Search results for: flooding attacks

Authors: Lindelwa Mngomezulu, Tonderai Muchenje

Abstract:

Over the decades, E-mails provide easy, fast and timely communication enabling businesses and state owned agencies to communicate with their stakeholders and with their own employees in real-time. Moreover, since the launch of Microsoft office 365 and many other clouds based E-mail services, many businesses have been migrating from the on premises E-mail services to the cloud and more precisely since the beginning of the Covid-19 pandemic, there has been a significant increase of E-mails utilization, which then leads to the increase of cyber-attacks. In that regard, E-mail security has become very important in the E-mail transportation to ensure that the E-mail gets to the recipient without the data integrity being compromised. The classification of the features to enhance E-mail security for further from the enhanced cyber-attacks as we are aware that since the technology is advancing so at the cyber-attacks. Therefore, in order to maximize the data integrity we need to also maximize security of the E-mails such as enhanced E-mail authentication. The successful enhancement of E-mail security in the future may lessen the frequency of information thefts via E-mails, resulting in the data of South African State-owned agencies not being compromised.

Keywords: e-mail security, cyber-attacks, data integrity, authentication

Procedia PDF Downloads 108

Authors: Grace karimi Muriithi, Behnaz Papari, Ali Arsalan, Christopher Shannon Edrington

Abstract:

Complexity and nonlinearity of the control system design is increasing for DC microgrid applications when the cyber concept associated with the technology constraints will added to the picture. Controllers’ functionality during the critical operation mode is required to guaranteed specifically for a high profile applications such as NAVY DC ship power system (SPS) as an small-scaled DC microgrid. Thus, SPS is susceptible to cyber-attacks and, accordingly, can provide the disastrous effects. In this study, a machine learning (ML) approach is demonstrated to offer the promising performance of SPS for developing an effective and robust functionality over attacks time. Simulation results analysis demonstrate that the proposed method can improve the controllability successfully.

Keywords: controlability, cyber attacks, distribute control, machine learning

Procedia PDF Downloads 82

Authors: F. C. Amadi, G. C. Enyi, G. Nasr

Abstract:

Relative permeabilities are practical factors that are used to correct the single phase Darcy’s law for application to multiphase flow. For effective characterisation of large-scale multiphase flow in hydrocarbon recovery, relative permeability and capillary pressures are used. These parameters are acquired via special core flooding experiments. Special core analysis (SCAL) module of reservoir simulation is applied by engineers for the evaluation of these parameters. But, core flooding experiments in shale core sample are expensive and time consuming before various flow assumptions are achieved for instance Darcy’s law. This makes it imperative for the application of coreflooding simulations in which various analysis of relative permeabilities and capillary pressures of multiphase flow can be carried out efficiently and effectively at a relative pace. This paper presents a Sendra software simulation of core flooding to achieve to relative permeabilities and capillary pressures using different correlations. The approach used in this study was three steps. The first step, the basic petrophysical parameters of Marcellus shale sample such as porosity was determined using laboratory techniques. Secondly, core flooding was simulated for particular scenario of injection using different correlations. And thirdly the best fit correlations for the estimation of relative permeability and capillary pressure was obtained. This research approach saves cost and time and very reliable in the computation of relative permeability and capillary pressures at steady or unsteady state, drainage or imbibition processes in oil and gas industry when compared to other methods.

Keywords: relative permeabilty, porosity, 1-D black oil simulator, capillary pressures

Procedia PDF Downloads 425

Authors: Suresh Hettiarachchi, Conrad Wasko, Ashish Sharma

Abstract:

The ever changing and expanding urban landscape increases the stress on urban systems to support and maintain safe and functional living spaces. Flooding presents one of the more serious threats to this safety, putting a larger number of people in harm’s way in congested urban settings. Climate change is adding to this stress by creating a dichotomy in the urban flood response. On the one hand, climate change is causing storms to intensify, resulting in more destructive, rarer floods, while on the other hand, longer dry periods are decreasing the severity of more frequent, less intense floods. This variability is creating a need to be more agile and innovative in how we design for and manage urban flooding. Here, we argue that to cope with this challenge climate change brings, we need to move towards urban flood management through resilience rather than flood prevention. We also argue that dealing with the larger variation in flood response to climate change means that we need to look at flooding from all aspects rather than the single-dimensional focus of flood depths and extents. In essence, we need to rethink how we manage flooding in the urban space. This change in our thought process and approach to flood management requires a practical way to assess and quantify resilience that is built into the urban landscape so that informed decision-making can support the required changes in planning and infrastructure design. Towards that end, we propose a Simple Urban Flood Resilience Index (SUFRI) based on a robust definition of resilience as a tool to assess flood resilience. The application of a simple resilience index such as the SUFRI can provide a practical tool that considers urban flood management in a multi-dimensional way and can present solutions that were not previously considered. When such an index is grounded on a clear and relevant definition of resilience, it can be a reliable and defensible way to assess and assist the process of adapting to the increasing challenges in urban flood management with climate change.

