Search results for: attack risk
6532 The Journey of a Malicious HTTP Request
Authors: M. Mansouri, P. Jaklitsch, E. Teiniker
Abstract:
SQL injection on web applications is a very popular kind of attack. There are mechanisms such as intrusion detection systems in order to detect this attack. These strategies often rely on techniques implemented at high layers of the application but do not consider the low level of system calls. The problem of only considering the high level perspective is that an attacker can circumvent the detection tools using certain techniques such as URL encoding. One technique currently used for detecting low-level attacks on privileged processes is the tracing of system calls. System calls act as a single gate to the Operating System (OS) kernel; they allow catching the critical data at an appropriate level of detail. Our basic assumption is that any type of application, be it a system service, utility program or Web application, “speaks” the language of system calls when having a conversation with the OS kernel. At this level we can see the actual attack while it is happening. We conduct an experiment in order to demonstrate the suitability of system call analysis for detecting SQL injection. We are able to detect the attack. Therefore we conclude that system calls are not only powerful in detecting low-level attacks but that they also enable us to detect high-level attacks such as SQL injection.Keywords: Linux system calls, web attack detection, interception, SQL
Procedia PDF Downloads 3596531 Air Flow Characteristics and Pressure Distributions for Staggered Wing Shaped Tubes Bundle
Authors: Sayed A. Elsayed, Emad Z. Ibrahim, Osama M. Mesalhy, Mohamed A. Abdelatief
Abstract:
An experimental and numerical study has been conducted to clarify fluid flow characteristics and pressure drop distributions of a cross-flow heat exchanger employing staggered wing-shaped tubes at different angels of attack. The water-side Rew and the air-side Rea were at 5 x 102 and at from 1.8 x 103 to 9.7 x 103, respectively. Three cases of the tubes arrangements with various angles of attack, row angles of attack and 90° cone angles were employed at the considered Rea range. Correlation of pressure drop coefficient Pdc in terms of Rea, design parameters for the studied cases were presented. The flow pattern around the staggered wing-shaped tubes bundle were predicted by using commercial CFD FLUENT 6.3.26 software package. Results indicated that the values of Pdc were increased by increasing the angle of attack from 0° to 45°, while the opposite was true for angles of attack from 135° to 180°. Comparisons between the experimental and numerical results of the present study and those, previously, obtained for similar available studies showed good agreements.Keywords: wing-shaped tubes, cross-flow cooling, staggered arrangement, CFD
Procedia PDF Downloads 3766530 Trajectories of PTSD from 2-3 Years to 5-6 Years among Asian Americans after the World Trade Center Attack
Authors: Winnie Kung, Xinhua Liu, Debbie Huang, Patricia Kim, Keon Kim, Xiaoran Wang, Lawrence Yang
Abstract:
Considerable Asian Americans were exposed to the World Trade Center attack due to the proximity of the site to Chinatown and a sizeable number of South Asians working in the collapsed and damaged buildings nearby. Few studies focused on Asians in examining the disaster’s mental health impact, and even less longitudinal studies were reported beyond the first couple of years after the event. Based on the World Trade Center Health Registry, this study examined the trajectory of PTSD of individuals directly exposed to the attack from 2-3 to 5-6 years after the attack, comparing Asians against the non-Hispanic White group. Participants included 2,431 Asians and 31,455 Whites. Trajectories were delineated into the resilient, chronic, delayed-onset and remitted groups using PTSD checklist cut-off score at 44 at the 2 waves. Logistic regression analyses were conducted to compare the poorer trajectories against the resilient as a reference group, using predictors of baseline sociodemographic, exposure to the disaster, lower respiratory symptoms and previous depression/anxiety disorder diagnosis, and recruitment source as the control variable. Asians had significant lower socioeconomic status in terms of income, education and employment status compared to Whites. Over 3/4 of participants from both races were resilient, though slightly less for Asians than Whites (76.5% vs 79.8%). Asians had a higher proportion with chronic PTSD (8.6% vs 7.4%) and remission (5.9% vs 3.4%) than Whites. A considerable proportion of participants had delayed-onset in both races (9.1% Asians vs 9.4% Whites). The distribution of trajectories differed significantly by race (p<0.0001) with Asians faring poorer. For Asians, in the chronic vs resilient group, significant protective factors included age >65, annual household income >$50,000, and never married vs married/cohabiting; risk factors were direct disaster exposure, job loss due to 9/11, lost someone, and tangible loss; lower respiratory symptoms and previous mental disorder diagnoses. Similar protective and risk factors were noted for the delayed-onset group, except education being protective; and being an immigrant a risk. Between the 2 comparisons, the chronic group was more vulnerable than the delayed-onset as expected. It should also be noted that in both comparisons, Asians’ current employment status had no significant impact on their PTSD trajectory. Comparing between Asians against Whites, the direction of the relationships between the predictors and the PTSD trajectories were mostly the same, although more factors were significant for Whites than for Asians. A few factors showed significant racial difference: Higher risk for lower respiratory symptoms for Whites than Asians, higher risk for pre-9/11 mental disorder diagnosis for Asians than Whites, and immigrant a risk factor for the remitted vs resilient groups for Whites but not for Asians. Over 17% Asians still suffered from PTSD 5-6 years after the WTC attack signified its persistent impact which incurred substantial human, social and economic costs. The more disadvantaged socioeconomic status of Asians rendered them more vulnerable in their mental health trajectories relative to Whites. Together with their well-documented low tendency to seek mental health help, outreach effort to this population is needed to ensure follow-up treatment and prevention.Keywords: PTSD, Asian Americans, World Trade Center Attack, racial differences
