Search results for: attack risk
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 6558

Search results for: attack risk

6498 Current Drainage Attack Correction via Adjusting the Attacking Saw-Function Asymmetry

Authors: Yuri Boiko, Iluju Kiringa, Tet Yeap

Abstract:

Current drainage attack suggested previously is further studied in regular settings of closed-loop controlled Brushless DC (BLDC) motor with Kalman filter in the feedback loop. Modeling and simulation experiments are conducted in a Matlab environment, implementing the closed-loop control model of BLDC motor operation in position sensorless mode under Kalman filter drive. The current increase in the motor windings is caused by the controller (p-controller in our case) affected by false data injection of substitution of the angular velocity estimates with distorted values. Operation of multiplication to distortion coefficient, values of which are taken from the distortion function synchronized in its periodicity with the rotor’s position change. A saw function with a triangular tooth shape is studied herewith for the purpose of carrying out the bias injection with current drainage consequences. The specific focus here is on how the asymmetry of the tooth in the saw function affects the flow of current drainage. The purpose is two-fold: (i) to produce and collect the signature of an asymmetric saw in the attack for further pattern recognition process, and (ii) to determine conditions of improving stealthiness of such attack via regulating asymmetry in saw function used. It is found that modification of the symmetry in the saw tooth affects the periodicity of current drainage modulation. Specifically, the modulation frequency of the drained current for a fully asymmetric tooth shape coincides with the saw function modulation frequency itself. Increasing the symmetry parameter for the triangle tooth shape leads to an increase in the modulation frequency for the drained current. Moreover, such frequency reaches the switching frequency of the motor windings for fully symmetric triangular shapes, thus becoming undetectable and improving the stealthiness of the attack. Therefore, the collected signatures of the attack can serve for attack parameter identification via the pattern recognition route.

Keywords: bias injection attack, Kalman filter, BLDC motor, control system, closed loop, P-controller, PID-controller, current drainage, saw-function, asymmetry

Procedia PDF Downloads 80
6497 Searching for Forensic Evidence in a Compromised Virtual Web Server against SQL Injection Attacks and PHP Web Shell

Authors: Gigih Supriyatno

Abstract:

SQL injection is one of the most common types of attacks and has a very critical impact on web servers. In the worst case, an attacker can perform post-exploitation after a successful SQL injection attack. In the case of forensics web servers, web server analysis is closely related to log file analysis. But sometimes large file sizes and different log types make it difficult for investigators to look for traces of attackers on the server. The purpose of this paper is to help investigator take appropriate steps to investigate when the web server gets attacked. We use attack scenarios using SQL injection attacks including PHP backdoor injection as post-exploitation. We perform post-mortem analysis of web server logs based on Hypertext Transfer Protocol (HTTP) POST and HTTP GET method approaches that are characteristic of SQL injection attacks. In addition, we also propose structured analysis method between the web server application log file, database application, and other additional logs that exist on the webserver. This method makes the investigator more structured to analyze the log file so as to produce evidence of attack with acceptable time. There is also the possibility that other attack techniques can be detected with this method. On the other side, it can help web administrators to prepare their systems for the forensic readiness.

Keywords: web forensic, SQL injection, investigation, web shell

Procedia PDF Downloads 148
6496 Experimental Investigation of S822 and S823 Wind Turbine Airfoils Wake

Authors: Amir B. Khoshnevis, Morteza Mirhosseini

Abstract:

The paper deals with a sub-part of an extensive research program on the wake survey method in various Reynolds numbers and angles of attack. This research experimentally investigates the wake flow characteristics behind S823 and S822 airfoils in which designed for small wind turbines. Velocity measurements determined by using hot-wire anemometer. Data acquired in the wake of the airfoil at locations(c is the chord length): 0.01c - 3c. Reynolds number increased due to increase of free stream velocity. Results showed that mean velocity profiles depend on the angle of attack and location of data collections. Data acquired at the low Reynolds numbers (smaller than 10^5). Effects of Reynolds numbers on the mean velocity profiles are more significant in near locations the trailing edge and these effects decrease by taking distance from trailing edge toward downstream. Mean velocity profiles region increased by increasing the angle of attack, except for 7°, and also the maximum velocity deficit (velocity defect) increased. The difference of mean velocity in and out of the wake decreased by taking distance from trailing edge, and mean velocity profile become wider and more uniform.

