Search results for: security methodology

Authors: Fatemah Alzubairi

Abstract:

Terrorism financing is a theme that dramatically evolved post-9/11. Supra-national bodies, above all UN Security Council and the Financial Action Task Form (FATF), have established an executive-like mechanism, which allows blacklisting individuals and groups, freezing their funds, and restricting their travel, all of which have become part of states’ anti-terrorism frameworks. A number of problems arise from building counter-terrorism measures on the foundation of a vague definition of terrorism. This paper examines the utility and consequences of counter-terrorism financing with considering the lack of an international definition of terrorism. The main problem with national and international anti-terrorism legislation is the lack of a clear objective definition of terrorism. Most, if not all, national laws are broad and vague. Determining what terrorism remains the crucial underpinning of any successful discussion of counter-terrorism, and of the future success of counter-terrorist measures. This paper focuses on the legal and political consequences of equalizing the treatment of violent terrorist crimes, such as bombing, with non-violent terrorism-related crimes, such as funding terrorist groups. While both sorts of acts requires criminalization, treating them equally risks wrongfully or unfairly condemning innocent people who have associated with “terrorists” but are not involved in terrorist activities. This paper examines whether global obligations to counter terrorism financing focus on controlling terrorist groups more than terrorist activities. It also examines the utility of the obligations adopted by the UN Security Council and FATF, and whether they serve global security; or whether the utility is largely restricted to Western security, with little attention paid to the unique needs and demands of other regions.

Keywords: counter-terrorism, definition of terrorism, FATF, security, terrorism financing, UN Security Council

Procedia PDF Downloads 301

Authors: Fairouz Beggas

Abstract:

Due to the large number of exchanges in the networks, the security of communications is essential. Most ways of keeping communication secure rely on encryption. In this work, a symmetric encryption technique is offered to encrypt and decrypt simple Arabic scripts based on a multi-level security. A proposed technique uses an idea of Playfair encryption with a larger table size and an additional layer of encryption to ensure more security. The idea of the proposed algorithm aims to generate a dynamic table that depends on a secret key. The same secret key is also used to create other secret keys to over-encrypt the plaintext in three steps. The obtained results show that the proposed algorithm is faster in terms of encryption/decryption speed and can resist to many types of attacks.

Keywords: arabic data, encryption, playfair, symmetric algorithm

Procedia PDF Downloads 59

Authors: Mohammad Nazri Mustafa, Pedram Hatami Abdullah, M. Fakhrur Razi Ahmad Faizul

Abstract:

With the issuance of Malaysian National Annex 2017 as a part of MS EN 1998-1:2015, the seismic mapping of Malaysian Peninsular including Sabah and Sarawak has undergone some changes in terms of the Peak Ground Acceleration (PGA) value. The revision to the PGA has raised a concern on the safety of oil and gas onshore structures as these structures were not designed to accommodate the new PGA values which are much higher than the previous values used in the original design. In view of the high numbers of structures and buildings to be re-assessed, a risk assessment methodology has been developed to prioritize and rank the assets in terms of their criticality against the new seismic loading. To-date such risk assessment method for oil and gas onshore structures is lacking, and it is the main intention of this technical paper to share the risk assessment methodology and risk elements scoring finalized via Delphi Method. The finalized methodology and the values used to rank the risk elements have been established based on years of relevant experience on the subject matter and based on a series of rigorous discussions with professionals in the industry. The risk scoring is mapped against the risk matrix (i.e., the LOF versus COF) and hence, the overall risk for the assets can be obtained. The overall risk can be used to prioritize and optimize integrity assessment, repair and strengthening work against the new seismic mapping of the country.

Keywords: methodology, PGA, risk, seismic

Procedia PDF Downloads 128

Authors: M. Marsadek, A. Mohamed

Abstract:

Power system security analysis is the most time demanding process due to large number of possible contingencies that need to be analyzed.  In a power system, any contingency resulting in security violation such as line overload or low voltage may occur for a number of reasons at any time.  To efficiently rank a contingency, both probability and the extent of security violation must be considered so as not to underestimate the risk associated with the contingency. This paper proposed a contingency ranking method that take into account the probabilistic nature of power system and the severity of contingency by using a newly developed method based on risk factor.  The proposed technique is implemented on IEEE 24-bus system.

