Search results for: software security

Authors: Maryam M Esfahani

Abstract:

The Internet of Things is a concept that has fundamentally changed the way information technology works and communication environments. This concept, which is referred to as the next revolution in the field of information and communication technology, takes advantage of existing technologies such as wireless sensor networks, RFID, cloud computing, M2M, etc., to the final slogan of providing the possibility of connecting any object anywhere and everywhere. This use of technologies, along with the possibility of providing new services, also inherits their threats, and although the Internet of Things is facing many challenges, it can be said that its most important challenge is security and privacy, and perhaps even a more tangible challenge is privacy. In this article, we will first introduce the definition and concepts related to privacy, and then we will examine some threats against the privacy of the Internet of Things in different layers of a typical architecture. Also, while examining the differences and the relationship between security and privacy, we study different dimensions of privacy, and finally, we review some of the methods and technologies for improving the level of privacy.

Keywords: Iot, privacy, different dimension of privacy, W3model, privacy enhancing technologies

Procedia PDF Downloads 84

Authors: Christopher Holroyd

Abstract:

With the various terrorist organizations and drug cartels that are currently active, there is a myriad of security concerns facing countries around the world. Organizations that focus their attacks on others through terror, such as what is seen with the Islamic State of Iraq and the Levant (ISIS), have no boundaries when it comes to doing what is needed to fulfill their desired intent. For countries such as Iraq, who have been trying to rebuild their country since the fall of the Saddam Hussein Regime, organizations such as Al-Qaeda and ISIS have been impeding the country’s efforts toward peace and stability. One method utilized by terrorist organizations around the world is human trafficking. This method is one that is seen around the world; modern slavery is still exploited by those who have no concern for human decency and morality, their only concern is to achieve their goals by any means. It is understandable that some people may not have even heard of 'modern slavery', or they just might not believe that it is even an issue in today’s world. Organizations such as ISIS are not the only ones in the world that seek to benefit from the immoral trading of humans. Various drug cartels in the world, such as those seen in Mexico and Central America, have recently begun to take part in the trade – moving humans from state to state, or country to country, to better fuel their overall operations. This now makes the possibility of human trafficking more real for those in the United States because of the proximity of the cartels to the southern border of the country. An issue that, at one time, might have only seen as a distant threat, is now close to home for those in the United States. Looking at these two examples is how we begin to understand why human trafficking is utilized by various organizations around the world. This trade of human beings and the violation of basic human rights is a plague that effects the entire world and not just those that are in a country other than your own. One of the security issues that stem from the trade includes the movement and recruitment of members of the organizations. With individuals being smuggled from one location to another in secrecy, this only puts those trying to combat this trade at a disadvantage. This creates concern over the accurate number of potential recruits, combatants, and other individuals who are working against the host nation, and for the mission of the cartel or terrorist organization they are a part of. An uphill battle is created, and the goals of peace and stability are now harder to reach. Aside from security aspects, it cannot be forgotten that those being traded and forced into slavery, are being done so against their will. Families are separated, children trained to be fighters or worse. This makes the goal of eradicating human trafficking even more dire and important.

Keywords: human trafficking, reconstruction, security, terrorism

Procedia PDF Downloads 125

Authors: Byung-Ik Kim, Hong-Koo Kang, Tae-Jin Lee, Hae-Ryong Park

Abstract:

Cyber terrors against specific enterprises or countries have been increasing recently. Such attacks against specific targets are called advanced persistent threat (APT), and they are giving rise to serious social problems. The malicious behaviors of APT attacks mostly affect websites and penetrate enterprise networks to perform malevolent acts. Although many enterprises invest heavily in security to defend against such APT threats, they recognize the APT attacks only after the latter are already in action. This paper discusses the characteristics of APT attacks at each step as well as the strengths and weaknesses of existing malicious code detection technologies to check their suitability for detecting APT attacks. It then proposes a network-based malicious behavior detection algorithm to protect the enterprise or national networks.

