Search results for: DDoS attacks

Authors: Vincent Andrew Cappellano

Abstract:

In the early phases of critical infrastructure system design, translating distributed computing requirements to an architecture has risk given the multitude of approaches (e.g., cloud, edge, fog). In many systems, a single requirement for system uptime / availability is used to encompass the system’s intended operations. However, when architected systems may perform to those availability requirements only during normal operations and not during component failure, or during outages caused by adversary attacks on critical infrastructure (e.g., physical, cyber). System designers lack a structured method to evaluate availability requirements against candidate system architectures through deep degradation scenarios (i.e., normal ops all the way down to significant damage of communications or physical nodes). This increases risk of poor selection of a candidate architecture due to the absence of insight into true performance for systems that must operate as a piece of critical infrastructure. This research effort proposes a process to analyze critical infrastructure system availability requirements and a candidate set of systems architectures, producing a metric assessing these architectures over a spectrum of degradations to aid in selecting appropriate resilient architectures. To accomplish this effort, a set of simulation and evaluation efforts are undertaken that will process, in an automated way, a set of sample requirements into a set of potential architectures where system functions and capabilities are distributed across nodes. Nodes and links will have specific characteristics and based on sampled requirements, contribute to the overall system functionality, such that as they are impacted/degraded, the impacted functional availability of a system can be determined. A machine learning reinforcement-based agent will structurally impact the nodes, links, and characteristics (e.g., bandwidth, latency) of a given architecture to provide an assessment of system functional uptime/availability under these scenarios. By varying the intensity of the attack and related aspects, we can create a structured method of evaluating the performance of candidate architectures against each other to create a metric rating its resilience to these attack types/strategies. Through multiple simulation iterations, sufficient data will exist to compare this availability metric, and an architectural recommendation against the baseline requirements, in comparison to existing multi-factor computing architectural selection processes. It is intended that this additional data will create an improvement in the matching of resilient critical infrastructure system requirements to the correct architectures and implementations that will support improved operation during times of system degradation due to failures and infrastructure attacks.

Keywords: architecture, resiliency, availability, cyber-attack

Procedia PDF Downloads 69

Authors: Musaab Hasan, Farkhund Iqbal, Patrick C. K. Hung, Benjamin C. M. Fung, Laura Rafferty

Abstract:

In modern societies, the smart cities concept raised simultaneously with the projection towards adopting smart devices. A smart grid is an essential part of any smart city as both consumers and power utility companies benefit from the features provided by the power grid. In addition to advanced features presented by smart grids, there may also be a risk when the grids are exposed to malicious acts such as security attacks performed by terrorists. Considering advanced security measures in the design of smart meters could reduce these risks. This paper presents a security study for smart metering systems with a prototype implementation of the user interfaces for future works.

Keywords: security design, smart city, smart meter, smart grid, smart metering system

Procedia PDF Downloads 302

Authors: S.Balaji, R.Sujatha, M. Ramakrishnan

Abstract:

Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption simultaneously in low cost when compared with the traditional signature-then-encryption approach. In this paper, we propose a novel mouse movement based key generation technique to generate secret keys which is secure against the outer and insider attacks. Tag Key Encapsulation Mechanism (KEM) process is implemented using True Random Number Generator (TRNG) method. This TRNG based key is used for data encryption in the Data Encapsulation Mechanism (DEM). We compare the statistical reports of the proposed system with the previous methods which implements TKEM based on pseudo random number generator

Keywords: pseudo random umber generator, signcryption, true random number generator, node deployment

Procedia PDF Downloads 309

Authors: A. Evcin, N. Çiçek Bezir, R. Duman, N. Duman

Abstract:

Nowadays, a great concern is placed on the harmfulness of ultraviolet radiation (UVR) which attacks human bodies. Nanocarbon materials, such as carbon nanotubes (CNTs), carbon nanofibers (CNFs) and graphene, have been considered promising alternatives to shielding materials because of their excellent electrical conductivities, very high surface areas and low densities. In the present work, carbon nanofibers have been synthesized from solutions of Polyacrylonitrile (PAN)/ N,N-dimethylformamide (DMF) by electrospinning method. The carbon nanofibers have been stabilized by oxidation at 250 °C for 2 h in air and carbonized at 750 °C for 1 h in H2/N2. We present the fabrication and characterization of transparent and ultraviolet (UV) shielding CNF/polymer composites. The content of CNF filler has been varied from 0.2% to 0.6 % by weight. UV Spectroscopy has been performed to study the effect of composition on the transmittance of polymer composites.