Keywords: line overload, low voltage, probability, risk factor, severity

Procedia PDF Downloads 521

Authors: Shokoufeh Monjezi Kouchak

Abstract:

Cognitive radio network (CRN) is future network .Without this network wireless devices can’t work appropriately in the next decades. Today, wireless devices use static spectrum access methods and these methods don’t use spectrums optimum so we need use dynamic spectrum access methods to solve shortage spectrum challenge and CR is a great device for DSA but first of all its challenges should be solved .security is one of these challenges .In this paper we provided a survey about CR security. You can see this survey in tables 1 to 7 .After that we proposed a multi criteria authentication method in CRN. Our criteria in this method are: sensing results, following sending data rules, position of secondary users and no talk zone. Finally we compared our method with other authentication methods.

Keywords: authentication, cognitive radio, security, radio networks

Procedia PDF Downloads 353

Authors: Chiara Mansanta, Daniela Sani

Abstract:

The present paper presents the further development of the application of a standard methodology to boost innovation inside real case studies of manufacturing companies. The proposed methodology provides a viable solution for manufacturing companies that have to evaluate new business ideas. The study underlined the concept of entrepreneurship and how a manager can use it to promote innovation inside their companies. Starting from a literature study on entrepreneurship, this paper examines the role of the manager in supporting a company’s development. The empirical part of the study is based on two manufacturing companies that used the proposed methodology to favour entrepreneurship through an alternative approach. The research demonstrated the need for companies to have a structured and well-defined methodology to achieve their goals. The purpose of this article is to understand the significance of business models inside companies and explore how they affect business strategy and innovation management. The idea is to use business models to support entrepreneurs in their decision-making processes, reducing risks and avoiding errors.

Keywords: entrepreneurship, manufacturing companies, solution validation, strategic management

Procedia PDF Downloads 69

Authors: L. Q. Yuan, J. Yang, A. Siddiqui

Abstract:

A new regression uncertainty analysis methodology was applied to determine the uncertainties of the critical heat flux (CHF) power correlation for an advanced 43-element bundle design, which was developed by Canadian Nuclear Laboratories (CNL) to achieve improved economics, resource utilization and energy sustainability. The new methodology is considered more appropriate than the traditional methodology in the assessment of the experimental uncertainty associated with regressions. The methodology was first assessed using both the Monte Carlo Method (MCM) and the Taylor Series Method (TSM) for a simple linear regression model, and then extended successfully to a non-linear CHF power regression model (CHF power as a function of inlet temperature, outlet pressure and mass flow rate). The regression uncertainty assessed by MCM agrees well with that by TSM. An equation to evaluate the CHF power regression uncertainty was developed and expressed as a function of independent variables that determine the CHF power.

Keywords: CHF experiment, CHF correlation, regression uncertainty, Monte Carlo Method, Taylor Series Method

Procedia PDF Downloads 392

Authors: Jennifer Wright

Abstract:

The recent rise of powerful terrorist groups such as ISIS and Al-Qaeda brings up concerns about nuclear terrorism as well as a focus on nuclear security, specifically the physical security of nuclear weapons and fissile material storage sites in countries where powerful nonstate actors are present. Particularly because these non-state actors, who lack their own sovereign territory, cannot be ‘deterred’ in the traditional sense. In light of the current threat environment, it’s necessary to now rethink these strategies in the 21st century – a multipolar world with the presence of powerful non-state actors. As a country in the spotlight for its low ranking on the Nuclear Threat Initiative’s (NTI) Nuclear Security Index, Pakistan is a relevant example to explore the question of whether the presence of non-state actors poses a real risk to nuclear security today. It’s necessary to take a look at their nuclear security policies to determine if they’re robust enough to deal with political instability and violence in the country. After carrying out interviews with experts in May 2017 in Islamabad on nuclear security and nuclear terrorism, this paper aims to highlight findings by providing a Pakistan-centric view on the subject and give experts there a chance to counter criticism. Western media would have us fearful of nuclear security mechanisms in Pakistan after reports that areas such as cybersecurity and accounting and control of materials are weak, as well as sensitive nuclear material being transported in unmarked, unguarded vehicles. Also reported are cases where terrorist groups carried out targeted attacks against Pakistani military bases or secure sites where nuclear material is stored. One specific question asked of each interviewee in Islamabad was Do you feel the threat of nuclear terrorism calls into question the reliance on deterrence? Their responses will be elaborated on in the longer paper, but overall they demonstrate views that deterrence still serves a purpose for state-to-state security strategy, but not for a state in countering nonstate threats. If nuclear security is lax enough for these non-state actors to get their hands on either an intact nuclear weapon or enough military-grade fissile material to build a nuclear weapon, then what would stop them from launching a nuclear attack? As deterrence is a state-centric strategy, it doesn’t work to deter non-state actors from carrying out an attack on another state, as they lack their own territory, and as such, are not fearful of a reprisal attack. Deterrence will need to be addressed, and its relevance analyzed to determine its utility in the current security environment. The aim of this research is to demonstrate the real risk of nuclear terrorism by pointing to weaknesses in global nuclear security, particularly in Pakistan. The research also aims to provoke thought on the weaknesses of deterrence as a whole. Original thinking is needed as we attempt to adequately respond to the 21st century’s current threat environment.

