Search results for: phishing attacks

Authors: Khaled M. Khan, Armstrong Nhlabatsi

Abstract:

This article attempts to analyse behavioural traits of lone-wolves who struck and killed innocents in six different attacks in Europe in last nine months. The main objective of this study is to develop a profiling template in order to capture commonality of characteristics of these attackers. This study tries to understand the homogeneity of lone-wolves in terms of their social background and state of mind. The commonality among them can possibly be used to build a profiling template that could help detecting vulnerable persons who are prone to be self-radicalised or radicalised by someone else. The result of this study provides us an understanding of their commonality in terms of their state of mind and social characteristics.

Keywords: behavioral pattern, terrorism, profiling, commonality

Procedia PDF Downloads 402

Authors: Christodoulou Christos, Politis Anastasios

Abstract:

A large majority of users favoured to wireless LAN connection since it was so simple to use. A wireless network can be the target of numerous attacks. Class hijacking is a well-known attack that is fairly simple to execute and has significant repercussions on users. The statistical flow analysis based on machine learning (ML) techniques is a promising categorization methodology. In a given dataset, which in the context of this paper is a collection of components representing frames belonging to various flows, machine learning (ML) can offer a technique for identifying and characterizing structural patterns. It is possible to classify individual packets using these patterns. It is possible to identify fraudulent conduct, such as class hijacking, and take necessary action as a result. In this study, we explore a way to use machine learning approaches to thwart this attack.

Keywords: wireless lan, quality of service, machine learning, class hijacking, EDCA remapping

Procedia PDF Downloads 61

Authors: Behrooz Daneshmand

Abstract:

Software Defined Networking (SDN) is designed to meet the future needs of 5G mobile networks. The SDN architecture offers a new solution that involves separating the control plane from the data plane, which is usually paired together. Network functions traditionally performed on specific hardware can now be abstracted and virtualized on any device, and a centralized software-based administration approach is based on a central controller, facilitating the development of modern applications and services. These plan standards clear the way for a more adaptable, speedier, and more energetic network beneath computer program control compared with a conventional network. We accept SDN gives modern inquire about openings to security, and it can significantly affect network security research in numerous diverse ways. Subsequently, the SDN architecture engages systems to effectively screen activity and analyze threats to facilitate security approach modification and security benefit insertion. The segregation of the data planes and control and, be that as it may, opens security challenges, such as man-in-the-middle attacks (MIMA), denial of service (DoS) attacks, and immersion attacks. In this paper, we analyze security threats to each layer of SDN - application layer - southbound interfaces/northbound interfaces - controller layer and data layer. From a security point of see, the components that make up the SDN architecture have a few vulnerabilities, which may be abused by aggressors to perform noxious activities and hence influence the network and its administrations. Software-defined network assaults are shockingly a reality these days. In a nutshell, this paper highlights architectural weaknesses and develops attack vectors at each layer, which leads to conclusions about further progress in identifying the consequences of attacks and proposing mitigation strategies.

Keywords: software-defined networking, security, SDN, 5G/IMT-2020

Procedia PDF Downloads 101

Authors: Phillip Garrad, Saritha Unnikrishnan

Abstract:

The recent popularity of connected and autonomous vehicles (CAV) corresponds with an increase in the risk of cyber-attacks. These cyber-attacks have been instigated by both researchers or white-coat hackers and cyber-criminals. As Connected Vehicles move towards full autonomy, the impact of these cyber-attacks also grows. The current research details challenges faced in cybersecurity testing of CAV, including access and cost of the representative test setup. Other challenges faced are lack of experts in the field. Possible solutions to how these challenges can be overcome are reviewed and discussed. From these findings, a software simulated CAV network is established as a cost-effective representative testbed. Penetration tests are then performed on this simulation, demonstrating a cyber-attack in CAV. Studies have shown Artificial Intelligence (AI) to improve runtime, increase efficiency and comprehensively cover all the typical test aspects in penetration testing in other industries. There is an attempt to introduce similar AI models to the software simulation. The expectation from this implementation is to see similar improvements in runtime and efficiency for the CAV model. If proven to be an effective means of penetration test for CAV, this methodology may be used on a full CAV test network.