Keywords: electrospinning, carbon nanofiber, characterization, composites, nanofiber, ultraviolet radiation

Procedia PDF Downloads 183

Authors: Luvisa Kusuma, Panji Yudha Prakasa

Abstract:

Cloud storage, as a subservice of infrastructure as a service (IaaS) in Cloud Computing, is the model of nerworked storage where data can be stored in server. In this paper, we propose a secure cloud storage system consisting of two main components; client as a user who uses the cloud storage service and server who provides the cloud storage service. In this system, we propose the protocol schemes to guarantee against security attacks in the data transmission. The protocols are login protocol, upload data protocol, download protocol, and push data protocol, which implement hybrid cryptographic mechanism based on data encryption before it is sent to the cloud, so cloud storage provider does not know the user's data and cannot analysis user’s data, because there is no correspondence between data and user.

Keywords: cloud storage, security, cryptographic protocol, artificial intelligence

Procedia PDF Downloads 304

Authors: Samir Benzegane, Said Sadoudi, Mustapha Djeddou

Abstract:

In this paper, we present a software development of video streaming encryption for Device-to-Device (D2D) communications by using Hyperchaos-based Random Number Generator (HRNG) implemented in C#. The software implements and uses the proposed HRNG to generate key stream for encrypting and decrypting real-time video data. The used HRNG consists of Hyperchaos Lorenz system which produces four signal outputs taken as encryption keys. The generated keys are characterized by high quality randomness which is confirmed by passing standard NIST statistical tests. Security analysis of the proposed encryption scheme confirms its robustness against different attacks.

Keywords: hyperchaos Lorenz system, hyperchaos-based random number generator, D2D communications, C#

Procedia PDF Downloads 336

Authors: Shadi Janbabaei, Hossein Gharaee Garakani, Naser Mohammadzadeh

Abstract:

Internet of things is a new concept that its emergence has caused ubiquity of sensors in human life, so that at any time, all data are collected, processed and transmitted by these sensors. In order to establish a secure connection, the first challenge is authentication between sensors. However, this challenge also requires some features so that the authentication is done properly. Anonymity, untraceability, and being lightweight are among the issues that need to be considered. In this paper, we have evaluated the authentication protocols and have analyzed the security vulnerabilities found in them. Then an improved light weight authentication protocol for sensor-to-sensor communications is presented which uses the hash function and logical operators. The analysis of protocol shows that security requirements have been met and the protocol is resistant against various attacks. In the end, by decreasing the number of computational cost functions, it is argued that the protocol is lighter than before.

Keywords: anonymity, authentication, Internet of Things, lightweight, un-traceability

Procedia PDF Downloads 259

Authors: K. Suganya Devi, P. Srinivasan, M. P. Vaishnave, G. Arutperumjothi

Abstract:

Today’s internet world is highly prone to various online attacks, of which the most harmful attack is phishing. The attackers host the fake websites which are very similar and look alike. We propose an image based authentication using steganography and visual cryptography to prevent phishing. This paper presents a secure steganographic technique for true color (RGB) images and uses Discrete Cosine Transform to compress the images. The proposed method hides the secret data inside the cover image. The use of visual cryptography is to preserve the privacy of an image by decomposing the original image into two shares. Original image can be identified only when both qualified shares are simultaneously available. Individual share does not reveal the identity of the original image. Thus, the existence of the secret message is hard to be detected by the RS steganalysis.

Keywords: image security, random LSB, steganography, visual cryptography

Procedia PDF Downloads 300

Authors: Kuo-Wei Liao, Jessica Gitomarsono

Abstract:

Bridge reliability against natural hazards such as floods or earthquakes is an interdisciplinary problem that involves a wide range of knowledge. Moreover, due to the global climate change, engineers have to design a structure against the multi-hazard threats. Currently, few of the practical design guideline has included such concept. The bridge foundation in Taiwan often does not have a uniform width. However, few of the researches have focused on safety evaluation of a bridge with a complex pier. Investigation of the scouring depth under such situation is very important. Thus, this study first focuses on investigating and improving the scour prediction formula for a bridge with complicated foundation via experiments and artificial intelligence. Secondly, a probabilistic design procedure is proposed using the established prediction formula for practical engineers under the multi-hazard attacks.