Keywords: deterrence, non-proliferation, nuclear security, nuclear terrorism

Procedia PDF Downloads 198

Authors: Bala Adamu Malami

Abstract:

The necessity of low-cost electronic vehicle/car security designed in coordination with other security measures is always there in our society to reduce the risk of vehicle intrusion. Keeping this problem in mind, we are designing an automatic GPS system which is technology to build an integrated and fully customized vehicle to detect the movement of the vehicle and also serve as a security system at a reasonable cost. Users can locate the vehicle's position via GPS by using the Google Maps application to show vehicle coordinates on a smartphone. The tracking system uses a Global System for Mobile Communication (GSM) modem for communication between the mobile station and the microcontroller to send and receive commands. Further design can be improved to capture the vehicle movement range and alert the vehicle owner when the vehicle is out of range.

Keywords: electronic, GPS, GSM modem, communication, vehicle

Procedia PDF Downloads 77

Authors: Michael J. Hahn

Abstract:

Docker is a powerful tool used by many companies such as PayPal, MetLife, Expedia, Visa, and many others. Docker works by bundling multiple applications, binaries, and libraries together on top of an operating system image called a container. The container runs on a Docker engine that in turn runs on top of a standard operating system. This centralization saves a lot of system resources. In this paper, we will be demonstrating how to bypass Transport Layer Security and execute remote code within Docker containers built on a base image of Alpine Linux version 3.7.0 through the use of .apk files due to flaws in the Alpine Linux package management program. This exploit renders any applications built using Docker with a base image of Alpine Linux vulnerable to unwanted outside forces.

Keywords: cloud, cryptography, Docker, Linux, security

Procedia PDF Downloads 161

Authors: Ibtisam Mahmoud Mohammed Sultan

Abstract:

The present research aimed to identify the level of both emotional and emotional competence among students in Tikrit University aimed to know the assumptions in statistical significance for both variables as gender variables (m-f) and specialty (scientific-humanistic), as research to learn what Relationship between emotional safety and efficiency alanfaalet Tikrit University students. The researcher built emotional security measure (54) as built measure emotional competence (46), as the researcher extract full alsaykomtrih characteristics of both scales. The research sample consisted of (600) students selected by the random way and applying the scales on a basic search sample and processed statistical data using a variety of methods, including statistical test (test T.) and Pearson correlation coefficient, the researcher found a set of results. The following: 1. that the Tikrit University students possess a high level of emotional security. 2. to safely enjoy passionate males more than females. 3. that there is no difference between students of scientific and humanitarian specialization in variable emotional security. 4. that the Tikrit University students enjoy a high level of emotional competence. 5. the female-male outperforming in emotional competence level. 6. the humanitarian specialization students Excel in emotional competence for those of specialty. 7. the existence of a positive correlation between variables. Through search results, the researcher has developed a set of conclusions, proposals, and recommendations.

Keywords: relation, emotional security, students, efficiency

Procedia PDF Downloads 97

Authors: Zunaira Zaman, David Bohannon

Abstract:

This study explores the application of machine learning (ML) for detecting security vulnerabilities in source code. The research aims to assist organizations with large application portfolios and limited security testing capabilities in prioritizing security activities. ML-based approaches offer benefits such as increased confidence scores, false positives and negatives tuning, and automated feedback. The initial approach using natural language processing techniques to extract features achieved 86% accuracy during the training phase but suffered from overfitting and performed poorly on unseen datasets during testing. To address these issues, the study proposes using the abstract syntax tree (AST) for Java and C++ codebases to capture code semantics and structure and generate path-context representations for each function. The Code2Vec model architecture is used to learn distributed representations of source code snippets for training a machine-learning classifier for vulnerability prediction. The study evaluates the performance of the proposed methodology using two datasets and compares the results with existing approaches. The Devign dataset yielded 60% accuracy in predicting vulnerable code snippets and helped resist overfitting, while the Juliet Test Suite predicted specific vulnerabilities such as OS-Command Injection, Cryptographic, and Cross-Site Scripting vulnerabilities. The Code2Vec model achieved 75% accuracy and a 98% recall rate in predicting OS-Command Injection vulnerabilities. The study concludes that even partial AST representations of source code can be useful for vulnerability prediction. The approach has the potential for automated intelligent analysis of source code, including vulnerability prediction on unseen source code. State-of-the-art models using natural language processing techniques and CNN models with ensemble modelling techniques did not generalize well on unseen data and faced overfitting issues. However, predicting vulnerabilities in source code using machine learning poses challenges such as high dimensionality and complexity of source code, imbalanced datasets, and identifying specific types of vulnerabilities. Future work will address these challenges and expand the scope of the research.