Keywords: urban flood resilience, climate change, flood management, flood modelling

Procedia PDF Downloads 30

Authors: Avinoam Rabinovich

Abstract:

CO₂ geological storage is a proven technology for reducing anthropogenic carbon emissions, which is paramount for achieving the ambitious net zero emissions goal. Core flooding experiments are an important step in any CO₂ storage project, allowing us to gain information on the flow of CO₂ and brine in the porous rock extracted from the reservoir. This information is important for understanding basic mechanisms related to CO₂ geological storage as well as for reservoir modeling, which is an integral part of a field project. In this work, a different method for constructing accurate models of CO₂-brine core flooding will be presented. Results for synthetic cases and real experiments will be shown and compared with numerical models to exhibit their predictive capabilities. Furthermore, the various mechanisms which impact the CO₂ distribution and trapping in the rock samples will be discussed, and examples from models and experiments will be provided. The new method entails solving an inverse problem to obtain a three-dimensional permeability distribution which, along with the relative permeability and capillary pressure functions, constitutes a model of the flow experiments. The model is more accurate when data from a number of experiments are combined to solve the inverse problem. This model can then be used to test various other injection flow rates and fluid fractions which have not been tested in experiments. The models can also be used to bridge the gap between small-scale capillary heterogeneity effects (sub-core and core scale) and large-scale (reservoir scale) effects, known as the upscaling problem.

Keywords: CO₂ geological storage, residual trapping, capillary heterogeneity, core flooding, CO₂-brine flow

Procedia PDF Downloads 50

Authors: Ismail Bin Mohd Saaid, Abubakar Abubakar Umar

Abstract:

Despite the successes recorded by Alkaline/Surfactant/Polymer (ASP) flooding as an effective chemical EOR technique, the combination CEOR is not unassociated with stern glitches, one of which is the scaling of downhole equipment. One of the major issues inside the oil industry is how to control scale formation, regardless of whether it is in the wellhead equipment, down-hole pipelines or even the actual field formation. The best approach to handle the challenge associated with oilfield scale formation is the application of scale inhibitors to avert the scale formation. Chemical inhibitors have been employed in doing such. But due to environmental regulations, the industry have focused on using green scale inhibitors to mitigate the formation of scales. This paper compares the scale inhibition performance of Polyaspartic acid and sodium polyacrylic acid, both commercial green scale inhibitors, in mitigating silicate scales formed during Alkaline/Surfactant/polymer flooding under static conditions. Both PASP and TH5000 are non-threshold inhibitors, therefore their efficiency was only seeing in delaying the deposition of the silicate scales.

Keywords: alkaline/surfactant/polymer flooding (ASP), polyaspartic acid (PASP), sodium polyacrylate (SPA)

Procedia PDF Downloads 326

Authors: Karim Abouelmehdi, Loubna Dali, Elmoutaoukkil Abdelmajid, Hoda Elsayed, Eladnani Fatiha, Benihssane Abderahim

Abstract:

The security of cloud services is the concern of cloud service providers. In this paper, we will mention different classifications of cloud attacks referred by specialized organizations. Each agency has its classification of well-defined properties. The purpose is to present a high-level classification of current research in cloud computing security. This classification is organized around attack strategies and corresponding defenses.

Keywords: cloud computing, classification, risk, security

Procedia PDF Downloads 522

Authors: Bandar Alahmadi

Abstract:

The fact that people tend to remember pictures better than texts, motivates researchers to develop graphical passwords as an alternative to textual passwords. Graphical passwords as such were introduced as a possible alternative to traditional text passwords, in which users prove their identity by clicking on pictures rather than typing alphanumerical text. In this paper, we present a scheme for graphical passwords that are resistant to shoulder surfing attacks and spyware attacks. The proposed scheme introduces a clicking technique to chosen images. First, the users choose a set of images, the images are then included in a grid where users can click in the cells around each image, the location of the click and the number of clicks are saved. As a result, the proposed scheme can be safe from shoulder surface and spyware attacks.