Keywords: angle of attack, Reynolds number, velocity deficit, separation

Procedia PDF Downloads 377
6495 New Practical and Non-Malleable Elgamal Encryption for E-Voting Protoco

Authors: Karima Djebaili, Lamine Melkemi

Abstract:

Elgamal encryption is a fundamental public-key encryption in cryptography, which is based on the difficulty of discrete logarithm problem and the Diffie-Hellman problem. Supposing the Diffie–Hellman problem is computationally infeasible then Elgamal is secure under a chosen plaintext attack, where security indicates it is difficult for the attacker, given the ciphertext, to restore the whole of the plaintext. However, although it is secure against chosen plaintext attack, Elgamal is absolutely malleable i.e. is not secure against an adaptive chosen ciphertext attack, where the attacker can recover the plaintext. We present a extension on Elgamal encryption which result in non-malleability against adaptive chosen plaintext attack using concatenation and a cryptographic hash function, our evidence utilizes the device of plaintext aware. The algorithm proposed can be used in cryptography voting protocol given its level security. Our protocol protects the confidentiality of voters because each voter encrypts their choice before casting their vote, offers public verifiability using a signing algorithm, the final result is correctly computed using homomorphic property, and works even in the presence of an adversary due to the propriety of non-malleability. Moreover, the protocol prevents some parties colluding to fix the vote results.

Keywords: Elgamal encryption, non-malleability, plaintext aware, e-voting

Procedia PDF Downloads 451
6494 Investigation of Flow Structure over X-45 Type Non-Slender Delta Wing Planform

Authors: B. Yanıktepe, C. Özalp, B. Şahin

Abstract:

Delta wing planform is an essential aerodynamic configuration, which could be effectively used at relatively high angles of attack than conventional wings in subsonic flow conditions. The flow over delta wings can be characterized by a pair of leading edge vortices emanating from wing apex. Boundary layer separation causes these vortical structures formed by rolling up of viscous flow sheet. This flow separation mechanism is occurred due to angle of attack and sharp leading edges of the delta wing. Therefore, complexity and variety in planform designs rise to catch the best under abnormal flow conditions. The present experimental study investigates the near surface flow structure and aerodynamic flow characteristics of X-45 type non-slender delta wing planform using dye visualization, Stereoscopic Particle Image Velocimetry (stereo-PIV). The instantaneous images are acquired on the plan-view plane within 5o≤α≤20o to calculate the time-averaged flow data. It can be concluded that vortical flow with a pair of well-defined LEVs over X-45 develop at very low angles of attack, secondary vortex are also evident and form close to the wing surface similar to delta and lambda planforms. The stall occurs at an angle of attack α=32o.

Keywords: aerodynamic, delta wing, PIV, vortex breakdown

Procedia PDF Downloads 420
6493 A Guidance to Enhance the Risk Culture among the Organizations

Authors: Najeebah Almahmeed

Abstract:

Risk Management is an evolving subject among organizations that include corporations, governments, non-governmental organizations, and not-for-profit corporations. In order to enhance awareness around the importance of Risk Management and make sure everyone is using it in their day-to-day job, the Risk Culture topic has emerged and gained importance not only in the Finance Sector but also in the National Oil Companies in Kuwait. Risk Culture can be defined as the shared beliefs, attitudes, and behaviors within a company that guide its approach to managing risks. It acts as a connecting force that links policies, procedures, and individuals, influencing how risks are understood and tackled through activities. In this research, benefits of Risk Culture are shared, guidelines are presented to promote a risk aware culture, and fully embed and enforce Risk-based processes and procedures. Moreover, this research demonstrates methodologies of measuring the Risk Culture using specific dimensions and clusters.

Keywords: clusters, dimensions, national oil companies, risk culture, risk management

Procedia PDF Downloads 79
6492 Low Probability of Intercept (LPI) Signal Detection and Analysis Using Choi-Williams Distribution

Authors: V. S. S. Kumar, V. Ramya

Abstract:

In the modern electronic warfare, the signal scenario is changing at a rapid pace with the introduction of Low Probability of Intercept (LPI) radars. In the modern battlefield, radar system faces serious threats from passive intercept receivers such as Electronic Attack (EA) and Anti-Radiation Missiles (ARMs). To perform necessary target detection and tracking and simultaneously hide themselves from enemy attack, radar systems should be LPI. These LPI radars use a variety of complex signal modulation schemes together with pulse compression with the aid of advancement in signal processing capabilities of the radar such that the radar performs target detection and tracking while simultaneously hiding enemy from attack such as EA etc., thus posing a major challenge to the ES/ELINT receivers. Today an increasing number of LPI radars are being introduced into the modern platforms and weapon systems so these LPI radars created a requirement for the armed forces to develop new techniques, strategies and equipment to counter them. This paper presents various modulation techniques used in generation of LPI signals and development of Time Frequency Algorithms to analyse those signals.