Keywords: code embeddings, neural networks, natural language processing, OS command injection, software security, code properties

Procedia PDF Downloads 79

Authors: Cristian Păuna

Abstract:

After the widespread release of electronic trading, automated trading systems have become a significant part of the business intelligence system of any modern financial investment company. An important part of the trades is made completely automatically today by computers using mathematical algorithms. The trading decisions are taken almost instantly by logical models and the orders are sent by low-latency automatic systems. This paper will present a real-time price prediction methodology designed especially for algorithmic trading. Based on the price cyclicality function, the methodology revealed will generate price cyclicality bands to predict the optimal levels for the entries and exits. In order to automate the trading decisions, the cyclicality bands will generate automated trading signals. We have found that the model can be used with good results to predict the changes in market behavior. Using these predictions, the model can automatically adapt the trading signals in real-time to maximize the trading results. The paper will reveal the methodology to optimize and implement this model in automated trading systems. After tests, it is proved that this methodology can be applied with good efficiency in different timeframes. Real trading results will be also displayed and analyzed in order to qualify the methodology and to compare it with other models. As a conclusion, it was found that the price prediction model using the price cyclicality function is a reliable trading methodology for algorithmic trading in the financial market.

Keywords: algorithmic trading, automated trading systems, financial markets, high-frequency trading, price prediction

Procedia PDF Downloads 159

Authors: Harsh Vikram Singh, Ankur Rai, Anand Mohan

Abstract:

In this paper, we propose secure and robust data hiding algorithm based on DCT by Arnold transform and chaotic sequence. The watermark image is scrambled by Arnold cat map to increases its security and then the chaotic map is used for watermark signal spread in middle band of DCT coefficients of the cover image The chaotic map can be used as pseudo-random generator for digital data hiding, to increase security and robustness .Performance evaluation for robustness and imperceptibility of proposed algorithm has been made using bit error rate (BER), normalized correlation (NC), and peak signal to noise ratio (PSNR) value for different watermark and cover images such as Lena, Girl, Tank images and gain factor .We use a binary logo image and text image as watermark. The experimental results demonstrate that the proposed algorithm achieves higher security and robustness against JPEG compression as well as other attacks such as addition of noise, low pass filtering and cropping attacks compared to other existing algorithm using DCT coefficients. Moreover, to recover watermarks in proposed algorithm, there is no need to original cover image.

Keywords: data hiding, watermarking, DCT, chaotic sequence, arnold transforms

Procedia PDF Downloads 489

Authors: John Onyima, Ikechukwu Ezepue

Abstract:

Virtualization and cloud computing are among the fast-growing computing innovations in recent times. Organisations all over the world are moving their computing services towards the cloud this is because of its rapid transformation of the organization’s infrastructure and improvement of efficient resource utilization and cost reduction. However, this technology brings new security threats and challenges about safety, reliability and data confidentiality. Evidently, no single security technique can guarantee security or protection against malicious attacks on a cloud computing network hence an integrated model of intrusion detection and prevention system has been proposed. Anomaly-based and signature-based detection techniques will be integrated to enable the network and its host defend themselves with some level of intelligence. The anomaly-base detection was implemented using the local deviation factor graph-based (LDFGB) algorithm while the signature-based detection was implemented using the snort algorithm. Results from this collaborative intrusion detection and prevention techniques show robust and efficient security architecture for cloud computing networks.

