Search results for: socially engineered attacks

Authors: Bander Alzahrani, Mohammed Alreshoodi

Abstract:

Information-centric networking (ICN) using architectures such as the Publish-Subscribe Internet Technology (PURSUIT) has been proposed as a new networking model that aims at replacing the current used end-centric networking model of the Internet. This emerged model focuses on what is being exchanged rather than which network entities are exchanging information, which gives the control plane functions such as routing and host location the ability to be specified according to the content items. The forwarding plane of the PURSUIT ICN architecture uses a simple and light mechanism based on Bloom filter technologies to forward the packets. Although this forwarding scheme solve many problems of the today’s Internet such as the growth of the routing table and the scalability issues, it is vulnerable to brute force attacks which are starting point to distributed- denial-of-service (DDoS) attacks. In this work, we design and analyze a novel source-routing and information delivery technique that keeps the simplicity of using Bloom filter-based forwarding while being able to deter different attacks such as denial of service attacks at the ingress of the network. To achieve this, special forwarding nodes called Edge-FW are directly attached to end user nodes and used to perform a security test for malicious injected random packets at the ingress of the path to prevent any possible attack brute force attacks at early stage. In this technique, a core entity of the PURSUIT ICN architecture called topology manager, that is responsible for finding shortest path and creating a forwarding identifiers (FId), uses a cryptographically secure hash function to create a 64-bit hash, h, over the formed FId for authentication purpose to be included in the packet. Our proposal restricts the attacker from injecting packets carrying random FIds with a high amount of filling factor ρ, by optimizing and reducing the maximum allowed filling factor ρm in the network. We optimize the FId to the minimum possible filling factor where ρ ≤ ρm, while it supports longer delivery trees, so the network scalability is not affected by the chosen ρm. With this scheme, the filling factor of any legitimate FId never exceeds the ρm while the filling factor of illegitimate FIds cannot exceed the chosen small value of ρm. Therefore, injecting a packet containing an FId with a large value of filling factor, to achieve higher attack probability, is not possible anymore. The preliminary analysis of this proposal indicates that with the designed scheme, the forwarding function can detect and prevent malicious activities such DDoS attacks at early stage and with very high probability.

Keywords: forwarding identifier, filling factor, information centric network, topology manager

Procedia PDF Downloads 132

Authors: Michael Zimba

Abstract:

A duplicated image region may be subjected to a number of attacks such as noise addition, compression, reflection, rotation, and scaling with the intention of either merely mating it to its targeted neighborhood or preventing its detection. In this paper, we present an effective and robust method of detecting duplicated regions inclusive of those affected by the various attacks. In order to reduce the dimension of the image, the proposed algorithm firstly performs discrete wavelet transform, DWT, of a suspicious image. However, unlike most existing copy move image forgery (CMIF) detection algorithms operating in the DWT domain which extract only the low frequency sub-band of the DWT of the suspicious image thereby leaving valuable information in the other three sub-bands, the proposed algorithm simultaneously extracts features from all the four sub-bands. The extracted features are not only more accurate representation of image regions but also robust to additive noise, JPEG compression, and affine transformation. Furthermore, principal component analysis-eigenvalue decomposition, PCA-EVD, is applied to reduce the dimension of the features. The extracted features are then sorted using the more computationally efficient Radix Sort algorithm. Finally, same affine transformation selection, SATS, a duplication verification method, is applied to detect duplicated regions. The proposed algorithm is not only fast but also more robust to attacks compared to the related CMIF detection algorithms. The experimental results show high detection rates.

Keywords: affine transformation, discrete wavelet transform, radix sort, SATS

Procedia PDF Downloads 204

Authors: Kang Huang, Wanting Zhou, Shiwei Yuan, Lei Li

Abstract:

Since information technology develops rapidly, the security issue has become an increasingly critical for computer system. In particular, as cloud computing and the Internet of Things (IoT) continue to gain widespread adoption, computer systems need to new security threats and attacks. The Root of Trust (RoT) is the foundation for providing basic trusted computing, which is used to verify the security and trustworthiness of other components. Design a reliable Root of Trust and guarantee its own security are essential for improving the overall security and credibility of computer systems. In this paper, we discuss the implementation of self-security technology based on the RISC-V Root of Trust at the hardware level. To effectively safeguard the security of the Root of Trust, researches on security safeguard technology on the Root of Trust have been studied. At first, a lightweight and secure boot framework is proposed as a secure mechanism. Secondly, two kinds of memory protection mechanism are built to against memory attacks. Moreover, hardware implementation of proposed method has been also investigated. A series of experiments and tests have been carried on to verify to effectiveness of the proposed method. The experimental results demonstrated that the proposed approach is effective in verifying the integrity of the Root of Trust’s own boot rom, user instructions, and data, ensuring authenticity and enabling the secure boot of the Root of Trust’s own system. Additionally, our approach provides memory protection against certain types of memory attacks, such as cache leaks and tampering, and ensures the security of root-of-trust sensitive information, including keys.

