Search results for: DDoS attacks

Authors: Adam Gorine, Faten Spondon

Abstract:

Python is considered the most popular programming language and offers its own ecosystem for archiving and maintaining open-source software packages. This system is called the python package index (PyPI), the repository of this programming language. Unfortunately, one-third of these software packages have vulnerabilities that allow attackers to execute code automatically when a vulnerable or malicious package is installed. This paper contributes to large-scale empirical studies investigating security issues in the python ecosystem by evaluating package vulnerabilities. These provide a series of implications that can help the security of software ecosystems by improving the process of discovering, fixing, and managing package vulnerabilities. The vulnerable dataset is generated using the NVD, the national vulnerability database, and the Snyk vulnerability dataset. In addition, we evaluated 807 vulnerability reports in the NVD and 3900 publicly known security vulnerabilities in Python Package Manager (pip) from the Snyk database from 2002 to 2022. As a result, many Python vulnerabilities appear in high severity, followed by medium severity. The most problematic areas have been improper input validation and denial of service attacks. A hybrid scanning tool that combines the three scanners bandit, snyk and dlint, which provide a clear report of the code vulnerability, is also described.

Keywords: Python vulnerabilities, bandit, Snyk, Dlint, Python package index, ecosystem, static analysis, malicious attacks

Procedia PDF Downloads 107

Authors: John Hardy

Abstract:

Over the last decade, the increasing utility of extremist narratives to the operational effectiveness of terrorist organizations has been evidenced by the proliferation of inspired or affiliated attacks across the world. Famous examples such as regional al-Qaeda affiliates and the self-styled “Islamic State” demonstrate the effectiveness of leveraging communication technologies to disseminate propaganda, recruit members, and orchestrate attacks. Terrorist organizations with the capacity to harness the communicative power offered by digital communication technologies and effective political narratives have held an advantage over their targets in recent years. Terrorists have leveraged the perceived legitimacy of grass-roots actors to appeal to a global audience of potential supporters and enemies alike, and have wielded a proficiency in profile-raising which remains unmatched by counter terrorism narratives around the world. In contrast, many attempts at propagating official counter-narratives have been received by target audiences as illegitimate, top-down and impersonally bureaucratic. However, the benefits provided by widespread communication and extremist narratives have come at an operational cost. Terrorist organizations now face a significant challenge in protecting their access to communications technologies and authority over the content they create and endorse. The dissemination of effective narratives has emerged as a core function of terrorist organizations with international reach via inspired or affiliated attacks. As such, it has become a critical function which can be targeted by intelligence and security forces. This study applies network targeting principles which have been used by coalition forces against a range of non-state actors in the Middle East and South Asia to the communicative function of terrorist organizations. This illustrates both a conceptual link between functional targeting and operational disruption in the abstract and a tangible impact on the operational effectiveness of terrorists by degrading communicative ability and legitimacy. Two case studies highlight the utility of applying functional targeting against terrorist organizations. The first case is the targeted killing of Anwar al-Awlaki, an al-Qaeda propagandist who crafted a permissive narrative and effective propaganda videos to attract recruits who committed inspired terrorist attacks in the US and overseas. The second is a series of operations against Islamic State propagandists in Syria, including the capture or deaths of a cadre of high profile Islamic State members, including Junaid Hussain, Abu Mohammad al-Adnani, Neil Prakash, and Rachid Kassim. The group of Islamic State propagandists were linked to a significant rise in affiliated and enabled terrorist attacks and were subsequently targeted by law enforcement and military agencies. In both cases, the disruption of communication between the terrorist organization and recruits degraded both communicative and operational functions. Effective functional targeting on member recruitment and operational tempo suggests that narratives are a critical function which can be leveraged against terrorist organizations. Further application of network targeting methods to terrorist narratives may enhance the efficacy of a range of counter terrorism techniques employed by security and intelligence agencies.

Keywords: countering violent extremism, counter terrorism, intelligence, terrorism, violent extremism

Procedia PDF Downloads 275

Authors: Evy Latifah, Eli Korlina, Hanik Anggraeni, Kuntoro Boga, Joko Mariyono

Abstract:

During the rainy season, the tomato plants are vulnerable to various diseases. A disease that attacks the leaves of tomato plants (foliar diseases) such as late blight (Phytophtora infestans) and spotting bacteria (bacterial spot / Xanthomonas sp.) In addition, there is a disease that attacks the roots such as fusarium and bacterial wilt. If not immediately anticipated, it will decrease the quality and quantity of crop yields. In fact, it can lead to crop failure. The aim of this research is to know the production of tomato grafting by using Timoty and CLN 3024 tomatoes at rain shelter during rainy season in lowland. Data were analyzed using analysis of variance and tested further by Least Significant Difference (LSD) level of 5 %. The parameters measured were plant height (cm), stem diameter (cm), number of fruit space, canopy extended, number of branches, number of productive branches, and the number of stem segments. The results show at the beginning of growth until the end of the treatment without grafting with relative rain shelter displays the highest plant height. This was followed by extensive crop canopy. For tomato grafting and non-grafting using rain shelter able to produce the number of branches and number of productive branches at most. While at the end of the growth in the number of productive branches generated as much. Highest production of tomatoes produced by tomato dig rafting to use the shelter.

Keywords: field trail, wet and dry season, production, diseases, rain shelter

Procedia PDF Downloads 203

Authors: Pubudu K. Hitigala Kaluarachchilage, Champike Attanayake, Sasith Rajasooriya, Chris P. Tsokos

Abstract:

Operating system (OS) security is a key component of computer security. Assessing and improving OSs strength to resist against vulnerabilities and attacks is a mandatory requirement given the rate of new vulnerabilities discovered and attacks occurring. Frequency and the number of different kinds of vulnerabilities found in an OS can be considered an index of its information security level. In the present study five mostly used OSs, Microsoft Windows (windows 7, windows 8 and windows 10), Apple’s Mac and Linux are assessed for their discovered vulnerabilities and the risk associated with each. Each discovered and reported vulnerability has an exploitability score assigned in CVSS score of the national vulnerability database. In this study the risk from vulnerabilities in each of the five Operating Systems is compared. Risk Indexes used are developed based on the Markov model to evaluate the risk of each vulnerability. Statistical methodology and underlying mathematical approach is described. Initially, parametric procedures are conducted and measured. There were, however, violations of some statistical assumptions observed. Therefore the need for non-parametric approaches was recognized. 6838 vulnerabilities recorded were considered in the analysis. According to the risk associated with all the vulnerabilities considered, it was found that there is a statistically significant difference among average risk levels for some operating systems, indicating that according to our method some operating systems have been more risk vulnerable than others given the assumptions and limitations. Relevant test results revealing a statistically significant difference in the Risk levels of different OSs are presented.