Keywords: anomaly-based detection, cloud computing, intrusion detection, intrusion prevention, signature-based detection

Procedia PDF Downloads 275

Authors: Alvite Singh Ningthoujam

Abstract:

The most recent terror phenomenon, which is also known as the Islamic State of Iraq and Syria (ISIS), or Islamic State (IS), has its influence felt in South Asia. This dreaded Sunni militant group, today, has become a concern in India as well. Already affected by various terror activities in the country, the influence of the IS on the radicalised Muslim youths in India has been watched closely by the security agencies. There had already been a few IS-related incidents in India due to which this issue has emerged as a threat or challenge to India’s internal security. The rapid radicalisation of youths in a few states where there are sizeable Muslim populations has gone, to some extent, in favour of the IS, particularly in the terror outfit’s recruitment process. What has added to the worry of the Indian security agencies is the announcement of the Al-Qaeda leader, Ayman al-Zawahari, of the creation of the Al-Qaeda in the Indian Subcontinent. In fact, this is a worrisome factor as both the militant groups, that is, al-Qaeda and ISIS, have a similar objective to target India and to turn this South Asian country as one of the recruiting grounds for extremists. There is also a possibility that an Indian Mujahedeen (IM) man was believed to be instrumental in recruiting for the ISIS poor Muslims in a few Indian states. If this nexus between ISIS and India’s home-grown terror groups manages to establish a robust link, then the headache of combating such amalgamated force will be a hard task for Indian security agencies. In the wake of the above developments, this paper would seek to analyse the developing trend in India in regard to IS. It would also bring out the reasons as to why further penetration of the IS influence on India would be a grave concern in the internal security of the country. The last section of the paper would highlight the steps that have been taken by the Indian government to tackle this menace effectively.

Keywords: India, Islamic State, Muslim, Security

Procedia PDF Downloads 350

Authors: Arun Kumar, Neelesh Haulder

Abstract:

This paper identifies and resolves some key issues relating to a specific aspect within the supply chain logistics of the public health care industry in the Republic of Mauritius. The analysis and the proposed solution are performed using soft systems methodology (SSM). Through the application of this relevant systematic approach at problem solving, the aim is to obtain an in-depth analysis of the problem, incorporating every possible world view of the problem and consequently to obtain a well explored solution aimed at implementing relevant changes within the current supply chain logistics of the health care industry, with the purpose of tackling the key identified issues.

Keywords: soft systems methodology, CATWOE, healthcare, logistics

Procedia PDF Downloads 488

Authors: Nir Nissim, Ran Yahalom, Tomer Lancewiki, Yuval Elovici, Boaz Lerner

Abstract:

Background: Attackers increasingly take advantage of innocent users who tend to use USB devices casually, assuming these devices benign when in fact they may carry an embedded malicious behavior or hidden malware. USB devices have many properties and capabilities that have become the subject of malicious operations. Many of the recent attacks targeting individuals, and especially organizations, utilize popular and widely used USB devices, such as mice, keyboards, flash drives, printers, and smartphones. However, current detection tools, techniques, and solutions generally fail to detect both the known and unknown attacks launched via USB devices. Significance: We propose USBWARE, a project that focuses on the vulnerabilities of USB devices and centers on the development of a comprehensive detection framework that relies upon a crucial attack repository. USBWARE will allow researchers and companies to better understand the vulnerabilities and attacks associated with USB devices as well as providing a comprehensive platform for developing detection solutions. Methodology: The framework of USBWARE is aimed at accurate detection of both known and unknown USB-based attacks by a process that efficiently enhances the framework's detection capabilities over time. The framework will integrate two main security approaches in order to enhance the detection of USB-based attacks associated with a variety of USB devices. The first approach is aimed at the detection of known attacks and their variants, whereas the second approach focuses on the detection of unknown attacks. USBWARE will consist of six independent but complimentary detection modules, each detecting attacks based on a different approach or discipline. These modules include novel ideas and algorithms inspired from or already developed within our team's domains of expertise, including cyber security, electrical and signal processing, machine learning, and computational biology. The establishment and maintenance of the USBWARE’s dynamic and up-to-date attack repository will strengthen the capabilities of the USBWARE detection framework. The attack repository’s infrastructure will enable researchers to record, document, create, and simulate existing and new USB-based attacks. This data will be used to maintain the detection framework’s updatability by incorporating knowledge regarding new attacks. Based on our experience in the cyber security domain, we aim to design the USBWARE framework so that it will have several characteristics that are crucial for this type of cyber-security detection solution. Specifically, the USBWARE framework should be: Novel, Multidisciplinary, Trusted, Lightweight, Extendable, Modular and Updatable and Adaptable. Major Findings: Based on our initial survey, we have already found more than 23 types of USB-based attacks, divided into six major categories. Our preliminary evaluation and proof of concepts showed that our detection modules can be used for efficient detection of several basic known USB attacks. Further research, development, and enhancements are required so that USBWARE will be capable to cover all of the major known USB attacks and to detect unknown attacks. Conclusion: USBWARE is a crucial detection framework that must be further enhanced and developed.