Keywords: cybersecurity, connected vehicles, software simulation, artificial intelligence, penetration testing

Procedia PDF Downloads 110

Authors: M. Karaman, H. Catalkaya

Abstract:

Due to the complex nature of cyber attacks and their effects ranging from personal to governmental level, it becomes one of the priority tasks for operation planners to take into account the risks, influences and effects of cyber attacks. However it can also be embedded or integrated technically with electronic warfare planning, cyber operation planning is needed to have a sole and broadened perspective. This perspective embodies itself firstly in operational design and then military decision making process. In order to find out the ill-structured problems, understand or visualize the operational environment and frame the problem, operational design can help support cyber operation planners and commanders. After having a broadened and conceptual startup with cyber operational design, military decision making process will follow the principles of design into more concrete elements like reaching results after risk management and center of gravity analysis of our and the enemy. In this paper we tried to emphasize the importance of cyber operational design, cyber operation planning and its integration to military decision making problem. In this foggy, uncertain and unaccountable cyber security environment, it is inevitable to stay away from cyber attacks. Therefore, a cyber operational design should be formed with line of operations, decisive points and end states in cyber then a tactical military decision making process should be followed with cyber security focus in order to support the whole operation.

Keywords: cyber operational design, military decision making process (MDMP), operation planning, end state

Procedia PDF Downloads 590

Authors: Basel Halak, Christian Hall, Syed Abdul Father, Nelson Chow Wai Kit, Ruwaydah Widaad Raymode

Abstract:

The attack surface on computing devices is becoming very sophisticated, driven by the sheer increase of interconnected devices, reaching 50B in 2025, which makes it easier for adversaries to have direct access and perform well-known physical attacks. The impact of increased security vulnerability of electronic systems is exacerbated for devices that are part of the critical infrastructure or those used in military applications, where the likelihood of being targeted is very high. This continuously evolving landscape of security threats calls for a new generation of defense methods that are equally effective and adaptive. This paper proposes an intelligent defense mechanism to protect from physical tampering, it consists of a tamper detection system enhanced with machine learning capabilities, which allows it to recognize normal operating conditions, classify known physical attacks and identify new types of malicious behaviors. A prototype of the proposed system has been implemented, and its functionality has been successfully verified for two types of normal operating conditions and further four forms of physical attacks. In addition, a systematic threat modeling analysis and security validation was carried out, which indicated the proposed solution provides better protection against including information leakage, loss of data, and disruption of operation.

Keywords: anti-tamper, hardware, machine learning, physical security, embedded devices, ioT

Procedia PDF Downloads 153

Authors: Umar Mujahid, Greatzel Unabia, Hongsik Choi, Binh Tran

Abstract:

Radio Frequency Identification (RFID) is one of the most commonly used technologies in IoTs and Wireless Sensor Networks which makes the devices identification and tracking extremely easy to manage. Since RFID uses wireless channel for communication, which is open for all types of adversaries, researchers have proposed many Ultralightweight Mutual Authentication Protocols (UMAPs) to ensure security and privacy in a cost-effective manner. These UMAPs involve simple bitwise logical operators such as XOR, AND, OR & Rot, etc., to design the protocol messages. However, most of these UMAPs were later reported to be vulnerable against many malicious attacks. In this paper, we have presented a detailed overview of some eminent UMAPs and also discussed the many security attacks on them. Finally, some recommendations and suggestions have been discussed, which can improve the design of the UMAPs.

Keywords: RFID, Ultralightweight, UMAP, SASI

Procedia PDF Downloads 154

Authors: Amal Hussain Alkhaiwani, Ghadah Abdullah Almalki

Abstract:

Recently human errors have increasingly become a very high factor in security breaches that may affect confidential data, and most of the cyber data breaches are caused by human errors. With one individual mistake, the attacker will gain access to the entire network and bypass the implemented access controls without any immediate detection. Unaware employees will be vulnerable to any social engineering cyber-attacks. Providing security awareness to People is part of the company protection process; the cyber risks cannot be reduced by just implementing technology; the human awareness of security will significantly reduce the risks, which encourage changes in staff cyber-awareness. In this paper, we will focus on Human Awareness, human needs to continue the required security education level; we will review human errors and introduce a proposed solution to avoid the breach from occurring again. Recently Saudi Arabia faced many attacks with different methods of social engineering. As Saudi Arabia has become a target to many countries and individuals, we needed to initiate a defense mechanism that begins with awareness to keep our privacy and protect the confidential data against possible intended attacks.