Keywords: Advanced Persistent Threat (APT), malware, network security, network packet, exploit kits

Procedia PDF Downloads 352

Authors: Ren Junn Hwang, Chung-Chien Lu, Jain-Shing Wu

Abstract:

Cloud outsource storage is one of important services in cloud computing. Cloud users upload data to cloud servers to reduce the cost of managing data and maintaining hardware and software. To ensure data confidentiality, users can encrypt their files before uploading them to a cloud system. However, retrieving the target file from the encrypted files exactly is difficult for cloud server. This study proposes a protocol for performing multikeyword searches for encrypted cloud data by applying k-nearest neighbor technology. The protocol ranks the relevance scores of encrypted files and keywords, and prevents cloud servers from learning search keywords submitted by a cloud user. To reduce the costs of file transfer communication, the cloud server returns encrypted files in order of relevance. Moreover, when a cloud user inputs an incorrect keyword and the number of wrong alphabet does not exceed a given threshold; the user still can retrieve the target files from cloud server. In addition, the proposed scheme satisfies security requirements for outsourced data storage.

Keywords: fault-tolerance search, multi-keywords search, outsource storage, ranked search, searchable encryption

Procedia PDF Downloads 371

Authors: Dimitris E. Kontaxis, George Litainas, Dimitris P. Ptochos

Abstract:

Real-time monitoring of the supply chain conditions and procedures is a critical element for the optimal coordination and safety of the deliveries, as well as for the minimization of the delivery time and cost. Real-time monitoring requires IoT data streams, which are related to the conditions of the products and the means of transport (e.g., location, temperature/humidity conditions, kinematic state, ambient light conditions, etc.). These streams are generated by battery-based IoT tracking devices, equipped with appropriate sensors, and are transmitted to a cloud-based back-end system. Proper handling and processing of the IoT data streams, using predictive and artificial intelligence algorithms, can provide significant and useful results, which can be exploited by the supply chain stakeholders in order to enhance their financial benefits, as well as the efficiency, security, transparency, coordination, and sustainability of the supply chain procedures. The technology, the features, and the characteristics of a complete, proprietary system, including hardware, firmware, and software tools -developed in the context of a co-funded R&D programme- are addressed and presented in this paper.

Keywords: IoT embedded electronics, real-time monitoring, tracking device, sensor platform

Procedia PDF Downloads 168

Authors: Bochra Khiari, Lamia Labed

Abstract:

In the new digital marketplace, organizations are striving for a proactive position by leveraging the great potential of disruptive technologies to seize the full opportunity of the digital revolution in order to reshape their customer value propositions. New technologies such as big data analytics, which provide prediction of future events based on real-time information, are being integrated into BPM which urges the need for additional core values like capabilities for dynamic adaptation, autonomic behavior, runtime reconfiguration and post-deployment activities to manage unforeseen scenarios at runtime in a situated and changeable context. Dynamic Software Product Lines (DSPL) is an emerging paradigm that supports these runtime variability mechanisms. However, few works exploiting DSPLs principles and techniques in the BPM domain have been proposed so far. In this paper, we propose a conceptual approach DynPL4CBPM, which integrates DSPLs concepts along with the entire related dynamic properties, to the whole BPM lifecycle in order to dynamically adapt business processes according to different context conditions in an individual environment.

Keywords: adaptive processes, context aware business process management, customer centric business process management, dynamic software product lines

Procedia PDF Downloads 154

Authors: Nurazean Maarop, Noorjan Mohd Mustapha, Rasimah Yusoff, Roslina Ibrahim, Norziha Megat Mohd Zainuddin

Abstract:

The goal of this study is to identify success factors that could influence the ISMS self-implementation in government sector from qualitative perspective. This study is based on a case study in one of the Malaysian government agency. Semi-structured interviews involving five key informants were conducted to examine factors addressed in the conceptual framework. Subsequently, thematic analysis was executed to describe the influence of each factor on the success implementation of ISMS. The result of this study indicates that management commitment, implementer commitment and implementer competency are part of the success factors for ISMS self-implementation in Malaysian Government Sector.

Keywords: ISMS success factors, IT project management, IS success, information security

Procedia PDF Downloads 298

Authors: Hui Tag, Jambey Tsering, Pallabi Kalita Hui, Baikuntha Jyoti Gogoi, Vijay Veer

Abstract:

The food security issues and its relevance in High Mountain regions of the world have been often neglected. Wild edible plants have been playing a major role in livelihood security among the tribal Communities of East Himalayan Region of the world since time immemorial. The Eastern Himalayan Region of India is one of the mega diverse regions of world and rated as top 12th Global Biodiversity Hotspots by IUCN and recognized as one of the 200 significant eco-regions of the Globe. The region supports one of the world’s richest alpine floras and about one-third of them are endemic to the region. There are at least 7,500 flowering plants, 700 orchids, 58 bamboo species, 64 citrus species, 28 conifers, 500 mosses, 700 ferns and 728 lichens. The region is the home of more than three hundred different ethnic communities having diverse knowledge on traditional uses of flora and fauna as food, medicine and beverages. Monpa, Memba and Khamba are among the local communities residing in high altitude region of Eastern Himalaya with rich traditional knowledge related to utilization of wild edible plants. The Monpas, Memba and Khamba are the followers Mahayana sect of Himalayan Buddhism and they are mostly agrarian by primary occupation and also heavily relaying on wild edible plants for their livelihood security during famine since millennia. In the present study, we have reported traditional uses of 40 wild edible plant species and out of which 6 species were analysed at biochemical level for nutrients contents and free radical scavenging activities. The results have shown significant free radical scavenging (antioxidant) activity and nutritional potential of the selected 6 wild edible plants used by the local communities of Eastern Himalayan Region of India.

Keywords: East Himalaya, local community, wild edible plants, nutrition, food security

Procedia PDF Downloads 251

Authors: Il-Ho Kim, Samuel Noh, Kwame McKenzie, Cyu-Chul Choi

Abstract:

Many members of immigrant minorities choose to operate microbusinesses that involve emotionally taxing interactions with customers and discriminatory exposures in the workplace. This study investigated the psychological risks of emotional demands and discrimination as well as the buffering roles of two types of job resources (job autonomy and job security) among immigrant microbusiness owners (MBOs). Data were derived from a cross-sectional survey of 550 Korean immigrant MBOs, aged 30 to 70, living in Toronto and its surrounding areas. Face-to-face interviews were conducted between March and November 2013. Results showed that emotional suppression and discrimination were positively associated with depressive symptoms. However, the direct effect of positive emotional demands was insignificant. For job resources, the beneficial effect of job security on depressive symptom was apparent, but the effect of job autonomy was trivial. Regarding the moderating effect, job security buffered the psychological harm of both emotional suppression and workplace discrimination. Although job autonomy buffered the link between discrimination and depressive symptoms, the buffering effect of job autonomy on the emotional suppression-depression link was insignificant. This study’s finding implies that emotional demands and workplace discrimination seem to be important factors in contributing to occupational psychological problems, but the psychological impact can differ according to the types of emotional demands and job resources among immigrant MBOs.

Keywords: immigrant microbusiness owners, emotional demands, discrimination, job resources, depression

Procedia PDF Downloads 206

Authors: Zayen Chagra

Abstract:

Several educational institutions are experimenting new approaches in learning in order to guarantee the success of its students. In Tunisia, and since 2011, the experience of making a new software engineering branch called mobile software engineering began at ESPRIT: Higher School of Engineering and Technology. The project was surprisingly a success since its creation, and even before the graduation of the first generation, partnerships were held with the biggest mobile technology manufacturers and several international awards were won by teams of students. This session presents this experience with details of the approaches made from idea stage to the actual stage where the project counts 32 graduated engineers, 90 graduate students and 120 new participants.

Keywords: innovation, education, engineering education, mobile

Procedia PDF Downloads 417

Authors: Ren Zuo Wang

Abstract:

In this paper, in order to investigate the behavior of the wood structure, the non-linearity of wood material model in LS-DYNA is adopted. It is difficult and less efficient to conduct the experiment of the ancient wood structure, hence LS-DYNA software can be used to simulate nonlinear responses of ancient wood structure. In LS-DYNA software, there is material model called *MAT_WOOD or *MAT_143. This model is to simulate a single-element response of the wood subjected to tension and compression under the parallel and the perpendicular material directions. Comparing with the exact solution and numerical simulations results using LS-DYNA, it demonstrates the accuracy and the efficiency of the proposed simulation method.

Keywords: LS-DYNA, wood structure, single-element simulations, MAT_143

Procedia PDF Downloads 620

Authors: Habib Gorine, Rabia Saleh

Abstract:

Mobile Ad-Hoc Networks are the special type of wireless networks which share common security requirements with other networks such as confidentiality, integrity, authentication, and availability, which need to be addressed in order to secure data transfer through the network. Their routing protocols are vulnerable to various malicious attacks which could have a devastating consequence on data security. In this paper, three types of attacks such as selfish, gray hole, and black hole attacks have been applied to the two most important routing protocols in MANET named dynamic source routing and ad-hoc on demand distance vector in order to analyse and compare the impact of these attacks on the Network performance in terms of throughput, average delay, packet loss, and consumption of energy using NS2 simulator.

