Search results for: malicious observer

Authors: Hong Lu, Wei Fan, Yongquan Zhang, Junbo Zhang

Abstract:

A cross coupling sliding synchronization control strategy is proposed for the dual-driving feed system. This technology will minimize the position error oscillation and achieve the precise synchronization performance in the high speed and high precision drive system, especially some high speed and high precision machine. Moreover, a cross coupling compensation matrix is provided to offset the mismatched disturbance and the disturbance observer is established to eliminate the chattering phenomenon. Performance comparisons of proposed dual-driving cross coupling sliding mode control (CCSMC), normal cross coupling control （CCC） strategy with PID control, and electronic virtual main shaft control (EVMSC) strategy with SMC control are investigated by simulation and a dual-driving control system; the results show the effectiveness of the proposed control scheme.

Keywords: cross coupling matrix, dual motors, synchronization control, sliding mode control

Procedia PDF Downloads 359

Authors: A: Asmawi, L. S. Affendey, N. I. Udzir, R. Mahmod

Abstract:

The topic of enhancing security in XML databases is important as it includes protecting sensitive data and providing a secure environment to users. In order to improve security and provide dynamic access control for XML databases, we presented XLog file to calculate user trust values by recording users’ bad transaction, errors and query severities. Severity-aware trust-based access control for XML databases manages the access policy depending on users' trust values and prevents unauthorized processes, malicious transactions and insider threats. Privileges are automatically modified and adjusted over time depending on user behaviour and query severity. Logging in database is an important process and is used for recovery and security purposes. In this paper, the Xlog file is presented as a dynamic and temporary log file for XML databases to enhance the level of security.

Keywords: XML database, trust-based access control, severity-aware, trust values, log file

Procedia PDF Downloads 295

Authors: Umar Albalawi, Sang C. Suh, Jinoh Kim

Abstract:

As internet continues to expand its usage with an enormous number of applications, cyber-threats have significantly increased accordingly. Thus, accurate detection of malicious traffic in a timely manner is a critical concern in today’s Internet for security. One approach for intrusion detection is to use Machine Learning (ML) techniques. Several methods based on ML algorithms have been introduced over the past years, but they are largely limited in terms of detection accuracy and/or time and space complexity to run. In this work, we present a novel method for intrusion detection that incorporates a set of supervised learning algorithms. The proposed technique provides high accuracy and outperforms existing techniques that simply utilizes a single learning method. In addition, our technique relies on partial flow information (rather than full information) for detection, and thus, it is light-weight and desirable for online operations with the property of early identification. With the mid-Atlantic CCDC intrusion dataset publicly available, we show that our proposed technique yields a high degree of detection rate over 99% with a very low false alarm rate (0.4%).

Keywords: intrusion detection, supervised learning, traffic classification, computer networks

Procedia PDF Downloads 345

Authors: Michael Okeke, Andrew Blyth

Abstract:

Supervisory Control And Data Acquisition (SCADA) as the state of the art Industrial Control Systems (ICS) are used in many different critical infrastructures, from smart home to energy systems and from locomotives train system to planes. Security of SCADA systems is vital since many lives depend on it for daily activities and deviation from normal operation could be disastrous to the environment as well as lives. This paper describes how No-Trust-Zone (NTZ) architecture could be incorporated into SCADA Systems in order to reduce the chances of malicious intent. The architecture is made up of two distinctive parts which are; the field devices such as; sensors, PLCs pumps, and actuators. The second part of the architecture is designed following lambda architecture, which is made up of a detection algorithm based on Particle Swarm Optimization (PSO) and Hadoop framework for data processing and storage. Apache Spark will be a part of the lambda architecture for real-time analysis of packets for anomalies detection.

Keywords: industrial control system (ics, no-trust-zone (ntz), particle swarm optimisation (pso), supervisory control and data acquisition (scada), swarm intelligence (SI)

Procedia PDF Downloads 338

Authors: K. Thiagarajan, K. Saranya, A. Veeraiah, B. Sudha

Abstract:

This paper presents a novel algorithm for secure, reliable and flexible transmission of big data in two hop wireless networks using cooperative jamming scheme. Two hop wireless networks consist of source, relay and destination nodes. Big data has to transmit from source to relay and from relay to destination by deploying security in physical layer. Cooperative jamming scheme determines transmission of big data in more secure manner by protecting it from eavesdroppers and malicious nodes of unknown location. The novel algorithm that ensures secure and energy balance transmission of big data, includes selection of data transmitting region, segmenting the selected region, determining probability ratio for each node (capture node, non-capture and eavesdropper node) in every segment, evaluating the probability using binary based evaluation. If it is secure transmission resume with the two- hop transmission of big data, otherwise prevent the attackers by cooperative jamming scheme and transmit the data in two-hop transmission.