Keywords: anti-radiation missiles, cross terms, electronic attack, electronic intelligence, electronic warfare, intercept receiver, low probability of intercept

Procedia PDF Downloads 472
6491 Aerodynamic Coefficients Prediction from Minimum Computation Combinations Using OpenVSP Software

Authors: Marine Segui, Ruxandra Mihaela Botez

Abstract:

OpenVSP is an aerodynamic solver developed by National Aeronautics and Space Administration (NASA) that allows building a reliable model of an aircraft. This software performs an aerodynamic simulation according to the angle of attack of the aircraft makes between the incoming airstream, and its speed. A reliable aerodynamic model of the Cessna Citation X was designed but it required a lot of computation time. As a consequence, a prediction method was established that allowed predicting lift and drag coefficients for all Mach numbers and for all angles of attack, exclusively for stall conditions, from a computation of three angles of attack and only one Mach number. Aerodynamic coefficients given by the prediction method for a Cessna Citation X model were finally compared with aerodynamics coefficients obtained using a complete OpenVSP study.

Keywords: aerodynamic, coefficient, cruise, improving, longitudinal, openVSP, solver, time

Procedia PDF Downloads 235
6490 A Grey-Box Text Attack Framework Using Explainable AI

Authors: Esther Chiramal, Kelvin Soh Boon Kai

Abstract:

Explainable AI is a strong strategy implemented to understand complex black-box model predictions in a human-interpretable language. It provides the evidence required to execute the use of trustworthy and reliable AI systems. On the other hand, however, it also opens the door to locating possible vulnerabilities in an AI model. Traditional adversarial text attack uses word substitution, data augmentation techniques, and gradient-based attacks on powerful pre-trained Bidirectional Encoder Representations from Transformers (BERT) variants to generate adversarial sentences. These attacks are generally white-box in nature and not practical as they can be easily detected by humans e.g., Changing the word from “Poor” to “Rich”. We proposed a simple yet effective Grey-box cum Black-box approach that does not require the knowledge of the model while using a set of surrogate Transformer/BERT models to perform the attack using Explainable AI techniques. As Transformers are the current state-of-the-art models for almost all Natural Language Processing (NLP) tasks, an attack generated from BERT1 is transferable to BERT2. This transferability is made possible due to the attention mechanism in the transformer that allows the model to capture long-range dependencies in a sequence. Using the power of BERT generalisation via attention, we attempt to exploit how transformers learn by attacking a few surrogate transformer variants which are all based on a different architecture. We demonstrate that this approach is highly effective to generate semantically good sentences by changing as little as one word that is not detectable by humans while still fooling other BERT models.

Keywords: BERT, explainable AI, Grey-box text attack, transformer

Procedia PDF Downloads 137
6489 Real Time Detection of Application Layer DDos Attack Using Log Based Collaborative Intrusion Detection System

Authors: Farheen Tabassum, Shoab Ahmed Khan

Abstract:

The brutality of attacks on networks and decisive infrastructures are on the climb over recent years and appears to continue to do so. Distributed Denial of service attack is the most prevalent and easy attack on the availability of a service due to the easy availability of large botnet computers at cheap price and the general lack of protection against these attacks. Application layer DDoS attack is DDoS attack that is targeted on wed server, application server or database server. These types of attacks are much more sophisticated and challenging as they get around most conventional network security devices because attack traffic often impersonate normal traffic and cannot be recognized by network layer anomalies. Conventional techniques of single-hosted security systems are becoming gradually less effective in the face of such complicated and synchronized multi-front attacks. In order to protect from such attacks and intrusion, corporation among all network devices is essential. To overcome this issue, a collaborative intrusion detection system (CIDS) is proposed in which multiple network devices share valuable information to identify attacks, as a single device might not be capable to sense any malevolent action on its own. So it helps us to take decision after analyzing the information collected from different sources. This novel attack detection technique helps to detect seemingly benign packets that target the availability of the critical infrastructure, and the proposed solution methodology shall enable the incident response teams to detect and react to DDoS attacks at the earliest stage to ensure that the uptime of the service remain unaffected. Experimental evaluation shows that the proposed collaborative detection approach is much more effective and efficient than the previous approaches.

Keywords: Distributed Denial-of-Service (DDoS), Collaborative Intrusion Detection System (CIDS), Slowloris, OSSIM (Open Source Security Information Management tool), OSSEC HIDS

Procedia PDF Downloads 354
6488 Risk Assessment for International Investment: A Standardized Approach to Identify Risk, Risk Appetite, Risk Rating, Risk Treatment and Mitigation Plans

Authors: Pui Yong Leo, Normy Maziah Mohd Said

Abstract:

Change of global economy landscape and business environment has led to companies’ decision to go global and enter international markets. As the companies go beyond the comfort zone (i.e. investing in the home country), it is important to ensure a comprehensive risk assessment is carried out. This paper describes a standardized approach for international investment, ensuring identification of risk, risk appetite, risk rating, risk treatment and mitigation plans for respective international investment proposal. The standardized approach is divided into three (3) stages as follows: Stage 1 – Preliminary Risk profiling; with the objective to gauge exposure to countries and high level risk factors as first level assessment. Stage 2 – Risk Parameters; with the objective to define risk appetite for the international investment from the perspective of likelihood and impact. Stage 3 – Detailed Risk Assessments; with the objectives to assess in detail any triggered elements from Stage 1, and project specific risks. The final output will include the mitigation plans for the identified risks for the total investment. Example will be given in this paper to show how comprehensive risk assessment is carried out for an international investment in power energy sector.