Keywords: MANET, wireless networks, routing protocols, malicious attacks, wireless networks simulation

Procedia PDF Downloads 310

Authors: O. Boussoufi, K. Lamrini Uahabi, M. Atounti

Abstract:

The main purpose of this paper is to calculate the fractal dimension of some Julia Sets and Mandelbrot Set in the Misiurewicz Points. Using Matlab to generate the Julia Sets images that match the Misiurewicz points and using a Fractal software, we were able to find different measures that characterize those fractals in textures and other features. We are actually focusing on fractal dimension and the error calculated by the software. When executing the given equation of regression or the log-log slope of image a Box Counting method is applied to the entire image, and chosen settings are available in a FracLAc Program. Finally, a comparison is done for each image corresponding to the area (boundary) where Misiurewicz Point is located.

Keywords: box counting, FracLac, fractal dimension, Julia Sets, Mandelbrot Set, Misiurewicz Points

Procedia PDF Downloads 201

Authors: Ahmed Alutaibi, Ganti Sudhakar

Abstract:

Providing better Quality-of-Service (QoS) to end users has been a challenging problem for researchers and service providers. Building applications relying on best effort network protocols hindered the adoption of guaranteed service parameters and, ultimately, Quality of Service. The introduction of Software Defined Networking (SDN) opened the door for a new paradigm shift towards a more controlled programmable configurable behavior. Openflow has been and still is the main implementation of the SDN vision. To facilitate better QoS for applications, the network must calculate and measure certain parameters. One of those parameters is the delay between the two ends of the connection. Using the power of SDN and the knowledge of application and network behavior, SDN networks can adjust to different conditions and specifications. In this paper, we use the capabilities of SDN to implement multiple algorithms to measure delay end-to-end not only inside the SDN network. The results of applying the algorithms on an emulated environment show that we can get measurements close to the emulated delay. The results also show that depending on the algorithm, load on the network and controller can differ. In addition, the transport layer handshake algorithm performs best among the tested algorithms. Out of the results and implementation, we show the limitations of Openflow and develop suggestions to solve them.

Keywords: software defined networking, quality of service, delay measurement, openflow, mininet

Procedia PDF Downloads 157

Authors: Daniel Gonzales, Zev Winkelman, Trung Tran, Ricardo Sanchez, Dulani Woods, John Hollywood

Abstract:

We have developed a distributed computing capability, Digital Forensics Compute Cluster (DFORC2) to speed up the ingestion and processing of digital evidence that is resident on computer hard drives. DFORC2 parallelizes evidence ingestion and file processing steps. It can be run on a standalone computer cluster or in the Amazon Web Services (AWS) cloud. When running in a virtualized computing environment, its cluster resources can be dynamically scaled up or down using Kubernetes. DFORC2 is an open source project that uses Autopsy, Apache Spark and Kafka, and other open source software packages. It extends the proven open source digital forensics capabilities of Autopsy to compute clusters and cloud architectures, so digital forensics tasks can be accomplished efficiently by a scalable array of cluster compute nodes. In this paper, we describe DFORC2 and compare it with a standalone version of Autopsy when both are used to process evidence from hard drives of different sizes.

Keywords: digital forensics, cloud computing, cyber security, spark, Kubernetes, Kafka

Procedia PDF Downloads 383

Authors: Mireille Elhajj, Washington Ochieng, Deeph Chana

Abstract:

The challenges of the rapid growth in the demand for transport has traditionally been seen within the context of the problems of congestion, air quality, climate change, safety, and affordability. However, there are increasing threats including those related to crime such as cyber-attacks that threaten the security of the transport of people and goods. To the best of the authors’ knowledge, this paper presents for the first time, a comprehensive framework for the assessment of the current and future security issues of multi-modal transport systems. The approach or method proposed is based on a structured framework starting with a detailed specification of the transport asset map (transport system architecture), followed by the identification of vulnerabilities. The asset map and vulnerabilities are used to identify the various approaches for exploitation of the vulnerabilities, leading to the creation of a set of threat scenarios. The threat scenarios are then transformed into risks and their categories, and include insights for their mitigation. The consideration of the mitigation space is holistic and includes the formulation of appropriate policies and tactics and/or technical interventions. The quality of the framework is ensured through a structured and logical process that identifies the stakeholders, reviews the relevant documents including policies and identifies gaps, incorporates targeted surveys to augment the reviews, and uses subject matter experts for validation. The approach to categorising security risks is an extension of the current methods that are typically employed. Specifically, the partitioning of risks into either physical or cyber categories is too limited for developing mitigation policies and tactics/interventions for transport systems where an interplay between physical and cyber processes is very often the norm. This interplay is rapidly taking on increasing significance for security as the emergence of cyber-physical technologies, are shaping the future of all transport modes. Examples include: Connected Autonomous Vehicles (CAVs) in road transport; the European Rail Traffic Management System (ERTMS) in rail transport; Automatic Identification System (AIS) in maritime transport; advanced Communications, Navigation and Surveillance (CNS) technologies in air transport; and the Internet of Things (IoT). The framework adopts a risk categorisation scheme that considers risks as falling within the following threat→impact relationships: Physical→Physical, Cyber→Cyber, Cyber→Physical, and Physical→Cyber). Thus the framework enables a more complete risk picture to be developed for today’s transport systems and, more importantly, is readily extendable to account for emerging trends in the sector that will define future transport systems. The framework facilitates the audit and retro-fitting of mitigations in current transport operations and the analysis of security management options for the next generation of Transport enabling strategic aspirations such as systems with security-by-design and co-design of safety and security to be achieved. An initial application of the framework to transport systems has shown that intra-modal consideration of security measures is sub-optimal and that a holistic and multi-modal approach that also addresses the intersections/transition points of such networks is required as their vulnerability is high. This is in-line with traveler-centric transport service provision, widely accepted as the future of mobility services. In summary, a risk-based framework is proposed for use by the stakeholders to comprehensively and holistically assess the security of transport systems. It requires a detailed understanding of the transport architecture to enable a detailed vulnerabilities analysis to be undertaken, creates threat scenarios and transforms them into risks which form the basis for the formulation of interventions.

Keywords: mitigations, risk, transport, security, vulnerabilities

Procedia PDF Downloads 152

Authors: Fradreck Jockonia Mujuru

Abstract:

The effects of landmine residues from the Zimbabwean liberation war are persisting. Landmines are violently maiming and killing people and animals, causing certain areas inaccessible for agriculture and habitation, instilling fear, and even inducing forced migration. A significant gap in landmines literature is that they are mainly treated as a humanitarian issue and less scholarly. This paper engaged in theorising landmines using postcolonial literature as an epistemology. The results exhibit three issues. One, postcolonial literature provides a timeframe, a process, a space, and an attitude towards modernity on the inquiry of landmines. Two, landmines are understood in the context of war and were further decolonised to pick unique principles studied. Lastly, some of the unique principles found in landmines after decolonising are their ability to provide surveillance, repression and violent fate to all who cross the set boundaries. Therefore, theorising landmines can also be pushed further to be understood through repression. This article concluded that landmines can be theorised outside mainstream International Relations theories using postcolonial literature.

Keywords: landmines, postcolonial, repression, security, violence

Procedia PDF Downloads 62

Authors: Faisal Al Yahmadi, Muhammad R. Ahmed

Abstract:

Electric power is a fundamental necessity in the 21^st century. Consequently, any break in electric power is probably going to affect the general activity. To make the power supply smooth and efficient, a smart grid network is introduced which uses communication technology. In any communication network, security is essential. It has been observed from several recent incidents that adversary causes an interruption to the operation of networks. In order to resolve the issues, it is vital to understand the threats and vulnerabilities associated with the smart grid networks. In this paper, we have investigated the threats and vulnerabilities in Smart Grid Networks (SGN) and the few solutions in the literature. Proposed solutions showed developments in electricity theft countermeasures, Denial of services attacks (DoS) and malicious injection attacks detection model, as well as malicious nodes detection using watchdog like techniques and other solutions.

Keywords: smart grid network, security, threats, vulnerabilities

Procedia PDF Downloads 125

Authors: Mai Kaneda, Sarah Feeney

Abstract:

This study examined the association between adult attachment security and career decision-making self-efficacy (CDMSE) among college students in the United States. Previous studies show that attachment security is associated with levels of CDMSE among college students. Given that a majority of studies examining career development variables have used parental attachment measures, this study adds to understanding of this phenomenon by utilizing a broader measure of attachment. The participants included 269 college students (76% female) between the ages of 19-29. An anonymous survey was distributed online via social media as well as in hard copy format in classrooms. Multiple regression analyses were conducted to determine the relationship between anxious and avoidant attachment and CDMSE. Results revealed anxious attachment was a significant predictor of CDMSE (B = -.13, p = .01), such that greater anxiety in attachment was associated with lower levels of CDMSE. When accounting for anxious attachment, avoidant attachment was no longer significant as a predictor of CDMSE (B = -.12, p = .10). The variance in college CDMSE explained by the model was 7%, F(2,267) = 9.51, p < .001. Results for anxious attachment are consistent with existing literature that finds insecure attachment to be related to lower levels of CDMSE, however the non-significant results for avoidant attachment as a predictor of CDMSE suggest not all types of attachment insecurity are equally related to CDMSE. Future research is needed to explore the nature of the relationship between different dimensions of attachment insecurity and CDMSE.