Keywords: big data, two-hop transmission, physical layer wireless security, cooperative jamming, energy balance

Procedia PDF Downloads 482

Authors: Ceyda Sensin

Abstract:

Chios Island in Greece hosts many refugees from the Middle East since the Turkey-EU Refugee Deal. Thus, it has become commonplace for non-governmental organizations (NGO) to provide help for refugees in various ways. The purpose of this research is to identify ways in which improvements can be made in the educational services offered to young adult refugees (age group 14-22) by the NGO’s. To meet this aim, an unstructured observational technique was used in this qualitative study. The data was collected as a participant observer in February 2018. According to the observations made in this study, it came out that international NGOs may utilize volunteering team members on an urgent basis since they are a free resource from all around the world. In this study, it was observed that the volunteering team members without any teaching qualifications or teaching experience have struggled with reaching refugee students with or without potential mental health problems from exposure to stress, turmoil and trauma. Therefore, this study highly recommends the use of more relevantly trained professionals, alongside the volunteer staff. Alternatively, the volunteer staffs need to have teacher training and periodical refresher training.

Keywords: ethnographic study, non-governmental organizations, refugees, qualitative research method

Procedia PDF Downloads 296

Authors: S. Vanker, A. Aaver, A. Roio, L. Nuut

Abstract:

To be sure about the effective and less effective/ineffective approaches to course instruction, we hold the opinion that the faculty members need regular feedback from their students in order to be aware of how well or unwell their teaching styles have worked when instructing the courses. It can be confirmed without a slightest hesitation that undergraduate students’ motivated-ness can be sustained when continually improving the quality of teaching and properly sequencing the academic courses both, in the curricula and timetables. At Estonian Aviation Academy, four different forms of feedback are used: Lecture monitoring, questionnaires for all students, study information system subject monitoring and direct feedback received by the lecturer. Questionnaires for all students are arranged once during a study year and separately for the first year and senior students. The results are discussed in academic departments together with student representatives, analyzed with the teaching staff and, if needed, improvements are suggested. In addition, a monitoring system is planned where a lecturer acts in both roles – as an observer and as the lecturer. This will foster better exchange of experience and through this help to make the whole study process more interesting.

Keywords: learner motivation, feedback, student support, undergraduate education

Procedia PDF Downloads 317

Authors: Hossein Mohammadi Rouzbahani, Hadis Karimipour, Evan Fraser, Ali Dehghantanha, Emily Duncan, Arthur Green, Conchobhair Russell

Abstract:

Human population growth has driven rising demand for food that has, in turn, imposed huge impacts on the environment. In an effort to reconcile our need to produce more sustenance while also protecting the world’s ecosystems, farming is becoming more reliant on smart tools and communication technologies. Developing a smart farming framework allows farmers to make more efficient use of inputs, thus protecting water quality and biodiversity habitat. Internet of Things (IoT), which has revolutionized every sphere of the economy, is being applied to agriculture by connecting on-farm devices and providing real-time monitoring of everything from environmental conditions to market signals through to animal health data. However, utilizing IoT means farming networks are now vulnerable to malicious activities, mostly when wireless communications are highly employed. With that in mind, this research aims to review different utilized communication technologies in smart farming. Moreover, possible cyber-attacks are investigated to discover the vulnerabilities of communication technologies considering the most frequent cyber-attacks that have been happened.