Keywords: cybersecurity, Markov chain, non-parametric analysis, vulnerability, operating system

Procedia PDF Downloads 159

Authors: J. Yan, B. Pieper, B. Bucsky, B. Nasseri, S. Klotz, H. H. Sievers, S. Mohamed

Abstract:

Cryoablation is evermore applied for interventional treatment of paroxysmal (PAAF) or persistent atrial fibrillation (PEAF). In the cardiac surgery, this procedure is often combined with coronary arterial bypass graft (CABG) and valve operations. Three different methods are feasible in this sense in respect to practicing extents and mechanisms such as lone left atrial cryoablation, Cox-Maze IV and III in our heart center. 415 patients (68 ± 0.8ys, male 68.2%) with predisposed atrial fibrillation who initially required either coronary or valve operations were enrolled and divided into 3 matched groups according to deployed procedures: CryoLA-group (cryoablation of lone left atrium, n=94); Cox-Maze-IV-group (n=93) and Cox-Maze-III-group (n=8). All patients additionally received closure of the left atrial appendage (LAA) and regularly underwent three-year ambulant follow-up assessments (3, 6, 9, 12, 18, 24, 30 and 36 months). Burdens of atrial fibrillation were assessed directly by means of cardiac monitor (Reveal XT, Medtronic) or of 3-day Holter electrocardiogram. Herewith, attacks frequencies of AF and their circadian patterns were systemically analyzed. Furthermore, anticoagulants and regular rate-/rhythm-controlling medications were evaluated and listed in terms of anti-rate and anti-rhythm regimens. Concerning PAAF treatment, Cox Maze IV procedure provided therapeutically acceptable effect as lone left atrium (LA) cryoablation did (5.25 ± 5.25% vs. 10.39 ± 9.96% AF-burden, p > 0.05). Interestingly, Cox Maze III method presented a better short-term effect in the PEAF therapy in comparison to lone cryoablation of LA and Cox Maze IV (0.25 ± 0.23% vs. 15.31 ± 5.99% and 9.10 ± 3.73% AF-burden within the first year, p < 0.05). But this therapeutic advantage went lost during ongoing follow-ups (26.65 ± 24.50% vs. 8.33 ± 8.06% and 15.73 ± 5.88% in 3rd follow-up year). In this way, lone LA-cryoablation established its antiarrhythmic efficacy and 69.5% patients were released from the Vit-K-antagonists, while Cox Maze IV liberated 67.2% patients from continuous anticoagulant medication. The AF-recurrences mostly performed such attacks property as less than 60min duration for all 3 procedures (p > 0.05). In the sense of the circadian distribution of the recurrence attacks, weighted by ongoing follow-ups, lone LA cryoablation achieved and stabilized the antiarrhythmic effects over time, which was especially observed in the treatment of PEAF, while Cox Maze IV and III had their antiarrhythmic effects weakened progressively. This phenomenon was likewise evaluable in the therapy of circadian rhythm of reverting AF-attacks. Furthermore, the strategy of rate control was much more often applied to support and maintain therapeutic successes obtained than the one of rhythm control. Derived from experiences in our heart center, lone LA cryoablation presented equivalent effects in the treatment of AF in comparison to Cox Maze IV and III procedures. These therapeutic successes were especially investigable in the patients suffering from persistent AF (PEAF). Additional supportive strategies such as rate control regime should be initialized and implemented to improve the therapeutic effects of the cryoablations according to appropriate criteria.

Keywords: AF-burden, atrial fibrillation, cardiac monitor, COX MAZE, cryoablation, Holter, LAA

Procedia PDF Downloads 175

Authors: Walid Abdallah, Noureddine Boudriga

Abstract:

Wireless sensor networks have shown their effectiveness in the deployment of many critical applications especially in the military domain. Border surveillance is one of these applications where a set of wireless sensors are deployed along a country border line to detect illegal intrusion attempts to the national territory and report this to a control center to undergo the necessary measures. Regarding its nature, this wireless sensor network can be the target of many security attacks trying to compromise its normal operation. Particularly, in this application the deployment and location of sensor nodes are of great importance for detecting and tracking intruders. This paper proposes a location-based authentication and key distribution mechanism to secure wireless sensor networks intended for border surveillance where the key establishment is performed using elliptic curve cryptography and identity-based public key scheme. In this scheme, the public key of each sensor node will be authenticated by keys that depend on its position in the monitored area. Before establishing a pairwise key between two nodes, each one of them must verify the neighborhood location of the other node using a message authentication code (MAC) calculated on the corresponding public key and keys derived from encrypted beacon messages broadcast by anchor nodes. We show that our proposed public key authentication and key distribution scheme is more resilient to node capture and node replication attacks than currently available schemes. Also, the achievement of the key distribution between nodes in our scheme generates less communication overhead and hence increases network performances.

Keywords: wireless sensor networks, border surveillance, security, key distribution, location-based

Procedia PDF Downloads 639

Authors: Jyoti Rani, Ashima Anand, Shivendra Shivani

Abstract:

In recent years, physiological signals obtained in telemedicine have been stored independently from patient information. In addition, people have increasingly turned to mobile devices for information on health-related topics. Major authentication and security issues may arise from this storing, degrading the reliability of diagnostics. This study introduces an approach to reversible watermarking, which ensures security by utilizing the electrocardiogram (ECG) signal as a carrier for embedding patient information. In the proposed work, Pan-Tompkins++ is employed to convert the 1D ECG signal into a 2D signal. The frequency subbands of a signal are extracted using RDWT(Redundant discrete wavelet transform), and then one of the subbands is subjected to MSVD (Multiresolution singular valued decomposition for masking. Finally, the encrypted watermark is embedded within the signal. The experimental results show that the watermarked signal obtained is indistinguishable from the original signals, ensuring the preservation of all diagnostic information. In addition, the DnCNN (Denoising convolutional neural network) concept is used to denoise the retrieved watermark for improved accuracy. The proposed ECG signal-based watermarking method is supported by experimental results and evaluations of its effectiveness. The results of the robustness tests demonstrate that the watermark is susceptible to the most prevalent watermarking attacks.