Keywords: attachment, career decision-making, college students, self-efficacy

Procedia PDF Downloads 206

Authors: Cecil Blake, Tolu Kayode-Adedeji, Innocent Chiluwa, Charles Iruonagbe

Abstract:

National, regional and international security threats have dominated the twenty-first century thus far. Insurgencies that utilize “terrorism” as their primary strategy pose the most serious threat to global security. States in turn adopt terrorist strategies to resist and even defeat insurgents who invoke the legitimacy of statehood to justify their action. In short, the era is dominated by the use of terror tactics by state and non-state actors. Globally, there is a powerful network of groups involved in insurgencies using Islam as the bastion for their cause. In Africa, there are Boko Haram, Al Shabaab and Al Qaeda in the Maghreb representing Islamic groups utilizing terror strategies and tactics to prosecute their wars. The task at hand is to discover and to use multiple ways of handling the present security threats, including novel approaches to policy formulation, implementation, monitoring and evaluation that would pay significant attention to the important role of culture and communication strategies germane for discursive means of conflict resolution. In other to achieve this, the proposed research would address inter alia, root causes of insurgences that predicate their mission on Islamic tenets particularly in Africa; discursive and non-discursive counter-terrorism approaches fashioned by African governments, continental supra-national and regional organizations, recruitment strategies by major non-sate actors in Africa that rely solely on terrorist strategies and tactics and sources of finances for the groups under study. A major anticipated outcome of this research is a contribution to answers that would lead to the much needed stability required for development in African countries experiencing insurgencies carried out by the use of patterned terror strategies and tactics. The nature of the research requires the use of triangulation as the methodological tool.

Keywords: counter-terrorism, discourse, Nigeria, security, terrorism

Procedia PDF Downloads 475

Authors: Clara Voyvodic

Abstract:

Transitions from conflict to peace are by no means smooth nor linear, particularly from the perspective of those living through them. Over the last few decades, the changing focus in peacebuilding studies has come to appreciate the everyday experience of communities and how that provides a lens through which the relative success or efficacy of these transitions can be understood. In particular, the demobilization of a significant conflict actor is not without consequences, not just for the macro-view of state stabilization and peace, but for the communities who find themselves without a clear authority of territorial control. In Colombia, the demobilization and disarmament of the FARC guerilla group provided a brief respite to the conflict and a major political win for President Manuel Santos. However, this victory has proven short-lived. Drawing from extensive field research in Colombia within the last year, including interviews with local communities and actors operating in these regions, field observations, and other primary resources, this paper examines the post-accord transitions in Colombia and the everyday security experiences of local communities in regions formerly controlled by the FARC. In order to do so, the research focused on a semi-ethnographic approach in the northern region of the department of Antioquia and the coastal area of the border department of Nariño that documented how individuals within these marginalized communities have come to understand and negotiate their security in the years following the accord and the demobilization of the FARC. This presentation will argue that the removal of the FARC as an informal governance actor opened a space for multiple actors to attempt to control the same territory, including the state. This shift has had a clear impact on the everyday security experiences of the local communities. With an exploration of the dynamics of local governance and its impact on lived security experiences, this research seeks to demonstrate how distinct patterns of armed group behavior are emerging not only from a vacuum of control left by the FARC but from an increase in state presence that nonetheless remains inconsistent and unpersuasive as a monopoly of force in the region. The increased multiplicity of actors, particularly the state, has meant that the normal (informal) rules for communities to navigate these territories are no longer in play as the identities, actions, and intentions of different competing groups have become frustratingly opaque. This research provides a prescient analysis on how the shifting dynamics of territorial control in a post-peace accord landscape produce uncertain realities that affect the daily lives of the local communities and endanger the long-term prospect of human-centered security.