Procedia PDF Downloads 2646529 Trace Network: A Probabilistic Relevant Pattern Recognition Approach to Attribution Trace Analysis
Authors: Jian Xu, Xiaochun Yun, Yongzheng Zhang, Yafei Sang, Zhenyu Cheng
Abstract:
Network attack prevention is a critical research area of information security. Network attack would be oppressed if attribution techniques are capable to trace back to the attackers after the hacking event. Therefore attributing these attacks to a particular identification becomes one of the important tasks when analysts attempt to differentiate and profile the attacker behind a piece of attack trace. To assist analysts in expose attackers behind the scenes, this paper researches on the connections between attribution traces and proposes probabilistic relevance based attribution patterns. This method facilitates the evaluation of the plausibility relevance between different traceable identifications. Furthermore, through analyzing the connections among traces, it could confirm the existence probability of a certain organization as well as discover its affinitive partners by the means of drawing relevance matrix from attribution traces.Keywords: attribution trace, probabilistic relevance, network attack, attacker identification
Procedia PDF Downloads 3666528 Model of MSD Risk Assessment at Workplace
Authors: K. Sekulová, M. Šimon
Abstract:
This article focuses on upper-extremity musculoskeletal disorders risk assessment model at workplace. In this model are used risk factors that are responsible for musculoskeletal system damage. Based on statistic calculations the model is able to define what risk of MSD threatens workers who are under risk factors. The model is also able to say how MSD risk would decrease if these risk factors are eliminated.Keywords: ergonomics, musculoskeletal disorders, occupational diseases, risk factors
Procedia PDF Downloads 5516527 Identification of Flooding Attack (Zero Day Attack) at Application Layer Using Mathematical Model and Detection Using Correlations
Authors: Hamsini Pulugurtha, V.S. Lakshmi Jagadmaba Paluri
Abstract:
Distributed denial of service attack (DDoS) is one altogether the top-rated cyber threats presently. It runs down the victim server resources like a system of measurement and buffer size by obstructing the server to supply resources to legitimate shoppers. Throughout this text, we tend to tend to propose a mathematical model of DDoS attack; we discuss its relevancy to the choices like inter-arrival time or rate of arrival of the assault customers accessing the server. We tend to tend to further analyze the attack model in context to the exhausting system of measurement and buffer size of the victim server. The projected technique uses an associate in nursing unattended learning technique, self-organizing map, to make the clusters of identical choices. Lastly, the abstract applies mathematical correlation and so the standard likelihood distribution on the clusters and analyses their behaviors to look at a DDoS attack. These systems not exclusively interconnect very little devices exchanging personal data, but to boot essential infrastructures news standing of nuclear facilities. Although this interconnection brings many edges and blessings, it to boot creates new vulnerabilities and threats which might be conversant in mount attacks. In such sophisticated interconnected systems, the power to look at attacks as early as accomplishable is of paramount importance.Keywords: application attack, bandwidth, buffer correlation, DDoS distribution flooding intrusion layer, normal prevention probability size
Procedia PDF Downloads 2256526 A Study on Automotive Attack Database and Data Flow Diagram for Concretization of HEAVENS: A Car Security Model
Authors: Se-Han Lee, Kwang-Woo Go, Gwang-Hyun Ahn, Hee-Sung Park, Cheol-Kyu Han, Jun-Bo Shim, Geun-Chul Kang, Hyun-Jung Lee
Abstract:
In recent years, with the advent of smart cars and the expansion of the market, the announcement of 'Adventures in Automotive Networks and Control Units' at the DEFCON21 conference in 2013 revealed that cars are not safe from hacking. As a result, the HEAVENS model considering not only the functional safety of the vehicle but also the security has been suggested. However, the HEAVENS model only presents a simple process, and there are no detailed procedures and activities for each process, making it difficult to apply it to the actual vehicle security vulnerability check. In this paper, we propose an automated attack database that systematically summarizes attack vectors, attack types, and vulnerable vehicle models to prepare for various car hacking attacks, and data flow diagrams that can detect various vulnerabilities and suggest a way to materialize the HEAVENS model.Keywords: automotive security, HEAVENS, car hacking, security model, information security
Procedia PDF Downloads 3626525 Effect of a Stepwise Discontinuity on a 65 Degree Delta Wing
Authors: Nishit L. Sanil, Raza M. Khan
Abstract:
Increasing lift effectively at higher angles of attack has always been a daunting challenge in aviation especially on a delta wing. These are used on military jet fighter planes and has some undesirable characteristics, notably flow separation at high angles of attack and high drag at low speeds. In order to solve this problem, a design modification is modeled on a delta wing which would increase the lift so that we can improve maneuverability. To attain an increase in the lift of a 65 degree delta wing at higher angles of attack, a step-wise discontinuity is created at the upper surface of the delta wing. A normal delta wing is validated for comparison which would thereby give us a measure of flow separation and coefficient of lift affected by the modification. The results obtained deliver a significant increase in lift at higher angles of attack thereby delaying stall. Hence the benefits of the modification would aid the potential designs of aircraft’s in the time to come.Keywords: coefficient of lift, delta wing, flow separation, step-wise discontinuity
Procedia PDF Downloads 3106524 Numerical Study of Flow Characteristics and Performance of 14-X B Inlet with Blunted Cowl-Lip
Authors: Sergio N. P. Laitón, Paulo G. P. Toro, João F. Martos
Abstract:
A numerical study has been carried out to investigate the flow characteristics and performance of the 14-X B inlet with blunted cowl-lip. The Brazilian aerospace hypersonic vehicle 14-X B is a technology demonstrator of a hypersonic air-breathing propulsion system, based on supersonic combustion ramjet (scramjet). It is designed for Earth's atmospheric flight at Mach number of 6 and an altitude of 30 km. Currently, it is under development in the aerothermodynamics and hypersonic Professor Henry T. Nagamatsu laboratory at Advanced Studies Institute (IEAv). Numerical simulations were conducted at nominal freestream Mach number and altitude for two cowl-lip blunting radius and several angles of attack close to horizontal flight. The results show that the shock interference behavior on the blunted cowl-lip change with the angle of attack and blunted radius. The type VI or V together with III shock interferences are more likely to occur simultaneously at small negative angles of attack. When the inlet operates in positive angles of attack higher to 1, no shock interference occurs, only the bow shock conditions. The results indicate a high air pressure at beginning of the combustor and higher pressure recovery with 2 mm radius and positives angles of attack.Keywords: blunted cowl-lip, hypersonic inlet, inlet unstart, shock interference
Procedia PDF Downloads 3236523 Diagnostic Investigation of Aircraft Performance at Different Winglet Cant Angles
Authors: M. Dinesh, V. Kenny Mark, Dharni Vasudhevan Venkatesan, B. Santhosh Kumar, R. Sree Radesh, V. R. Sanal Kumar
Abstract:
Comprehensive numerical studies have been carried out to examine the best aerodynamic performance of subsonic aircraft at different winglet cant angles using a validated 3D k-ω SST model. In the parametric analytical studies, NACA series of airfoils are selected. Basic design of the winglet is selected from the literature and flow features of the entire wing including the winglet tip effects have been examined with different cant angles varying from 150 to 600 at different angles of attack up to 140. We have observed, among the cases considered in this study that a case with 150 cant angle the aerodynamics performance of the subsonic aircraft during takeoff was found better up to an angle of attack of 2.80 and further its performance got diminished at higher angles of attack. Analyses further revealed that increasing the winglet cant angle from 150 to 600 at higher angles of attack could negate the performance deterioration and additionally it could enhance the peak CL/CD on the order of 3.5%. The investigated concept of variable-cant-angle winglets appears to be a promising alternative for improving the aerodynamic efficiency of aircraft.Keywords: aerodynamic efficiency, cant angle, drag reduction, flexible winglets
Procedia PDF Downloads 5236522 Durability of Cement Bonded Particleboards Produced from Terminalia superba and Gmelina arborea against Subterranean Termite Attack
Authors: Amos Olajide Oluyege, Emmanuel Uchechukwu Opara, Sunday Adeniyi Adedutan, Joseph Adeola Fuwape
Abstract:
This study was conducted to determine the durability of wood-cement particleboards when exposed to attack by subterranean termites, Macrotermes subhylinus. The boards were made from Terminalia superba and Gmelina arborea wood sawdust at nominal board densities (BD) of 1000, 900, and 800 kg/m³ using wood-cement mixing ratios (MR) of 3:1, 2.5:1, 2:1, and 1:1. Above ground durability tests against termite attack were carried out according to ASTM D 2017 for 14 weeks. Results of visual assessment of the wood cement particleboards show that all the board samples had a visual rating that was not less than 7 (i.e., moderate attack) for both species irrespective of the MR and BD. T. superba boards were found to have higher resistance to termite attack compared to their G. arborea counterparts. The mean values for weight loss following exposure ranged from 1.93 to 6.13% and 3.24 to 12.44%. Analysis of variance (ANOVA) results of the weight loss assessment revealed a significant (p < 0.05) effect of species and mixing ratio on the weight loss of the boards due to termite attack with F(₁,₇₂) = 92.890 and P = 0.000 and F(₃,₇₂) = 8.318 and p = 0.000, while board density did not have any significant effect (p > 0.05) with F (₂,₇₂) = 1.307 and p = 0.277. Thus, boards made from a higher mixing ratio had better resistance against termite attacks. Thus, it can be concluded that the durability of cement-bonded particleboards when exposed to subterranean termite attack is not only dependent on the quality of the wood raw material (species) but also on the enhanced protection imparted by the cement matrix; the protection increased with increase in cement/wood mixing ratio.Keywords: cement-bonded particleboard, mixing ratio, board density, Gmelina arborea, Terminalia superba
Procedia PDF Downloads 2156521 Two-Level Graph Causality to Detect and Predict Random Cyber-Attacks
Authors: Van Trieu, Shouhuai Xu, Yusheng Feng
Abstract:
Tracking attack trajectories can be difficult, with limited information about the nature of the attack. Even more difficult as attack information is collected by Intrusion Detection Systems (IDSs) due to the current IDSs having some limitations in identifying malicious and anomalous traffic. Moreover, IDSs only point out the suspicious events but do not show how the events relate to each other or which event possibly cause the other event to happen. Because of this, it is important to investigate new methods capable of performing the tracking of attack trajectories task quickly with less attack information and dependency on IDSs, in order to prioritize actions during incident responses. This paper proposes a two-level graph causality framework for tracking attack trajectories in internet networks by leveraging observable malicious behaviors to detect what is the most probable attack events that can cause another event to occur in the system. Technically, given the time series of malicious events, the framework extracts events with useful features, such as attack time and port number, to apply to the conditional independent tests to detect the relationship between attack events. Using the academic datasets collected by IDSs, experimental results show that the framework can quickly detect the causal pairs that offer meaningful insights into the nature of the internet network, given only reasonable restrictions on network size and structure. Without the framework’s guidance, these insights would not be able to discover by the existing tools, such as IDSs. It would cost expert human analysts a significant time if possible. The computational results from the proposed two-level graph network model reveal the obvious pattern and trends. In fact, more than 85% of causal pairs have the average time difference between the causal and effect events in both computed and observed data within 5 minutes. This result can be used as a preventive measure against future attacks. Although the forecast may be short, from 0.24 seconds to 5 minutes, it is long enough to be used to design a prevention protocol to block those attacks.Keywords: causality, multilevel graph, cyber-attacks, prediction
Procedia PDF Downloads 1566520 Non-Targeted Adversarial Image Classification Attack-Region Modification Methods
Authors: Bandar Alahmadi, Lethia Jackson
Abstract:
Machine Learning model is used today in many real-life applications. The safety and security of such model is important, so the results of the model are as accurate as possible. One challenge of machine learning model security is the adversarial examples attack. Adversarial examples are designed by the attacker to cause the machine learning model to misclassify the input. We propose a method to generate adversarial examples to attack image classifiers. We are modifying the successfully classified images, so a classifier misclassifies them after the modification. In our method, we do not update the whole image, but instead we detect the important region, modify it, place it back to the original image, and then run it through a classifier. The algorithm modifies the detected region using two methods. First, it will add abstract image matrix on back of the detected image matrix. Then, it will perform a rotation attack to rotate the detected region around its axes, and embed the trace of image in image background. Finally, the attacked region is placed in its original position, from where it was removed, and a smoothing filter is applied to smooth the background with foreground. We test our method in cascade classifier, and the algorithm is efficient, the classifier confident has dropped to almost zero. We also try it in CNN (Convolutional neural network) with higher setting and the algorithm was successfully worked.Keywords: adversarial examples, attack, computer vision, image processing
Procedia PDF Downloads 3396519 Deployment of Attack Helicopters in Conventional Warfare: The Gulf War
Authors: Mehmet Karabekir
Abstract:
Attack helicopters (AHs) are usually deployed in conventional warfare to destroy armored and mechanized forces of enemy. In addition, AHs are able to perform various tasks in the deep, and close operations – intelligence, surveillance, reconnaissance, air assault operations, and search and rescue operations. Apache helicopters were properly employed in the Gulf Wars and contributed the success of campaign by destroying a large number of armored and mechanized vehicles of Iraq Army. The purpose of this article is to discuss the deployment of AHs in conventional warfare in the light of Gulf Wars. First, the employment of AHs in deep and close operations will be addressed regarding the doctrine. Second, the US armed forces AH-64 doctrinal and tactical usage will be argued in the 1st and 2nd Gulf Wars.Keywords: attack helicopter, conventional warfare, gulf wars
Procedia PDF Downloads 4736518 Data Analysis to Uncover Terrorist Attacks Using Data Mining Techniques
Authors: Saima Nazir, Mustansar Ali Ghazanfar, Sanay Muhammad Umar Saeed, Muhammad Awais Azam, Saad Ali Alahmari
Abstract:
Terrorism is an important and challenging concern. The entire world is threatened by only few sophisticated terrorist groups and especially in Gulf Region and Pakistan, it has become extremely destructive phenomena in recent years. Predicting the pattern of attack type, attack group and target type is an intricate task. This study offers new insight on terrorist group’s attack type and its chosen target. This research paper proposes a framework for prediction of terrorist attacks using the historical data and making an association between terrorist group, their attack type and target. Analysis shows that the number of attacks per year will keep on increasing, and Al-Harmayan in Saudi Arabia, Al-Qai’da in Gulf Region and Tehreek-e-Taliban in Pakistan will remain responsible for many future terrorist attacks. Top main targets of each group will be private citizen & property, police, government and military sector under constant circumstances.Keywords: data mining, counter terrorism, machine learning, SVM