Keywords: USB, device, cyber security, attack, detection

Procedia PDF Downloads 368

Authors: Rebecca Zahra, Joseph G. Vella, Ernest Cachia

Abstract:

The notion of cloud computing is rapidly gaining ground in the IT industry and is appealing mostly due to making computing more adaptable and expedient whilst diminishing the total cost of ownership. This paper focuses on the software as a service (SaaS) architecture of cloud computing which is used for the outsourcing of databases with their associated business processes. One approach for offering SaaS is basing the system’s architecture on multi-tenancy. Multi-tenancy allows multiple tenants (users) to make use of the same single application instance. Their requests and configurations might then differ according to specific requirements met through tenant customisation through the software. Despite the known advantages, companies still feel uneasy to opt for the multi-tenancy with data security being a principle concern. The fact that multiple tenants, possibly competitors, would have their data located on the same server process and share the same database tables heighten the fear of unauthorised access. Security is a vital aspect which needs to be considered by application developers, database administrators, data owners and end users. This is further complicated in cloud-based multi-tenant system where boundaries must be established between tenants and additional access control models must be in place to prevent unauthorised cross-tenant access to data. Moreover, when altering the database state, the transactions need to strictly adhere to the tenant’s known business processes. This paper focuses on the fact that security in cloud databases should not be considered as an isolated issue. Rather it should be included in the initial phases of the database design and monitored continuously throughout the whole development process. This paper aims to identify a number of the most common security risks and threats specifically in the area of multi-tenant cloud systems. Issues and bottlenecks relating to security risks in cloud databases are surveyed. Some techniques which might be utilised to overcome them are then listed and evaluated. After a description and evaluation of the main security threats, this paper produces a list of software requirements to ensure that proper security policies are implemented by a software development team when designing and implementing a multi-tenant based SaaS. This would then assist the cloud service providers to define, implement, and manage security policies as per tenant customisation requirements whilst assuring security for the customers’ data.

Keywords: cloud computing, data management, multi-tenancy, requirements, security

Procedia PDF Downloads 131

Authors: Jorge M. Uribe

Abstract:

We propose a methodology for setting the price of an insurance contract targeted to manage the risk associated with weather conditions that affect variable renewable energy generation. The methodology relies on conditional quantile regressions to estimate the weather risk of a solar panel. It is illustrated using real daily radiation and weather data for three cities in Spain (Valencia, Barcelona and Madrid) from February 2/2004 to January 22/2019. We also adapt the concepts of value at risk and expected short fall from finance to this context, to provide a complete panorama of what we label as weather risk. The methodology is easy to implement and can be used by insurance companies to price a contract with the aforementioned characteristics when data about similar projects and accurate cash flow projections are lacking. Our methodology assigns a higher price to an insurance product with the stated characteristics in Madrid, compared to Valencia and Barcelona. This is consistent with Madrid showing the largest interquartile range of operational deficits and it is unrelated to the average value deficit, which illustrates the importance of our proposal.

Keywords: insurance, weather, vre, risk

Procedia PDF Downloads 124

Authors: Xia Yang, Zheng Yang, Haiyong Sun, Yan Fang, Jingyu Liu, Jia Song

Abstract:

The smart contract in Ethereum is a unique program deployed on the Ethereum Virtual Machine (EVM) to help manage cryptocurrency. The security of this smart contract is critical to Ethereum’s operation and highly sensitive. In this paper, we present a formal model for smart contract, using the separated term-obligation (STO) strategy to formalize and verify the smart contract. We use the IBM smart sponsor contract (SSC) as an example to elaborate the detail of the formalizing process. We also propose a formal smart sponsor contract model (FSSCM) and verify SSC’s security properties with an interactive theorem prover Coq. We found the 'Unchecked-Send' vulnerability in the SSC, using our formal model and verification method. Finally, we demonstrate how we can formalize and verify other smart contracts with this approach, and our work indicates that this formal verification can effectively verify the correctness and security of smart contracts.

Keywords: smart contract, formal verification, Ethereum, Coq

Procedia PDF Downloads 651

Authors: Husen Ahmed Tura

Abstract:

There are strong links between secure land rights and food security in Africa. However, as land is owned by governments, land users do not have adequate legislative protection. This article explores normative and implementation gaps in relation to small-scale farmers’ land rights under the Ethiopia’s law. It finds that the law facilitates eviction of small-scale farmers and indigenous peoples from their land without adequate alternative means of livelihood. It argues that as access to land and other natural resources is strongly linked to the right to adequate food, Ethiopia should reform its land laws in the light of its legal obligations under international human rights law to respect, protect and fulfill the right to adequate food and ensure freedom from hunger.