Keywords: root of trust, secure boot, memory protection, hardware security

Procedia PDF Downloads 156

Authors: Van Trieu, Shouhuai Xu, Yusheng Feng

Abstract:

Tracking attack trajectories can be difficult, with limited information about the nature of the attack. Even more difficult as attack information is collected by Intrusion Detection Systems (IDSs) due to the current IDSs having some limitations in identifying malicious and anomalous traffic. Moreover, IDSs only point out the suspicious events but do not show how the events relate to each other or which event possibly cause the other event to happen. Because of this, it is important to investigate new methods capable of performing the tracking of attack trajectories task quickly with less attack information and dependency on IDSs, in order to prioritize actions during incident responses. This paper proposes a two-level graph causality framework for tracking attack trajectories in internet networks by leveraging observable malicious behaviors to detect what is the most probable attack events that can cause another event to occur in the system. Technically, given the time series of malicious events, the framework extracts events with useful features, such as attack time and port number, to apply to the conditional independent tests to detect the relationship between attack events. Using the academic datasets collected by IDSs, experimental results show that the framework can quickly detect the causal pairs that offer meaningful insights into the nature of the internet network, given only reasonable restrictions on network size and structure. Without the framework’s guidance, these insights would not be able to discover by the existing tools, such as IDSs. It would cost expert human analysts a significant time if possible. The computational results from the proposed two-level graph network model reveal the obvious pattern and trends. In fact, more than 85% of causal pairs have the average time difference between the causal and effect events in both computed and observed data within 5 minutes. This result can be used as a preventive measure against future attacks. Although the forecast may be short, from 0.24 seconds to 5 minutes, it is long enough to be used to design a prevention protocol to block those attacks.

Keywords: causality, multilevel graph, cyber-attacks, prediction

Procedia PDF Downloads 138

Authors: Hesham A. El Zouka, Mustafa M. Hosni ka

Abstract:

The Radio Frequency Identification (RFID) technology has a diverse base of applications, but it is also prone to security threats. There are different types of security attacks that limit the range of the RFID applications. For example, deploying the RFID networks in insecure environments could make the RFID system vulnerable to many types of attacks such as spoofing attack, location traceability attack, physical attack and many more. Therefore, security is often an important requirement for RFID systems. In this paper, RFID mutual authentication protocol is implemented based on mobile agent technology and timestamp, which are used to provide strong authentication and integrity assurances to both the RFID readers and their corresponding RFID tags. The integration of mobile agent technology and timestamp provides promising results towards achieving this goal and towards reducing the security threats in RFID systems.

Keywords: RFID, security, authentication protocols, privacy, agent-based architecture, time-stamp, digital signature

Procedia PDF Downloads 233

Authors: Olakanmi Oladayo Olufemi, Bamifewe Olusegun James, Badmus Yaya Opeyemi, Adegoke Kayode

Abstract:

The wireless sensor network (WSN) has made a significant contribution to the emergence of various intelligent services or cloud-based applications. Most of the time, these data are stored on a cloud platform for efficient management and sharing among different services or users. However, the sensitivity of the data makes them prone to various confidentiality and performance-related attacks during and after harvesting. Various security schemes have been developed to ensure the integrity and confidentiality of the WSNs' data. However, their specificity towards particular attacks and the resource constraint and heterogeneity of WSNs make most of these schemes imperfect. In this paper, we propose a secure variance-aware routing and authentication scheme with two-tier verification to collect, share, and manage WSN data. The scheme is capable of classifying WSN into different subnets, detecting any attempt of wormhole and black hole attack during harvesting, and enforcing access control on the harvested data stored in the cloud. The results of the analysis showed that the proposed scheme has more security functionalities than other related schemes, solves most of the WSNs and cloud security issues, prevents wormhole and black hole attacks, identifies the attackers during data harvesting, and enforces access control on the harvested data stored in the cloud at low computational, storage, and communication overheads.

Keywords: data block, heterogeneous IoT network, data harvesting, wormhole attack, blackhole attack access control

Procedia PDF Downloads 44

Authors: Anastasios Papathanasiou, George Liontos, Athanasios Katsouras, Vasiliki Liagkou, Euripides Glavas

Abstract:

Email remains a crucial communication tool due to its efficiency, accessibility and cost-effectiveness, enabling rapid information exchange across global networks. However, the global adoption of email has also made it a prime target for cyber threats, including phishing, malware and Business Email Compromise (BEC) attacks, which exploit its integral role in personal and professional realms in order to perform fraud and data breaches. To combat these threats, this research advocates for a multi-layered defense strategy incorporating advanced technological tools such as anti-spam and anti-malware software, machine learning algorithms and authentication protocols. Moreover, we developed an artificial intelligence model specifically designed to analyze email headers and assess their security status. This AI-driven model examines various components of email headers, such as "From" addresses, ‘Received’ paths and the integrity of SPF, DKIM and DMARC records. Upon analysis, it generates comprehensive reports that indicate whether an email is likely to be malicious or benign. This capability empowers users to identify potentially dangerous emails promptly, enhancing their ability to avoid phishing attacks, malware infections and other cyber threats.

Keywords: email security, artificial intelligence, header analysis, threat detection, phishing, DMARC, DKIM, SPF, ai model

Procedia PDF Downloads 19

Authors: Berta Rodrigues Maia, Mariana Marques, Frederica Carvalho

Abstract:

Introduction: Personality traits play is related to many forms of psychological distress, such as body dissatisfaction. Aim: To explore the associations between appearance schemas and personality traits. Method: 494 Portuguese university students (80.2% females, and 99.2% single), with a mean age of 20.17 years old (SD = 1.77; range: 18-20), filled in the appearance schemas inventory-revised, the NEO personality inventory (a Portuguese short version), and the composite multidimensional perfectionism scale. Results: An independent-samples t-test was conducted to compare the scores in appearance schemas by sex, with a significant difference being found in self-evaluation salience scores [females (M = 37.99, SD = 7.82); males (M = 35.36, SD = 6.60); t (489) = -3.052, p = .002]. Finally, there was no significant difference in motivational salience scores, by sex [females (M = 27.67, SD = 4.84); males (M = 26.70, SD = 4.99); t (489) = -1.748, p = .081]. Having conducted correlations separately, by sex, self-evaluation salience was positively correlated with concern over mistakes (r = .27), doubts about actions (r = .35), and socially prescribed perfectionism (r = .23). moreover, for females, self-evaluation salience was positively correlated with concern over mistakes (r = .34), personal standards (r = .25), doubts about actions (r = .33), parental expectations (r = .24), parental criticism (r = .24), organization (r = .11), socially prescribed perfectionism (r = .31), self-oriented perfectionism (r = .32), and neuroticism (r = .33). concerning motivational salience, in the total sample (not separately, by sex), this scale/dimension significantly correlated with conscientiousness (r = . 18), personal standards (r = .23), socially prescribed perfectionism (r = . 10), and self-oriented perfectionism (r = .29). All correlations were significant at a level of significance of 0.01 (2-tailed), except for socially prescribed perfectionism. All the other correlations (with neuroticism, extroversion, openness, agreeableness, concern over mistakes, doubts about actions, parental expectations, and parental criticism) were not significant. Conclusions: Females seem to value more their self-appearance than males, and, in females, the salience of appearance in life seems to be associated with maladaptive perfectionism, as well as with adaptive perfectionism. In males, the salience of appearance was only related to adaptive perfectionism. These results seem to show that males are more concerned with their own standards regarding appearance, while for females, other's standards are also relevant. In females, the level of the salience of appearance in life seems to relate to the experience of feelings, such as anxiety and depression (neuroticism). The motivation to improve appearance seemed to be particularly related, in both sexes, to adaptive perfectionism (in a general way concerning more the personal standards). Longitudinal studies are needed to clarify the causality of the results. Acknowledgment: This study was carried out under the strategic project of the Centre for Philosophical and Humanistic Studies (CEFH) UID/FIL/00683/2019, funded by the Fundação para a Ciência e a Tecnologia (FCT).

Keywords: appearance schemas, personality traits, university students, sex

Procedia PDF Downloads 106

Authors: Oumaima Ben Abderrahim, Mohamed Houcine Elhedhili, Leila Saidane

Abstract:

In this paper, we propose a trust management system based on clustering architecture for the social internet of things called TMBCO-SIOT. The proposed model integrates numerous factors such as direct and indirect trust; transaction factor; precaution factor; and social modeling of trust. The novelty of our approach can be summed up in two aspects. The first aspect concerns the architecture based on the community of interest (CoT) where each community is headed by an administrator (admin). However, the second aspect is the trust management system that tries to prevent On-Off attacks and mitigates dishonest recommendations using the k-means algorithm and guarantor things. The effectiveness of the proposed system is proved by simulation against malicious nodes.

Keywords: IoT, trust management system, attacks, trust, dishonest recommendations, K-means algorithm

Procedia PDF Downloads 189

Authors: Yang Zhou, Kangfeng Zheng, Wei Ni, Ren Ping Liu

Abstract:

Software-defined networking (SDN) provides a solution for scalable network framework with decoupled control and data plane. However, this architecture also induces a particular distributed denial-of-service (DDoS) attack that can affect or even overwhelm the SDN network. DDoS attack detection problem has to date been mostly researched as entropy comparison problem. However, this problem lacks the utilization of SDN, and the results are not accurate. In this paper, we propose a DDoS attack detection method, which interprets DDoS detection as a signature matching problem and is formulated as Earth Mover’s Distance (EMD) model. Considering the feasibility and accuracy, we further propose to define the cost function of EMD to be a generalized Kullback-Leibler divergence. Simulation results show that our proposed method can detect DDoS attacks by comparing EMD values with the ones computed in the case without attacks. Moreover, our method can significantly increase the true positive rate of detection.

Keywords: DDoS detection, EMD, relative entropy, SDN

Procedia PDF Downloads 307

Authors: K. Thiel, P. Patrikainen, C. Nagy, D. Fitzpatrick, E.-M. Aro, P. Kallio

Abstract:

Photosynthetic cyanobacteria have been recognized as potential future biotechnological hosts for the direct conversion of CO₂ into chemicals of interest using sunlight as the solar energy source. However, in order to develop commercially viable systems, the flux of electrons from the photosynthetic light reactions towards specified target chemicals must be significantly improved. The objective of the study was to investigate whether the autotrophic production efficiency of specified end-metabolites can be improved in engineered cyanobacterial cells by rescuing excited electrons that are normally lost to molecular oxygen due to the cyanobacterial flavodiiron protein Flv1/3. Natively Flv1/3 dissipates excess electrons in the photosynthetic electron transfer chain by directing them to molecular oxygen in Mehler-like reaction to protect photosystem I. To evaluate the effect of flavodiiron inactivation on autotrophic production efficiency in the cyanobacterial host Synechocystis sp. PCC 6803 (Synechocystis), sucrose was selected as the quantitative reporter and a representative of a potential end-product of interest. The concept is based on the native property of Synechocystis to produce sucrose as an intracellular osmoprotectant when exposed to high external ion concentrations, in combination with the introduction of a heterologous sucrose permease (CscB from Escherichia coli), which transports the sucrose out from the cell. In addition, cell growth, photosynthetic gas fluxes using membrane inlet mass spectrometry and endogenous storage compounds were analysed to illustrate the consequent effects of flv deletion on pathway flux distributions. The results indicate that a significant proportion of the electrons can be lost to molecular oxygen via Flv1/3 even when the cells are grown under high CO₂ and that the inactivation of flavodiiron activity can enhance the photosynthetic electron flux towards optionally available sinks. The flux distribution is dependent on the light conditions and the genetic context of the Δflv mutants, and favors the production of either sucrose or one of the two storage compounds, glycogen or polyhydroxybutyrate. As a conclusion, elimination of the native Flv1/3 reaction and concomitant introduction of an engineered product pathway as an alternative sink for excited electrons could enhance the photosynthetic electron flux towards the target endproduct without compromising the fitness of the host.