Procedia PDF Downloads 4096517 Non-Targeted Adversarial Object Detection Attack: Fast Gradient Sign Method
Authors: Bandar Alahmadi, Manohar Mareboyana, Lethia Jackson
Abstract:
Today, there are many applications that are using computer vision models, such as face recognition, image classification, and object detection. The accuracy of these models is very important for the performance of these applications. One challenge that facing the computer vision models is the adversarial examples attack. In computer vision, the adversarial example is an image that is intentionally designed to cause the machine learning model to misclassify it. One of very well-known method that is used to attack the Convolution Neural Network (CNN) is Fast Gradient Sign Method (FGSM). The goal of this method is to find the perturbation that can fool the CNN using the gradient of the cost function of CNN. In this paper, we introduce a novel model that can attack Regional-Convolution Neural Network (R-CNN) that use FGSM. We first extract the regions that are detected by R-CNN, and then we resize these regions into the size of regular images. Then, we find the best perturbation of the regions that can fool CNN using FGSM. Next, we add the resulted perturbation to the attacked region to get a new region image that looks similar to the original image to human eyes. Finally, we placed the regions back to the original image and test the R-CNN with the attacked images. Our model could drop the accuracy of the R-CNN when we tested with Pascal VOC 2012 dataset.Keywords: adversarial examples, attack, computer vision, image processing
Procedia PDF Downloads 1936516 Longitudinal Vortices Mixing in Three-Stream Micromixers with Two Inlets
Authors: Yi-Tun Huang, Chih-Yang Wu, Shu-Wei Huang
Abstract:
In this work, we examine fluid mixing in a full three-stream mixing channel with longitudinal vortex generators (LVGs) built on the channel bottom by numerical simulation and experiment. The effects of the asymmetrical arrangement and the attack angle of the LVGs on fluid mixing are investigated. The results show that the micromixer with LVGs at a small asymmetry index (defined by the ratio of the distance from the center plane of the gap between the winglets to the center plane of the main channel to the width of the main channel) is superior to the micromixer with symmetric LVGs and that with LVGs at a large asymmetry index. The micromixer using five mixing modules of the LVGs with an attack angle between 16.5 degrees and 22.5 degrees can achieve excellent mixing over a wide range of Reynolds numbers. Here, we call a section of channel with two pairs of staggered asymmetrical LVGs a mixing module. Besides, the micromixer with LVGs at a small attack angle is more efficient than that with a larger attack angle when pressure losses are taken into account.Keywords: microfluidics, mixing, longitudinal vortex generators, two stream interfaces
Procedia PDF Downloads 5216515 UEMSD Risk Identification: Case Study
Authors: K. Sekulová, M. Šimon
Abstract:
The article demonstrates on a case study how it is possible to identify MSD risk. It is based on a dissertation risk identification model of occupational diseases formation in relation to the work activity that determines what risk can endanger workers who are exposed to the specific risk factors. It is evaluated based on statistical calculations. These risk factors are main cause of upper-extremities musculoskeletal disorders.Keywords: case study, upper-extremity musculoskeletal disorders, ergonomics, risk identification
Procedia PDF Downloads 5006514 Adversarial Attacks and Defenses on Deep Neural Networks
Authors: Jonathan Sohn
Abstract:
Deep neural networks (DNNs) have shown state-of-the-art performance for many applications, including computer vision, natural language processing, and speech recognition. Recently, adversarial attacks have been studied in the context of deep neural networks, which aim to alter the results of deep neural networks by modifying the inputs slightly. For example, an adversarial attack on a DNN used for object detection can cause the DNN to miss certain objects. As a result, the reliability of DNNs is undermined by their lack of robustness against adversarial attacks, raising concerns about their use in safety-critical applications such as autonomous driving. In this paper, we focus on studying the adversarial attacks and defenses on DNNs for image classification. There are two types of adversarial attacks studied which are fast gradient sign method (FGSM) attack and projected gradient descent (PGD) attack. A DNN forms decision boundaries that separate the input images into different categories. The adversarial attack slightly alters the image to move over the decision boundary, causing the DNN to misclassify the image. FGSM attack obtains the gradient with respect to the image and updates the image once based on the gradients to cross the decision boundary. PGD attack, instead of taking one big step, repeatedly modifies the input image with multiple small steps. There is also another type of attack called the target attack. This adversarial attack is designed to make the machine classify an image to a class chosen by the attacker. We can defend against adversarial attacks by incorporating adversarial examples in training. Specifically, instead of training the neural network with clean examples, we can explicitly let the neural network learn from the adversarial examples. In our experiments, the digit recognition accuracy on the MNIST dataset drops from 97.81% to 39.50% and 34.01% when the DNN is attacked by FGSM and PGD attacks, respectively. If we utilize FGSM training as a defense method, the classification accuracy greatly improves from 39.50% to 92.31% for FGSM attacks and from 34.01% to 75.63% for PGD attacks. To further improve the classification accuracy under adversarial attacks, we can also use a stronger PGD training method. PGD training improves the accuracy by 2.7% under FGSM attacks and 18.4% under PGD attacks over FGSM training. It is worth mentioning that both FGSM and PGD training do not affect the accuracy of clean images. In summary, we find that PGD attacks can greatly degrade the performance of DNNs, and PGD training is a very effective way to defend against such attacks. PGD attacks and defence are overall significantly more effective than FGSM methods.Keywords: deep neural network, adversarial attack, adversarial defense, adversarial machine learning