Keywords: cybersecurity, human aspects, human errors, human mistakes, security awareness, Saudi Arabia, security program, security education, social engineering

Procedia PDF Downloads 161

Authors: Ebrahim Alrashed

Abstract:

Wireless sensor networks are vulnerable to attacks from adversaries attempting to disrupt their operations. Sink-hole attacks are a type of attack where an adversary node drops data forwarded through it and hence affecting the reliability and accuracy of the network. Since sensor nodes have limited battery power, it is essential that any solution to the sinkhole attack problem be very energy-aware. In this paper, we present a reliable and energy efficient scheme to forward data from source nodes to the base station while under sink-hole attack. The scheme also detects sink-hole attack nodes and avoid paths that includes them.

Keywords: energy-aware routing, reliability, sink-hole attack, WSN

Procedia PDF Downloads 397

Authors: Najmeh Abedzadeh, Matthew Jacobs

Abstract:

An intrusion detection system (IDS) is a software application that monitors malicious activities and generates alerts if any are detected. However, most network activities in IDS datasets are normal, and the relatively few numbers of attacks make the available data imbalanced. Consequently, cyber-attacks can hide inside a large number of normal activities, and machine learning algorithms have difficulty learning and classifying the data correctly. In this paper, a comprehensive literature review is conducted on different types of algorithms for both implementing the IDS and methods in correcting the imbalanced IDS dataset. The most famous algorithms are machine learning (ML), deep learning (DL), synthetic minority over-sampling technique (SMOTE), and reinforcement learning (RL). Most of the research use the CSE-CIC-IDS2017, CSE-CIC-IDS2018, and NSL-KDD datasets for evaluating their algorithms.

Keywords: IDS, imbalanced datasets, sampling algorithms, big data

Procedia PDF Downloads 329

Authors: Daniel Alati

Abstract:

Recent high-profile terrorist events in Canada, the United Kingdom and Europe – the London Bridge attacks, the terrorist attacks in Nice, France and Barcelona, Spain, the 2014 Ottawa Parliament attacks and the 2017 attacks in Edmonton – have all raised levels of public and academic concern with so-called “lone-wolf” and “radicalized” terrorism. Similarly, several countries outside of the “Western” world have been dealing with radicalization to violent extremism for several years. Many South East Asian countries, including Indonesia, Malaysia, Singapore and the Philippines have all had experience with what might be described as ISIS or extremist-inspired acts of terrorism. Indeed, it appears the greatest strength of groups such as ISIS has been their ability to spread a global message of violent extremism that has led to radicalization in markedly different jurisdictions throughout the world. These markedly different jurisdictions have responded with counter-radicalization strategies that warrant further comparative analysis. This paper utilizes an inter-disciplinary legal methodology. In doing so, it compares legal, political, cultural and historical aspects of the counter-radicalization strategies employed by Canada, the United Kingdom and several South East Asian countries (Indonesia, Malaysia, Singapore and the Philippines). Whilst acknowledging significant legal and political differences between these jurisdictions, the paper engages in these analyses with an eye towards understanding which best practices might be shared between the jurisdictions. In doing so, it presents valuable findings of a comparative nature that are useful to both academic and practitioner audiences in several jurisdictions.

Keywords: Canada, United Kingdom and South East Asia, comparative law and politics, radicalization to violent extremism, terrorism

Procedia PDF Downloads 346

Authors: Katie Wood

Abstract:

Cyber criminals are constantly on the lookout for new opportunities to exploit organisation and cause destruction. This could lead to significant cause of economic loss for organisations in the form of destruction in finances, reputation and even the overall survival of the organization. Additionally, this leads to serious consequences on national security. The threat of possible cyber attacks places further pressure on organisations to ensure they are secure, at a time where international scale cyber attacks have occurred in a range of sectors. Stakeholders are wanting confidence that their data is protected. This is only achievable if a business fosters a resilient supply chain strategy which is implemented throughout its supply chain by having a strong cyber leadership culture. This paper will discuss the essential role and need for organisations to adopt a cyber leadership culture and direction to learn about own internal processes to ensure mitigating systemic vulnerability of its supply chains. This paper outlines that to protect national security there is an urgent need for cyber awareness culture change. This is required in all organisations, regardless of their sector or size, to implementation throughout the whole supplier chain to support and protect economic prosperity to make the UK more resilient to cyber-attacks. Through businesses understanding the supply chain and risk management cycle of their own operates has to be the starting point to ensure effective cyber migration strategies.