Keywords: cyanobacterial engineering, flavodiiron proteins, redirecting electron flux, sucrose

Procedia PDF Downloads 100

Authors: Tigabu Dagne Akal

Abstract:

While advances in computer and communications technology have made the network ubiquitous, they have also rendered networked systems vulnerable to malicious attacks devised from a distance. These attacks or intrusions start with attackers infiltrating a network through a vulnerable host and then launching further attacks on the local network or Intranet. Nowadays, system administrators and network professionals can attempt to prevent such attacks by developing intrusion detection tools and systems using data mining technology. In this study, the experiments were conducted following the Knowledge Discovery in Database Process Model. The Knowledge Discovery in Database Process Model starts from selection of the datasets. The dataset used in this study has been taken from Massachusetts Institute of Technology Lincoln Laboratory. After taking the data, it has been pre-processed. The major pre-processing activities include fill in missed values, remove outliers; resolve inconsistencies, integration of data that contains both labelled and unlabelled datasets, dimensionality reduction, size reduction and data transformation activity like discretization tasks were done for this study. A total of 21,533 intrusion records are used for training the models. For validating the performance of the selected model a separate 3,397 records are used as a testing set. For building a predictive model for intrusion detection J48 decision tree and the Naïve Bayes algorithms have been tested as a classification approach for both with and without feature selection approaches. The model that was created using 10-fold cross validation using the J48 decision tree algorithm with the default parameter values showed the best classification accuracy. The model has a prediction accuracy of 96.11% on the training datasets and 93.2% on the test dataset to classify the new instances as normal, DOS, U2R, R2L and probe classes. The findings of this study have shown that the data mining methods generates interesting rules that are crucial for intrusion detection and prevention in the networking industry. Future research directions are forwarded to come up an applicable system in the area of the study.

Keywords: intrusion detection, data mining, computer science, data mining

Procedia PDF Downloads 270

Authors: Tejinder Singh

Abstract:

Information system is the flow of data from different levels to different directions for decision making and data operations in information system (IS). Data can be violated by different manner like manual or technical errors, data tampering or loss of integrity. Security system called firewall of IS is effected by such type of violations. The flow of data among various levels of Information System is done by networking system. The flow of data on network is in form of packets or frames. To protect these packets from unauthorized access, virus attacks, and to maintain the integrity level, network security is an important factor. To protect the data to get pirated, various security techniques are used. This paper represents the various security techniques and signifies different harmful attacks with the help of detailed data analysis. This paper will be beneficial for the organizations to make the system more secure, effective, and beneficial for future decisions making.

Keywords: information systems, data integrity, TCP/IP network, vulnerability, decision, data

Procedia PDF Downloads 275

Authors: Chowduru Ramachandra Sharma, Shatunjay Rawat

Abstract:

A false positive state is when the IDS/IPS identifies an activity as an attack, but the activity is acceptable behavior in the system. False positives in a Network Intrusion Detection System ( NIDS ) is an issue because they desensitize the administrator. It wastes computational power and valuable resources when rules are not tuned properly, which is the main issue with anomaly NIDS. Furthermore, most false positives reduction techniques are not performed during the real-time of attempted intrusions; instead, they have applied afterward on collected traffic data and generate alerts. Of course, false positives detection in ‘offline mode’ is tremendously valuable. Nevertheless, there is room for improvement here; automated techniques still need to reduce False Positives in real-time. This paper uses the Snort signature detection model to redirect the alerted attacks to Honeypots and verify attacks.

Keywords: honeypot, TPOT, snort, NIDS, honeybird, iptables, netfilter, redirection, attack detection, docker, snare, tanner

Procedia PDF Downloads 136

Authors: Melina, Jumardi Jumardi, Erwin Erwin, Sri Nuraminah, Andi Nasruddin

Abstract:

The rice field rat (Rattus argentiventer Robinson and Kloss) is a pest causing the greatest yield loss of rice plants, especially in lowland agroecosystems with intensive cropping patterns (2-3 plantings per year). Field mice damage rice plants at all stages of growth, from seedling to harvest, even in storage warehouses. Severe damage with yield loss of up to 100% occurs if rats attack rice at the generative stage because the plants are no longer able to recover by forming new tillers. Farmers mainly use rodenticides in the form of poisoned baits or as fumigants, which are applied to rat burrow holes. This practice is generally less effective because mice are able to avoid the poison or become resistant after several exposures to it. In addition, excessive use of rodenticides can have negative impacts on the environment and non-target organisms. For this reason, this research was conducted to evaluate the effectiveness of fences as an environmentally friendly mechanical control method in reducing rice yield losses due to rat attacks. This study used a factorial randomized block design. The first factor was the fence material, namely galvanized zinc plate and plastic. The second factor was the height of the fence, namely 25, 50, 75, and 100 cm from the ground level. Each treatment combination was repeated five times. Data shows that zinc fences with a height of 75 and 100 cm are able to provide full protection to plants from rat infestations throughout the planting season. However, zinc fences with a height of 25 and 50 cm failed to prevent rat attacks. Plastic fences with a height of 25 and 50 cm failed to prevent rat attacks during the planting season, whereas 75 and 100 cm were able to prevent rat attacks until all the crops outside of the fence had been eaten by rats. The rat managed to get into the fence by biting the plastic fence close to the ground. Thus, the research results show that fences made of zinc plate with a height of at least 75 cm from the ground surface are effective in preventing plant damage caused by rats. To our knowledge, this research is the first to quantify the effectiveness of fences as a control of field rodents.