Keywords: security, password, authentication, attack, applications

Procedia PDF Downloads 146

Authors: Gigih Supriyatno

Abstract:

SQL injection is one of the most common types of attacks and has a very critical impact on web servers. In the worst case, an attacker can perform post-exploitation after a successful SQL injection attack. In the case of forensics web servers, web server analysis is closely related to log file analysis. But sometimes large file sizes and different log types make it difficult for investigators to look for traces of attackers on the server. The purpose of this paper is to help investigator take appropriate steps to investigate when the web server gets attacked. We use attack scenarios using SQL injection attacks including PHP backdoor injection as post-exploitation. We perform post-mortem analysis of web server logs based on Hypertext Transfer Protocol (HTTP) POST and HTTP GET method approaches that are characteristic of SQL injection attacks. In addition, we also propose structured analysis method between the web server application log file, database application, and other additional logs that exist on the webserver. This method makes the investigator more structured to analyze the log file so as to produce evidence of attack with acceptable time. There is also the possibility that other attack techniques can be detected with this method. On the other side, it can help web administrators to prepare their systems for the forensic readiness.

Keywords: web forensic, SQL injection, investigation, web shell

Procedia PDF Downloads 133

Authors: Muhammad R. Ahmed, Mohammed Aseeri

Abstract:

Wireless Sensor Network (WSN) consists of low-cost and multi functional resources constrain nodes that communicate at short distances through wireless links. It is open media and underpinned by an application driven technology for information gathering and processing. It can be used for many different applications range from military implementation in the battlefield, environmental monitoring, health sector as well as emergency response of surveillance. With its nature and application scenario, security of WSN had drawn a great attention. It is known to be valuable to variety of attacks for the construction of nodes and distributed network infrastructure. In order to ensure its functionality especially in malicious environments, security mechanisms are essential. Malicious or internal attacker has gained prominence and poses the most challenging attacks to WSN. Many works have been done to secure WSN from internal attacks but most of it relay on either training data set or predefined threshold. Without a fixed security infrastructure a WSN needs to find the internal attacks is a challenge. In this paper we present an internal attack detection method based on maximum entropy model. The final experimental works showed that the proposed algorithm does work well at the designed level.

Keywords: internal attack, wireless sensor network, network security, entropy

Procedia PDF Downloads 434

Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez

Abstract:

In this paper, we treat a model that falls in the area of protecting targeted systems from intelligent threats including terrorism. We introduce the concept of system survivability, in the context of continuous attacks, as the probability that a system under attack will continue operation up to some fixed time t. We define a constant attack rate (CAR) process as an attack on a targeted system that follows an exponential distribution. We consider the superposition of several CAR processes. From the attacker side, we determine the optimal attack strategy that minimizes the system survivability. We also determine the optimal strengthening strategy that maximizes the system survivability under limited defensive resources. We use operations research techniques to identify optimal strategies of each antagonist. Our results may be used as interesting starting points to develop realistic protection strategies against intentional attacks.

Keywords: CAR processes, defense/attack strategies, exponential failure, survivability

Procedia PDF Downloads 370

Authors: Bismina Akbar, Smitha M. V.

Abstract:

Flooding is a global phenomenon that causes widespread devastation, economic damage, and loss of human lives. In the past twenty years, the number of reported flood events has increased significantly. Millions of people around the globe are at risk of flooding from coastal, dam breaks, groundwater, and urban surface water and wastewater sources. Climate change is one of the important causes for them since it affects, directly and indirectly, the river network. Although the contribution of climate change is undeniable, human contributions are there to increase the frequency of floods. There are different types of floods, such as Flash floods, Coastal floods, Urban floods, River (or fluvial) floods, and Ponding (or pluvial flooding). This study focuses on formulating mitigation strategies for urban flood risk reduction through analysis of different best practice case studies, including China, Japan, Indonesia, and Brazil. The mitigation measures suggest that apart from the structural and non-structural measures, environmental considerations like blue-green solutions are beneficial for flood risk reduction. And also, Risk-Informed Master plans are essential nowadays to take risk-based decision processes that enable more sustainability and resilience.

Keywords: hazard, mitigation, risk reduction, urban flood

Procedia PDF Downloads 56

Authors: Ashish Ashish

Abstract:

In the last few decades, the discrete chaos of difference equations has gained a massive attention of academicians and scholars due to its tremendous applications in each and every branch of science, such as cryptography, traffic control models, secure communications, weather forecasting, and engineering. In this article, a generalized logistic discrete map is established and discrete chaos is reported through period doubling bifurcation, period three orbit and Lyapunov exponent. It is interesting to see that the generalized logistic map exhibits superior chaos due to the presence of an extra degree of freedom of an ordered parameter. The period doubling bifurcation and Lyapunov exponent are demonstrated for some particular values of parameter and the discrete chaos is determined in the sense of Devaney's definition of chaos theoretically as well as numerically. Moreover, the study discusses an extended chaos based image encryption and decryption scheme in cryptography using this novel system. Surprisingly, a larger key space for coding and more sensitive dependence on initial conditions are examined for encryption and decryption of text messages, images and videos which secure the system strongly from external cyber attacks, coding attacks, statistic attacks and differential attacks.