Keywords: smart farming, Internet of Things, communication layer, cyber-attack

Procedia PDF Downloads 238

Authors: Courret Gilles, Pidoux Damien

Abstract:

Considering that sunshine is the ultimate reference in lighting, we have examined the spectral correlation between a series of electric light sources and sunlight. As the latter is marked by fluctuations, we have taken two spectra of reference: on the one hand, the CIE daylight standard illuminant, and on the other hand, the global illumination by the clear sky with the sun at 30° above the horizon. We determined the coefficients of correlation between the spectra filtered by the sensitivity of the CIE standard observer for photopic vision. We also calculated the luminous efficiency of the radiation in order to compare the ideal energy performances as well as the CIE color indexes Ra, Ra14, and Rf, since the choice of a light source requires a trade-off between color rendering and luminous efficiency. The benchmarking includes the most commonly used bulbs, various white LED (Lighting Emitting Diode) of warm white or cold white types, incandescent halogen as well as two HID lamps (High-Intensity Discharge) and two plasma lamps of different types, a solar simulator and a new version of the sulfur lamp. The latter obtains the best correlation, whether in comparison with the solar spectrum or that of the standard illuminant.

Keywords: electric light sources, plasma lamp, daylighting, sunlight, spectral correlation

Procedia PDF Downloads 177

Authors: Khan Farhan Rafat, M. Junaid Hussain

Abstract:

Seamless modification of an entity for the purpose of hiding a message of significance inside its substance in a manner that the embedding remains oblivious to an observer is known as steganography. Together with today's pervasive registering frameworks, steganography has developed into a science that offers an assortment of strategies for stealth correspondence over the globe that must, however, need a critical appraisal from security breach standpoint. Microsoft Word is amongst the preferably used word processing software, which comes as a part of the Microsoft Office suite. With a user-friendly graphical interface, the richness of text editing, and formatting topographies, the documents produced through this software are also most suitable for stealth communication. This research aimed not only to epitomize the fundamental concepts of steganography but also to expound on the utilization of Microsoft Word document as a carrier for furtive message exchange. The exertion is to examine contemporary message hiding schemes from security aspect so as to present the explorative discoveries and suggest enhancements which may serve a wellspring of information to encourage such futuristic research endeavors.

Keywords: hiding information in plain sight, stealth communication, oblivious information exchange, conceal, steganography

Procedia PDF Downloads 235

Authors: John Onyima, Ikechukwu Ezepue

Abstract:

Virtualization and cloud computing are among the fast-growing computing innovations in recent times. Organisations all over the world are moving their computing services towards the cloud this is because of its rapid transformation of the organization’s infrastructure and improvement of efficient resource utilization and cost reduction. However, this technology brings new security threats and challenges about safety, reliability and data confidentiality. Evidently, no single security technique can guarantee security or protection against malicious attacks on a cloud computing network hence an integrated model of intrusion detection and prevention system has been proposed. Anomaly-based and signature-based detection techniques will be integrated to enable the network and its host defend themselves with some level of intelligence. The anomaly-base detection was implemented using the local deviation factor graph-based (LDFGB) algorithm while the signature-based detection was implemented using the snort algorithm. Results from this collaborative intrusion detection and prevention techniques show robust and efficient security architecture for cloud computing networks.

Keywords: anomaly-based detection, cloud computing, intrusion detection, intrusion prevention, signature-based detection

Procedia PDF Downloads 295

Authors: Jean Rosemond Dora, Karol Nemoga

Abstract:

In this work, we tackle a frequent problem that frequently occurs in the cybersecurity field which is the exploitation of websites by XSS attacks, which are nowadays considered a complicated attack. These types of attacks aim to execute malicious scripts in a web browser of the client by including code in a legitimate web page. A serious matter is when a website accepts the “user-input” option. Attackers can exploit the web application (if vulnerable), and then steal sensitive data (session cookies, passwords, credit cards, etc.) from the server and/or from the client. However, the difficulty of the exploitation varies from website to website. Our focus is on the usage of ontology in cybersecurity against XSS attacks, on the importance of the ontology, and its core meaning for cybersecurity. We explain how a vulnerable website can be exploited, and how different JavaScript payloads can be used to detect vulnerabilities. We also enumerate some tools to use for an efficient analysis. We present detailed reasoning on what can be done to improve the security of a website in order to resist attacks, and we provide supportive examples. Then, we apply an ontology model against XSS attacks to strengthen the protection of a web application. However, we note that the existence of ontology does not improve the security itself, but it has to be properly used and should require a maximum of security layers to be taken into account.