Keywords: ECG, VMD, watermarking, PanTompkins++, RDWT, DnCNN, MSVD, chaotic encryption, attacks

Procedia PDF Downloads 67

Authors: A. V. Popa, C. Barna, V. Mihalache

Abstract:

Being the largest port at the Black Sea and functioning as a civil and military nodal point between Europe and Asia, Constantza Port has become a potential target on the terrorist international agenda. The authors use qualitative research based on both face-to-face and online semi-structured interviews with relevant stakeholders (top decision-makers in the Romanian Naval Authority, Romanian Maritime Training Centre, National Company "Maritime Ports Administration" and military staff) in order to detect potential vulnerabilities which might be exploited by terrorists in the case of Constantza Port. Likewise, this will enable bringing together the experts’ opinions on potential mitigation measures. Subsequently, this paper formulates various counter-terrorism policies to enhance the robustness of Constantza Port under potential terror attacks and connects them with the attributions in the field of critical infrastructure protection conferred by the law to the lead national authority for preventing and countering terrorism, namely the Romanian Intelligence Service. Extending the national counterterrorism efforts to an international level, the authors propose the establishment – among the experts of the NATO member states of the Wider Black Sea Region – of a platform for the exchange of know-how and best practices in the field of critical infrastructure protection.

Keywords: Constantza Port, counter-terrorism policies, critical infrastructure protection, security, Wider Black Sea Region

Procedia PDF Downloads 275

Authors: Nasa'i Muhammad Gwadabe

Abstract:

This study seeks to find the extent to which the old Islamophobic prejudice was tilted towards a more negative direction in the United States following the 9/11 terrorist attacks. It is hypothesized that, the 9/11 attacks in the United States reshaped the old Islamophobic prejudice through the reinforcement of a strong social identity construction of Muslims as “out-group”. The “social identity” and “discourse representation” theories are used as framework for analysis. To test the hypothesis, two categories were created: the prejudice (out-group) and the tolerance (in-group) categories. The Prejudice (out-group) against Muslims category was coded to include six attributes: (Terrorist, Threat, Women's Rights violation, Undemocratic, Backward and Intolerant); while the tolerance (In-group) for Muslims category was also coded to include six attributes: (Peaceful, civilized, educated, partners trustworthy and honest). Data are generated from the archives of three American newspapers: The Los Angeles Times, New York Times and USA Today using specific search terms and specific date range; from 9/11/1996 to 9/11/2006, that is five years before and five years after the 9/11. An aggregate of 20595 articles were generated from the search of the three newspapers throughout the search periods. Conclusively, for both pre and post 9/11 periods, the articles generated under the category of prejudice (out-group) against Muslims revealed a higher frequency, against that of tolerance (in-group) for them, which is lesser. Finally, The comparison between the pre and post 9/11 periods showed that, the increased Prejudice (out-group) against Muslims was most influenced through libeling them as terrorist, which signaled a skyrocketed increase from pre to post 9/11.

Keywords: in-group, Islam, Islamophobia, Muslims, out-group, prejudice, terrorism, the 9/11 and tolerance

Procedia PDF Downloads 281

Authors: Esther Chiramal, Kelvin Soh Boon Kai

Abstract:

Explainable AI is a strong strategy implemented to understand complex black-box model predictions in a human-interpretable language. It provides the evidence required to execute the use of trustworthy and reliable AI systems. On the other hand, however, it also opens the door to locating possible vulnerabilities in an AI model. Traditional adversarial text attack uses word substitution, data augmentation techniques, and gradient-based attacks on powerful pre-trained Bidirectional Encoder Representations from Transformers (BERT) variants to generate adversarial sentences. These attacks are generally white-box in nature and not practical as they can be easily detected by humans e.g., Changing the word from “Poor” to “Rich”. We proposed a simple yet effective Grey-box cum Black-box approach that does not require the knowledge of the model while using a set of surrogate Transformer/BERT models to perform the attack using Explainable AI techniques. As Transformers are the current state-of-the-art models for almost all Natural Language Processing (NLP) tasks, an attack generated from BERT1 is transferable to BERT2. This transferability is made possible due to the attention mechanism in the transformer that allows the model to capture long-range dependencies in a sequence. Using the power of BERT generalisation via attention, we attempt to exploit how transformers learn by attacking a few surrogate transformer variants which are all based on a different architecture. We demonstrate that this approach is highly effective to generate semantically good sentences by changing as little as one word that is not detectable by humans while still fooling other BERT models.

Keywords: BERT, explainable AI, Grey-box text attack, transformer

Procedia PDF Downloads 116

Authors: Eugene Wong, Felix Chan, Linsey Chen, Joey Cheung

Abstract:

The widespread use of technologies and cyber/digital means for complex maritime operations have led to a sharp rise in global cyber-attacks. They have generated an increasing number of liability disputes, insurance claims, and legal proceedings. An array of antiquated case law, regulations, international conventions, and obsolete contractual clauses drafted in the pre-technology era have become grossly inadequate in addressing the contemporary challenges. This paper offers a critique of the ambiguity of cybersecurity liabilities under the obligation of seaworthiness entailed in the Hague-Visby Rules, which apply either by law in a large number of jurisdictions or by express incorporation into the shipping documents. This paper also evaluates the legal and technological criteria for assessing whether a vessel is properly equipped with the latest offshore technologies for navigation and cargo delivery operations. Examples include computer applications, networks and servers, enterprise systems, global positioning systems, and data centers. A critical analysis of the carriers’ obligations to exercise due diligence in preventing or mitigating cyber-attacks is also conducted in this paper. It is hoped that the present study will offer original and crucial insights to policymakers, regulators, carriers, cargo interests, and insurance underwriters closely involved in dispute prevention and resolution arising from cybersecurity liabilities.