Keywords: armed actors, conflict transitions, informal governance, post-accord, security experiences

Procedia PDF Downloads 128

Authors: Zhang Xingnan, Huang Jingjia, Feng Yue, Burra Venkata Durga Kumar

Abstract:

This paper proposes a comprehensive approach to mitigate ROP (Return-Oriented Programming) attacks by combining internal operating system protection mechanisms and hardware-assisted techniques. Through extensive literature review, we identify the effectiveness of ASLR (Address Space Layout Randomization) and LBR (Last Branch Record) in preventing ROP attacks. We present a process involving buffer overflow detection, hardware-assisted ROP attack detection, and the use of Turing detection technology to monitor control flow behavior. We envision a specialized tool that views and analyzes the last branch record, compares control flow with a baseline, and outputs differences in natural language. This tool offers a graphical interface, facilitating the prevention and detection of ROP attacks. The proposed approach and tool provide practical solutions for enhancing software security.

Keywords: operating system, ROP attacks, returning-oriented programming attacks, ASLR, LBR, CFI, DEP, code randomization, hardware-assisted CFI

Procedia PDF Downloads 84

Authors: Pubudu K. Hitigala Kaluarachchilage, Champike Attanayake, Sasith Rajasooriya, Chris P. Tsokos

Abstract:

Operating system (OS) security is a key component of computer security. Assessing and improving OSs strength to resist against vulnerabilities and attacks is a mandatory requirement given the rate of new vulnerabilities discovered and attacks occurring. Frequency and the number of different kinds of vulnerabilities found in an OS can be considered an index of its information security level. In the present study five mostly used OSs, Microsoft Windows (windows 7, windows 8 and windows 10), Apple’s Mac and Linux are assessed for their discovered vulnerabilities and the risk associated with each. Each discovered and reported vulnerability has an exploitability score assigned in CVSS score of the national vulnerability database. In this study the risk from vulnerabilities in each of the five Operating Systems is compared. Risk Indexes used are developed based on the Markov model to evaluate the risk of each vulnerability. Statistical methodology and underlying mathematical approach is described. Initially, parametric procedures are conducted and measured. There were, however, violations of some statistical assumptions observed. Therefore the need for non-parametric approaches was recognized. 6838 vulnerabilities recorded were considered in the analysis. According to the risk associated with all the vulnerabilities considered, it was found that there is a statistically significant difference among average risk levels for some operating systems, indicating that according to our method some operating systems have been more risk vulnerable than others given the assumptions and limitations. Relevant test results revealing a statistically significant difference in the Risk levels of different OSs are presented.

Keywords: cybersecurity, Markov chain, non-parametric analysis, vulnerability, operating system

Procedia PDF Downloads 176

Authors: Antonio Gioiosa, Simone Doanti, Eric Flumerfelt, Luca Morescalchi, Elena Pedreschi, Gianantonio Pezzullo, Ryan A. Rivera, Franco Spinella

Abstract:

The Mu2e experiment at Fermilab aims to measure the charged-lepton flavour violating neutrino-less conversion of a negative muon into an electron in the field of an aluminum nucleus. With the expected experimental sensitivity, Mu2e will improve the previous limit of four orders of magnitude. The Mu2e data acquisition (DAQ) system provides hardware and software to collect digitized data from the tracker, calorimeter, cosmic ray veto, and beam monitoring systems. Mu2e’s trigger and data acquisition system (TDAQ) uses otsdaq as its solution. developed at Fermilab, otsdaq uses the artdaq DAQ framework and art analysis framework, under-the-hood, for event transfer, filtering, and processing. Otsdaq is an online DAQ software suite with a focus on flexibility and scalability while providing a multi-user, web-based interface accessible through the Chrome or Firefox web browser. The detector read out controller (ROC) from the tracker and calorimeter stream out zero-suppressed data continuously to the data transfer controller (DTC). Data is then read over the PCIe bus to a software filter algorithm that selects events which are finally combined with the data flux that comes from a cosmic ray veto system (CRV).

Keywords: trigger, daq, mu2e, Fermilab

Procedia PDF Downloads 144

Authors: Tazeen Fatima

Abstract:

Use of project management in web & software development projects is very significant. It has been observed that even with the application of effective project management, projects usually do not complete their lifecycle and fail. To minimize these failures, key performance indicators have been introduced in previous studies to counter project failures. However, there are always gaps and problems in the KPIs identified. Despite of incessant efforts at technical and managerial levels, projects still fail. There is no substantial approach to identify and avoid these failures in the very beginning of the project lifecycle. In this study, we aim to answer these research problems by analyzing the concept of predictive analytics which is a specialized technology and is very easy to use in this era of computation. Project organizations can use data gathering, compute power, and modern tools to render efficient Predictions. The research aims to identify such a predictive analytics approach. The core objective of the study was to reduce failures and introduce effective implementation of project management principles. Existing predictive analytics methodologies, tools and solution providers were also analyzed. Relevant data was gathered from projects and was analyzed via predictive techniques to make predictions well advance in time to render effective project management in web & software development industry.