Keywords: international investment, mitigation plans, risk appetite, risk assessment

Procedia PDF Downloads 388
6487 Efficient and Timely Mutual Authentication Scheme for RFID Systems

Authors: Hesham A. El Zouka, Mustafa M. Hosni ka

Abstract:

The Radio Frequency Identification (RFID) technology has a diverse base of applications, but it is also prone to security threats. There are different types of security attacks that limit the range of the RFID applications. For example, deploying the RFID networks in insecure environments could make the RFID system vulnerable to many types of attacks such as spoofing attack, location traceability attack, physical attack and many more. Therefore, security is often an important requirement for RFID systems. In this paper, RFID mutual authentication protocol is implemented based on mobile agent technology and timestamp, which are used to provide strong authentication and integrity assurances to both the RFID readers and their corresponding RFID tags. The integration of mobile agent technology and timestamp provides promising results towards achieving this goal and towards reducing the security threats in RFID systems.

Keywords: RFID, security, authentication protocols, privacy, agent-based architecture, time-stamp, digital signature

Procedia PDF Downloads 269
6486 An Earth Mover’s Distance Algorithm Based DDoS Detection Mechanism in SDN

Authors: Yang Zhou, Kangfeng Zheng, Wei Ni, Ren Ping Liu

Abstract:

Software-defined networking (SDN) provides a solution for scalable network framework with decoupled control and data plane. However, this architecture also induces a particular distributed denial-of-service (DDoS) attack that can affect or even overwhelm the SDN network. DDoS attack detection problem has to date been mostly researched as entropy comparison problem. However, this problem lacks the utilization of SDN, and the results are not accurate. In this paper, we propose a DDoS attack detection method, which interprets DDoS detection as a signature matching problem and is formulated as Earth Mover’s Distance (EMD) model. Considering the feasibility and accuracy, we further propose to define the cost function of EMD to be a generalized Kullback-Leibler divergence. Simulation results show that our proposed method can detect DDoS attacks by comparing EMD values with the ones computed in the case without attacks. Moreover, our method can significantly increase the true positive rate of detection.

Keywords: DDoS detection, EMD, relative entropy, SDN

Procedia PDF Downloads 338
6485 Attack Redirection and Detection using Honeypots

Authors: Chowduru Ramachandra Sharma, Shatunjay Rawat

Abstract:

A false positive state is when the IDS/IPS identifies an activity as an attack, but the activity is acceptable behavior in the system. False positives in a Network Intrusion Detection System ( NIDS ) is an issue because they desensitize the administrator. It wastes computational power and valuable resources when rules are not tuned properly, which is the main issue with anomaly NIDS. Furthermore, most false positives reduction techniques are not performed during the real-time of attempted intrusions; instead, they have applied afterward on collected traffic data and generate alerts. Of course, false positives detection in ‘offline mode’ is tremendously valuable. Nevertheless, there is room for improvement here; automated techniques still need to reduce False Positives in real-time. This paper uses the Snort signature detection model to redirect the alerted attacks to Honeypots and verify attacks.

Keywords: honeypot, TPOT, snort, NIDS, honeybird, iptables, netfilter, redirection, attack detection, docker, snare, tanner

Procedia PDF Downloads 156
6484 Detecting and Thwarting Interest Flooding Attack in Information Centric Network

Authors: Vimala Rani P, Narasimha Malikarjunan, Mercy Shalinie S

Abstract:

Data Networking was brought forth as an instantiation of information-centric networking. The attackers can send a colossal number of spoofs to take hold of the Pending Interest Table (PIT) named an Interest Flooding attack (IFA) since the in- interests are recorded in the PITs of the intermediate routers until they receive corresponding Data Packets are go beyond the time limit. These attacks can be detrimental to network performance. PIT expiration rate or the Interest satisfaction rate, which cannot differentiate the IFA from attacks, is the criterion Traditional IFA detection techniques are concerned with. Threshold values can casually affect Threshold-based traditional methods. This article proposes an accurate IFA detection mechanism based on a Multiple Feature-based Extreme Learning Machine (MF-ELM). Accuracy of the attack detection can be increased by presenting the entropy of Internet names, Interest satisfaction rate and PIT usage as features extracted in the MF-ELM classifier. Furthermore, we deploy a queue-based hostile Interest prefix mitigation mechanism. The inference of this real-time test bed is that the mechanism can help the network to resist IFA with higher accuracy and efficiency.