Keywords: seaworthiness, cybersecurity, liabilities, risks, maritime, transport

Procedia PDF Downloads 115

Authors: Muntadher Sallal, Gareth Owenson, Mo Adda, Safa Shubbar

Abstract:

Bitcoin is a digital currency based on a peer-to-peer network to propagate and verify transactions. Bitcoin is gaining wider adoption than any previous crypto-currency. However, the mechanism of peers randomly choosing logical neighbors without any knowledge about underlying physical topology can cause a delay overhead in information propagation, which makes the system vulnerable to double-spend attacks. Aiming at alleviating the propagation delay problem, this paper introduces proximity-aware extensions to the current Bitcoin protocol, named Master Node Based Clustering (MNBC). The ultimate purpose of the proposed protocol, that are based on how clusters are formulated and how nodes can define their membership, is to improve the information propagation delay in the Bitcoin network. In MNBC protocol, physical internet connectivity increases, as well as the number of hops between nodes, decreases through assigning nodes to be responsible for maintaining clusters based on physical internet proximity. We show, through simulations, that the proposed protocol defines better clustering structures that optimize the performance of the transaction propagation over the Bitcoin protocol. The evaluation of partition attacks in the MNBC protocol, as well as the Bitcoin network, was done in this paper. Evaluation results prove that even though the Bitcoin network is more resistant against the partitioning attack than the MNBC protocol, more resources are needed to be spent to split the network in the MNBC protocol, especially with a higher number of nodes.

Keywords: Bitcoin network, propagation delay, clustering, scalability

Procedia PDF Downloads 98

Authors: Edwin Dankano

Abstract:

Evident by incessant and sporadic attacks on Nigerians poise a serious threat to the unity of Nigeria, and secondly, the single biggest security nightmare to confront Nigeria since after amalgamation of the Southern and Northern protectorates by the British colonialist in 1914 is “Boko Haram” a terrorist organization also known as “Jama’atul Ahli Sunnah Lidda’wati wal Jihad”, or “people committed to the propagation of the Prophet’s teachings and jihad”. The sect also upholds an ideology translated as “Western Education is forbidden”, or rejection of Western civilization and institutions. By some estimates, more than 5,500 people were killed in Boko Haram attacks in 2014, and Boko Haram attacks have already claimed hundreds of lives and territories {caliphates}in early 2015. In total, the group may have killed more than 10,000 people since its emergence in the early 2000s. More than 1 million Nigerians have been displaced internally by the violence, and Nigerian refugee figures in neighboring countries continue to rise. This paper is predicated on secondary sources of data and anchored on the Huntington’s theory of clash of civilization. As such, the paper argued that the rise of Boko Haram with its violent disposition against Western values is a counter response to Western civilization that is fast eclipsing other civilizations. The paper posits that the Boko Haram insurrection going by its teachings, and destruction of churches is a validation of the propagation of the sect as a religious revolt which has resulted in dire humanitarian situation in Adamawa, Borno, Yobe, Bauchi, and Gombe states all in north eastern Nigeria as evident in human casualties, human right abuses, population displacement, refugee debacle, livelihood crisis, and public insecurity. The paper submits that the Nigerian state should muster the needed political will in terms of a viable anti-terrorism measures and build strong legitimate institutions that can adequately curb the menace of corruption that has engulfed the military hierarchy, respond proactively to the challenge of terrorism in Nigeria and should embrace a strategic paradigm shift from anti-terrorism to counter-terrorism as a strategy for containing the crisis that today threatens the secular status of Nigeria.

Keywords: Boko Haram, civilization, fundamentalism, Islam, religion revolt, terror

Procedia PDF Downloads 378

Authors: Fakhrullah Sarwari, Hiroko Ono

Abstract:

Kabul city has suffered a lot in 40 years of conflict of civil war and “The war on terror”. After the invasion of Afghanistan by the United States of America and its allies in 2001, the Taliban was removed from operational power, but The Taliban and other terrorist groups remained in remote areas of the country, they started suicide attacks and bombings. Hence to protect from these attacks officials surrounded their office buildings and houses with concrete blast walls. It gives a bad landscape to the city and creates traffic congestions. Our research contains; questionnaire, reviewing Kabul Municipality documents and literature review. Questionnaires were distributed to Kabul citizens to find out how people feel by seeing the T-Walls on Kabul streets? And what problems they face with T-Walls. “The T-Walls pull down commission” of Kabul Municipality documents were reviewed to find out what caused the failure of this commission. A literature review has been done to compare Kabul with Washington D.C on how they designed the city against terrorism threat without turning the cities into lock down. Bogota city of Columbia urban happiness movement is reviewed and compared with Kabul. The finding of research revealed that citizens of Kabul want security but not at the expense of public realm and creating the architecture of fear. It also indicates that increasing the T-walls do not give secure feeling but instead; it increases terror, hatred and affect people’s optimism. At the end, a series of recommendation is suggested on the issue.

Keywords: anti-terror design, Kabul, T-Walls, urban happiness

Procedia PDF Downloads 145

Authors: Ali A. Ukasha, Majdi F. Elbireki, Mohammad F. Abdullah

Abstract:

Data security needed in data transmission, storage, and communication to ensure the security. This paper is divided into two parts. This work interests with the color image which is decomposed into red, green and blue channels. The blue and green channels are compressed using 3-levels discrete wavelet transform. The Arnold transform uses to changes the locations of red image channel pixels as image scrambling process. Then all these channels are encrypted separately using the key image that has same original size and are generating using private keys and modulo operations. Performing the X-OR and modulo operations between the encrypted channels images for image pixel values change purpose. The extracted contours from color images recovery can be obtained with accepted level of distortion using single step parallel contour extraction (SSPCE) method. Experiments have demonstrated that proposed algorithm can fully encrypt 2D Color images and completely reconstructed without any distortion. Also shown that the analyzed algorithm has extremely large security against some attacks like salt and pepper and Jpeg compression. Its proof that the color images can be protected with a higher security level. The presented method has easy hardware implementation and suitable for multimedia protection in real time applications such as wireless networks and mobile phone services.