Keywords: chaos, period-doubling, logistic map, Lyapunov exponent, image encryption

Procedia PDF Downloads 126

Authors: Farheen Tabassum, Shoab Ahmed Khan

Abstract:

The brutality of attacks on networks and decisive infrastructures are on the climb over recent years and appears to continue to do so. Distributed Denial of service attack is the most prevalent and easy attack on the availability of a service due to the easy availability of large botnet computers at cheap price and the general lack of protection against these attacks. Application layer DDoS attack is DDoS attack that is targeted on wed server, application server or database server. These types of attacks are much more sophisticated and challenging as they get around most conventional network security devices because attack traffic often impersonate normal traffic and cannot be recognized by network layer anomalies. Conventional techniques of single-hosted security systems are becoming gradually less effective in the face of such complicated and synchronized multi-front attacks. In order to protect from such attacks and intrusion, corporation among all network devices is essential. To overcome this issue, a collaborative intrusion detection system (CIDS) is proposed in which multiple network devices share valuable information to identify attacks, as a single device might not be capable to sense any malevolent action on its own. So it helps us to take decision after analyzing the information collected from different sources. This novel attack detection technique helps to detect seemingly benign packets that target the availability of the critical infrastructure, and the proposed solution methodology shall enable the incident response teams to detect and react to DDoS attacks at the earliest stage to ensure that the uptime of the service remain unaffected. Experimental evaluation shows that the proposed collaborative detection approach is much more effective and efficient than the previous approaches.

Keywords: Distributed Denial-of-Service (DDoS), Collaborative Intrusion Detection System (CIDS), Slowloris, OSSIM (Open Source Security Information Management tool), OSSEC HIDS

Procedia PDF Downloads 338

Authors: Yang Yu, Jian Wang, Jiqiang Liu, Lei Han, Xudong He, Shaohua Lv

Abstract:

As the increasing network attacks become more and more complex, network situation assessment based on log analysis cannot meet the requirements to ensure network security because of the low quality of logs and alerts. This paper addresses the lack of consideration of security attributes of hosts and attacks in the network. Identity and effectiveness of Distributed Denial of Service (DDoS) are hard to be proved in risk assessment based on alerts and flow matching. This paper proposes a multi-dimension threat situation assessment method based on network security attributes. First, the paper offers an improved Common Vulnerability Scoring System (CVSS) calculation, which includes confident risk, integrity risk, availability risk and a weighted risk. Second, the paper introduces deterioration rate of properties collected by sensors in hosts and network, which aimed at assessing the time and level of DDoS attacks. Third, the paper introduces distribution of asset value in security attributes considering features of attacks and network, which aimed at assessing and show the whole situation. Experiments demonstrate that the approach reflects effectiveness and level of DDoS attacks, and the result can show the primary threat in network and security requirement of network. Through comparison and analysis, the method reflects more in security requirement and security risk situation than traditional methods based on alert and flow analyzing.

Keywords: DDoS evaluation, improved CVSS, network security attribute, threat situation assessment

Procedia PDF Downloads 190

Authors: Zahra Abdolkarimi, Naser Zourikalatehsamad,

Abstract:

Up to 40 years ago, after recognition of epilepsy, it was generally believed that these attacks occurred randomly and suddenly. However, thanks to the advance of mathematics and engineering, such attacks can be predicted within a few minutes or hours. In this way, various algorithms for long-term prediction of the time and frequency of the first attack are presented. In this paper, by considering the nonlinear nature of brain signals and dynamic recorded brain signals, ANFIS model is presented to predict the brain signals, since according to physiologic structure of the onset of attacks, more complex neural structures can better model the signal during attacks. Contribution of this work is the co-evolution algorithm for optimization of ANFIS network parameters. Our objective is to predict brain signals based on time series obtained from brain signals of the people suffering from epilepsy using ANFIS. Results reveal that compared to other methods, this method has less sensitivity to uncertainties such as presence of noise and interruption in recorded signals of the brain as well as more accuracy. Long-term prediction capacity of the model illustrates the usage of planted systems for warning medication and preventing brain signals.