Keywords: cybersecurity, web application vulnerabilities, cyber threats, ontology model

Procedia PDF Downloads 167

Authors: Muhammad Awais

Abstract:

Study on the nesting biology of the House Crow Corvus splendens was conducted at Hazara University, Garden Campus (125 acres), Mansehra during the 2013 breeding season (June to September). Details about nest locations, tree characteristics, nest and egg characteristics were recorded. Mean nest density of House Crow was 2.4 nests/ acre. Mean tree and nest height were 14.8±6.30 and 11.8±5.42m. Mean tree canopy spread 9.5±2.48m. Mean maximum and minimum nest diameters were 42.3±2.08 and 39.0±1.73cm respectively while maximum and minimum diameters of nest cup were 15.6±1.52 and 13.3±1.15cm respectively. Nest depth and nest cup depth were measured 19.3±2.08 and 8.3±1.15cm respectively. Mean nest weight was 1.4±0.24 kg. Mean clutch size was 4.0 (ranged 1–6). Mean egg length was 38.6±0.69mm, breadth 26.0±0.69mm, egg volume 13.3±0.83cm3 and egg shape index 1.42±0.83. Mean egg weight was 12.3±0.70g. Egg and nest success was calculated 55.1% and 69.0%. Hatchlings and fledglings produced per nest were 2.20 and 1.44 respectively. Main reasons for reproductive failures were unhatched eggs, poor nest construction, bad weather conditions and observer’s disturbance.

Keywords: breeding, Corvus splendens, fledglings, Hazara university, house crow, Mansehra, populus orientalis

Procedia PDF Downloads 400

Authors: Tomas Menard

Abstract:

The synthesis of output-feedback control law has been investigated by many researchers since the last century. While many results exist for the case of Linear Time Invariant systems whose measurements are continuously available, nowadays, control laws are usually implemented on micro-controller, then the measurements are discrete-time by nature. This fact has to be taken into account explicitly in order to obtain a satisfactory behavior of the closed-loop system. One considers here a general class of systems corresponding to an observability normal form and which is subject to uncertainties in the dynamics and sampling of the output. Indeed, in practice, the modeling of the system is never perfect, this results in unknown uncertainties in the dynamics of the model. We propose here an output feedback algorithm which is based on a linear state feedback and a continuous-discrete time observer. The main feature of the proposed control law is that only discrete-time measurements of the output are needed. Furthermore, it is formally proven that the state of the closed loop system exponentially converges toward the origin despite the unknown uncertainties. Finally, the performances of this control scheme are illustrated with simulations.

Keywords: dynamical systems, output feedback control law, sampling, uncertain systems

Procedia PDF Downloads 280

Authors: Jinshuo Zhang

Abstract:

Lucid dreams(LD) are the mental states in which people are aware that they are dreaming, which is a rising interdisciplinary topic among psychologists, neuroscientists and spiritual practitioners. From a phenomenological perspective, this research explores the self-consciousness structure in lucid dreams, particularly focusing on the self-reference structure between lucidity(the observer) and the dream ego(the observed). The main argument of this paper is that the self-structure in lucid dreams is a single-level paradigm. In this paper, the phenomenological characteristics of lucidity in LD are carefully unfolded. The appearance of lucidity is the most significant part of understanding the self-structure and the consciousness in dreams, which is also related to the “Six Bardos practices” in Tibetan Buddhism. In the second section, this research investigates the referential relationship between"lucidity" and "the dream ego" using the phenomenological resource of subjectivity theory, as well as referring to many cases in the psychological labs. Despite the appearance of various consciousness layers in lucid dreams, according to this paper, they are all part of a single-level consciousness paradigm. Dream ego is transparent, and dream lucidity can grasp it directly and thoroughly during LD. This research also responds to some potential criticisms and engages in current debates about the self-structure issue in lucid dreams, as well as discussing some future research prospects for dreams and lucid dreams.