Keywords: cyber leadership, cyber migration strategies, resilient supply chain strategy, cybersecurity

Procedia PDF Downloads 242

Authors: Nicole Bandow, Peter Emmermacher, Oliver Wienert, Steffen Masik, Kerstin Witte

Abstract:

Karate-kumite is a fast sport where a good perception and anticipation of movements is needed in order to respond appropriately. Perception and anticipation are therefore essential for an efficient and precise movement control and a limiting factor in karate kumite. Previous studies only used 2D video technologies combined with the occlusion technique to study anticipation in sports. These studies showed limitations in the usage of 2D video footage in regards to realism and the presentation of depth information. To overcome these issues a virtual 3D environment was developed to create a similar to real life environment. The aim of this study was to compare the differences in responses of intermediate and expert karate athletes towards temporally and spatially occluded virtual karate attacks from two attackers. Five male expert and five intermediate karate athletes responded physically to nine (3 temporal combined with 3 spatial) occluded attacks of the Gyaku-Zuki of each attacker in the 3D virtual environment. The responses were evaluated in regards to correct point of time and appropriate response technique. Significant differences between the expertises’ responses for the attackers were found. Experts respond more often correct to early information of attacks than novices.

Keywords: anticipation, karate, occlusion, virtual reality

Procedia PDF Downloads 472

Authors: Danuvasin Charoen

Abstract:

Online romance scams are conducted by criminals using social networks and dating sites. These criminals use love to deceive the victims to send them money. The victims not only lose money to the criminals, but they are also heartbroken. This study investigates how online romance scams work and why people become victims to them. The researcher also identifies the characteristics of the perpetrators and victims. The data were collected from in-depth interviews with former victims and police officers responsible for the cases. By studying the methods and characteristics of the online romance scam, we can develop effective methods and policies to reduce the rates of such crimes.

Keywords: romance scam, online scam, phishing, cybercrime

Procedia PDF Downloads 159

Authors: Kianoosh Samimi, Farhad Estakhr, Mahdi Mahdikhani, Faramaz Moodi

Abstract:

Due to their fluidity and simplicity of use, self-compacting concretes (SCCs) have undeniable advantages. In recent years, the role of metakaolin as a one of pozzolanic materials in concrete has been considered by researchers. It can modify various properties of concrete, due to high pozzolanic reactions and also makes a denser microstructure. The objective of this paper is to examine the influence of three type of Portland cement and metakaolin on fresh state, compressive strength and sulfuric acid attacks in self- consolidating concrete at early age up to 90 days of curing in lime water. Six concrete mixtures were prepared with three types of different cement as Portland cement type II, Portland Slag Cement (PSC), Pozzolanic Portland Cement (PPC) and 15% substitution of metakaolin by every cement. The results show that the metakaolin admixture increases the viscosity and the demand amount of superplasticizer. According to the compressive strength results, the highest value of compressive strength was achieved for PSC and without any metakaolin at age of 90 days. Conversely, the lowest level of compressive strength at all ages of conservation was obtained for PPC and containing 15% metakaolin. According to this study, the total substitution of PSC and PPC by Portland cement type II is beneficial to the increasing in the chemical resistance of the SCC with respect to the sulfuric acid attack. On the other hand, this increase is more noticeable by the use of 15% of metakaolin. Therefore, it can be concluded that metakaolin has a positive effect on the chemical resistance of SCC containing of Portland cement type II, PSC, and PPC.