Keywords: SSPCE method, image compression and salt and peppers attacks, bitplanes decomposition, Arnold transform, color image, wavelet transform, lossless image encryption

Procedia PDF Downloads 495

Authors: Myriam Benraad

Abstract:

On 5 July 2016, just days before the bloody terrorist attack on the Promenade des Anglais in Nice, the Al-Hayat media centre, one of the official propaganda branches of the Islamic State, broadcast a French nasheed which paid tribute to the Paris and Brussels attacks of November 2015 and March 2016. Entitled 'My Revenge', the terrorist anthem was of rare vehemence. It mentioned, sequentially, 'huddled bodies', in a reference to the civilian casualties of Western air strikes in the Iraqi-Syrian zone, 'explosive belts', 'sharp knives', 'large-calibre weapons' as well as 'localised targets'. France was accused of bearing the responsibility for the wave of attacks on its territory since the Charlie Hebdo massacre of January 2015 due to its 'ruthless war' against the Muslim world. Evoking an 'old aggression' and the 'crimes and spoliations' of which France has made itself guilty, the jihadist hymn depicted the rebirth of the caliphate as 'laudable revenge'. The notion of revenge has always been central to contemporary jihadism, understood both as a revolutionary ideology and a global militant movement. In recent years, the attacks carried out in Europe and elsewhere in the world have, for most, been claimed in its name. Whoever says jihad, says drama, yet few studies, if any, have looked at its dramatic and emotional elements, most notably its tragic vengefulness. This seems all the more astonishing that jihad is filled with drama; it could even be seen as a drama in its own right. The jihadists perform a script and take on roles inspired by their respective group’s culture (norms, values, beliefs, and symbols). The militants stage and perform such a script for a designated audience, either partisan, sympathising or hostile towards them and their cause. This research paper will examine the dramaturgy of jihadism and in particular, the genre that best characterises its violence: revenge tragedy. Theoretically, the research will rely on the tools of social movement theory and the sociology of emotions. Methodologically, it will draw from dramaturgical analysis and a combination of qualitative and quantitative tools to attain valuable observations of a number of developments, trends, and patterns. The choice has been made to focus mainly – however not exclusively – on the attacks which have taken place since 2001 in the European Union and more specific member states that have been significantly hit by jihadist terrorism. The research looks at a number of representative longitudinal samples identifying continuities and discontinuities, similarities, but also substantial differences. The preliminary findings tend to establish the relevance and validity of this approach in helping make better sense of sensitisation, mobilisation, and survival dynamics within jihadist groups, and motivations among individuals who have embraced violence. Besides, they illustrate their pertinence for counterterrorism policymakers and practitioners. Through drama, jihadist groups ensure the unceasing regeneration of their militant cause as well as their legitimation among their partisans. Without drama, and without the spectacular ideological staging of reality, they would not be able to maintain their attraction potential and power of persuasion.

Keywords: Jihadism, dramaturgy, revenge, tragedy

Procedia PDF Downloads 111

Authors: Eden Teshome Hunde

Abstract:

Wireless sensor and actuator networks (WSANs) are of great significance in the realm of industrial automation systems. However, the aspect of security in WSANs has been somewhat overlooked. One particular security concern is the rank attack, where malicious actors actively manipulate the transmission of messages from neighboring nodes. This undermines the entire network's data collection and routing operations, resulting in a significant degradation of network performance. This attack adversely affects crucial metrics such as packet delivery ratio (PDR), latency, and power consumption, ultimately reducing the network's overall lifespan. In order to foster trust among nodes, ensure accurate delivery of data to end users, safeguard shared data in the cloud from security breaches, and prevent rank attacks within the network, it is crucial to protect the network against such malicious activities. This research paper aims to introduce an enhanced version of the Routing Protocol for Low-Power and Lossy Networks (RPL) protocol, specifically tailored to identify and eliminate rank attacks within existing WSANs. The effectiveness of the new protocol will be assessed through experimentation using Zolertia (Z1) sensors in the Cooja network simulator. To minimize network overhead on the sensors' side, the proposed scheme limits cryptographic operations to symmetric key-based mechanisms such as XORing, hash functions, and encryption. These operations will be implemented using a C-compiler and verified through the ModelSIM Altera SE edition 11.0 simulator.

Keywords: ModelSIM Altera SE, RPL, WSANs, Zolertia

Procedia PDF Downloads 1

Authors: Esmaeil Asadzadeh, Mehtab Alam

Abstract:

Well documented records of the past failures of the structures reveals that the progressive collapse of structures is one of the major reasons for dramatic human loss and economical consequences. Progressive collapse is the failure mechanism in which the structure fails gradually due to the sudden removal of the structural elements. The sudden removal of some structural elements results in the excessive redistributed loads on the others. This sudden removal may be caused by any sudden loading resulted from local explosion, impact loading and terrorist attacks. Hyperbolic thin walled concrete shell structures being an important part of nuclear and thermal power plants are always prone to such terrorist attacks. In concrete structures, the gradual failure would take place by generation of initial cracks and its propagation in the supporting columns along with the tower shell leading to the collapse of the entire structure. In this study the mechanism of progressive collapse for such high raised towers would be simulated employing the finite element method. The aim of this study would be providing clear conceptual step-by-step descriptions of various procedures for progressive collapse analysis using commercially available finite element structural analysis software’s, with the aim that the explanations would be clear enough that they will be readily understandable and will be used by practicing engineers. The study would be carried out in the following procedures: 1. Provide explanations of modeling, simulation and analysis procedures including input screen snapshots; 2. Interpretation of the results and discussions; 3. Conclusions and recommendations.

Keywords: progressive collapse, cooling towers, finite element analysis, crack generation, reinforced concrete

Procedia PDF Downloads 456

Authors: Polychronis Kapalidis

Abstract:

In recent years, researchers have started to turn their attention to cyber security and maritime security independently, neglecting, in most cases, to examine the areas where these two critical issues are intertwined. The impact of cybersecurity issues on the maritime economy is emerging dramatically. Maritime transport and all related activities are conducted by technology-intensive platforms, which today rely heavily on information systems. The paper’s argument is that when no defense is completely effective against cyber attacks, it is vital to test responses to the inevitable incursions. Hence, preparedness in the form of testing existing cybersecurity structure via different tools for potential attacks is vital for minimizing risks. Traditional criminal activities may further be facilitated and evolved through the misuse of cyberspace. Kidnap, piracy, fraud, theft of cargo and imposition of ransomware are the major of these activities that mainly target the industry’s most valuable asset; the ship. The paper, adopting a case-study analysis, based on stakeholder consultation and secondary data analysis, namely policy and strategic-related documentation, presents the importance of holistic testing in the sector. Arguing that poor understanding of the issue leads to the adoption of ineffective policies the paper will present the level of awareness within the industry and assess the risks and vulnerabilities of ships to these cybercriminal activities. It will conclude by suggesting that testing procedures must be focused on three main pillars within the maritime transport sector: the human factor, the infrastructure, and the procedures.