Keywords: information-centric network, pending interest table, interest flooding attack, MF-ELM classifier, queue-based mitigation strategy

Procedia PDF Downloads 205
6483 Research on Measuring Operational Risk in Commercial Banks Based on Internal Control

Authors: Baobao Li

Abstract:

Operational risk covers all operations of commercial banks and has a close relationship with the bank’s internal control. But in the commercial banks' management practice, internal control is always separated from the operational risk measurement. With the increasing of operational risk events in recent years, operational risk is paid more and more attention by regulators and banks’ managements. The paper first discussed the relationship between internal control and operational risk management and used CVaR-POT model to measure operational risk, and then put forward a modified measurement method (to use operational risk assessment results to modify the measurement results of the CVaR-POT model). The paper also analyzed the necessity and rationality of this method. The method takes into consideration the influence of internal control, improves the accuracy and effectiveness of operational risk measurement and save the economic capital for commercial banks, avoiding the drawbacks of using some mainstream models one-sidedly.

Keywords: commercial banks, internal control, operational risk, risk measurement

Procedia PDF Downloads 398
6482 Classification of Attacks Over Cloud Environment

Authors: Karim Abouelmehdi, Loubna Dali, Elmoutaoukkil Abdelmajid, Hoda Elsayed, Eladnani Fatiha, Benihssane Abderahim

Abstract:

The security of cloud services is the concern of cloud service providers. In this paper, we will mention different classifications of cloud attacks referred by specialized organizations. Each agency has its classification of well-defined properties. The purpose is to present a high-level classification of current research in cloud computing security. This classification is organized around attack strategies and corresponding defenses.

Keywords: cloud computing, classification, risk, security

Procedia PDF Downloads 548
6481 Provisions for Risk in Islamic Banking and Finance in Comparison to the Conventional Banks in Malaysia

Authors: Rashid Masoud Ali Al-Mazrui, Ramadhani Mashaka Shabani

Abstract:

Islamic banks and financial institutions are exposed to the same risks as conventional banking. These risks include the rate return risk, credit or market risk, liquidity risk, and operational risk among others. However, being a financial institution that operates Islamic banking and finance operations, there is additional risk associated with its operations different from conventional finance, such as displacing commercial risk. They face Shari'ah compliance risks because of their failure to follow Shari'ah principles. To have proper mitigation and risk management, banks should have proper risk management policies to mitigate risks. This paper aims to study the risk management taken by Islamic banks in comparison with conventional banks. Also, the study evaluates the provisions for risk management taken by selected Islamic banks and conventional banks. The study employs qualitative analysis using secondary data by applying a content analysis approach with a sample size of 4 Islamic banks and four conventional banks ranging from 2010 to 2020. We find that these banks all use the same technique, except for the associated risk. The extra ways are used, but only for additional risks that are available to Islamic banking and finance.

Keywords: emerging risk, risk management, Islamic banking, conventional bank

Procedia PDF Downloads 83
6480 When the Lights Go Down in the Delivery Room: Lessons From a Ransomware Attack

Authors: Rinat Gabbay-Benziv, Merav Ben-Natan, Ariel Roguin, Benyamine Abbou, Anna Ofir, Adi Klein, Dikla Dahan-Shriki, Mordechai Hallak, Boris Kessel, Mickey Dudkiewicz

Abstract:

Introduction: Over recent decades, technology has become integral to healthcare, with electronic health records and advanced medical equipment now standard. However, this reliance has made healthcare systems increasingly vulnerable to ransomware attacks. On October 13, 2021, Hillel Yaffe Medical Center experienced a severe ransomware attack that disrupted all IT systems, including electronic health records, laboratory services, and staff communications. The attack, carried out by the group DeepBlueMagic, utilized advanced encryption to lock the hospital's systems and demanded a ransom. This incident caused significant operational and patient care challenges, particularly impacting the obstetrics department. Objective: The objective is to describe the challenges facing the obstetric division following a cyberattack and discuss ways of preparing for and overcoming another one. Methods: A retrospective descriptive study was conducted in a mid-sized medical center. Division activities, including the number of deliveries, cesarean sections, emergency room visits, admissions, maternal-fetal medicine department occupancy, and ambulatory encounters, from 2 weeks before the attack to 8 weeks following it (a total of 11 weeks), were compared with the retrospective period in 2019 (pre-COVID-19). In addition, we present the challenges and adaptation measures taken at the division and hospital levels leading up to the resumption of full division activity. Results: On the day of the cyberattack, critical decisions were made. The media announced the event, calling on patients not to come to our hospital. Also, all elective activities other than cesarean deliveries were stopped. The number of deliveries, admissions, and both emergency room and ambulatory clinic visits decreased by 5%–10% overall for 11 weeks, reflecting the decrease in division activity. Nevertheless, in all stations, there were sufficient activities and adaptation measures to ensure patient safety, decision-making, and workflow of patients were accounted for. Conclusions: The risk of ransomware cyberattacks is growing. Healthcare systems at all levels should recognize this threat and have protocols for dealing with them once they occur.