Keywords: smallholder, secure land rights , food security, right to food, land grabbing, forced evictions

Procedia PDF Downloads 280

Authors: James Bassey Ejue, Dorn Cklaimz Enamhe, Helen Francis Ejue

Abstract:

The study examined the influence of personal variables such as sex, type of school, and parental socio-economic status on secondary school students’ perception of school security. To guide the study, three null hypotheses were formulated. The research design adopted was the survey design, and a 20-item instrument was constructed and validated by the researchers through a test-retest procedure. The sample size for the study comprised 2,198 students made up of male and female students selected through a stratified random sampling technique. This was drawn from a study population of 21,988, made up of 12,635 students and 9353 students from public and private secondary schools, respectively. Data were analyzed using an independent t-test statistical tool. The findings showed that female students were more fearful in their perception of school security; the students in private schools perceived school to be more insecure than those in public schools; and the students from high parental socio-economic status are more associated with the perception of school as insecure than the ones from low parental socio-economic status. Based on these findings, it was recommended that, among others, more reassuring measures be put in place to check school security for females, for those in private schools, and for those from high parental socio-economic status. School counsellors should also be guided accordingly in designing intervention strategies.

Keywords: personal variables, students, perception, school security

Procedia PDF Downloads 44

Authors: Olga Andrianova, Lazar Jeifets

Abstract:

The security issue has always been one of the most sensitive and significant in Latin American context, especially focused on Central American region. Despite the fact that the time of the civil wars has ended, violence, delinquency, insecurity, discrimination still exist and keep relevance in the 21st century. This article is dedicated to consider this kind of problems, to find out the main causes and to propose solution approaches.

Keywords: Central America, insecurity, instability, post-war countries, violence

Procedia PDF Downloads 452

Authors: H. V. Smit, V. H. J. de Wet

Abstract:

South African municipalities are dealing with aging and dilapidated infrastructure while faced with challenges in the form of expanding informal settlements, vandalism, theft, and a lack of maintenance which place even more pressure on existing infrastructure. The existing infrastructure was never designed to cater to these challenges, and this becomes evident when evaluating the current state of many municipal sewer pump stations. A need has thus arisen to develop a sewer pump station design concept that will address these challenges and allow for a long-term sustainable solution. This article deals with the design concepts which have been developed for sewer pump stations for an effective reduction in maintenance, improved grit handling, improvement to the operation and maintenance working conditions, and the adoption of high-security design philosophy.

Keywords: high security, low maintenance, municipal application, sewer pump station

Procedia PDF Downloads 80

Authors: A. A. Selaimia, H. Bensouilah, M. A. Yallese, I. Meddour, S. Belhadi, T. Mabrouki

Abstract:

The objective of this work is to model the output responses namely; surface roughness (Ra), cutting force (Fc), during the face milling of the austenitic stainless steel X2CrNi18-9 with coated carbide tools (GC4040). For raison, response surface methodology (RMS) is used to determine the influence of each technological parameter. A full factorial design (L27) is chosen for the experiments, and the ANOVA is used in order to evaluate the influence of the technological cutting parameters namely; cutting speed (Vc), feed per tooth, and depth of cut (ap) on the out-put responses. The results reveal that (Ra) is mostly influenced by (fz) and (Fc) is found considerably affected by (ap).

Keywords: austenitic stainless steel, ANOVA, coated carbide, response surface methodology (RSM)

Procedia PDF Downloads 345

Authors: Sidney A. Lima, Hermann J. H. Kux, Elcio H. Shiguemori

Abstract:

The Unmanned Aircraft Systems (UAS) usually navigate through the Global Navigation Satellite System (GNSS) associated with an Inertial Navigation System (INS). However, GNSS can have its accuracy degraded at any time or even turn off the signal of GNSS. In addition, there is the possibility of malicious interferences, known as jamming. Therefore, the image navigation system can solve the autonomy problem, because if the GNSS is disabled or degraded, the image navigation system would continue to provide coordinate information for the INS, allowing the autonomy of the system. This work aims to evaluate the accuracy of the positioning though photogrammetry concepts. The methodology uses orthophotos and Digital Surface Models (DSM) as a reference to represent the object space and photograph obtained during the flight to represent the image space. For the calculation of the coordinates of the perspective center and camera attitudes, it is necessary to know the coordinates of homologous points in the object space (orthophoto coordinates and DSM altitude) and image space (column and line of the photograph). So if it is possible to automatically identify in real time the homologous points the coordinates and attitudes can be calculated whit their respective accuracies. With the methodology applied in this work, it is possible to verify maximum errors in the order of 0.5 m in the positioning and 0.6º in the attitude of the camera, so the navigation through the image can reach values equal to or higher than the GNSS receivers without differential correction. Therefore, navigating through the image is a good alternative to enable autonomous navigation.