Keywords: bridge, reliability, multi-hazards, scour

Procedia PDF Downloads 343

Authors: Rishabh Shukla, Achin Agrawal, Anupam Saxena, S. Mandal

Abstract:

The existence of a crack, affects the mechanical behaviour and various properties of a structure to a great degree. This paper focuses on recognizing the parameters that gets changed due to the formation of cracks and have a great impact on the performance of the structure. Spalling is a major concern as it leaves the reinforcement bars more susceptible to environmental attacks. Beams of cross section 300 mm × 500 mm are designed and for a calculated area of steel, two different arrangements of reinforced bars are analysed. Results are prepared for different stages of cracking for each arrangement of rebars. The parameters for both arrangements are then compared. The Finite Element Analysis (FEA) is carried out and changes in the properties like flexural strength, Elasticity and modal frequency are reported. The conclusions have been drawn by comparing the results.

Keywords: cracks, elasticity, spalling, FEA

Procedia PDF Downloads 241

Authors: Fairouz Beggas

Abstract:

Due to the large number of exchanges in the networks, the security of communications is essential. Most ways of keeping communication secure rely on encryption. In this work, a symmetric encryption technique is offered to encrypt and decrypt simple Arabic scripts based on a multi-level security. A proposed technique uses an idea of Playfair encryption with a larger table size and an additional layer of encryption to ensure more security. The idea of the proposed algorithm aims to generate a dynamic table that depends on a secret key. The same secret key is also used to create other secret keys to over-encrypt the plaintext in three steps. The obtained results show that the proposed algorithm is faster in terms of encryption/decryption speed and can resist to many types of attacks.

Keywords: arabic data, encryption, playfair, symmetric algorithm

Procedia PDF Downloads 51

Authors: Khaled Alabduljabbar

Abstract:

Background: Benign, isolated, recurrent sixth nerve palsy is very rare in children. Here we report a case of recurrent abducens nerve palsy with no obvious etiology. It is a diagnosis of exclusion. A recurrent benign form of 6th nerve palsy, a rarer still palsy, has been described in the literature, and it is of most likely secondary to inflammatory causes, e.g, following viral and bacterial infections. Purpose: To present a case of 14 months old girl with recurrent attacks of isolated left sixth cranial nerve palsy following upper respiratory tract infection. Observation: The patient presented to opthalmology clinic with sudden onset of inward deviation (esotropia) of the left eye with a compensatory left face turn one week following signs of upper respiratory tract infection. Ophthalmological examination revealed large angle esotropia of the left eye in primary position, with complete limitation of abduction of the left eye, no palpebral fissure changes, and abnormal position of the head (left face turn). Visual acuity was normal, and no significant refractive error on cycloplegic refraction for her age. Fundus examination was normal with no evidence of papilledema. There was no relative afferent pupillary defect (RAPD) and no anisocoria. Past medical history and family history were unremarkable, with no history of convulsion attacks or head trauma. Additional workout include CBC. Erythrocyte sedimentation rate, Urgent magnetic resonance imaging (MRI), and angiography of the brain were performed and demonstrated the absence of intracranial and orbital lesions. Referral to pediatric neurologist was also done and concluded no significant finding. The patient showed improvement of the left sixth cranial nerve palsy and left face turn over a period of two months. Seven months since the first attack, she experienced a recurrent attack of left eye esotropia with left face turn concurrent with URTI. The rest of eye examination was again unremarkable. CT scan and MRI scan of brain and orbit were performed and showed only signs of sinusitis with no intracranial pathology. The palsy resolved spontaneously within two months. A third episode of left 6th nerve palsy occurred 6 months later, whichrecovered over one month. Examination and neuroimagingwere unremarkable. A diagnosis of benign recurrent left 6th cranial nerve palsy was made. Conclusion: Benign sixth cranial nerve palsy is always a diagnosis of exclusion given the more serious and life-threatening alternative causes. It seems to have a good prognosis with only supportive measures. The likelihood of benign 6th cranial nerve palsy to resolve completely and spontaneously is high. Observation for at least 6 months without intervention is advisable.