Keywords: ransomware attack, healthcare cybersecurity, obstetrics challenges, IT system disruption

Procedia PDF Downloads 24
6479 Thrust Enhancement on a Two Dimensional Elliptic Airfoil in a Forward Flight

Authors: S. M. Dash, K. B. Lua, T. T. Lim

Abstract:

This paper presents results of numerical and experimental studies on a two-dimensional (2D) flapping elliptic airfoil in a forward flight condition at Reynolds number of 5000. The study is motivated from an earlier investigation which shows that the deterioration in thrust performance of a sinusoidal heaving and pitching 2D (NACA0012) airfoil at high flapping frequency can be recovered by changing the effective angle of attack profile to square wave, sawtooth, or cosine wave shape. To better understand why such modifications lead to superior thrust performance, we take a closer look at the transient aerodynamic force behavior of an airfoil when the effective angle of attack profile changes gradually from a generic smooth trapezoidal profile to a sinusoid shape by modifying the base length of the trapezoid. The choice of using a smooth trapezoidal profile is to avoid the infinite acceleration condition encountered in the square wave profile. Our results show that the enhancement in the time-averaged thrust performance at high flapping frequency can be attributed to the delay and reduction in the drag producing valley region in the transient thrust force coefficient when the effective angle of attack profile changes from sinusoidal to trapezoidal.

Keywords: two-dimensional flapping airfoil, thrust performance, effective angle of attack, CFD, experiments

Procedia PDF Downloads 358
6478 Tag Impersonation Attack on Ultra-lightweight Radio Frequency Identification Authentication Scheme (ESRAS)

Authors: Reham Al-Zahrani, Noura Aleisa

Abstract:

The proliferation of Radio Frequency Identification (RFID) technology has raised concerns about system security, particularly regarding tag impersonation attacks. Regarding RFID systems, an appropriate authentication protocol must resist active and passive attacks. A tag impersonation occurs when an adversary's tag is used to fool an authenticating reader into believing it is a legitimate tag. This paper analyzed the security of the efficient, secure, and practical ultra-lightweight RFID Authentication Scheme (ESRAS). Then, the paper presents a comprehensive analysis of the Efficient, Secure, and Practical Ultra-Lightweight RFID Authentication Scheme (ESRAS) in the context of radio frequency identification (RFID) systems that employed the Scyther tool to examine the protocol's security against a tag impersonation attack.

Keywords: RFID, impersonation attack, authentication, ultra-lightweight protocols

Procedia PDF Downloads 65
6477 Holistic Risk Assessment Based on Continuous Data from the User’s Behavior and Environment

Authors: Cinzia Carrodano, Dimitri Konstantas

Abstract:

Risk is part of our lives. In today’s society risk is connected to our safety and safety has become a major priority in our life. Each person lives his/her life based on the evaluation of the risk he/she is ready to accept and sustain, and the level of safety he/she wishes to reach, based on highly personal criteria. The assessment of risk a person takes in a complex environment and the impact of actions of other people’actions and events on our perception of risk are alements to be considered. The concept of Holistic Risk Assessment (HRA) aims in developing a methodology and a model that will allow us to take into account elements outside the direct influence of the individual, and provide a personalized risk assessment. The concept is based on the fact that in the near future, we will be able to gather and process extremely large amounts of data about an individual and his/her environment in real time. The interaction and correlation of these data is the key element of the holistic risk assessment. In this paper, we present the HRA concept and describe the most important elements and considerations.

Keywords: continuous data, dynamic risk, holistic risk assessment, risk concept

Procedia PDF Downloads 126
6476 Sulfate Attack on Pastes Made with Different C3A and C4AF Contents and Stored at 5°C

Authors: Konstantinos Sotiriadis, Radosław Mróz

Abstract:

In the present work the internal sulfate attack on pastes made from pure clinker phases was studied. Two binders were produced: (a) a binder with 2% C3A and 18% C4AF content; (b) a binder with 10% C3A and C4AF content each. Gypsum was used as the sulfate bearing compound, while calcium carbonate added to differentiate the binders produced. The phases formed were identified by XRD analysis. The results showed that ettringite was the deterioration phase detected in the case of the low C3A content binder. Carbonation occurred in the specimen without calcium carbonate addition, while portlandite was observed in the one containing calcium carbonate. In the case of the high C3A content binder, traces of thaumasite were detected when calcium carbonate was not incorporated in the binder. A solid solution of thaumasite and ettringite was found when calcium carbonate was added. The amount of C3A had not fully reacted with sulfates, since its corresponding peaks were detected.