Keywords: rice field rat, Rattus argentiventer, fence, rice

Procedia PDF Downloads 8

Authors: María Elena Menéndez Ibáñez

Abstract:

After the terrorist attacks of 9/11, new measures were adopted by powerful countries and regions like the United States and the European Union in order to safeguard their security. In 2002, the US created the Department of Homeland Security with one sole objective; to protect American soil and people. The US adopted new policies that made every immigrant a potential terrorist and a threat to their national security. Stronger border control became one of the key elements of the fight against organized crime and terrorism. The main objective of this paper is to compare some of the most important and radical measures adopted by the US, even those that resulted in systematic violations of human rights, with some of the European measures adopted after the 2015 Paris attacks of 2015, such as unlawful detainment of prisoners and other measures against foreigners. Through the Schengen agreement, the European Union has tried to eliminate tariffs and border controls, in order to guarantee successful economic growth. Terrorists have taken advantage of this and have made the region vulnerable to attacks. Authorities need to strengthen their surveillance methods in order to safeguard the region and its stability. Through qualitative methods applied to social sciences, this research will also try to explain why some of the mechanisms proven to be useful in the US would not be so in Europe, especially because they would result in human rights violations. Finally, solutions will be offered that would not put the whole Schengen Agreement at risk. Europe cannot reinstate border control, without making individuals vulnerable to human rights violations.

Keywords: border control, immigration, international cooperation, national security

Procedia PDF Downloads 109

Authors: Stepan Grebeniuk, Ersi Hodo, Henri Ruotsalainen, Paul Tavolato

Abstract:

Substation security plays an important role in the power delivery system. During the past years, there has been an increase in number of attacks on automation networks of the substations. In spite of that, there hasn’t been enough focus dedicated to the protection of such networks. Aiming to design a specialized anomaly detection system based on machine learning, in this paper we will discuss the IEC 60870-5-104 protocol that is used for communication between substation and control station and focus on the simulation of the substation traffic. Firstly, we will simulate the communication between substation slave and server. Secondly, we will compare the system's normal behavior and its behavior under the attack, in order to extract the right features which will be needed for building an anomaly detection system. Lastly, based on the features we will suggest the anomaly detection system for the asynchronous protocol IEC 60870-5-104.

Keywords: Anomaly detection, IEC-60870-5-104, Machine learning, Man-in-the-Middle attacks, Substation security

Procedia PDF Downloads 338

Authors: Mohamed Elkholy, Ahmed Elfatatry

Abstract:

Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.

Keywords: access control, data integrity, data confidentiality, Kerberos authentication, cloud security

Procedia PDF Downloads 311

Authors: Siddharth Deshpande, Nihar Masurkar, Vallerinteavide Mavelli Girish, Malan Desai, Chester Drum

Abstract:

Folding and stabilization of recombinant proteins remain a consistent challenge for industrial and therapeutic applications. Proteins derived from thermophilic bacteria often have superior expression and stability qualities. To develop a generalizable approach to protein folding and stabilization, we tested the hypothesis that wrapping a thermostable exoshell around a protein substrate would aid folding and impart thermostable qualities to the internalized substrate. To test the effect of internalizing a protein within a thermostable exoshell (tES), we tested in vitro folding and stability using green fluorescent protein (GFPuv), horseradish peroxidase (HRP) and renilla luciferase (rLuc). The 8nm interior volume of a thermostable ferritin assembly was engineered to accommodate foreign proteins and either present a positive, neutral or negative interior charge environment. We further engineered the tES complex to reversibly assemble and disassemble with pH titration. Template proteins were expressed as inclusion bodies and an in vitro folding protocol was developed that forced proteins to fold inside a single tES. Functional yield was improved 100-fold, 100-fold and 150-fold with use of tES for GFPuv, HRP and rLuc respectively and was highly dependent on the internal charge environment of the tES. After folding, functional proteins could be released from the tES folding cavity using size exclusion chromatography at pH 5.8. Internalized proteins were tested for improved stability against thermal, organic, urea and guanidine denaturation. Our results demonstrated that thermostable exoshells can efficiently refold and stabilize inactive aggregates into functional proteins.

Keywords: thermostable shell, in vitro folding, stability, functional yield

Procedia PDF Downloads 221

Authors: Settana M. Abdulh, Naila A. Sadalla, Yaseen H. Taha, Howaida Elshoush

Abstract:

Side channel attacks are based on side channel information, which is information that is leaked from encryption systems. This includes timing information, power consumption as well as electromagnetic or even sound leaking which can exploited by an attacker. Implementing side channel attacks are possible if and only if an attacker has access to a cryptosystem. In this case, the attacker can exploit bad implementation in software or hardware which is not controlled by encryption implementer. Thus, he/she will represent a real threat to the security system. Several countermeasures have been proposed to eliminate side channel information vulnerability.Cache timing attack is a special type of side channel attack. Here, timing information is collected and analyzed by an attacker to guess sensitive information such as encryption key or plaintext. This paper reviews the technique applied in this attack and surveys the countermeasures against it, evaluating the feasibility and usability of each. Based on this evaluation, finally we pose several recommendations about using these countermeasures.