Keywords: cybercrime, cybersecurity, organized crime, risk mitigation

Procedia PDF Downloads 134

Authors: Johannes Günther

Abstract:

Time Sensitive Networking (TSN), standardized in the IEEE 802.1 standard, has been lent increasing attention in the context of mission critical systems. Such mission critical systems, e.g., in the automotive domain, aviation, industrial, and smart factory domain, are responsible for coordinating complex functionalities in real time. In many of these contexts, a reliable data exchange fulfilling hard time constraints and quality of service (QoS) conditions is of critical importance. TSN standards are able to provide guarantees for deterministic communication behaviour, which is in contrast to common best-effort approaches. Therefore, the superior QoS guarantees of TSN may aid in the development of new technologies, which rely on low latencies and specific bandwidth demands being fulfilled. TSN extends existing Ethernet protocols with numerous standards, providing means for synchronization, management, and overall real-time focussed capabilities. These additional QoS guarantees, as well as management mechanisms, lead to an increased attack surface for potential malicious attackers. As TSN guarantees certain deadlines for priority traffic, an attacker may degrade the QoS by delaying a packet beyond its deadline or even execute a denial of service (DoS) attack if the delays lead to packets being dropped. However, thus far, security concerns have not played a major role in the design of such standards. Thus, while TSN does provide valuable additional characteristics to existing common Ethernet protocols, it leads to new attack vectors on networks and allows for a range of potential attacks. One answer to these security risks is to deploy defense mechanisms according to a moving target defense (MTD) strategy. The core idea relies on the reduction of the attackers' knowledge about the network. Typically, mission-critical systems suffer from an asymmetric disadvantage. DoS or QoS-degradation attacks may be preceded by long periods of reconnaissance, during which the attacker may learn about the network topology, its characteristics, traffic patterns, priorities, bandwidth demands, periodic characteristics on links and switches, and so on. Here, we implemented and tested several MTD-like defense strategies against different attacker models of varying capabilities and budgets, as well as collaborative attacks of multiple attackers within a network, all within the context of TSN networks. We modelled the networks and tested our defense strategies on an OMNET++ testbench, with networks of different sizes and topologies, ranging from a couple dozen hosts and switches to significantly larger set-ups.

Keywords: network security, time sensitive networking, moving target defense, cyber security

Procedia PDF Downloads 48

Authors: Tjipta Lesmana

Abstract:

Terrorist attacks quickly penetrated Indonesia following the downfall of Soeharto regime in May 1998. Reform era was officially proclaimed. Indonesia turned to 'heaven state' from 'authoritarian state'. For the first time since 1966, the country experienced a full-scale freedom of expression, including freedom of the press, and heavy acknowledgement of human rights practice. Some religious extremists previously run away to neighbor countries to escape from security apparatus secretly backed home. Quickly they consolidated the power to continue their long aspiration and dream to establish 'Shariah Indonesia', Indonesia based on Khilafah ideology. Bali bombings I which shocked world community occurred on 12 October 2002 in the famous tourist district of Kuta on the Indonesian island of Bali, killing 202 people (including 88 Australians, 38 Indonesians, and people from more than 20 other nationalities). In the capital, Jakarta, successive bombings were blasted in Marriott hotel, Australian Embassy, residence of the Philippine Ambassador and stock exchange office. A 'drunken Indonesia' is far from ready to combat nationwide sudden and massive terrorist attacks. Police Detachment 88 (Densus 88) Indonesian counter-terrorism squad, was quickly formed following 2002 Bali Bombing. Anti-terrorism Provisional Act was immediately erected, as well, due to urgent need to fight terrorism. Some Bali bombings criminals were deadly executed after sentenced by the court. But a series of terrorist suicide attacks and another Bali bombings (the second one) in Bali, again, shocked world community. Terrorism network is undoubtedly spreading nationwide. Suspicion is high that they had close connection with Al Qaeda’s groups. Even 'Afghanistan alumni' and 'Syria alumni' returned to Indonesia to back up the local mujahidins in their fights to topple Indonesia constitutional government and set up Islamic state (Khilafah). Supported by massive aids from friendly nations, especially Australia and United States, Indonesia launched large scale operations to crush terrorism consisted of various radical groups such as JAD, JAS, and JAADI. Huge energy, money, and souls were dedicated. Terrorism is, however, persistently entrenched. High ranking officials from Detachment 88 squad and military intelligence believe that terrorism is still one the most deadly enemy of Indonesia.

Keywords: counter-radicalization, de-radicalization, Khalifah, Union State, Al Qaedah, ISIS

Procedia PDF Downloads 153

Authors: Krish Batra

Abstract:

The advent of open banking has revolutionized the financial services industry by fostering innovation, enhancing customer experience, and promoting competition. However, this paradigm shift towards more open and interconnected banking ecosystems has introduced complex cybersecurity challenges. This research paper delves into the multifaceted cybersecurity landscape of open banking, highlighting the vulnerabilities and threats inherent in sharing financial data across a network of banks and third-party providers. Through a detailed analysis of recent data breaches, phishing attacks, and other cyber incidents, the paper assesses the current state of cybersecurity within the open banking framework. It examines the effectiveness of existing security measures, such as encryption, API security protocols, and authentication mechanisms, in protecting sensitive financial information. Furthermore, the paper explores the regulatory response to these challenges, including the implementation of standards such as PSD2 in Europe and similar initiatives globally. By identifying gaps in current cybersecurity practices, the research aims to propose a set of robust, forward-looking strategies that can enhance the security and resilience of open banking systems. This includes recommendations for banks, third-party providers, regulators, and consumers on how to mitigate risks and ensure a secure open banking environment. The ultimate goal is to provide stakeholders with a comprehensive understanding of the cybersecurity implications of open banking and to outline actionable steps for safeguarding the financial ecosystem in an increasingly interconnected world.