Procedia PDF Downloads 1956513 Security Risks Assessment: A Conceptualization and Extension of NFC Touch-And-Go Application
Authors: Ku Aina Afiqah Ku Adzman, Manmeet Mahinderjit Singh, Zarul Fitri Zaaba
Abstract:
NFC operates on low-range 13.56 MHz frequency within a distance from 4cm to 10cm, and the applications can be categorized as touch and go, touch and confirm, touch and connect, and touch and explore. NFC applications are vulnerable to various security and privacy attacks such due to its physical nature; unprotected data stored in NFC tag and insecure communication between its applications. This paper aims to determine the likelihood of security risks happening in an NFC technology and application. We present an NFC technology taxonomy covering NFC standards, types of application and various security and privacy attack. Based on observations and the survey presented to evaluate the risk assessment within the touch and go application demonstrates two security attacks that are high risks namely data corruption and DOS attacks. After the risks are determined, risk countermeasures by using AHP is adopted. The guideline and solutions to these two high risks, attacks are later applied to a secure NFC-enabled Smartphone Attendance System.Keywords: Near Field Communication (NFC), risk assessment, multi-criteria decision making, Analytical Hierarchy Process (AHP)
Procedia PDF Downloads 3026512 Evaluating the Impact of Marine Protected Areas on Human-Shark Interactions at a Global Scale
Authors: Delphine Duval, Morgan Mangeas, Charlie Huveneers, Adam Barnett, Laurent Vigliola
Abstract:
The global number of shark bites has increased over the past four decades with, however, high regional variability both in space and time. A systematic review, aligned with the 2020 PRISMA guidelines, explored the peer-reviewed literature published between 1960 and 2023 to identify factors potentially explaining trends in human-shark interactions. Results revealed that variations in the frequency of human-shark interactions could be explained by a plethora of factors, including changes in prey availability, environmental conditions, human and shark population density and behavior, as well as habitat destruction. However, to our best knowledge, only five studies have conducted statistical assessments of the relative contribution of these factors. The increased number in human-shark interactions and the frequent clusters of shark bites within short timeframes offer opportunities to test the causative factors that may explain trends in unprovoked shark bites. it study aims to evaluate the impact of marine protected areas (MPAs) on the number of human-shark interactions, using data from the Global Shark Attack File and the World Database on Protected Areas. Results indicate contrasting effects of MPAs at different spatial scales. Enhancing our understanding of the factors contributing to shark bites is essential for improving risk reduction policies for humans and conservation plans for shark populations.Keywords: unprovoked shark interactions, marine protected areas, attack risk, human-wildlife interaction
Procedia PDF Downloads 436511 A Secure Survey against Black Hole Attack in MANET
Authors: G. Usha, S. Kannimuthu, K. Mahalakshmi
Abstract:
Mobile Adhoc Network (MANET) is one of the most promising technologies that have applications ranging from various portable devices to military networks. MANET has no fixed infrastructure and the security of such network is a big concern. Therefore, in order to operate MANET’s securely, the misbehavior and intrusions should be detected before the attackers affect the network communication. In this article, we make a comprehensive survey against black hole attack that is a serious threat against MANET that exploits the routing behavior of the MANET. We have given broad survey solutions that detect black hole attacks in MANET. This is achieved by analyzing the techniques involved in detecting the attacks in each scheme. Furthermore, we examine about the challenges to the researchers for constructing an in-depth solution against black hole attack.Keywords: AODV, cross layer security, mobile Adhoc network (MANET), packet delivery ratio, single layer security
Procedia PDF Downloads 4066510 Aerodynamic Modeling Using Flight Data at High Angle of Attack
Authors: Rakesh Kumar, A. K. Ghosh
Abstract:
The paper presents the modeling of linear and nonlinear longitudinal aerodynamics using real flight data of Hansa-3 aircraft gathered at low and high angles of attack. The Neural-Gauss-Newton (NGN) method has been applied to model the linear and nonlinear longitudinal dynamics and estimate parameters from flight data. Unsteady aerodynamics due to flow separation at high angles of attack near stall has been included in the aerodynamic model using Kirchhoff’s quasi-steady stall model. NGN method is an algorithm that utilizes Feed Forward Neural Network (FFNN) and Gauss-Newton optimization to estimate the parameters and it does not require any a priori postulation of mathematical model or solving of equations of motion. NGN method was validated on real flight data generated at moderate angles of attack before application to the data at high angles of attack. The estimates obtained from compatible flight data using NGN method were validated by comparing with wind tunnel values and the maximum likelihood estimates. Validation was also carried out by comparing the response of measured motion variables with the response generated by using estimates a different control input. Next, NGN method was applied to real flight data generated by executing a well-designed quasi-steady stall maneuver. The results obtained in terms of stall characteristics and aerodynamic parameters were encouraging and reasonably accurate to establish NGN as a method for modeling nonlinear aerodynamics from real flight data at high angles of attack.Keywords: parameter estimation, NGN method, linear and nonlinear, aerodynamic modeling