Keywords: AES algorithm, side channel attack, cache timing attack, cache timing countermeasure

Procedia PDF Downloads 271

Authors: Reham Al-Zahrani, Noura Aleisa

Abstract:

The proliferation of Radio Frequency Identification (RFID) technology has raised concerns about system security, particularly regarding tag impersonation attacks. Regarding RFID systems, an appropriate authentication protocol must resist active and passive attacks. A tag impersonation occurs when an adversary's tag is used to fool an authenticating reader into believing it is a legitimate tag. This paper analyzed the security of the efficient, secure, and practical ultra-lightweight RFID Authentication Scheme (ESRAS). Then, the paper presents a comprehensive analysis of the Efficient, Secure, and Practical Ultra-Lightweight RFID Authentication Scheme (ESRAS) in the context of radio frequency identification (RFID) systems that employed the Scyther tool to examine the protocol's security against a tag impersonation attack.

Keywords: RFID, impersonation attack, authentication, ultra-lightweight protocols

Procedia PDF Downloads 39

Authors: Beulah Rani Inbanathan

Abstract:

In the present era, it is vivid from the numerous outcomes that data privacy is being compromised in various ways. Machine learning is one technology that uses the centralized server, and then data is given as input which is being analyzed by the algorithms present on this mentioned server, and hence outputs are predicted. However, each time the data must be sent by the user as the algorithm will analyze the input data in order to predict the output, which is prone to threats. The solution to overcome this issue is federated learning, where the models alone get updated while the data resides on the local machine and does not get exchanged with the other local models. Nevertheless, even on these local models, there are chances of data poisoning, and it is crystal clear from various experiments done by many people. This paper delves into many ways where data poisoning occurs and the many methods through which it is prevalent that data poisoning still exists. It includes the poisoning attacks on IoT devices, Edge devices, Autoregressive model, and also, on Industrial IoT systems and also, few points on how these could be evadible in order to protect our data which is personal, or sensitive, or harmful when exposed.

Keywords: data poisoning, federated learning, Internet of Things, edge computing

Procedia PDF Downloads 64

Authors: Piret Pernik

Abstract:

Based on strategic, operational, and technical analysis of the ongoing armed conflict in Ukraine, this paper will examine the opportunities and risks of using small commercial drones (dual-use unmanned aerial vehicles, UAV) for military purposes. The paper discusses the opportunities and risks in the information domain, encompassing both cyber and electromagnetic interference and attacks. The paper will draw conclusions on a possible strategic impact to the battlefield outcomes in the modern armed conflicts by the widespread use of dual-use UAVs. This article will contribute to filling the gap in the literature by examining based on empirical data cyberattacks and electromagnetic interference. Today, more than one hundred states and non-state actors possess UAVs ranging from low cost commodity models, widely are dual-use, available and affordable to anyone, to high-cost combat UAVs (UCAV) with lethal kinetic strike capabilities, which can be enhanced with Artificial Intelligence (AI) and Machine Learning (ML). Dual-use UAVs have been used by various actors for intelligence, reconnaissance, surveillance, situational awareness, geolocation, and kinetic targeting. Thus they function as force multipliers enabling kinetic and electronic warfare attacks and provide comparative and asymmetric operational and tactical advances. Some go as far as argue that automated (or semi-automated) systems can change the character of warfare, while others observe that the use of small drones has not changed the balance of power or battlefield outcomes. UAVs give considerable opportunities for commanders, for example, because they can be operated without GPS navigation, makes them less vulnerable and dependent on satellite communications. They can and have been used to conduct cyberattacks, electromagnetic interference, and kinetic attacks. However, they are highly vulnerable to those attacks themselves. So far, strategic studies, literature, and expert commentary have overlooked cybersecurity and electronic interference dimension of the use of dual use UAVs. The studies that link technical analysis of opportunities and risks with strategic battlefield outcomes is missing. It is expected that dual use commercial UAV proliferation in armed and hybrid conflicts will continue and accelerate in the future. Therefore, it is important to understand specific opportunities and risks related to the crowdsourced use of dual-use UAVs, which can have kinetic effects. Technical countermeasures to protect UAVs differ depending on a type of UAV (small, midsize, large, stealth combat), and this paper will offer a unique analysis of small UAVs both from the view of opportunities and risks for commanders and other actors in armed conflict.

Keywords: dual-use technology, cyber attacks, electromagnetic warfare, case studies of cyberattacks in armed conflicts

Procedia PDF Downloads 78

Authors: Joshua Chew, Vesa Cheng, David Thomson

Abstract:

Background: Hereditary angioedema (HAE) or C1 esterase deficiency is a relatively rare entity that has a potential for significant anesthetic complications. Methods: A literature review was performed of published cases of surgery in patients with HAE. Results were limited to English language only and cases were examined for management strategies and successful prevention of acute attacks. Results: The literature revealed the successful use of C1 esterase inhibitors as the most common agent in surgical prophylaxis therapy. Other therapeutic targets described included kallikrein inhibitors and bradykinin B2 receptor antagonists. Conclusions: Therapeutic targets that exist for the management of acute attacks in HAE have been successfully employed in the setting of surgery. The data is currently limited and could not be used as a firm evidence base, but the limited outcomes seen are positive and reassuring for the prospective anesthetic management of this potentially fatal condition.