Keywords: open banking, financial services industry, cybersecurity challenges, data breaches, phishing attacks, encryption, API security protocols, authentication mechanisms, regulatory response, PSD2, cybersecurity practices

Procedia PDF Downloads 30

Authors: Ndje Ndje Mireille

Abstract:

For some years in Cameroon, there has been an increase in violence in schools. This violence has gone from verbal to physical, sometimes going as far as murder. At the centre of this violence, we find the student who is a teenager in the midst of both physical and psychological changes. The unpredictable transformations of his body, the unexpected emotions arrouse when he encouters someonelse, intrusion, shortcomings, boredom, loneliness and self-deception are the threats to which the teenager faces daily. From the psychopathological point of view, the greatest threat in adolesence is probably the depresive threat. During adolescence and for several resons, the subject is confronted with the self image. He displays certantity which sometimes hides great uncertaintity about what leads him to manifest some particular behaviours or undertake certain actions. Faced with aggressiveness twards those he confronts, he feels more or less guilt. This can lead a certain number of adolescents to feel heplessness faced to their vis-à-vis, faced to life. This helplessness is sometimes reinforced by the social, cultural and economic context in which they are. The teeneger then feels threatens by this depression which, when it reaches its extreme, it is manifested by the feeling that he can no longer do anything. Generally, the depressive threats manifest itself in defensive forms vis-à-vis with the depression itself. Reason why, it is indeed a threat and not a threshold already crossed. This threat often manifests itself in inappropriate forms of attack on one’s own body as seen in a number of repetitive risky behaviours. We also see teenegers confront peers and even adults through physical attacks and often go as far as murder. All these behaviours appears as an absurd way of attacking and at the same time confronting the feeling of remaining alive. This depressive threats can also be expressed in forms of attacks on an individual’s thinking abilities or more explicitely in the form of accademic downfall. The depressive threats does not sum up all the problems of adolescence, but, undoubtly represents currently, one of the deepest form of unease adolescents face.

Keywords: violence, school, depression threats, adolescent, behavior

Procedia PDF Downloads 64

Authors: Zwelenkani Mdlalose

Abstract:

From the moment Covid 19 was declared a pandemic it became clear that conspiracy theories would significantly impact our response to the crisis that the virus was to become. Central to the interest in conspiracy theories evoked by a pandemic is a more general concern for the impact they have on society and social harmony. The specific brand of Conspiracy Theory that is in question is not any and all theories about conspiracies but rather those conspiracy theories which contradict official accounts. For example, where the official account on the terrorist attacks of September 11 2001 is of a conspiracy involving 19 militants associated with the Islamic extremist group al-Qaeda against targets in the United States, the nature of conspiracy theory under study is the one contradicting this official account to the extent that its attributes the attacks not to al-Qaeda militants but to actors in the United States government itself. The study is not an investigation into the truth value of conspiracy theories but rather an attempt at observing the essential qualities of the type of belief that is belief in conspiracy theories compared to belief in official accounts provided by authoritative sources such as governments, experts and mainstream media. These qualities include the psychological, epistemic and socio-political foundations on which belief in conspiracy theories are established. Based on a foundational understanding of the sort of belief that are beliefs in conspiracy theories, we may then extrapolate implied ethical demands on both authoritative bodies and actors as well as believers in conspiracy theories. For example: in their unofficial ‘non-factual’ status, is there not some violation of epistemic right in the same way we observe in cases where people are prejudiced because of their religious beliefs? In other words, is there an epistemic injustice suffered by believers in conspiracy theories in the way their beliefs are rejected as illegitimate? Conversely, to what extent do believers bear an epistemic responsibility in their adoption of their beliefs in conspiracy theories. From this position, perhaps we can then develop responses to the problem that foster greater social harmony even in the midst of suspicion and distrust.

Keywords: conspiracy theories, subjugated knowledge, epistemic injustice, epistemic responsibility

Procedia PDF Downloads 77

Authors: Nádia Pereira, Paula Ferreira, Sofia Francisco, Sofia Oliveira, Sidclay Souza, Paula Paulino, Ana Margarida Veiga Simão

Abstract:

Social media has progressed into a platform for hate speech among its users, and thus, there is an increasing need to develop automatic detection classifiers of offense and conflicts to help decrease the prevalence of such incidents. Online communication can be used to intentionally harm someone, which is why such classifiers could be essential in social networks. A possible application of these classifiers is the automatic detection of cyberbullying. Even though identifying the aggressive language used in online interactions could be important to build cyberbullying datasets, there are other criteria that must be considered. Being able to capture the language, which is indicative of the intent to harm others in a specific context of online interaction is fundamental. Offense and hate speech may be the foundation of online conflicts, which have become commonly used in social media and are an emergent research focus in machine learning and natural language processing. This study presents two Portuguese language offense-related datasets which serve as examples for future research and extend the study of the topic. The first is similar to other offense detection related datasets and is entitled Aggressiveness dataset. The second is a novelty because of the use of the history of the interaction between users and is entitled the Conflicts/Attacks dataset. Both datasets were developed in different phases. Firstly, we performed a content analysis of verbal aggression witnessed by adolescents in situations of cyberbullying. Secondly, we computed frequency analyses from the previous phase to gather lexical and linguistic cues used to identify potentially aggressive conflicts and attacks which were posted on Twitter. Thirdly, thorough annotation of real tweets was performed byindependent postgraduate educational psychologists with experience in cyberbullying research. Lastly, we benchmarked these datasets with other machine learning classifiers.