Keywords: 6th nerve pasy, abducens nerve pasy, recurrent nerve palsy, cranial nerve palsy

Procedia PDF Downloads 59

Authors: M. Kowalski, M. Kastek, M. Szustakowski

Abstract:

Multispectral screening systems are becoming more popular because of their very interesting properties and applications. One of the most significant applications of multispectral screening systems is prevention of terrorist attacks. There are many kinds of threats and many methods of detection. Visual detection of objects hidden under clothing of a person is one of the most challenging problems of threats detection. There are various solutions of the problem; however, the most effective utilize multispectral surveillance imagers. The development of imaging devices and exploration of new spectral bands is a chance to introduce new equipment for assuring public safety. We investigate the possibility of long lasting detection of potentially dangerous objects covered with various types of clothing. In the article we present the results of comparative studies of passive imaging in three spectrums – visible, infrared and terahertz

Keywords: terahertz, infrared, object detection, screening camera, image processing

Procedia PDF Downloads 321

Authors: Rishabh Garg

Abstract:

Traditionally, business parties build trust with a centralized operating mechanism, such as payment by letter of credit. However, the increase in cyber-attacks and malicious hacking has jeopardized business operations and finance practices. Emerging markets, owing to their higher banking risks and bigger presence of digital financing, are looking forward to technology-driven solutions, financial inclusion and innovative working paradigms. Blockchain has the potential to enhance transaction transparency and supply chain traceability. It has captured a vast landscape with 200 million crypto users worldwide. Fintech and blockchain products are popping up across brokerage, digital wallets, exchanges, post-trade clearance, settlement, middleware, infrastructure, and base protocols.

Keywords: blockchain, distributed ledger technology, decentralized applications, ethereum, smart contracts, trade finance

Procedia PDF Downloads 119

Authors: Huseyin Gokberk, Shian Gao

Abstract:

CFD analysis of the relationship between the coefficients of lift and drag with respect to the angle of attack on a NACA 2412 wing section of an RC plane is conducted. Both the 2D and 3D models are investigated with the turbulence model. The 2D analysis has a free stream velocity of 10m/s at different AoA of 0°, 2°, 5°, 10°, 12°, and 15°. The induced drag and drag coefficient increased throughout the changes in angles even after the critical angle had been exceeded, whereas the lift force and coefficient of lift increased but had a limit at the critical stall angle, which results in values to reduce sharply. Turbulence flow characteristics are analysed around the aerofoil with the additions caused due to a finite 3D model. 3D results highlight how wing tip vortexes develop and alter the flow around the wing with the effects of the tapered configuration.

Keywords: CFD, turbulence modelling, aerofoil, angle of attack

Procedia PDF Downloads 166

Authors: Kimaya Subhash Gaikwad, S. B. Waykar

Abstract:

The mobile ad-hoc network (MANET) is collection of various types of nodes. In MANET various protocols are used for communication. In OLSR protocol, a node is selected as multipoint relay (MPR) node which broadcast the messages. As the MANET is open kind of network any malicious node can easily enter into the network and affect the performance of the network. The performance of network mainly depends on the components which are taking part into the communication. If the proper nodes are not selected for the communication then the probability of network being attacked is more. Therefore, it is important to select the more reliable and secure components in the network. MANET does not have any filtering so that only selected nodes can be used for communication. The openness of the MANET makes it easier to attack the communication. The most of the attack are on the Quality of service (QoS) of the network. This paper gives the overview of the various attacks that are possible on OLSR protocol and some solutions. The papers focus mainly on the OLSR protocol.

Keywords: communication, MANET, OLSR, QoS

Procedia PDF Downloads 414

Authors: Yasmeen Cheema, Parvinder Singh

Abstract:

The evolution of Islamic State (acronym IS) has an ultimate goal of restoring the caliphate. IS threat to the global security is main concern of international community but has also raised a factual concern for India about the regular radicalization of IS ideology among Indian youth. The incident of joining Arif Ejaz Majeed, an Indian as ‘jihadist’ in IS has set strident alarm in law & enforcement agencies. On 07.03.2017, many people were injured in an Improvised Explosive Device (IED) blast on-board of Bhopal Ujjain Express. One perpetrator of this incident was killed in encounter with police. But, the biggest shock is that the conspiracy was pre-planned and the assailants who carried out the blast were influenced by the ideology perpetrated by the Islamic State. This is the first time name of IS has cropped up in a terror attack in India. It is a red indicator of violent presence of IS in India, which is spreading through social media. The IS have the capacity to influence the younger Muslim generation in India through its brutal and aggressive propaganda videos, social media apps and hatred speeches. It is a well known fact that India is on the radar of IS, as well on its ‘Caliphate Map’. IS uses Twitter, Facebook and other social media platforms constantly. Islamic State has used enticing videos, graphics, and articles on social media and try to influence persons from India & globally that their jihad is worthy. According to arrested perpetrator of IS in different cases in India, the most of Indian youths are victims to the daydreams which are fondly shown by IS. The dreams that the Muslim empire as it was before 1920 can come back with all its power and also that the Caliph and its caliphate can be re-established are shown by the IS. Indian Muslim Youth gets attracted towards these euphemistic ideologies. Islamic State has used social media for disseminating its poisonous ideology, recruitment, operational activities and for future direction of attacks. IS through social media inspired its recruits & lone wolfs to continue to rely on local networks to identify targets and access weaponry and explosives. Recently, a pro-IS media group on its Telegram platform shows Taj Mahal as the target and suggested mode of attack as a Vehicle Born Improvised Explosive Attack (VBIED). Islamic State definitely has the potential to destroy the Indian national security & peace, if timely steps are not taken. No doubt, IS has used social media as a critical mechanism for recruitment, planning and executing of terror attacks. This paper will therefore examine the specific characteristics of social media that have made it such a successful weapon for Islamic State. The rise of IS in India should be viewed as a national crisis and handled at the central level with efficient use of modern technology.

Keywords: ideology, India, Islamic State, national security, recruitment, social media, terror attack

Procedia PDF Downloads 196

Authors: Aboli Dhanavade, Shweta Bhimnath, Rutuja Jumale, Ajay Nadargi

Abstract:

Security to any of our personal thing is our most basic need. It is not possible to directly apply that standard Human-computer—interaction approaches. Important usability goal for authentication system is to support users in selecting best passwords. Users often select text-passwords that are easy to remember, but they are more open for attackers to guess. The human brain is good in remembering pictures rather than textual characters. So the best alternative is being designed that is Graphical passwords. However, Graphical passwords are still immature. Conventional password schemes are also vulnerable to Shoulder-surfing attacks, many shoulder-surfing resistant graphical passwords schemes have been proposed. Next, we have analyzed the security and usability of the proposed scheme, and show the resistance of the proposed scheme to shoulder-surfing and different accidental logins.

Keywords: shoulder-surfing, security, authentication, text-passwords

Procedia PDF Downloads 327

Authors: Prikhil Agrawal, N. Priyanka

Abstract:

With the increase of millions of users on Internet day by day, it is very essential to maintain highly reliable and secured data communication between various corporations. Although there are various traditional security imparting techniques such as antivirus software, password protection, data encryption, biometrics and firewall etc. But still network security has become the main issue in various leading companies. So IDSs have become an essential component in terms of security, as it can detect various network attacks and respond quickly to such occurrences. IDSs are used to detect unauthorized access to a computer system. This paper describes various intrusion detection techniques using GA approach. The intrusion detection problem has become a challenging task due to the conception of miscellaneous computer networks under various vulnerabilities. Thus the damage caused to various organizations by malicious intrusions can be mitigated and even be deterred by using this powerful tool.

Keywords: genetic algorithm (GA), intrusion detection system (IDS), dataset, network security

Procedia PDF Downloads 260

Authors: M. Djekoun, H. Berrebah, M. R. Djebar

Abstract:

Fusarium wilt attacks the plants of major economic interest including wheat. This disease causes many problems for farmers and economic loss resulting are often very heavy. Chemical control is currently one of the most effective ways to fight against these diseases. In this study, the efficacy of three fungicides (tebuconazole, thiram and fludioxonil - difenoconazole mixture) was tested, in vitro, on the phytopathogenic Fusarium sp. isolated from seeds of wheat. The active ingredients were tested at different concentrations: 0.06, 1.39, 2.79, 5.58, and 11.16 mg/l for tebuconazole, 0.035, 0.052, 0.105, 0.21, and 0.42 mg/l for thiram and finally, for the mixture fludioxonil- difenoconazole 4 concentrations were tested : 0.05, 0.1, 0.5, and 1 mg/l. Toxicity responses were expressed as the effective concentration, which inhibits mycelial growth by 50%, (EC50). Of the three selected fungicides, thirame proved to be the most effective with EC50 value of the order of 0,15 mg/l followed by the mixture of fludioxonil- difenoconazole with 0,27 mg/l and finally tebuconazole with a value of 3.79 mg/l.