Keywords: co-evolution algorithms, brain signals, time series, neural networks, ANFIS model, physiologic structure, time prediction, epilepsy suffering, illustrates model

Procedia PDF Downloads 251

Authors: Prejily Thomas John

Abstract:

Flooding of urban areas often has an adverse impact on the dense population residing in cities. The vulnerable areas are the most affected due to flooding, which even results in loss of life. The increasing trend of urban floods is a universal phenomenon and leads to a vital loss in the physical, economic, social, and environmental dimensions. The shift from floods being natural disasters to man-made disasters due to unplanned urban growth is evident from national and international reports. Thiruvalla, bordered by the Manimala River in the Pathanamthitta district, is an important urban node and a drainage point of various estuaries. The city is often faced with flash floods and overflow from rivers since it is a low-lying land. The need for urban flood resilience for planned urban development is a necessity for livability in consideration of the topography. The paper focuses on developing an urban design framework in everyday urban spaces through the principles of resilient urbanism. The principles guide the creation of flood-resilient spaces and productive urban landscapes for the city to enable better and safer living conditions. A flood-resilient city not only prepares the city for disasters but also improves the ecological and economic conditions.

Keywords: everyday urban spaces, flood resilience, resilient urbanism, productive urban landscapes

Procedia PDF Downloads 63

Authors: M. Shahzad Kamal, Abdullah S. Sultan, Usamah A. Al-Mubaiyedh, Ibnelwaleed A. Hussein

Abstract:

Oil recovery from reservoirs using conventional oil recovery techniques like water flooding is less than 20%. Enhanced oil recovery (EOR) techniques are applied to recover additional oil. Surfactant-polymer flooding is a promising EOR technique used to recover residual oil from reservoirs. Water soluble polymers are used to increase the viscosity of displacing fluids. Surfactants increase the capillary number by reducing the interfacial tension between oil and displacing fluid. Hydrolyzed polyacrylamide (HPAM) is widely used in polymer flooding applications due to its low cost and other desirable properties. HPAM works well in low-temperature and low salinity-environment. In the presence of salts HPAM viscosity decrease due to charge screening effect and it can precipitate at high temperatures in the presence of salts. Various strategies have been adopted to extend the application of water soluble polymers to high-temperature high-salinity (HTHS) reservoir. These include addition of monomers to acrylamide chain that can protect it against thermal hydrolysis. In this work, rheological properties of various water soluble polymers were investigated to find out suitable polymer and surfactant-polymer systems for HTHS reservoirs. Polymer concentration ranged from 0.1 to 1 % (w/v). Effect of temperature, salinity and polymer concentration was investigated using both steady shear and dynamic measurements. Acrylamido tertiary butyl sulfonate based copolymer showed better performance under HTHS conditions compared to HPAM. Moreover, thermoviscosifying polymer showed excellent rheological properties and increase in the viscosity was observed with increase temperature. This property is highly desirable for EOR application.

Keywords: rheology, polyacrylamide, salinity, enhanced oil recovery, polymer flooding

Procedia PDF Downloads 389

Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla

Abstract:

Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.

Keywords: Denial-of-Service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities

Procedia PDF Downloads 176

Authors: Gayathri Pramod, Sheeja K. P.

Abstract:

Urban flooding has been seen rising in cities for the past few years. This rise in urban flooding is the result of increasing urbanization and increasing climate change. A resilient city design focuses on 'living with water'. This means that the city is capable of accommodating the floodwaters without having to risk any loss of lives or properties. The resilient city design incorporates green infrastructure, river edge treatment, open space design, etc. to form a city that functions as a whole for resilience. Sponge urbanism is a recent method for building resilient cities and is founded by China in 2014. Sponge urbanism is the apt method for resilience building for a tropical town like Aluva of Kerala. Aluva is a tropical town that experiences rainfall of about 783 mm per month during the rainy season. Aluva is an urbanized town which faces the risk of urban flooding and riverine every year due to the presence of Periyar River in the town. Impervious surfaces and hard construction and developments contribute towards flood risk by posing as interference for a natural flow and natural filtration of water into the ground. This type of development is seen in Aluva also. Aluva is designed in this research as a town that have resilient strategies of sponge city and which focusses on natural methods of construction. The flood susceptibility of Aluva is taken into account to design the spaces for sponge urbanism and in turn, reduce the flood susceptibility for the town. Aluva is analyzed, and high-risk zones for development are identified through studies. These zones are designed to withstand the risk of flooding. Various catchment areas are identified according to the natural flow of water, and then these catchment areas are designed to act as a public open space and as detention ponds in case of heavy rainfall. Various development guidelines, according to land use, is also prescribed, which help in increasing the green cover of the town. Aluva is then designed to be a completely flood-adapted city or sponge city according to the guidelines and interventions.