Keywords: project management, predictive analytics, predictive analytics methodology, project failures

Procedia PDF Downloads 330

Authors: Ivan Stanev, Maria Koleva

Abstract:

A common platform for automated programming (CPAP) is defined in details. Two versions of CPAP are described: Cloud-based (including the set of components for classic programming, and the set of components for combined programming) and KBASE based (including the set of components for automated programming, and the set of components for ontology programming). Four KBASE products (module for automated programming of robots, intelligent product manual, intelligent document display, and intelligent form generator) are analyzed and CPAP contributions to automated programming are presented.

Keywords: automated programming, cloud computing, knowledge based software engineering, service oriented architecture

Procedia PDF Downloads 335

Authors: Ahlem Fatnassi, Hamza Gharsellaoui, Sadok Bouamama

Abstract:

This paper deals with the study of interest in the fields of Steganography and Steganalysis. Steganography involves hiding information in a cover media to obtain the stego media in such a way that the cover media is perceived not to have any embedded message for its unintended recipients. Steganalysis is the mechanism of detecting the presence of hidden information in the stego media and it can lead to the prevention of disastrous security incidents. In this paper, we provide a critical review of the steganalysis algorithms available to analyze the characteristics of an image stego media against the corresponding cover media and understand the process of embedding the information and its detection. We anticipate that this paper can also give a clear picture of the current trends in steganography so that we can develop and improvise appropriate steganalysis algorithms.

Keywords: optimization, heuristics and metaheuristics algorithms, embedded systems, low-power consumption, steganalysis heuristic approach

Procedia PDF Downloads 285

Authors: Asmaa El Harat, Toumi Hicham, Youssef Baddi

Abstract:

This survey delves into the complex realm of Internet of Things (IoT) security, highlighting the urgent need for effective cybersecurity measures as IoT devices become increasingly common. It explores a wide array of cyber threats targeting IoT devices and focuses on mitigating these attacks through the combined use of deep learning and machine learning algorithms, as well as edge and cloud computing paradigms. The survey starts with an overview of the IoT landscape and the various types of attacks that IoT devices face. It then reviews key machine learning and deep learning algorithms employed in IoT cybersecurity, providing a detailed comparison to assist in selecting the most suitable algorithms. Finally, the survey provides valuable insights for cybersecurity professionals and researchers aiming to enhance security in the intricate world of IoT.

Keywords: internet of things (IoT), cybersecurity, machine learning, deep learning

Procedia PDF Downloads 14

Authors: Mayar Almasri, Rosa Helmi, Rayana Enany

Abstract:

This report describes the features of AutoCAD software released by Adobe. It explains how the program makes it easier for engineers and designers and reduces their time and effort spent using AutoCAD. Moreover, it highlights how AutoCAD works, how some of the commands used in it, such as Shortcut, make it easy to use, and features that make it accurate in measurements. The results of the report show that most users of this program are designers and engineers, but few people know about it and find it easy to use. They prefer to use it because it is easy to use, and the shortcut commands shorten a lot of time for them. The feature got a high rate and some suggestions for improving AutoCAD in Aperture, but it was a small percentage, and the highest percentage was that they didn't need to improve the program, and it was good.

Keywords: artificial intelligence, design, planning, commands, autodesk, dimensions

Procedia PDF Downloads 119

Authors: Mohammad Reza Kavianpour, Arsalan Behzadifard Pour, Ali Aghazadeh Cloudy, Abolfazl Moqimi

Abstract:

In recent decades, and with increasing of urban population and development of the city, the amount of impermeable surfaces has been increased. This cause urban runoff enhancement. This enhancement, especially in cities with urban river, increases the possibility of urban flooding caused by the river flooding interaction and urban runoff. In this research, we tried SWMM utilizes software development methods and practices that seek to reduce the impact of runoff to the river flows to reduce Qomroud and Effects using Arc GIS and HEC-RAS software on how we see the flood zone.

Keywords: flood management, SWMM, runoff, flood zone

Procedia PDF Downloads 597