Keywords: SCC, metakaolin, cement type, durability, compressive strength, sulfuric acid attacks

Procedia PDF Downloads 186

Authors: G. Usha, S. Kannimuthu, K. Mahalakshmi

Abstract:

Mobile Adhoc Network (MANET) is one of the most promising technologies that have applications ranging from various portable devices to military networks. MANET has no fixed infrastructure and the security of such network is a big concern. Therefore, in order to operate MANET’s securely, the misbehavior and intrusions should be detected before the attackers affect the network communication. In this article, we make a comprehensive survey against black hole attack that is a serious threat against MANET that exploits the routing behavior of the MANET. We have given broad survey solutions that detect black hole attacks in MANET. This is achieved by analyzing the techniques involved in detecting the attacks in each scheme. Furthermore, we examine about the challenges to the researchers for constructing an in-depth solution against black hole attack.

Keywords: AODV, cross layer security, mobile Adhoc network (MANET), packet delivery ratio, single layer security

Procedia PDF Downloads 407

Authors: Michael I. Okereke, Ambrose I. Akpoyomare

Abstract:

This paper presents a numerical study of the impact mechanic of metallic and sandwich structures incorporate with blast resistance enhancements. The study focuses on structures that have been exposed to improvised explosives devices (IEDs) attacks. The results show numerical conclusions on mechanisms to ensure blast resistance enhancement for the applications studied in this work. The work has identified optimal panel configuration both in geometry and configurations to ensure optimal blast resistance response to such IEDs discharges. Findings from this work will drive improvements in especially military and civilian vehicles in countries where blast attacks on vehicular occupants are quite rampant like Pakistan and Afghanistan.

Keywords: blast resistance, blast enhancement, explosives, material behavior

Procedia PDF Downloads 373

Authors: Naghmeh Moradpoor Sheykhkanloo

Abstract:

Structured Query Language Injection (SQLI) attack is a code injection technique in which malicious SQL statements are inserted into a given SQL database by simply using a web browser. Losing data, disclosing confidential information or even changing the value of data are the severe damages that SQLI attack can cause on a given database. SQLI attack has also been rated as the number-one attack among top ten web application threats on Open Web Application Security Project (OWASP). OWASP is an open community dedicated to enabling organisations to consider, develop, obtain, function, and preserve applications that can be trusted. In this paper, we propose an effective pattern recognition neural network model for detection and classification of SQLI attacks. The proposed model is built from three main elements of: a Uniform Resource Locator (URL) generator in order to generate thousands of malicious and benign URLs, a URL classifier in order to: 1) classify each generated URL to either a benign URL or a malicious URL and 2) classify the malicious URLs into different SQLI attack categories, and an NN model in order to: 1) detect either a given URL is a malicious URL or a benign URL and 2) identify the type of SQLI attack for each malicious URL. The model is first trained and then evaluated by employing thousands of benign and malicious URLs. The results of the experiments are presented in order to demonstrate the effectiveness of the proposed approach.

Keywords: neural networks, pattern recognition, SQL injection attacks, SQL injection attack classification, SQL injection attack detection

Procedia PDF Downloads 470

Authors: Muhammad Ali

Abstract:

Cyber-attacks and anomaly detection on the Internet of Things (IoT) infrastructure is emerging concern in the domain of data-driven intrusion. Rapidly increasing IoT risk is now making headlines around the world. denial of service, malicious control, data type probing, malicious operation, DDos, scan, spying, and wrong setup are attacks and anomalies that can affect an IoT system failure. Everyone talks about cyber security, connectivity, smart devices, and real-time data extraction. IoT devices expose a wide variety of new cyber security attack vectors in network traffic. For further than IoT development, and mainly for smart and IoT applications, there is a necessity for intelligent processing and analysis of data. So, our approach is too secure. We train several machine learning models that have been compared to accurately predicting attacks and anomalies on IoT systems, considering IoT applications, with ANOVA-based feature selection with fewer prediction models to evaluate network traffic to help prevent IoT devices. The machine learning (ML) algorithms that have been used here are KNN, SVM, NB, D.T., and R.F., with the most satisfactory test accuracy with fast detection. The evaluation of ML metrics includes precision, recall, F1 score, FPR, NPV, G.M., MCC, and AUC & ROC. The Random Forest algorithm achieved the best results with less prediction time, with an accuracy of 99.98%.