Keywords: lucid dream, self-awareness, phenomenological perspective, high-order theory, one-level consciousness

Procedia PDF Downloads 92

Authors: Noureddine Mohtaram, Jeremy Patrix, Jerome Verny

Abstract:

As an enormous number of online services have been developed into web applications, security problems based on web applications are becoming more serious now. Most intrusion detection systems rely on each request to find the cyber-attack rather than on user behavior, and these systems can only protect web applications against known vulnerabilities rather than certain zero-day attacks. In order to detect new attacks, we analyze the HTTP protocols of web servers to divide them into two categories: normal attacks and malicious attacks. On the other hand, the quality of the results obtained by deep learning (DL) in various areas of big data has given an important motivation to apply it to cybersecurity. Deep learning for attack detection in cybersecurity has the potential to be a robust tool from small transformations to new attacks due to its capability to extract more high-level features. This research aims to take a new approach, deep learning to cybersecurity, to classify these two categories to eliminate attacks and protect web servers of the defense sector which encounters different web traffic compared to other sectors (such as e-commerce, web app, etc.). The result shows that by using a machine learning method, a higher accuracy rate, and a lower false alarm detection rate can be achieved.

Keywords: anomaly detection, HTTP protocol, logs, cyber attack, deep learning

Procedia PDF Downloads 205

Authors: Yong Wook Kim

Abstract:

The purpose of this study is to develop an instruction analysis checklist applicable to inclusive setting based on the Universal Design for Learning Guideline 2.0. To do this, two self-validation reviews, two expert validity reviews, and two usability evaluations were conducted based on the Universal Design for Learning Guideline 2.0. After validation and usability evaluation, a total of 36 items consisting of 4 items for each instruction was developed. In all questions, examples are presented for the purpose of reinforcing concrete. All the items were judged by the 3-point scale. The observation results were provided through a radial chart allowing SWOT analysis of the universal design for learning of teachers. The developed checklist provides a description of the principles and guidelines in the checklist itself as it requires a thorough understanding by the observer of the universal design for learning through prior education. Based on the results of the study, the instruction criteria, the specificity of the criteria, the number of questions, and the method of arrangement were discussed. As a future research, this study proposed the characteristics of application of universal design for learning for each subject, the comparison with the observation results through the self-report teaching tool, and the continual revision and supplementation of the lecture checklist.

Keywords: inclusion, universal design for learning, instruction analysis, instruction checklist

Procedia PDF Downloads 277

Authors: Yousif Mohamed Y. Abdallah, Eltayeb Wagallah

Abstract:

Image enhancement allows the observer to see details in images that may not be immediately observable in the original image. Image enhancement is the transformation or mapping of one image to another. The enhancement of certain features in images is accompanied by undesirable effects. To achieve maximum image quality after denoising, a new, low order, local adaptive Gaussian scale mixture model and median filter were presented, which accomplishes nonlinearities from scattering a new nonlinear approach for contrast enhancement of bones in bone scan images using both gamma correction and negative transform methods. The usual assumption of a distribution of gamma and Poisson statistics only lead to overestimation of the noise variance in regions of low intensity but to underestimation in regions of high intensity and therefore to non-optional results. The contrast enhancement results were obtained and evaluated using MatLab program in nuclear medicine images of the bones. The optimal number of bins, in particular the number of gray-levels, is chosen automatically using entropy and average distance between the histogram of the original gray-level distribution and the contrast enhancement function’s curve.

Keywords: bone scan, nuclear medicine, Matlab, image processing technique

Procedia PDF Downloads 500

Authors: Amjed Sid Ahmed, Rosilah Hassan, Nor Effendy Othman

Abstract:

Limited functioning of the Internet Protocol version 4 (IPv4) has necessitated the development of the Internetworking Protocol next generation (IPng) to curb the challenges. Indeed, the IPng is also referred to as the Internet Protocol version 6 (IPv6) and includes the Neighbor Discovery Protocol (NDP). The latter performs the role of Address Auto-configuration, Router Discovery (RD), and Neighbor Discovery (ND). Furthermore, the role of the NDP entails redirecting the service, detecting the duplicate address, and detecting the unreachable services. Despite the fact that there is an NDP’s assumption regarding the existence of trust the links’ nodes, several crucial attacks may affect the Protocol. Internet Engineering Task Force (IETF) therefore has recommended implementation of Secure Neighbor Discovery Protocol (SEND) to tackle safety issues in NDP. The SEND protocol is mainly used for validation of address rights, malicious response inhibiting techniques and finally router certification procedures. For routine running of these tasks, SEND utilizes on the following options, Cryptographically Generated Address (CGA), RSA Signature, Nonce and Timestamp option. CGA is produced at extra high costs making it the most notable disadvantage of SEND. In this paper a clear description of the constituents of CGA, its operation and also recommendations for improvements in its generation are given.