Keywords: anesthesia, C1 esterase deficiency, hereditary angioedema, surgical prophylaxis

Procedia PDF Downloads 372

Authors: Vaibhav Rana, Nicholas Balaresque

Abstract:

The 3-cup anemometer is the most commonly used instrument for wind speed measurement and, consequently, for the wind resource assessment. Though the cup anemometer shows accurate measurement under quasi-static conditions, there is uncertainty in the measurement when subjected to field measurement. Sensitivity to the angle of attacks with respect to horizontal plane, dynamic response, and non-linear behavior in calibration due to friction. The presented work aimed to identify the sensitivity of anemometer to non-horizontal flow. The cup anemometer was investigated under low wind speed wind tunnel, first under the static flow direction changes and second under the dynamic direction changes, at a different angle of attacks, under the similar conditions of reference wind tunnel speeds. The cup anemometer response under both conditions was evaluated and compared. The results showed the anemometer under dynamic wind direction changes is highly sensitive compared to static conditions.

Keywords: wind energy, cup anemometer, directional sensitivity, dynamic behavior, wind tunnel

Procedia PDF Downloads 120

Authors: Deepak Loura

Abstract:

Production and productivity of several crops in the country continue to be adversely affected by biotic (e.g., Insect-pests and diseases) and abiotic (e.g., water temperature and salinity) stresses. Over-dependence on pesticides and other chemicals is economically non-viable for the resource-poor farmers of our country. Further, pesticides can potentially affect human and environmental safety. While traditional breeding techniques and proper- management strategies continue to play a vital role in crop improvement, we need to judiciously use biotechnology approaches for the development of genetically modified crops addressing critical problems in the improvement of crop plants for sustainable agriculture. Modern biotechnology can help to increase crop production, reduce farming costs, and improve food quality and the safety of the environment. Genetic engineering is a new technology which allows plant breeders to produce plants with new gene combinations by genetic transformation of crop plants for improvement of agronomic traits. Advances in recombinant DNA technology have made it possible to have genes between widely divergent species to develop genetically modified or genetically engineered plants. Plant genetic engineering provides the strength to harness useful genes and alleles from indigenous microorganisms to enrich the gene pool for developing genetically modified (GM) crops that will have inbuilt (inherent) resistance to insect pests, diseases, and abiotic stresses. Plant biotechnology has made significant contributions in the past 20 years in the development of genetically engineered or genetically modified crops with multiple benefits. A variety of traits have been introduced in genetically engineered crops which include (i) herbicide resistance. (ii) pest resistance, (iii) viral resistance, (iv) slow ripening of fruits and vegetables, (v) fungal and bacterial resistance, (vi) abiotic stress tolerance (drought, salinity, temperature, flooding, etc.). (vii) quality improvement (starch, protein, and oil), (viii) value addition (vitamins, micro, and macro elements), (ix) pharmaceutical and therapeutic proteins, and (x) edible vaccines, etc. Multiple genes in transgenic crops can be useful in developing durable disease resistance and a broad insect-control spectrum and could lead to potential cost-saving advantages for farmers. The development of transgenic to produce high-value pharmaceuticals and the edible vaccine is also under progress, which requires much more research and development work before commercially viable products will be available. In addition, molecular-aided selection (MAS) is now routinely used to enhance the speed and precision of plant breeding. Newer technologies need to be developed and deployed for enhancing and sustaining agricultural productivity. There is a need to optimize the use of biotechnology in conjunction with conventional technologies to achieve higher productivity with fewer resources. Therefore, genetic modification/ engineering of crop plants assumes greater importance, which demands the development and adoption of newer technology for the genetic improvement of crops for increasing crop productivity.

Keywords: biotechnology, plant genetic engineering, genetically modified, biotic, abiotic, disease resistance

Procedia PDF Downloads 48

Authors: Cecile Garry, Katia Rovira, Julie Brisson

Abstract:

Autism Spectrum Disorder (ASD) is defined by a qualitative and quantitative impairment of social interaction. Indeed early intervention programs, such as the Early Start Denver Model (ESDM), aimed at encouraging the development of social skills. In classroom, the children need to be socially engaged to learn. Early intervention programs can thus be implemented in kindergarten schools. In these schools, ASD children have more opportunities to interact with their peers or adults than in elementary schools. However, the preschool children with ASD are less socially engaged than their typically developing peers in the classroom. They initiate, respond and maintain less the social interactions. In addition, they produce more responses than initiations. When they interact, the non verbal communication is more used than verbal or symbolic communication forms and they are more engaged with adults than with peers. Nevertheless, communicative patterns may vary according to the clinical profiles of ASD children. Indeed, the ASD children with better cognitive skills interact more with their peers and use more symbolic communication than the ASD children with a low cognitive level. ASD children with the less severe symptoms use more the verbal communication than ASD children with the more severe symptoms. Small groups and structured activities encourage coordinated joint engagement episodes in ASD children. Our goal is to evaluate ASD children’s social engagement development in class, with their peers or adults, during dyadic or group activities. Participants were 19 preschool children with ASD aged from 3 to 6 years old that benefited of an early intervention in special kindergarten schools. Severity of ASD symptoms was measured with the CARS at the beginning of the follow-up. Classroom situations of interaction were recorded during 10 minutes (5 minutes of dyadic interaction and 5 minutes of a group activity), every 2 months, during 10 months. Social engagement behaviors of children, including initiations, responses and imitation, directed to a peer or an adult, were then coded. The Observer software (Noldus) that allows to annotate behaviors was the coding system used. A double coding was conducted and revealed a good inter judges fidelity. Results show that ASD children were more often and longer socially engaged in dyadic than in groups situations. They were also more engaged with adults than with peers. Children with the less severe symptoms of ASD were more socially engaged in groups situations than children with the more severe symptoms of ASD. Then, ASD children with the less severe symptoms of ASD were more engaged with their peers than ASD children with the more severe symptoms of ASD. However, the engagement frequency increased during the 10 month of follow-up but only for ASD children with the more severe symptoms at the beginning. To conclude, these results highlighted the necessity of individualizing early intervention programs according to the clinical profile of the child.