Keywords: machine learning, analysis of variance, Internet of Thing, network security, intrusion detection

Procedia PDF Downloads 126

Authors: Lazgeen Mohammed

Abstract:

The greatest advantage of acupuncture over western medicine is that it is safe . Unlike synthetic drugs, acupuncture has virtually no side effects, and the procedures for treating headaches are much less invasive. Migraine headaches are usually one-sided, pulsating or throbbing, and moderate or severe in intensity.. Some patients also experience auras, a neurological symptom that develops gradually over 5-20 minutes. The patient may see brief flashes or waves of light, or changes in their vision. Other common features of auras include vertigo, imbalance, confusion and numbness.Acupuncture had been used to treat 50 patients suffering from migraine ,topiramat (topamax) given to prevent the attacks, duration of treatment is 10 weeks , the patients were fallowed up for one year .Topiramat is called an anticonvulsant.Topiramat is also used to prevent migraine headaches in adults and teenagers who are at least 12 years old. This medicine will only prevent migraine headaches or reduce the number of attacks. It will not treat a headache that has already begun.

Keywords: acpuncture, migraine, topiramat, headache

Procedia PDF Downloads 71

Authors: Sharon Q. Yang, Robert J. Congleton

Abstract:

Information security is a broad concept that covers any issues and concerns about the proper access and use of information on the Internet, including measures and procedures to protect intellectual property and private data from illegal access and online theft; the act of hacking; and any defensive technologies that contest such cybercrimes. As more research and commercial activities are conducted online, cybercrimes have increased significantly, putting sensitive information at risk. Information security has become critically important for organizations and private citizens alike. Hackers scan for network vulnerabilities on the Internet and steal data whenever they can. Cybercrimes disrupt our daily life, cause financial losses, and instigate fear in the public. Since the start of the pandemic, most data related cybercrimes targets have been either financial or health information from companies and organizations. Libraries also should have a high interest in understanding and adopting information security methods to protect their patron data and copyrighted materials. But according to information security professionals, higher education and cultural organizations, including their libraries, are the least prepared entities for cyberattacks. One recent example is that of Steven’s Institute of Technology in New Jersey in the US, which had its network hacked in 2020, with the hackers demanding a ransom. As a result, the network of the college was down for two months, causing serious financial loss. There are other cases where libraries, colleges, and universities have been targeted for data breaches. In order to build an effective defense, we need to understand the most common types of cybercrimes, including phishing, whaling, social engineering, distributed denial of service (DDoS) attacks, malware and ransomware, and hacker profiles. Our research will focus on each hacking technique and related defense measures; and the social background and reasons/purpose of hacker and hacking. Our research shows that hacking techniques will continue to evolve as new applications, housing information, and data on the Internet continue to be developed. Some cybercrimes can be stopped with effective measures, while others present challenges. It is vital that people understand what they face and the consequences when not prepared.

Keywords: cybercrimes, hacking technologies, higher education, information security, libraries

Procedia PDF Downloads 135

Authors: Faisal Al Yahmadi, Muhammad R. Ahmed

Abstract:

Electric power is a fundamental necessity in the 21^st century. Consequently, any break in electric power is probably going to affect the general activity. To make the power supply smooth and efficient, a smart grid network is introduced which uses communication technology. In any communication network, security is essential. It has been observed from several recent incidents that adversary causes an interruption to the operation of networks. In order to resolve the issues, it is vital to understand the threats and vulnerabilities associated with the smart grid networks. In this paper, we have investigated the threats and vulnerabilities in Smart Grid Networks (SGN) and the few solutions in the literature. Proposed solutions showed developments in electricity theft countermeasures, Denial of services attacks (DoS) and malicious injection attacks detection model, as well as malicious nodes detection using watchdog like techniques and other solutions.

Keywords: smart grid network, security, threats, vulnerabilities

Procedia PDF Downloads 141

Authors: Mehrshad Khosraviani, Faramarz Abbaspour Leyl Abadi

Abstract:

The fundamental component of the computer network of modern information society will be considered. These networks are connected to the network of the internet generally. Due to the fact that the primary purpose of the Internet is not designed for, in recent decades, none of these networks in many of the attacks has been very important. Today, for the provision of security, different security tools and systems, including intrusion detection systems are used in the network. A common diagnosis system based on artificial immunity, the designer, the Adhasaz Foundation has been evaluated. The idea of using artificial safety methods in the diagnosis of abnormalities in computer networks it has been stimulated in the direction of their specificity, there are safety systems are similar to the common needs of m, that is non-diagnostic. For example, such methods can be used to detect any abnormalities, a variety of attacks, being memory, learning ability, and Khodtnzimi method of artificial immune algorithm pointed out. Diagnosis of the common system of education offered in this paper using only the normal samples is required for network and any additional data about the type of attacks is not. In the proposed system of positive selection and negative selection processes, selection of samples to create a distinction between the colony of normal attack is used. Copa real data collection on the evaluation of ij indicates the proposed system in the false alarm rate is often low compared to other ir methods and the detection rate is in the variations.