Keywords: CGA, IPv6, NDP, SEND

Procedia PDF Downloads 381

Authors: Aamir Shahzad, Hubert Roth

Abstract:

This paper is presenting the bilateral telecontrol of AutoMerlin Mobile Robot having communication delay. Passivity Observers has been designed to monitor the net energy at both ports of a two port network and if any or both ports become active making net energy negative, then the passivity controllers dissipate the proper energy to make the overall system passive in the presence of time delay. The environment force is modeled and sent back to human operator so that s/he can feel it and has additional information about the environment in the vicinity of mobile robot. The experimental results have been presented to show the performance and stability of bilateral controller. The results show the whenever the passivity observers observe active behavior then the passivity controller come into action to neutralize the active behavior to make overall system passive.

Keywords: bilateral control, human operator, haptic device, communication network, time domain passivity control, passivity observer, passivity controller, time delay, mobile robot, environment force

Procedia PDF Downloads 387

Authors: Seyyed Hossein Alavi, Soudabe Mehri Talarposhti

Abstract:

Passages urban landscape is made up of various components that the component parts of the whole and vice versa has relationships. In today’s cities, we have not seen a dual relationship and only one side of the equation which is the relationships of the component parts are considered. However, the effect of the component to whole is stronger and also longer. This means that every time the outer shell of the building was constructed instant impact on the viewers while it takes a long time to understand the impact of the building in its environment and basically, it seems city portrait has the sensory and untouchable effect on observer. Today, building facades are designated individually and in isolation from the context. Designers are familiar with the details of the facade, but they are not informed with the science of combination and its impact on portrait. The importance of city and also more important than that, the city portrait haven’t confirmed for those involved in the building and authorities and the construction been changed to a market for more glaring taste of designers and attracting more business and the city and its landscape has been forgotten. This essay is an attempt to collect a part of the principles and definitions needed on perspective issues and portrait, and it is hoped that it will open arena for more research and studies in this field and other related fields.

Keywords: facade, urban housing, urban design, sustainable architecture

Procedia PDF Downloads 479

Authors: Ifegbo Lawrencia Ifegbo

Abstract:

Nigeria is a country with many ethnic groups and therefore endowed with festival of different types and nature, yet no concerted effort is committed towards their development for cultural tourism. This paper assessed the adequacy of tourism potential of the festivals, and most importantly investigated the impediments surrounding their non-development. Ikeji, a masquerade festival of the people of Arondizuogu clan in Imo State of Nigeria was selected for the study. Ethnographic research using observer-as-participant technique was used for conducting the study. This was supplemented by focused group discussion (FGD), key informant and unstructured interviews. The result revealed that there exist so much potentials like masquerading, cultural dances, native and highlife music, drumming, role reversals and traditional dishes in the festival. It was further deduced that poor supply of amenities and infrastructural facilities, insecurity of life, lack of trained indigenous experts in tourism, lack of awareness and publicity for the festival on the part of the host communities were responsible for the non-development into tourism destinations. The implication of this is that unless the government resolves to provide the needed resources for the development of the enormous festivals, and restores security and peace in the country, cultural tourism will rarely thrive in Nigeria.

Keywords: festivals, cultural tourism, tourism potential, cultural resources, tourism development

Procedia PDF Downloads 330

Authors: Manvar Sagar, Nikul Virpariya

Abstract:

The advancement in data mining techniques plays an important role in many applications. In context of privacy and security issues, the problems caused by association rule mining technique are investigated by many research scholars. It is proved that the misuse of this technique may reveal the database owner’s sensitive and private information to others. Many researchers have put their effort to preserve privacy in Association Rule Mining. Amongst the two basic approaches for privacy preserving data mining, viz. Randomization based and Cryptography based, the later provides high level of privacy but incurs higher computational as well as communication overhead. Hence, it is necessary to explore alternative techniques that improve the over-heads. In this work, we propose an efficient, collusion-resistant cryptography based approach for distributed Association Rule mining using Shamir’s secret sharing scheme. As we show from theoretical and practical analysis, our approach is provably secure and require only one time a trusted third party. We use secret sharing for privately sharing the information and code based identification scheme to add support against malicious adversaries.