Keywords: climate change, flooding, resilient city, sponge city, sponge urbanism, urbanization

Procedia PDF Downloads 131

Authors: Doaa Wael, Naswa Abdelbaky

Abstract:

Malware is malicious software that is built to cause destructive actions and damage information systems and networks. Malware infections increase rapidly, and types of malware have become more sophisticated, which makes the malware detection process more difficult. On the other side, the Internet of Things IoT technology is vulnerable to malware attacks. These IoT devices are always connected to the internet and lack security. This makes them easy for hackers to access. These malware attacks are becoming the go-to attack for hackers. Thus, in order to deal with this challenge, new malware detection techniques are needed. Currently, building a blockchain solution that allows IoT devices to download any file from the internet and to verify/approve whether it is malicious or not is the need of the hour. In recent years, blockchain technology has stood as a solution to everything due to its features like decentralization, persistence, and anonymity. Moreover, using blockchain technology overcomes some difficulties in malware detection and improves the malware detection ratio over-than the techniques that do not utilize blockchain technology. In this paper, we study malware detection models which are based on blockchain technology. Furthermore, we elaborate on the effect of blockchain technology in malware detection, especially in the android environment.

Keywords: malware analysis, blockchain, malware attacks, malware detection approaches

Procedia PDF Downloads 59

Authors: Preston Nabors, Nasseh Tabrizi

Abstract:

Portable Document Format (PDF) files have gained significant popularity for sharing and distributing documents due to their universal compatibility. However, the widespread use of PDF files has made them attractive targets for cybercriminals, who exploit vulnerabilities to deliver malware and compromise the security of end-user systems. This paper reviews notable contributions in PDF malware detection, including static, dynamic, signature-based, and hybrid analysis. It presents a comprehensive examination of PDF malware detection techniques, focusing on the emerging threat of adversarial sampling and the need for robust defense mechanisms. The paper highlights the vulnerability of machine learning classifiers to evasion attacks. It explores adversarial sampling techniques in PDF malware detection to produce mimicry and reverse mimicry evasion attacks, which aim to bypass detection systems. Improvements for future research are identified, including accessible methods, applying adversarial sampling techniques to malicious payloads, evaluating other models, evaluating the importance of features to malware, implementing adversarial defense techniques, and conducting comprehensive examination across various scenarios. By addressing these opportunities, researchers can enhance PDF malware detection and develop more resilient defense mechanisms against adversarial attacks.

Keywords: adversarial attacks, adversarial defense, adversarial machine learning, intrusion detection, PDF malware, malware detection, malware detection evasion

Procedia PDF Downloads 21

Authors: Ersun N. Kurtulus

Abstract:

One of the strategic goals of left-wing terrorism, both in its Anarchist and Marxist-Leninist forms, was mobilization of masses as a first step in launching a revolution. However, in the canonical texts of left-wing terrorist literature (such as the works of Brousse, Nachaev, Bakunin, Kropotkin, Most, Heinzen, Guevara and Marighella) it is not clear how resort to terrorist tactics such as assassinations or bomb attacks will lead to mobilization of masses. This link is usually presumed and taken for granted. However, in other, less known terrorist texts, where there is some elaboration upon this link, two conflicting views emerge: (i) terrorist attacks are supposed to cause state repression which in turn radicalizes masses and opens up the way for recruitment and mobilization versus (ii) terrorist attacks are supposed to demonstrate the hollowness of the already existent state repression and thereby encourage mobilization of masses that are already radicalized but inactive due fear caused by state repression. The paper argues that terrorism studies have largely overemphasized the former while the latter has remained more or less unnoticed.

Keywords: terrorism, repression, radical left, mobilization of masses

Procedia PDF Downloads 207

Authors: Jill Stephenson, Marie Vaganay, Robert Cameron, Caoimhe McGurk, Neil Hewitt

Abstract:

Purpose: The key aim of the research was to identify the secondary stressors experienced by businesses affected by single or repeated flooding and to determine to what extent businesses were affected by these stressors, along with any resulting impact on health. Additionally, the research aimed to establish the likelihood of businesses being re-exposed to the secondary stressors through assessing awareness of flood risk, implementation of property protection measures and level of community resilience. Design/methodology/approach: The chosen research method involved the distribution of a questionnaire survey to businesses affected by either single or repeated flood events. The questionnaire included the Impact of Event Scale (a 15-item self-report measure which assesses subjective distress caused by traumatic events). Findings: 55 completed questionnaires were returned by flood impacted businesses. 89% of the businesses had sustained internal flooding while 11% had experienced external flooding. The results established that the key secondary stressors experienced by businesses, in order of priority, were: flood damage, fear of reoccurring flooding, prevention of access to the premise/closure, loss of income, repair works, length of closure and insurance issues. There was a lack of preparedness for potential future floods and consequent vulnerability to the emergence of secondary stressors among flood affected businesses, as flood resistance or flood resilience measures had only been implemented by 11% and 13% respectively. In relation to the psychological repercussions, the Impact of Event scores suggested that potential prevalence of post-traumatic stress disorder (PTSD) was noted among 8 out of 55 respondents (l5%). Originality/value: The results improve understanding of the enduring repercussions of flood events on businesses, indicating that not only residents may be susceptible to the detrimental health impacts of flood events and single flood events may be just as likely as reoccurring flooding to contribute to ongoing stress. Lack of financial resources is a possible explanation for the lack of implementation of property protection measures among businesses, despite 49% experiencing flooding on multiple occasions. Therefore it is recommended that policymakers should consider potential sources of financial support or grants towards flood defences for flood impacted businesses. Any form of assistance should be made available to businesses at the earliest opportunity as there was no significant association between the time of the last flood event and the likelihood of experiencing PTSD symptoms.

Keywords: flood event, flood resilience, flood resistance, PTSD, secondary stressors

Procedia PDF Downloads 411

Authors: Anum Ali, Kashaf ad Dooja, Asif Saleem

Abstract:

The future smart cities trend will be towards Internet of Things (IoT); IoT creates dynamic connections in a ubiquitous manner. Smart cities offer ease and flexibility for daily life matters. By using small devices that are connected to cloud servers based on IoT, network traffic between these devices is growing exponentially, whose security is a concerned issue, since ratio of cyber attack may make the network traffic vulnerable. This paper discusses the latest machine learning approaches in related work further to tackle the increasing rate of cyber attacks, machine learning algorithm is applied to IoT-based network traffic data. The proposed algorithm train itself on data and identify different sections of devices interaction by using supervised learning which is considered as a classifier related to a specific IoT device class. The simulation results clearly identify the attacks and produce fewer false detections.

Keywords: IoT, traffic security, deep learning, classification

Procedia PDF Downloads 130

Authors: S. B. Kumbalavati, J. D. Mallapur, K. Y. Bendigeri

Abstract:

A mobile Ad-hoc network (MANET) is a multihop wireless network where nodes communicate each other without any pre-deployed infrastructure. There is no central administrating unit. Hence, MANET is generally prone to many of the attacks. These attacks may alter, release or deny data. These attacks are nothing but intrusions. Intrusion is a set of actions that attempts to compromise integrity, confidentiality and availability of resources. A major issue in the design and operation of ad-hoc network is sharing the common spectrum or common channel bandwidth among all the nodes. We are performing intrusion detection using game theory approach. Game theory is a mathematical tool for analysing problems of competition and negotiation among the players in any field like marketing, e-commerce and networking. In this paper mathematical model is developed using game theory approach and intruders are detected and removed. Bandwidth utilization is estimated and comparison is made between bandwidth utilization with intrusion detection technique and without intrusion detection technique. Percentage of intruders and efficiency of the network is analysed.

Keywords: ad-hoc network, IDS, game theory, sensor networks

Procedia PDF Downloads 362

Authors: Ezequiel Garcia-Rodriguez, Lenin Hernandez-Ferreyra, Luis Ochoa-Franco

Abstract:

The Sustainable Sewer Urban Systems (SSUS) are mechanisms integrated into the cities for manage rain water, reducing its runoff volume and velocity, enhancing the rain water quality and preventing flooding and other catastrophes associated to the rain, as well as improving the energy efficiency. The objective of SSUS is to mimic or to equal the runoff and infiltration natural conditions of the land before its urbanization, reducing runoff that may cause troubles within the houses, as well as flooding. At the same time, energy for warming homes and for pumping and treating water is reduced, contributing to the reduction of CO₂ emissions and therefore contributing to reduce the climate change. This paper contains an evaluation of the advantages that SSUS may offer within a zone of Morelia City, Mexico, applying support tools for decision making. The hydrological conditions prior to and after the urbanization of the study area were analyzed to propose the recommended SSUS. Different types of SSUS were proposed in this case study, assessing their effect on the rainwater flow behavior within the study area. SSUS usage in this case resulted, positively, in an important reduction of the magnitude and velocity of runoff, reducing therefore the risk of flooding. So that, it is recommended the implementation of SSUS in this case.