Keywords: autonomy, navigation, security, photogrammetry, remote sensing, spatial resection, UAS

Procedia PDF Downloads 163

Authors: Pil Seong Park

Abstract:

Homemade HPC clusters are widely used in many small labs, because they are easy to build and cost-effective. Even though incremental growth is an advantage of clusters, it results in heterogeneous systems anyhow. Instead of adding new nodes to the cluster, we can extend clusters to include some other Internet servers working independently on the same LAN, so that we can make use of their idle times, especially during the night. However extension across a firewall raises some security problems with NFS. In this paper, we propose a method to solve such a problem using SSH tunneling, and suggest a modified structure of the cluster that implements it.

Keywords: extension of HPC clusters, security, NFS, SSH tunneling

Procedia PDF Downloads 399

Authors: Syed Sibtain Hussain Shah

Abstract:

The Afghan Taliban returned to power corridors in Afghanistan in August 2021 after waging a twenty-year insurgency in the country. U.S.-led forces completed their withdrawal from Afghanistan on August 30, 2021, but the Taliban took control of the whole country till August 15, 2021. At the same time, some of the militant groups such as Tehrik-e-Taliban Pakistan (TTP) and Islamic State Khurasan (IS-K) reappeared in Pakistan’s borders and other areas and by increasing attacks on the armed forces of Pakistan and minorities communities. These groups once again created a crucial challenge to the internal security of the country. Since mid of 2021, many of the terrorist incidents in the countries specified in the areas of Pakistan bordering Afghanistan were committed by TTP and IS-K. The aim of this paper is to investigate the reappearance of TTP and IS-K in 2021 and 2022 as a crucial threat to the internal security of Pakistan. The author will particularly probe threats to the security of military personnel and their installations and threats to human security, including danger to religious minority communities in the different areas of the country, including border areas such as Waziristan, which was once a hub of TTP and other militant groups in the 2000s. The author will employ the relevant method and appropriate theories of security studies, such as religious extremism and terrorism, in this study. TTP, inspired by the Afghan Taliban, initially emerged in Pakistan in 2007 and this group has so far targeted various religious and ethnic communities and government installations in Pakistan. The group is not only against Pakistan’s government policies, but it also committed terrorist attacks on the communities of the other Muslim sects and as well as non-Muslim communities. Most of the prominent figures of this violent group disappeared or escaped to Afghanistan after military actions, such as the larger “Zarb-e-Azb” operation in Pakistan in 2015. IS-K, which established its branch of Khurasan covering Pakistan and Afghanistan in 2015, with its main formation in Iraq and Syria in 2015, by targeting religious minorities such as Shia Muslims, has so far created a vital security challenge for the security of the country.

Keywords: Pakistan, Afghanistan, Afghan Taliban, Pakistani Taliban, Islamic state Khorasan, security threat

Procedia PDF Downloads 111

Authors: Lauren Provost

Abstract:

The digital world remains increasingly vulnerable, making the development of effective cybersecurity approaches even more critical in supporting the success of the digital economy and national security. Although approaches to cybersecurity have shifted and improved in the last decade with new models, especially with cloud computing and mobility, a record number of high severity vulnerabilities were recorded in the National Institute of Standards and Technology (NIST), and its National Vulnerability Database (NVD) in 2020. This is due, in part, to the increasing complexity of cyber ecosystems. Security must be approached with a more comprehensive, multi-tool strategy that addresses the complexity of cyber ecosystems, including the human factor. Ethical hacking has emerged as such an approach: a more effective, multi-strategy, comprehensive approach to cyber security's most pressing needs, especially understanding the human factor. Research on ethical hacking, however, is limited in scope. The two main objectives of this work are to (1) provide highlights of case studies in ethical hacking, (2) provide a conceptual framework for research in ethical hacking that embraces and addresses both technical and nontechnical security measures. Recommendations include an improved conceptual framework for research centered on ethical hacking that addresses many factors and attributes of significant attacks that threaten computer security; a more robust, integrative multi-layered framework embracing the complexity of cybersecurity ecosystems.

Keywords: ethical hacking, literature review, penetration testing, social engineering

Procedia PDF Downloads 186