Keywords: Privacy, Privacy Preservation in Data Mining (PPDM), horizontally partitioned database, EMHS, MFI, shamir secret sharing

Procedia PDF Downloads 403

Authors: Alaa A. Almarzuki, Nora A. Farraj, Aisha M. Alshiky, Omar A. Batarfi

Abstract:

The number of internet users is dramatically increased every year. Most of these users are exposed to the dangers of attackers in one way or another. The reason for this lies in the presence of many weaknesses that are not known for native users. In addition, the lack of user awareness is considered as the main reason for falling into the attackers’ snares. Cross Site Request Forgery (CSRF) has placed in the list of the most dangerous threats to security in OWASP Top Ten for 2013. CSRF is an attack that forces the user’s browser to send or perform unwanted request or action without user awareness by exploiting a valid session between the browser and the server. When CSRF attack successes, it leads to many bad consequences. An attacker may reach private and personal information and modify it. This paper aims to detect and prevent a specific type of CSRF, called reflected CSRF. In a reflected CSRF, a malicious code could be injected by the attackers. This paper explores how CSRF Detection Extension prevents the reflected CSRF by checking browser specific information. Our evaluation shows that the proposed solution succeeds in preventing this type of attack.

Keywords: CSRF, CSRF detection extension, attackers, attacks

Procedia PDF Downloads 410

Authors: M. Okeke, A. Blyth

Abstract:

Industrial Control Systems (ICS) such as Supervisory Control And Data Acquisition (SCADA) can be seen in many different critical infrastructures, from nuclear management to utility, medical equipment, power, waste and engine management on ships and planes. The role SCADA plays in critical infrastructure has resulted in a call to secure them. Many lives depend on it for daily activities and the attack vectors are becoming more sophisticated. Hence, the security of ICS is vital as malfunction of it might result in huge risk. This paper describes how the application of Prey Predator (PP) approach in flocks of birds could enhance the detection of malicious activities on ICS. The PP approach explains how these animals in groups or flocks detect predators by following some simple rules. They are not necessarily very intelligent animals but their approach in solving complex issues such as detection through corporation, coordination and communication worth emulating. This paper will emulate flocking behavior seen in birds in detecting predators. The PP approach will adopt six nearest bird approach in detecting any predator. Their local and global bests are based on the individual detection as well as group detection. The PP algorithm was designed following MapReduce methodology that follows a Split Detection Convergence (SDC) approach.

Keywords: artificial life, industrial control system (ICS), IDS, prey predator (PP), SCADA, SDC

Procedia PDF Downloads 298

Authors: M. Z. Abdul Rofiq Badril Rizal

Abstract:

This research is aimed to know the improvement of students’ English writing skill by using brainstorming technique. The technique used in writing is able to help the students’ difficulties in generating ideas and to lead the students to arrange the ideas well as well as to focus on the topic developed in writing. The research method used is classroom action research. The data sources of the research are an English teacher who acts as an observer and the students of class X.MIA5 consist of 35 students. The test result and observation are collected as the data in this research. Based on the research result in cycle one, the percentage of students who reach minimum accomplishment criteria (MAC) is 76.31%. It shows that the cycle must be continued to cycle two because the aim of the research has not accomplished, all of the students’ scores have not reached MAC yet. After continuing the research to cycle two and the weaknesses are improved, the process of teaching and learning runs better. At the test which is conducted in the end of learning process in cycle two, all of the students reach the minimum score and above 76 based on the minimum accomplishment criteria. It means the research has been successful and the percentage of students who reach minimum accomplishment criteria is 100%. Therefore, the writer concludes that brainstorming technique is able to improve the students’ English writing skill at the tenth grade of SMAN 2 Jember.

Keywords: brainstorming technique, improving, writing skill, knowledge and innovation engineering

Procedia PDF Downloads 360

Authors: Islam Khalil, Amr El-Kadi

Abstract:

With the increased use of web technologies, microservices, and Application Programming Interface (API) for integration between systems, and with the development of containerization of services on the operating system level as a method of isolating system execution and for easing the deployment and scaling of systems, there is a growing need as well as opportunities for providing platforms that improve the security of such services. In our work, we propose an architecture for a containerization platform that utilizes various concepts derived from the human immune system. The goal of the proposed containerization platform is to introduce the concept of slowing down or throttling suspected malicious digital pathogens (intrusions) to reduce their damage footprint while providing more opportunities for forensic inspection of suspected pathogens in addition to the ability to snapshot, rollback, and recover from possible damage. The proposed platform also leverages existing intrusion detection algorithms by integrating and orchestrating their cooperative operation for more effective intrusion detection. We show how this model reduces the damage footprint of intrusions and gives a greater time window for forensic investigation. Moreover, during our experiments, our proposed platform was able to uncover unintentional system design flaws that resulted in internal DDoS-like attacks by submodules of the system itself rather than external intrusions.