Keywords: artificial immune system, abnormality detection, intrusion detection, computer networks

Procedia PDF Downloads 355

Authors: Zhiyong Shan, Preethi Santhanam, Vinod Namboodiri, Rajiv Bagai

Abstract:

In recent years, the emerging network worms and attacks have distributive characteristics, which can spread globally in a very short time. Security management crossing networks to co-defense network-wide attacks and improve the efficiency of security administration is urgently needed. We propose a hierarchical distributed network security management system (HD-NSMS), which can integrate security management across multiple networks. First, we describe the system in macrostructure and microstructure; then discuss three key problems when building HD-NSMS: device model, alert mechanism, and emergency response mechanism; lastly, we describe the implementation of HD-NSMS. The paper is valuable for implementing NSMS in that it derives from a practical network security management system (NSMS).

Keywords: network security management, device organization, emergency response, cross-network

Procedia PDF Downloads 169

Authors: Shinoy Vengaramkode Bhaskaran

Abstract:

The advancement of cloud computing led to a variety of security issues for both consumers and industries. Whereas machine learning (ML) is one approach to securing Cloud-based systems. Various methods have been employed to prevent or detect attacks and security vulnerabilities on the Cloud using ML techniques. In this paper, we present an ML perspective on the methodologies and techniques of cloud security. Initially, an investigative study on cloud computing is conducted with a primary emphasis on the gaps with two research questions that are impeding the adoption of cloud technology, as well as the challenges associated with threat solutions. Next, some ideas are generated based on machine learning methods to mitigate certain types of attacks that are frequently discussed through the application of ML techniques. Finally, we review different machine learning algorithms and their adoption in cloud computing.

Keywords: artificial intelligence, machine learning, cloud computing infrastructure as a service, support vector machine, platform as a service

Procedia PDF Downloads 6

Authors: Haydar Teymourlouei

Abstract:

Cybersecurity is one of the greatest challenges society faces in an age revolving around technological development. With cyber-attacks on the continuous rise, the nation needs to understand and learn ways that can prevent such attacks. A major contribution that can change the education system is to implement laboratories and competitions into academia. This method can improve and educate students with more hands-on exercises in a highly motivating setting. Considering the fact that students are the next generation of the nation’s workforce, it is important for students to understand concepts not only through books, but also through actual hands-on experiences in order for them to be prepared for the workforce. An effective cybersecurity education system is critical for creating a strong cyber secure workforce today and for the future. This paper emphasizes the need for awareness and the need for competitions and cybersecurity laboratories to be implemented into the education system.

Keywords: awareness, competition, cybersecurity, laboratories, workforce

Procedia PDF Downloads 334

Authors: Sandro Bartolini, Alessandro Mecocci, Alessio Medaglini

Abstract:

The growing popularity of systems based on unmanned aerial vehicles (UAVs) is highlighting their vulnerability, particularly in relation to the positioning system used. Typically, UAV architectures use the civilian GPS, which is exposed to a number of different attacks, such as jamming or spoofing. This is why it is important to develop alternative methodologies to accurately estimate the actual UAV position without relying on GPS measurements only. In this paper, we propose a position estimate method for UAVs based on monocular visual odometry. We have developed a flight control system capable of keeping track of the entire trajectory travelled, with a reduced dependency on the availability of GPS signals. Moreover, the simplicity of the developed solution makes it applicable to a wide range of commercial drones. The final goal is to allow for safer flights in all conditions, even under cyber-attacks trying to deceive the drone.