Keywords: Fusarium sp, thiram, tebuconazole, fludioxonil, difenoconazole, EC50

Procedia PDF Downloads 512

Authors: Sidra Shabbir, Ayesha Manzoor, Mehreen Sirshar

Abstract:

The use of the network communication has imposed serious threats to the security of assets over the network. Network security is getting more prone to active and passive attacks which may result in serious consequences to data integrity, confidentiality and availability. Various cryptographic techniques have been proposed in the past few years to combat with the concerned problem by ensuring quality but in order to have a fully secured network; a framework of new cryptosystem was needed. This paper discusses certain cryptographic techniques which have shown far better improvement in the network security with enhanced quality assurance. The scope of this research paper is to cover the security pitfalls in the current systems and their possible solutions based on the new cryptosystems. The development of new cryptosystem framework has paved a new way to the widespread network communications with enhanced quality in network security.

Keywords: cryptography, network security, encryption, decryption, integrity, confidentiality, security algorithms, elliptic curve cryptography

Procedia PDF Downloads 701

Authors: Lakshmidevi Sreeramareddy, Komalpreet Kaur, Nane Pothier

Abstract:

Graphical-based passwords have existed for decades. Their major advantage is that they are easier to remember than an alphanumeric password. However, their disadvantage (especially recognition-based passwords) is the smaller password space, making them more vulnerable to brute force attacks. Graphical passwords are also highly susceptible to the shoulder-surfing effect. The gesture-based password method that we developed is a grid-free, template-free method. In this study, we evaluated the gesture-based passwords for usability and vulnerability. The results of the study are significant. We developed a gesture-based password application for data collection. Two modes of data collection were used: Creation mode and Replication mode. In creation mode (Session 1), users were asked to create six different passwords and reenter each password five times. In replication mode, users saw a password image created by some other user for a fixed duration of time. Three different duration timers, such as 5 seconds (Session 2), 10 seconds (Session 3), and 15 seconds (Session 4), were used to mimic the shoulder-surfing attack. After the timer expired, the password image was removed, and users were asked to replicate the password. There were 74, 57, 50, and 44 users participated in Session 1, Session 2, Session 3, and Session 4 respectfully. In this study, the machine learning algorithms have been applied to determine whether the person is a genuine user or an imposter based on the password entered. Five different machine learning algorithms were deployed to compare the performance in user authentication: namely, Decision Trees, Linear Discriminant Analysis, Naive Bayes Classifier, Support Vector Machines (SVMs) with Gaussian Radial Basis Kernel function, and K-Nearest Neighbor. Gesture-based password features vary from one entry to the next. It is difficult to distinguish between a creator and an intruder for authentication. For each password entered by the user, four features were extracted: password score, password length, password speed, and password size. All four features were normalized before being fed to a classifier. Three different classifiers were trained using data from all four sessions. Classifiers A, B, and C were trained and tested using data from the password creation session and the password replication with a timer of 5 seconds, 10 seconds, and 15 seconds, respectively. The classification accuracies for Classifier A using five ML algorithms are 72.5%, 71.3%, 71.9%, 74.4%, and 72.9%, respectively. The classification accuracies for Classifier B using five ML algorithms are 69.7%, 67.9%, 70.2%, 73.8%, and 71.2%, respectively. The classification accuracies for Classifier C using five ML algorithms are 68.1%, 64.9%, 68.4%, 71.5%, and 69.8%, respectively. SVMs with Gaussian Radial Basis Kernel outperform other ML algorithms for gesture-based password authentication. Results confirm that the shorter the duration of the shoulder-surfing attack, the higher the authentication accuracy. In conclusion, behavioral features extracted from the gesture-based passwords lead to less vulnerable user authentication.