Keywords: containers, human immunity, intrusion detection, security, web services

Procedia PDF Downloads 88

Authors: Huang Dennis, Aurelio Aziel, Burra Venkata Durga Kumar

Abstract:

Nowadays, smartphones and mobile operating systems have been popularly widespread in our daily lives. As people use smartphones, they tend to store more private and essential data on their devices, because of this it is very important to develop more secure mobile operating systems and cloud storage to secure the data. However, several factors can cause security risks in mobile operating systems such as malware, malicious app, phishing attacks, ransomware, and more, all of which can cause a big problem for users as they can access the user's private data. Those problems can cause data loss, financial loss, identity theft, and other serious consequences. Other than that, during the pandemic, people will use their mobile devices more and do all sorts of transactions online, which may lead to more victims of online scams and inexperienced users being the target. With the increase in attacks, researchers have been actively working to develop several countermeasures to enhance the security of operating systems. This study aims to provide an overview of the security and privacy issues in mobile operating systems, identifying the potential risk of operating systems, and the possible solutions. By examining these issues, we want to provide an easy understanding to users and researchers to improve knowledge and develop more secure mobile operating systems.

Keywords: mobile operating system, security, privacy, Malware

Procedia PDF Downloads 82

Authors: Trevor Kroeger, Hayden Williams, Edward Holzinger, David Coleman, Brian Haberman

Abstract:

The network connectivity of medical devices is increasing at a rapid rate. Many medical devices, such as vital sign monitors, share information via wireless or wired connections. However, these connectivity options suffer from a variety of well-known limitations. Wireless connectivity, especially in the unlicensed radio frequency bands, can be disrupted. Such disruption could be due to benign reasons, such as a crowded spectrum, or to malicious intent. While wired connections are less susceptible to interference, they inhibit the mobility of the medical devices, which could be critical in a variety of scenarios. This work explores the application of Light Fidelity (Li-Fi) communication to enhance the security, performance, and mobility of medical devices in connected healthcare scenarios. A simple bridge for connected devices serves as an avenue to connect traditional medical devices to the Li-Fi network. This bridge was utilized to conduct bandwidth tests on a small Li-Fi network installed into a Mock-ICU setting with a backend enterprise network similar to that of a hospital. Mobile and stationary tests were conducted to replicate various different situations that might occur within a hospital setting. Results show that in room Li-Fi connectivity provides reasonable bandwidth and latency within a hospital like setting.

Keywords: hospital, light fidelity, Li-Fi, medical devices, security

Procedia PDF Downloads 98

Authors: O. A. Ajigini, E. N. Mwim

Abstract:

Cybersecurity is the protection of computers, programs, networks, and data from attack, damage, unauthorised, unintended access, change, or destruction. Organisations collect, process and store their confidential and sensitive information on computers and transmit this data across networks to other computers. Moreover, the advent of internet technologies has led to various cyberattacks resulting in dangerous consequences for organisations. Therefore, with the increase in the volume and sophistication of cyberattacks, there is a need to develop models and make recommendations for the management of cybersecurity threats in organisations. This paper reports on various threats that cause malicious damage to organisations in cyberspace and provides measures on how these threats can be eliminated or reduced. The paper explores various aspects of protection measures against cybersecurity threats such as handling of sensitive data, network security, protection of information assets and cybersecurity awareness. The paper posits a model and recommendations on how to manage cybersecurity threats in organisations effectively. The model and the recommendations can then be utilised by organisations to manage the threats affecting their cyberspace. The paper provides valuable information to assist organisations in managing their cybersecurity threats and hence protect their computers, programs, networks and data in cyberspace. The paper aims to assist organisations to protect their information assets and data from cyberthreats as part of the contributions toward community engagement.

Keywords: confidential information, cyberattacks, cybersecurity, cyberspace, sensitive information

Procedia PDF Downloads 253