range of industries and structures. They may be subjected to blast loads during explosion events, missile attacks or aircraft attacks. This study is to investigate dynamic responses of the rectangular plate subjected to explosive loads. The effects of material properties and plate thickness on responses of the plate are to be investigated. The compressive pressure is applied to the surface of the plate. Different amounts of thickness in the range from 10mm to 30mm are considered for the plate to evaluate the changes in responses of the plate with respect to the plate thickness. Two different properties are considered for the steel. First, the analysis is performed by considering only the elastic-plastic properties for the steel plate. Later on damping is considered to investigate its effects on the responses of the plate. To do analysis, the numerical method using a finite element based package ABAQUS is applied. Finally, dynamic responses and graphs showing the relation between maximum displacement of the plate and aim parameters are provided.

Keywords: impulsive loaded plates, dynamic analysis, ABAQUS, material nonlinearity

Procedia PDF Downloads 509
502 Bitplanes Gray-Level Image Encryption Approach Using Arnold Transform

Authors: Ali Abdrhman M. Ukasha

Abstract:

Data security needed in data transmission, storage, and communication to ensure the security. The single step parallel contour extraction (SSPCE) method is used to create the edge map as a key image from the different Gray level/Binary image. Performing the X-OR operation between the key image and each bit plane of the original image for image pixel values change purpose. The Arnold transform used to changes the locations of image pixels as image scrambling process. Experiments have demonstrated that proposed algorithm can fully encrypt 2D Gary level image and completely reconstructed without any distortion. Also shown that the analyzed algorithm have extremely large security against some attacks like salt & pepper and JPEG compression. Its proof that the Gray level image can be protected with a higher security level. The presented method has easy hardware implementation and suitable for multimedia protection in real time applications such as wireless networks and mobile phone services.

Keywords: SSPCE method, image compression-salt- peppers attacks, bitplanes decomposition, Arnold transform, lossless image encryption

Procedia PDF Downloads 417
501 Social Media's Roles in the Change of Vietnamese Society: Emerging Public Sphere for Citizens

Authors: Ly Thi Hai Yen

Abstract:

The Internet in Vietnam has developed significantly over the last 20 years and made impressive advances, permeating into every part of daily life, changing people's habits as well as the way people's communication. Under this situation, social media have become useful tools for the citizen to get and share information. About 10 years ago, most Vietnamese people got the information through state media, but thanks to the development of the Internet, nowadays, social media have been giving them rich sources of information at any area of society. By using case study research methods, documentary research method and in-depth interviews conducted with social media users, NGO activists, and Vietnamese scholars in 2017, the paper found that social media has been bringing a cyber public sphere to whom wish to discuss social and political issues. And, more importantly, it gives them a chance to connect with the government and policy makers quickly and effectively. Moreover, people use social media to supervise activities in society to prevent social evils and corruption in Vietnam. However, besides these positive points, people also have to cope with the rising situation of fake news which causing consequences for the society, such as pulling off crimes or cheating money and others. The paper concluded that social media plays important roles in the change of Vietnamese society, giving citizens a cyber public sphere unrestrictedly to discuss social and political issues but also bringing many bad risks to citizens.

Keywords: Vietnamese, social media, politics-society

Procedia PDF Downloads 127
500 Bitplanes Image Encryption/Decryption Using Edge Map (SSPCE Method) and Arnold Transform

Authors: Ali A. Ukasha

Abstract:

Data security needed in data transmission, storage, and communication to ensure the security. The single step parallel contour extraction (SSPCE) method is used to create the edge map as a key image from the different Gray level/Binary image. Performing the X-OR operation between the key image and each bit plane of the original image for image pixel values change purpose. The Arnold transform used to changes the locations of image pixels as image scrambling process. Experiments have demonstrated that proposed algorithm can fully encrypt 2D Gary level image and completely reconstructed without any distortion. Also shown that the analyzed algorithm have extremely large security against some attacks like salt & pepper and JPEG compression. Its proof that the Gray level image can be protected with a higher security level. The presented method has easy hardware implementation and suitable for multimedia protection in real time applications such as wireless networks and mobile phone services.

Keywords: SSPCE method, image compression, salt and peppers attacks, bitplanes decomposition, Arnold transform, lossless image encryption

Procedia PDF Downloads 479