Keywords: energy efficiency, morelia, sustainablesewer, urban systems

Procedia PDF Downloads 42

Authors: Aisha F. Bushager

Abstract:

Today we are more exposed than ever to cyber threats and attacks at personal, community, organizational, national, and international levels. More aspects of our lives are operating on computer networks simply because we are living in the fifth domain, which is called the Cyberspace. One of the most sensitive areas that are vulnerable to cyber threats and attacks is the Electronic Banking (e-Banking) area, where the banking sector is providing online banking services to its clients. To be able to obtain the clients trust and encourage them to practice e-Banking, also, to maintain the services provided by the banks and ensure safety, cyber security and risks control should be given a high priority in the e-banking area. The aim of the study is to carry out risk assessment on the e-banking services and determine the cyber threats, cyber attacks, and vulnerabilities that are facing the e-banking area specifically in the Kingdom of Bahrain. To collect relevant data, structured interviews were taken place with e-banking experts in different banks. Then, collected data where used as in input to the risk management framework provided by the National Institute of Standards and Technology (NIST), which was the model used in the study to assess the risks associated with e-banking services. The findings of the study showed that the cyber threats are commonly human errors, technical software or hardware failure, and hackers, on the other hand, the most common attacks facing the e-banking sector were phishing, malware attacks, and denial-of-service. The risks associated with the e-banking services were around the moderate level, however, more controls and countermeasures must be applied to maintain the moderate level of risks. The results of the study will help banks discover their vulnerabilities and maintain their online services, in addition, it will enhance the cyber security and contribute to the management and control of risks that are facing the e-banking sector.

Keywords: cyber security, e-banking, risk assessment, threats identification

Procedia PDF Downloads 328

Authors: M. Mansouri, P. Jaklitsch, E. Teiniker

Abstract:

SQL injection on web applications is a very popular kind of attack. There are mechanisms such as intrusion detection systems in order to detect this attack. These strategies often rely on techniques implemented at high layers of the application but do not consider the low level of system calls. The problem of only considering the high level perspective is that an attacker can circumvent the detection tools using certain techniques such as URL encoding. One technique currently used for detecting low-level attacks on privileged processes is the tracing of system calls. System calls act as a single gate to the Operating System (OS) kernel; they allow catching the critical data at an appropriate level of detail. Our basic assumption is that any type of application, be it a system service, utility program or Web application, “speaks” the language of system calls when having a conversation with the OS kernel. At this level we can see the actual attack while it is happening. We conduct an experiment in order to demonstrate the suitability of system call analysis for detecting SQL injection. We are able to detect the attack. Therefore we conclude that system calls are not only powerful in detecting low-level attacks but that they also enable us to detect high-level attacks such as SQL injection.

Keywords: Linux system calls, web attack detection, interception, SQL

Procedia PDF Downloads 333

Authors: Amirreza Fazely Hamedani, Muzzamil Aziz, Philipp Wieder, Ramin Yahyapour

Abstract:

Software-defined networking in recent years came into the sight of so many network designers as a successor to the traditional networking. Unlike traditional networks where control and data planes engage together within a single device in the network infrastructure such as switches and routers, the two planes are kept separated in software-defined networks (SDNs). All critical decisions about packet routing are made on the network controller, and the data level devices forward the packets based on these decisions. This type of network is vulnerable to DDoS attacks, degrading the overall functioning and performance of the network by continuously injecting the fake flows into it. This increases substantial burden on the controller side, and the result ultimately leads to the inaccessibility of the controller and the lack of network service to the legitimate users. Thus, the protection of this novel network architecture against denial of service attacks is essential. In the world of cybersecurity, attacks and new threats emerge every day. It is essential to have tools capable of managing and analyzing all this new information to detect possible attacks in real-time. These tools should provide a comprehensive solution to automatically detect, predict and prevent abnormalities in the network. Big data encompasses a wide range of studies, but it mainly refers to the massive amounts of structured and unstructured data that organizations deal with on a regular basis. On the other hand, it regards not only the volume of the data; but also that how data-driven information can be used to enhance decision-making processes, security, and the overall efficiency of a business. This paper presents an intelligent big data framework as a solution to handle illegitimate traffic burden on the SDN network created by the numerous DDoS attacks. The framework entails an efficient defence and monitoring mechanism against DDoS attacks by employing the state of the art machine learning techniques.

Keywords: apache spark, apache kafka, big data, DDoS attack, machine learning, SDN network

Procedia PDF Downloads 151