Procedia PDF Downloads 4456509 Enterprise Risk Management: A Future Outlook
Authors: Ruchi Agarwal, Jake Ansell
Abstract:
Austerity impacts on all aspects of society. Companies into the future will have to be more capable of dealing with the risks they face. Enterprise Risk Management (ERM) has widely been accepted in recent years as an approach to manage risks within businesses. ERM attempts to tackle risk holistically with gains from opportunities in a managing risk and reduction in the risk of failure. The paper reviews merits and demerits of approaches to risk management in regard to antifragility. A qualitative study has investigated current practices and the problems with ERM implementation by interviewing over 25 chief risk officers and senior management. The findings indicate the gap in ERM description, understanding, and implementation. The paper suggests risk learning and expertise knowledge supports development of effective enterprise risk management by designing systems with inherent resilience.Keywords: risk management, interviews, antifragility, failure
Procedia PDF Downloads 5626508 Improved Impossible Differential Cryptanalysis of Midori64
Authors: Zhan Chen, Wenquan Bi, Xiaoyun Wang
Abstract:
The Midori family of light weight block cipher is proposed in ASIACRYPT2015. It has attracted the attention of numerous cryptanalysts. There are two versions of Midori: Midori64 which takes a 64-bit block size and Midori128 the size of which is 128-bit. In this paper an improved 10-round impossible differential attack on Midori64 is proposed. Pre-whitening keys are considered in this attack. A better impossible differential path is used to reduce time complexity by decreasing the number of key bits guessed. A hash table is built in the pre-computation phase to reduce computational complexity. Partial abort technique is used in the key seiving phase. The attack requires 259 chosen plaintexts, 214.58 blocks of memory and 268.83 10-round Midori64 encryptions.Keywords: cryptanalysis, impossible differential, light weight block cipher, Midori
Procedia PDF Downloads 3486507 System Survivability in Networks in the Context of Defense/Attack Strategies: The Large Scale
Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez, Mehdi Mrad
Abstract:
We investigate the large scale of networks in the context of network survivability under attack. We use appropriate techniques to evaluate and the attacker-based- and the defender-based-network survivability. The attacker is unaware of the operated links by the defender. Each attacked link has some pre-specified probability to be disconnected. The defender choice is so that to maximize the chance of successfully sending the flow to the destination node. The attacker however will select the cut-set with the highest chance to be disabled in order to partition the network. Moreover, we extend the problem to the case of selecting the best p paths to operate by the defender and the best k cut-sets to target by the attacker, for arbitrary integers p,k > 1. We investigate some variations of the problem and suggest polynomial-time solutions.Keywords: defense/attack strategies, large scale, networks, partitioning a network
Procedia PDF Downloads 2836506 An Analytical Metric and Process for Critical Infrastructure Architecture System Availability Determination in Distributed Computing Environments under Infrastructure Attack
Authors: Vincent Andrew Cappellano
Abstract:
In the early phases of critical infrastructure system design, translating distributed computing requirements to an architecture has risk given the multitude of approaches (e.g., cloud, edge, fog). In many systems, a single requirement for system uptime / availability is used to encompass the system’s intended operations. However, when architected systems may perform to those availability requirements only during normal operations and not during component failure, or during outages caused by adversary attacks on critical infrastructure (e.g., physical, cyber). System designers lack a structured method to evaluate availability requirements against candidate system architectures through deep degradation scenarios (i.e., normal ops all the way down to significant damage of communications or physical nodes). This increases risk of poor selection of a candidate architecture due to the absence of insight into true performance for systems that must operate as a piece of critical infrastructure. This research effort proposes a process to analyze critical infrastructure system availability requirements and a candidate set of systems architectures, producing a metric assessing these architectures over a spectrum of degradations to aid in selecting appropriate resilient architectures. To accomplish this effort, a set of simulation and evaluation efforts are undertaken that will process, in an automated way, a set of sample requirements into a set of potential architectures where system functions and capabilities are distributed across nodes. Nodes and links will have specific characteristics and based on sampled requirements, contribute to the overall system functionality, such that as they are impacted/degraded, the impacted functional availability of a system can be determined. A machine learning reinforcement-based agent will structurally impact the nodes, links, and characteristics (e.g., bandwidth, latency) of a given architecture to provide an assessment of system functional uptime/availability under these scenarios. By varying the intensity of the attack and related aspects, we can create a structured method of evaluating the performance of candidate architectures against each other to create a metric rating its resilience to these attack types/strategies. Through multiple simulation iterations, sufficient data will exist to compare this availability metric, and an architectural recommendation against the baseline requirements, in comparison to existing multi-factor computing architectural selection processes. It is intended that this additional data will create an improvement in the matching of resilient critical infrastructure system requirements to the correct architectures and implementations that will support improved operation during times of system degradation due to failures and infrastructure attacks.Keywords: architecture, resiliency, availability, cyber-attack