Keywords: aggression, classifiers, cyberbullying, datasets, hate speech, machine learning

Procedia PDF Downloads 204

Authors: Sehrish Qayyum

Abstract:

In this age of constant technology, asymmetrical warfare could not be won. Attuned psychometric study confirms that screaming sometimes is more productive than active retaliation against strong adversaries. Asymmetric warfare is a game of nerves and thoughts with least vigorous participation for large anticipated losses. It creates the condition of paraplegia with partial but permanent immobility, which effects the core warfare operations, being screams rather than active retaliation. When one’s own power is doubted, it gives power to one’s own doubt to ruin all planning either done with superlative cost-benefit analysis. Strategically calculated estimation of asymmetric warfare since the early WWI to WWII, WWII-to Cold War, and then to the current era in three chronological periods exposits that courage makes nations win the battle of warriors to battle of comrades. Asymmetric warfare has been most difficult to fight and survive due to unexpectedness and being lethal despite preparations. Thoughts before action may be the best-assumed strategy to mix Regional Security Complex Theory and OODA loop to develop the Paraplegic Resilience Policy Plan (PRPP) to win asymmetric warfare. PRPP may serve to control and halt the ongoing wave of terrorism, guerilla warfare, and insurgencies, etc. PRPP, along with a strategic work plan, is based on psychometric analysis to deal with any possible war condition and tactic to save millions of innocent lives such that lost in Christchurch New Zealand in 2019, November 2015 Paris attacks, and Berlin market attacks in 2016, etc. Getting tangled into self-imposed epistemic dilemmas results in regret that becomes the only option of performance. It is a descriptive psychometric analysis of war conditions with generic application of probability tests to find the best possible options and conditions to develop PRPP for any adverse condition possible so far. Innovation in technology begets innovation in planning and action-plan to serve as a rheostat approach to deal with asymmetric warfare.

Keywords: asymmetric warfare, psychometric analysis, PRPP, security

Procedia PDF Downloads 115

Authors: Joseph Udofia, Isaac Olufadewa

Abstract:

Everyday, the size of Electronic Health Records data keeps increasing as new patients visit health practitioner and returning patients fulfil their appointments. As these data grow, so is their susceptibility to cyber-attacks from criminals waiting to exploit this data. In the US, the damages for cyberattacks were estimated at $8 billion (2018), $11.5 billion (2019) and $20 billion (2021). These attacks usually involve the exposure of PII. Health data is considered PII, and its exposure carry significant impact. To this end, an enhancement of Health Policy and Standards in relation to data security, especially among patients and their clinical providers, is critical to ensure ethical practices, confidentiality, and trust in the healthcare system. As Clinical accelerators and applications that contain user data are used, it is expedient to have a review and revamp of policies like the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), the Fast Healthcare Interoperability Resources (FHIR), all aimed to ensure data protection and security in healthcare. FHIR caters for healthcare data interoperability, FHIR caters to healthcare data interoperability, as data is being shared across different systems from customers to health insurance and care providers. The astronomical cost of implementation has deterred players in the space from ensuring compliance, leading to susceptibility to data exfiltration and data loss on the security accuracy of protected health information (PHI). Though HIPAA hones in on the security accuracy of protected health information (PHI) and PCI DSS on the security of payment card data, they intersect with the shared goal of protecting sensitive information in line with industry standards. With advancements in tech and the emergence of new technology, it is necessary to revamp these policies to address the complexity and ambiguity, cost barrier, and ever-increasing threats in cyberspace. Healthcare data in the wrong hands is a recipe for disaster, and we must enhance its protection and security to protect the mental health of the current and future generations.

Keywords: cloud security, healthcare, cybersecurity, policy and standard

Procedia PDF Downloads 58

Authors: Sumanta Meher, Gaurav Shukla

Abstract:

The torments of the victims of terrorism have not only confined to loss of life and limp but also includes the physiological trauma to the innocent victims. The physical wounds may heal, but the trauma remains in the mind and heart of the victims and their loved ones; however, one should not deny that these terrorist activities affect to a major extent to their livelihood. To protect their human rights and restore the shattered lives of the victims of terrorism all the Nations beyond their differences have to show solidarity and frame a comprehensive restorative policy with an effective implementing mechanism. The General Assembly of United Nations, through its several resolutions, has appealed Nations to show solidarity and also committed to helping the Members State to frame the law and policy to support the victims of terrorism. To achieve the objectives of the resolutions adopted by the United Nations, the Indian legislators in 2008 amended the Code of Criminal Procedure, 1973 and incorporated Section 357A to provide financial assistance to the victims of terrorism. In India, the contemporary developments in the victims’ oriented studies have increased the dimension of the traditional criminal justice systems to protect the rights of the victims. In this regard, the paper has ascertained the Indian legal framework in respect to the restorative justice to the victims of terrorism and also addressed the question as to whether the statutory provisions and enforcement mechanisms are efficient enough to protect the human rights of the victims of terrorism. For that purpose, the paper has analyzed the International instruments and the reports with regard to the compensation to the victims of terrorist attacks, with that, the article also evaluates the initiatives of United Nations to help Members State to frame the law and policies to support the victims of terrorism. The study also made an attempt to critically analyze the legal provisions of compensation and rehabilitation of the victims of terrorist attacks in India and whether they are in alignment with the International standards. While concluding, the paper has made an endeavor for a robust legal framework towards the restorative justice for the victims of terrorism in India.

Keywords: victims of terrorism, restorative justice, human rights, criminal justice system of India

Procedia PDF Downloads 144

Authors: Mohsen Rezaee

Abstract:

Although robust security softwares, including anti-viruses, anti-spywares, anti-spam and firewalls are amalgamated with new technologies such as safe zone, hybrid cloud, sand box and etc., and although it can be said that they have managed to prepare highest level of security against viruses, spywares and other malwares in 2012, in fact, hacker attacks to websites are increasingly becoming more and more complicated. Because of security matters developments it can be said it was expected to happen so. Here in this work we try to point out some functional and vital notes to enhance security on the web, enabling the user to browse safely in unlimited web world and to use virtual space securely.

Keywords: firewalls, security, web services, computer science

Procedia PDF Downloads 374

Authors: Tao Feng, Wei-Wei Zhang, Chang-Ming Ding

Abstract:

Cross-site scripting (XSS) is one of the most popular WEB Attacking methods at present, and also one of the most risky web attacks. Because of the population of JavaScript, the scene of the cross site scripting attack is also gradually expanded. However, since the web application developers tend to only focus on functional testing and lack the awareness of the XSS, which has made the on-line web projects exist many XSS vulnerabilities. In this paper, different various techniques of XSS attack are analyzed, and a method automatically to detect it is proposed. It is easy to check the results of vulnerability detection when running it as a plug-in.

Keywords: XSS, no target attack platform, automatic detection，XSS detection

Procedia PDF Downloads 381