Keywords: authentication, gesture-based passwords, machine learning algorithms, shoulder-surfing attacks, usability

Procedia PDF Downloads 74

Authors: E. Cenderelli, E. Bruno, G. Iacoviello, A. Lazzini

Abstract:

The financial sector is exposed to the risk of cyber-attacks like any other industrial sector. Furthermore, the topic of CybeRisk (cyber risk) has become particularly relevant given that Information Technology (IT) attacks have increased drastically in recent years, and cannot be stopped by single organizations requiring a response at international and national level. IT risk is never a matter purely for the IT manager, although he clearly plays a key role. A bank's risk management function requires a thorough understanding of the evolving risks as well as the tools and practical techniques available to address them. Upon the request of European and national legislation regarding CybeRisk in the financial system, banks are therefore called upon to strengthen the operational model for CybeRisk management. This will require an important change with a more intense collaboration with the structures that deal with information security for the development of an ad hoc system for the evaluation and control of this type of risk. The aim of the work is to propose a framework for the management and control of CybeRisk that will bridge the gap in the literature regarding the understanding and consideration of CybeRisk as an integral part of business management. The IT function has a strong relevance in the management of CybeRisk, which is perceived mainly as operational risk, but with a positive tendency on the part of risk management to the identification of CybeRisk assessment methods that are increasingly complete, quantitative and able to better describe the possible impacts on the business. The paper provides answers to the research questions: Is it possible to define a CybeRisk governance structure able to support the comparison between risk and security? How can the relationships between IT assets be integrated into a cyberisk assessment framework to guarantee a system of protection and risks control? From a methodological point of view, this research uses a case study approach. The choice of “Monte dei Paschi di Siena” was determined by the specific features of one of Italy’s biggest lenders. It is chosen to use an intensive research strategy: an in-depth study of reality. The case study methodology is an empirical approach to explore a complex and current phenomenon that develops over time. The use of cases has also the advantage of allowing the deepening of aspects concerning the "how" and "why" of contemporary events, on which the scholar has little control. The research bases on quantitative data and qualitative information obtained through semi-structured interviews of an open-ended nature and questionnaires to directors, members of the audit committee, risk, IT and compliance managers, and those responsible for internal audit function and anti-money laundering. The added value of the paper can be seen in the development of a framework based on a mapping of IT assets from which it is possible to identify their relationships for purposes of a more effective management and control of cyber risk.

Keywords: bank, CybeRisk, information technology, risk management

Procedia PDF Downloads 206

Authors: Dingyang Hu, Dan Liu

Abstract:

DNN (Deep Neural Network) deep learning models are widely used in classification, prediction, and other task scenarios. To address the difficulties of generic adversarial perturbation generation for deep learning models under black-box conditions, a generic adversarial ingestion generation method based on a saliency map (CJsp) is proposed to obtain salient image regions by counting the factors that influence the input features of an image on the output results. This method can be understood as a saliency map attack algorithm to obtain false classification results by reducing the weights of salient feature points. Experiments also demonstrate that this method can obtain a high success rate of migration attacks and is a batch adversarial sample generation method.

Keywords: adversarial sample, gradient, probability, black box

Procedia PDF Downloads 60

Authors: Selman Selim Akyüz, Mete Kazaz

Abstract:

Since The First Gulf War, USA, “Leader of The Free World” has been in trouble with terror. The USA created a complexity in The Middle East and paid the price with terrorist attacks in homeland. USA has made serious mistakes in terms of antiterrorism and fight against its supporters. Democrats have repaired damages caused by the Republican Party's management. Old methods about antiterrorism have been slowly abandoned. Hollywood, too, has played an important part in this war. Sometimes, Hollywood became an unquestioned patriot, sometimes it cried for the death of American Soldiers far away. In this study, messages in The Homeland, broadcast in the USA and a lot of countries around the world, are analyzed in terms of Washington’s foreign policy and position of the CIA in the fight against antiterrorism. The series reflect an orientalist viewpoint and has been criticized for offensive policy against the government. Homeland wanted to offer a perspective for the USA to be the “Leader of The Free World” again but with a liberal-democrat approach, dialogue and rational intelligence methods.

Keywords: antiterrorism, CIA, homeland, USA

Procedia PDF Downloads 333

Authors: L. Sellami, D. Idoughi, P. F. Tiako

Abstract:

Cloud computing provides infrastructure to the enterprise through the Internet allowing access to cloud services at anytime and anywhere. This pervasive aspect of the services, the distributed nature of data and the wide use of information make cloud computing vulnerable to intrusions that violate the security of the cloud. This requires the use of security mechanisms to detect malicious behavior in network communications and hosts such as intrusion detection systems (IDS). In this article, we focus on the detection of intrusion into the cloud sing IDSs. We base ourselves on client authentication in the computing cloud. This technique allows to detect the abnormal use of ubiquitous service and prevents the intrusion of cloud computing. This is an approach based on client authentication data. Our IDS provides intrusion detection inside and outside cloud computing network. It is a double protection approach: The security user node and the global security cloud computing.