Keywords: tricalcium aluminate, calcium aluminate ferrite, sulfate attack, calcium carbonate, low temperature

Procedia PDF Downloads 334
6475 A Supply Chain Risk Management Model Based on Both Qualitative and Quantitative Approaches

Authors: Henry Lau, Dilupa Nakandala, Li Zhao

Abstract:

In today’s business, it is well-recognized that risk is an important factor that needs to be taken into consideration before a decision is made. Studies indicate that both the number of risks faced by organizations and their potential consequences are growing. Supply chain risk management has become one of the major concerns for practitioners and researchers. Supply chain leaders and scholars are now focusing on the importance of managing supply chain risk. In order to meet the challenge of managing and mitigating supply chain risk (SCR), we must first identify the different dimensions of SCR and assess its relevant probability and severity. SCR has been classified in many different ways, and there are no consistently accepted dimensions of SCRs and several different classifications are reported in the literature. Basically, supply chain risks can be classified into two dimensions namely disruption risk and operational risk. Disruption risks are those caused by events such as bankruptcy, natural disasters and terrorist attack. Operational risks are related to supply and demand coordination and uncertainty, such as uncertain demand and uncertain supply. Disruption risks are rare but severe and hard to manage, while operational risk can be reduced through effective SCM activities. Other SCRs include supply risk, process risk, demand risk and technology risk. In fact, the disorganized classification of SCR has created confusion for SCR scholars. Moreover, practitioners need to identify and assess SCR. As such, it is important to have an overarching framework tying all these SCR dimensions together for two reasons. First, it helps researchers use these terms for communication of ideas based on the same concept. Second, a shared understanding of the SCR dimensions will support the researchers to focus on the more important research objective: operationalization of SCR, which is very important for assessing SCR. In general, fresh food supply chain is subject to certain level of risks, such as supply risk (low quality, delivery failure, hot weather etc.) and demand risk (season food imbalance, new competitors). Effective strategies to mitigate fresh food supply chain risk are required to enhance operations. Before implementing effective mitigation strategies, we need to identify the risk sources and evaluate the risk level. However, assessing the supply chain risk is not an easy matter, and existing research mainly use qualitative method, such as risk assessment matrix. To address the relevant issues, this paper aims to analyze the risk factor of the fresh food supply chain using an approach comprising both fuzzy logic and hierarchical holographic modeling techniques. This novel approach is able to take advantage the benefits of both of these well-known techniques and at the same time offset their drawbacks in certain aspects. In order to develop this integrated approach, substantial research work is needed to effectively combine these two techniques in a seamless way, To validate the proposed integrated approach, a case study in a fresh food supply chain company was conducted to verify the feasibility of its functionality in a real environment.

Keywords: fresh food supply chain, fuzzy logic, hierarchical holographic modelling, operationalization, supply chain risk

Procedia PDF Downloads 242
6474 A Risk Management Approach for Nigeria Manufacturing Industries

Authors: Olaniyi O. Omoyajowo

Abstract:

To be successful in today’s competitive global environment, manufacturing industry must be able to respond quickly to changes in technology. These changes in technology introduce new risks and hazards. The management of risk/hazard in a manufacturing process recommends method through which the success rate of an organization can be increased. Thus, there is a continual need for manufacturing industries to invest significant amount of resources in risk management, which in turn optimizes the production output and profitability of any manufacturing industry (if implemented properly). To help improve the existing risk prevention and mitigation practices in Small and Medium Enterprise (SME) in Nigeria Manufacturing Industries (NMI), the researcher embarks on this research to develop a systematic Risk Management process.

Keywords: manufacturing management, risk, risk management, SMEs

Procedia PDF Downloads 402
6473 Environmental Safety and Occupational Health Risk Assessment for Rocket Static Test

Authors: Phontip Kanlahasuth

Abstract:

This paper presents the environmental safety and occupational health risk assessment of rocket static test by assessing risk level from probability and severity and then appropriately applying the risk control measures. Before the environmental safety and occupational health measures are applied, the serious hazards level is 31%, medium level is 24% and low level is 45%. Once risk control measures are practically implemented, the serious hazard level can be diminished, medium level is 38%, low level is 45% and eliminated level is 17%. It is clearly shown that the environmental safety and occupational health measures can significantly reduce the risk level.

Keywords: rocket static test, hazard, risk, risk assessment, risk analysis, environment, safety, occupational health, acceptable risk, probability, severity, risk level

Procedia PDF Downloads 587
6472 The Relationship between Incidental Emotions, Risk Perceptions and Type of Army Service

Authors: Sharon Garyn-Tal, Shoshana Shahrabani

Abstract:

Military service in general, and in combat units in particular, can be physically and psychologically stressful. Therefore, type of service may have significant implications for soldiers during and after their military service including emotions, judgments and risk perceptions. Previous studies have focused on risk propensity and risky behavior among soldiers, however there is still lack of knowledge on the impact of type of army service on risk perceptions. The current study examines the effect of type of army service (combat versus non-combat service) and negative incidental emotions on risk perceptions. In 2014 a survey was conducted among 153 combat and non-combat Israeli soldiers. The survey was distributed in train stations and central bus stations in various places in Israel among soldiers waiting for the train/bus. Participants answered questions related to the levels of incidental negative emotions they felt, to their risk perceptions (chances to be hurt by terror attack, by violent crime and by car accident), and personal details including type of army service. The data in this research is unique because military service in Israel is compulsory, so that the Israeli population serving in the army is wide and diversified. The results indicate that currently serving combat participants were more pessimistic in their risk perceptions (for all type of risks) compared to the currently serving non-combat participants. Since combat participants probably experienced severe and distressing situations during their service, they became more pessimistic regarding their probabilities of being hurt in different situations in life. This result supports the availability heuristic theory and the findings of previous studies indicating that those who directly experience distressing events tend to overestimate danger. The findings also indicate that soldiers who feel higher levels of incidental fear and anger have pessimistic risk perceptions. In addition, respondents who experienced combat army service also have pessimistic risk perceptions if they feel higher levels of fear. In addition, the findings suggest that higher levels of the incidental emotions of fear and anger are related to more pessimistic risk perceptions. These results can be explained by the compulsory army service in Israel that constitutes a focused threat to soldiers' safety during their period of service. Thus, in this stressful environment, negative incidental emotions even during routine times correlate with higher risk perceptions. In conclusion, the current study results suggest that combat army service shapes risk perceptions and the way young people control their negative incidental emotions in everyday life. Recognizing the factors affecting risk perceptions among soldiers is important for better understanding the impact of army service on young people.

Keywords: army service, combat soldiers, incidental emotions, risk perceptions

Procedia PDF Downloads 234
6471 Toward a Risk Assessment Model Based on Multi-Agent System for Cloud Consumer

Authors: Saadia Drissi

Abstract:

The cloud computing is an innovative paradigm that introduces several changes in technology that have resulted a new ways for cloud providers to deliver their services to cloud consumers mainly in term of security risk assessment, thus, adapting a current risk assessment tools to cloud computing is a very difficult task due to its several characteristics that challenge the effectiveness of risk assessment approaches. As consequence, there is a need of risk assessment model adapted to cloud computing. This paper requires a new risk assessment model based on multi-agent system and AHP model as fundamental steps towards the development of flexible risk assessment approach regarding cloud consumers.

Keywords: cloud computing, risk assessment model, multi-agent system, AHP model, cloud consumer

Procedia PDF Downloads 545
6470 Essential Factors of Risk Perception Crucial in Efficient Construction Management

Authors: Francis Edum-Fotwe, Tony Thorpe, Charles Afetornu

Abstract:

Risk perception informs the outcome of how issues are responded to in either solving or overcoming a problem or improving a situation. Risk perception is established to be affected by some key factors reflecting in the varying ways in which work is done as well as the level of efficiency achieved. These factors potentially would influence risk perception to different extents. Such that if these factors are said to determine risk perception, how does a change in any affect risk perception. Since the ability to address risk is influenced by risk perception, establishing and developing awareness of that perception should enable construction professionals to make viable decisions. Any act to improve the construction industry cannot be overemphasised, considering its contribution to national development. A survey questionnaire was conducted in Ghana to elicit data that measures the risk perception and the essential factors as well as the necessary demographics of the respondents, who are construction professionals. This study finds out the sensitivity of the critical factors of risk perception. It uses the Relative Importance Index analysis tool to investigate the differential effect of these essential factors on risk perception, such that a slight change in a factor makes a significant change in risk perception, having established that it is influenced by essential factors. The findings can lead to policy formation for employers on the prioritisation factors to undertake to improve the risk perception of employees. Other areas in which this study can be useful in team formation for sensitive and complex projects where efficient risk management is critical.

Keywords: construction industry, risk, risk management, risk perception

Procedia PDF Downloads 143
6469 Detection Method of Federated Learning Backdoor Based on Weighted K-Medoids

Authors: Xun Li, Haojie Wang

Abstract:

Federated learning is a kind of distributed training and centralized training mode, which is of great value in the protection of user privacy. In order to solve the problem that the model is vulnerable to backdoor attacks in federated learning, a backdoor attack detection method based on a weighted k-medoids algorithm is proposed. First of all, this paper collates the update parameters of the client to construct a vector group, then uses the principal components analysis (PCA) algorithm to extract the corresponding feature information from the vector group, and finally uses the improved k-medoids clustering algorithm to identify the normal and backdoor update parameters. In this paper, the backdoor is implanted in the federation learning model through the model replacement attack method in the simulation experiment, and the update parameters from the attacker are effectively detected and removed by the defense method proposed in this paper.

Keywords: federated learning, backdoor attack, PCA, k-medoids, backdoor defense

Procedia PDF Downloads 114