Keywords: visual odometry, autonomous uav, position measurement, autonomous outdoor flight

Procedia PDF Downloads 220

Authors: Diane H. Dotson, Shari L. Rodriguez

Abstract:

Habitat for predators is on the decline worldwide, which often brings humans and predators into conflict over remaining shared space and common resources. While the direct impacts of human predator conflict on humans (i.e., attacks on livestock or humans resulting in injury or death) are well documented, the indirect impacts of conflict on humans (i.e., downstream effects such as fear, stress, opportunity costs, PTSD) have not been addressed. We interviewed 437 people living in 54 villages on the periphery of Kanha National Park, India, to assess the amount and severity of direct and indirect impacts of predator conflict. ​While 58% of livestock owners believed that predator attacks on livestock guards occurred frequently and 62% of those who collect forest products believed that predator attacks on those collecting occurred frequently, less than 20% of all participants knew of someone who had experienced an attack. Data related to indirect impacts suggest that such impacts are common; 76% of participants indicated they were afraid a predator will physically injure them. Livestock owners reported that livestock guarding took time away from their primary job (61%) and getting enough sleep (73%), and believed that it increased their vulnerability to illnesses (80%). These results suggest that the perceptions of risk of predator attack are likely inflated, yet the costs of human predator impacts may be substantially higher than previously estimated, particularly related to human well-being, making the implementation of appropriate and effective conservation and conflict mitigation strategies and policies increasingly urgent.

Keywords: direct impacts, indirect impacts, human-predator conflict, India

Procedia PDF Downloads 156

Authors: Massimo Miccoli, Luca Marangoni, Alberto Aniello Scaringi, Alessandro Marceddu, Alessandro Amicone

Abstract:

The susceptibility of deep neural networks (DNNs) to adversarial manipulations is a recognized challenge within the computer vision domain. Adversarial examples, crafted by adding subtle yet malicious alterations to benign images, exploit this vulnerability. Various defense strategies have been proposed to safeguard DNNs against such attacks, stemming from diverse research hypotheses. Building upon prior work, our approach involves the utilization of autoencoder models. Autoencoders, a type of neural network, are trained to learn representations of training data and reconstruct inputs from these representations, typically minimizing reconstruction errors like mean squared error (MSE). Our autoencoder was trained on a dataset of benign examples; learning features specific to them. Consequently, when presented with significantly perturbed adversarial examples, the autoencoder exhibited high reconstruction errors. The architecture of the autoencoder was tailored to the dimensions of the images under evaluation. We considered various image sizes, constructing models differently for 256x256 and 512x512 images. Moreover, the choice of the computer vision model is crucial, as most adversarial attacks are designed with specific AI structures in mind. To mitigate this, we proposed a method to replace image-specific dimensions with a structure independent of both dimensions and neural network models, thereby enhancing robustness. Our multi-modal autoencoder reconstructs the spectral representation of images across the red-green-blue (RGB) color channels. To validate our approach, we conducted experiments using diverse datasets and subjected them to adversarial attacks using models such as ResNet50 and ViT_L_16 from the torch vision library. The autoencoder extracted features used in a classification model, resulting in an MSE (RGB) of 0.014, a classification accuracy of 97.33%, and a precision of 99%.

Keywords: adversarial attacks, malicious images detector, binary classifier, multimodal transformer autoencoder

Procedia PDF Downloads 114

Authors: Vikram Prabhu, Mohammad Shikh Bahaei

Abstract:

This paper depicts the implementation of a new infallible technique to protect an Unmanned Aerial Vehicle from cyber-attacks. An Unmanned Aerial Vehicle (UAV) could be vulnerable to cyber-attacks because of jammers or eavesdroppers over the network which pose as a threat to the security of the UAV. In the field of network security, there are quite a few protocols which can be used to establish a secure connection between UAVs and their Operators. In this paper, we discuss how the Interlock Protocol could be implemented to foil the Man-in-the-Middle Attack. In this case, Wireshark has been used as the sniffer (man-in-the-middle). This paper also shows a comparison between the Interlock Protocol and the TCP Protocols using cryptcat and netcat and at the same time highlights why the Interlock Protocol is the most efficient security protocol to prevent eavesdropping over the communication channel.

Keywords: interlock protocol, Diffie-Hellman algorithm, unmanned aerial vehicles, control station, man-in-the-middle attack, Wireshark

Procedia PDF Downloads 301