Keywords: cloud computing, intrusion detection system, privacy, trust

Procedia PDF Downloads 281

Authors: Ben D. Atkins

Abstract:

This study will examine the impact of September 11, 2001, terrorist attacks on the organizational development of American federal law enforcement through focusing on the Federal Bureau of Investigation. Content analysis of discourse in a federal law enforcement practitioner publication along with official FBI statements will be used to gain a better understanding of FBI organizational changes that have taken place since the events of September 11, 2001. Analysis of content trends in the FBI Law Enforcement Bulletin and public discourse of FBI officials from 1999 to 2005 indicate that, in addition to structural changes, the bureau has also undergone a variety of cultural changes. The results offer some support for the institutional theoretical perspective, suggesting that post-9/11 organizational changes such as new mission priorities and the establishment of new branches were partially initiated due to a variety external pressures, which lends support for coercive isomorphism. Furthermore, structural changes are discussed in relation to the attainment and maintenance of organizational legitimacy.

Keywords: institutional theory, organizational theory, law enforcement, public administration

Procedia PDF Downloads 211

Authors: Lee Kar Heng

Abstract:

Activists are people who use strong actions such as public protests or social media accusations in support of or opposition to controversial issues. While activism is the act of using such vigorous campaigns and actions to achieve political or social changes by the activists, today, the pressure and stresses from activism do not only grow in terms of civil rights but also in racial justice, labour reforms, and environmental change, to name a few. Some activism acts are constructive, but many are destructive, and they affect businesses as activists direct their sights on corporations, business entities, and organizations to achieve their supporting objectives beyond reasonable means. The paper attempts to share experiences of businesses being attacked by activists and how the attacks are mitigated. In sharing, this paper will discuss the effectiveness of the activist action and ways to react to them. The positive and negative impacts caused by activists' support action against corporations are also discussed.

Keywords: activism, conflicts, business, social responsibility

Procedia PDF Downloads 44

Authors: Lumindu Dilumka, Ranaweera I. D., Sudusinghe S. P., Sanduni Kanchana A. M. K.

Abstract:

This study was motivated by the challenges experienced by parents and guardians in ensuring the safety of children in cyberspace. In the last two or three years, online education has become very popular all over the world due to the Covid 19 pandemic. Therefore, parents, guardians and teachers must ensure the safety of children in cyberspace. Children are more likely to go astray and there are plenty of online programs are waiting to get them on the wrong track and also, children who are engaging in the online education can be distracted at any moment. Therefore, parents should keep a close check on their children's online activity. Apart from that, due to the unawareness of children, they tempt to share their sensitive information, causing a chance of being a victim of phishing attacks from outsiders. These problems can be overcome through the proposed web-based system. We use feature extraction, web tracking and analysis mechanisms, image processing and name entity recognition to implement this web-based system.

Keywords: online education, cyber bullying, social media, face recognition, web tracker, privacy data

Procedia PDF Downloads 51

Authors: Ali Akbar Attari, Ali Asghar Beheshti Shirazi

Abstract:

In this paper, we propose a blind and robust audio watermarking scheme based on spread spectrum in Discrete Wavelet Transform (DWT) domain. Watermarks are embedded in the low-frequency coefficients, which is less audible. The key idea is dividing the audio signal into small frames, and magnitude of the 6^th level of DWT approximation coefficients is modifying based upon the Direct Sequence Spread Spectrum (DSSS) technique. Also, the psychoacoustic model for enhancing in imperceptibility, as well as Savitsky-Golay filter for increasing accuracy in extraction, is used. The experimental results illustrate high robustness against most common attacks, i.e. Gaussian noise addition, Low pass filter, Resampling, Requantizing, MP3 compression, without significant perceptual distortion (ODG is higher than -1). The proposed scheme has about 83 bps data payload.

Keywords: audio watermarking, spread spectrum, discrete wavelet transform, psychoacoustic, Savitsky-Golay filter

Procedia PDF Downloads 169