Procedia PDF Downloads 1096505 Public Wi-Fi Security Threat Evil Twin Attack Detection Based on Signal Variant and Hop Count
Authors: Said Abdul Ahad Ahadi, Elyas Baray, Nitin Rakesh, Sudeep Varshney
Abstract:
Wi-Fi is a widely used internet source that is used to provide internet access in many areas such as Stores, Cafes, University campuses, Restaurants and so on. This technology brought more facilities in communication and networking. On the other hand, due to the transmission of data over the air, which makes the network vulnerable, so it becomes prone to various threats such as Evil Twin and etc. The Evil Twin is a kind of adversary which impersonates a legitimate access point (LAP) as it can happen by spoofing the name (SSID) and MAC address (BSSID) of a legitimate access point (LAP). And this attack can cause many threats such as MITM, Service Interruption, Access point service blocking. Various Evil Twin Attack Detection Techniques are proposed, but they require additional hardware, or they require protocol modification. In this paper, we proposed a new technique based on Access Point’s two fingerprints, Received Signal Strength Indicator (RSSI) and Hop Count, that is hard to copy by an adversary. And we implemented the technique in a system called “ETDetector,” which can detect and prevent the attack.Keywords: evil twin, LAP, SSID, Wi-Fi security, signal variation, ETAD, kali linux, scapy, python
Procedia PDF Downloads 1436504 Deep Learning and Accurate Performance Measure Processes for Cyber Attack Detection among Web Logs
Authors: Noureddine Mohtaram, Jeremy Patrix, Jerome Verny
Abstract:
As an enormous number of online services have been developed into web applications, security problems based on web applications are becoming more serious now. Most intrusion detection systems rely on each request to find the cyber-attack rather than on user behavior, and these systems can only protect web applications against known vulnerabilities rather than certain zero-day attacks. In order to detect new attacks, we analyze the HTTP protocols of web servers to divide them into two categories: normal attacks and malicious attacks. On the other hand, the quality of the results obtained by deep learning (DL) in various areas of big data has given an important motivation to apply it to cybersecurity. Deep learning for attack detection in cybersecurity has the potential to be a robust tool from small transformations to new attacks due to its capability to extract more high-level features. This research aims to take a new approach, deep learning to cybersecurity, to classify these two categories to eliminate attacks and protect web servers of the defense sector which encounters different web traffic compared to other sectors (such as e-commerce, web app, etc.). The result shows that by using a machine learning method, a higher accuracy rate, and a lower false alarm detection rate can be achieved.Keywords: anomaly detection, HTTP protocol, logs, cyber attack, deep learning
Procedia PDF Downloads 2116503 Evaluating the Use of Manned and Unmanned Aerial Vehicles in Strategic Offensive Tasks
Authors: Yildiray Korkmaz, Mehmet Aksoy
Abstract:
In today's operations, countries want to reach their aims in the shortest way due to economical, political and humanitarian aspects. The most effective way of achieving this goal is to be able to penetrate strategic targets. Strategic targets are generally located deep inside of the countries and are defended by modern and efficient surface to air missiles (SAM) platforms which are operated as integrated with Intelligence, Surveillance and Reconnaissance (ISR) systems. On the other hand, these high valued targets are buried deep underground and hardened with strong materials against attacks. Therefore, to penetrate these targets requires very detailed intelligence. This intelligence process should include a wide range that is from weaponry to threat assessment. Accordingly, the framework of the attack package will be determined. This mission package has to execute missions in a high threat environment. The way to minimize the risk which depends on loss of life is to use packages which are formed by UAVs. However, some limitations arising from the characteristics of UAVs restricts the performance of the mission package consisted of UAVs. So, the mission package should be formed with UAVs under the leadership of a fifth generation manned aircraft. Thus, we can minimize the limitations, easily penetrate in the deep inside of the enemy territory with minimum risk, make a decision according to ever-changing conditions and finally destroy the strategic targets. In this article, the strengthens and weakness aspects of UAVs are examined by SWOT analysis. And also, it revealed features of a mission package and presented as an example what kind of a mission package we should form in order to get marginal benefit and penetrate into strategic targets with the development of autonomous mission execution capability in the near future.Keywords: UAV, autonomy, mission package, strategic attack, mission planning
Procedia PDF Downloads 550