Keywords: autism spectrum disorder, preschool children, developmental psychology, early interventions, social interactions

Procedia PDF Downloads 133

Authors: Bhawna Chandravanshi, Ramesh Bhonde

Abstract:

In the present study, we focused on the improvisation of islet survival in hypoxia. The Islet-like cell aggregates (ICAs) derived from Wharton's jelly mesenchymal stem cells (WJ-MSC) were cultured with and without WJ-MSC for 48h in hypoxia and normoxia and tested for their direct trophic effect on β cell survival. The WJ MSCs themselves secreted insulin upon glucose challenge and expressed the pancreatic markers at both transcription and translational level (C-peptide, Insulin, Glucagon and Glut 2). Direct contact of MSCs with ICAs facilitate the highest viability under hypoxia as evidenced by fluorescein diacetate/propidium iodide and 3-(4,5-dimethylthiazol-2-yl)-2,5-diphenyltetrazolium bromide (MTT) assay. The cytokine analysis of the co-cultured ICAs revealed amplification of anti-inflammatory cytokine-like TGFβ and TNFα accompanied by depletion of pro-inflammatory cytokines. The increment in VEGF and PDGFa was also seen showing their ability to vascularize upon transplantation. This was further accompanied by reduction in total reactive oxygen species, nitric oxide, and super oxide ions and down-regulation of Caspase3, Caspase8, p53 and up regulation of Bcl2 confirming prevention of apoptosis in ICAs. There was a significant reduction in the expression of p38 protein in the presence of MSCs making the ICAs responsive to glucose. Taken together our data demonstrate for the first time that the WJ-MSC expressed pancreatic markers and their supplementation protected engineered islets against hypoxia, oxidative stress, and inflammatory cytokines by inhibiting p38 MAPK protein.

Keywords: hypoxia, islet-like cell aggregates, inflammatory cytokines, oxidative stress

Procedia PDF Downloads 237

Authors: Malaw Ndiaye, Karim Konate

Abstract:

Smart contracts are computer protocols that facilitate, verify, and execute the negotiation or execution of a contract, or that render a contractual term unnecessary. Blockchain and smart contracts can be used to facilitate almost any financial transaction. Thanks to these smart contracts, the settlement of dividends and coupons could be automated. Smart contracts have become lucrative and profitable targets for attackers because they can hold a great amount of money. Smart contracts, although widely used in blockchain technology, are far from perfect due to security concerns. Since there are recent studies on smart contract security, none of them systematically study the strengths and weaknesses of smart contract security. Some have focused on an analysis of program-related vulnerabilities by providing a taxonomy of vulnerabilities. Other studies are responsible for listing the series of attacks linked to smart contracts. Although a series of attacks are listed, there is a lack of discussions and proposals on improving security. This survey takes stock of smart contract security from a more comprehensive perspective by correlating the level of vulnerability and systematic review of security levels in smart contracts.

Keywords: blockchain, Bitcoin, smart contract, criminal smart contract, security

Procedia PDF Downloads 141

Authors: Khrystyna Pavlyk

Abstract:

In the OECD countries, percentage of adults with higher education degrees has increased by 10 % during 2000-2010. Continuously increasing demand for higher education gives universities a chance of becoming key players in socio-economic development of a territory (region or city) via knowledge creation, knowledge transfer, and knowledge spillovers. During previous decade, universities have tried to support spin-offs and start-ups, introduced courses on sustainability and corporate social responsibility. While much has been done, new trends are starting to emerge in search of better approaches. Recently a number of universities created centers that conduct research in a field social entrepreneurship, which in turn underpin educational programs run at these universities. The list includes but is not limited to the Centre for Social Economy at University of Liège, Institute for Social Innovation at ESADE, Skoll Centre for Social Entrepreneurship at Oxford, Centre for Social Entrepreneurship at Rosklide, Social Entrepreneurship Initiative at INSEAD. Existing literature already examined social entrepreneurship centers in terms of position in the institutional structure, initial and additional funding, teaching initiatives, research achievements, and outreach activities. At the same time, Universities can become social enterprises themselves. Previous research revealed that universities use both business and social entrepreneurship models. Universities which are mainly driven by a social mission are more likely to transform into social entrepreneurial institutions. At the same time, currently, there is no clear understanding of what social entrepreneurship in higher education is about and thus social entrepreneurship in higher education needs to be studied and promoted at the same time. Main roles which socially oriented university can play in city development include: buyer (implementation of socially focused local procurement programs creates partnerships focused on local sustainable growth.); seller (centers created by universities can sell socially oriented goods and services, e.g. in consultancy.); employer (Universities can employ socially vulnerable groups.); business incubator (which will help current student to start their social enterprises). In the paper, we will analyze these in more detail. We will also examine a number of indicators that can be used to assess the impact, both direct and indirect, that universities can have on city's economy. At the same time, originality of this paper mainly lies not in methodological approaches used, but in countries evaluated. Social entrepreneurship is still treated as a relatively new phenomenon in post-transitional countries where social services were provided only by the state for many decades. Paper will provide data and example’s both from developed countries (the US and EU), and those located in CIS and CEE region.

Keywords: social enterprise, university, regional economic development, comparative study

Procedia PDF Downloads 228