Search results for: advanced persistent threat

Authors: Byung-Ik Kim, Hong-Koo Kang, Tae-Jin Lee, Hae-Ryong Park

Abstract:

Cyber terrors against specific enterprises or countries have been increasing recently. Such attacks against specific targets are called advanced persistent threat (APT), and they are giving rise to serious social problems. The malicious behaviors of APT attacks mostly affect websites and penetrate enterprise networks to perform malevolent acts. Although many enterprises invest heavily in security to defend against such APT threats, they recognize the APT attacks only after the latter are already in action. This paper discusses the characteristics of APT attacks at each step as well as the strengths and weaknesses of existing malicious code detection technologies to check their suitability for detecting APT attacks. It then proposes a network-based malicious behavior detection algorithm to protect the enterprise or national networks.

Keywords: Advanced Persistent Threat (APT), malware, network security, network packet, exploit kits

Procedia PDF Downloads 335

Authors: Nam-Uk Kim, Sung-Hwan Kim, Tai-Myoung Chung

Abstract:

Typical security management systems are not suitable for detecting APT attack, because they cannot draw the big picture from trivial events of security solutions. Although SIEM solutions have security analysis engine for that, their security analysis mechanisms need to be verified in academic field. Although this paper proposes merely an architectural model for APT detection, we will keep studying on correlation analysis mechanism in the future.

Keywords: advanced persistent threat, anomaly detection, data mining

Procedia PDF Downloads 494

Authors: Modesta E. Ezema, Christopher C. Ezema, Christian C. Ugwu, Udoka F. Eze, Florence M. Babalola

Abstract:

Some employees knowingly or unknowingly contribute to loss of data and also expose data to threat in the process of getting their jobs done. Many organizations today are faced with the challenges of how to secure their data as cyber criminals constantly devise new ways of attacking the organization’s secret data. However, this paper enlists the latest strategies that must be put in place in order to protect these important data from being attacked in a collaborative work place. It also introduces us to Advanced Persistent Threats (APTs) and how it works. The empirical study was conducted to collect data from the employee in data centers on how data could be protected from malicious codes and cyber criminals and their responses are highly considered to help checkmate the activities of malicious code and cyber criminals in our work places.

Keywords: data, employee, malware, work place

Procedia PDF Downloads 353

Authors: Parul Khanna, Pavol Zavarsky, Dale Lindskog

Abstract:

Doxing is a term derived from documents, and hence consists of collecting information on an organization or individual through social media websites, search engines, password cracking methods, social engineering tools and other sources of publicly displayed information. The main purpose of doxing attacks is to threaten, embarrass, harass and humiliate the organization or individual. Various tools are used to perform doxing. Tools such as Maltego visualize organization’s architecture which helps in determining weak links within the organization. This paper discusses limitations of Maltego Chlorine CE 3.6.0 and suggests measures as to how organizations can use these tools to protect themselves from doxing attacks.

Keywords: advanced persistent threat, FOCA, OSINT, PII

Procedia PDF Downloads 220

Authors: Serkan Yağlı, Selçuk Dal

Abstract:

Cyber-attacks pose a serious threat to all states. Therefore, states constantly seek for various methods to encounter those threats. In addition, recent changes in the nature of cyber-attacks and their more complicated methods have created a new concept: active cyber defence (ACD). This article tries to answer firstly why ACD is important to NATO and find out the viewpoint of NATO towards ACD. Secondly, infrastructure protection is essential to cyber defence. Critical infrastructure protection with ACD means is even more important. It is assumed that by implementing active cyber defence, NATO may not only be able to repel the attacks but also be deterrent. Hence, the use of ACD has a direct positive effect in all international organizations’ future including NATO.

Keywords: active cyber defence, advanced persistent treat, critical infrastructure, NATO

Procedia PDF Downloads 212

Authors: Desissa Yadeta Muleta

Abstract:

Purely organic long-persistent luminescence materials (OLPLMs) have been developed as emerging organic materials due to their simple production process, low preparation cost and better biocompatibilities. Notably, OLPLMs with afterglow-time-tunable long-persistent luminescence (LPL) characteristics enable higher-level protection applications and have great prospects in biological applications. The realization of these advanced performances depends on our ability to gradually tune LPL duration under ambient conditions, however, the strategies to achieve this are few due to the lack of unambiguous mechanisms. Here, we propose a two-step strategy to gradually tune LPL duration of OLPLMs over a wide range of seconds in water and air, by using derivatives as the guest and introducing a third-party material into the host-immobilized host–guest doping system. Based on this strategy, we develop an analysis method for deoxyribonucleic acid (DNA) content detection without DNA separation in aqueous samples, which circumvents the influence of the chromophore, fluorophore and other interferents in vivo, enabling a certain degree of in situ detection that is difficult to achieve using today’s methods. This work will expedite the development of afterglow-time-tunable OLPLMs and expand new horizons for their applications in data protection, bio-detection, and bio-sensing

Keywords: deoxyribonucliec acid, long persistent luminescent materials, water, air

Procedia PDF Downloads 42

Authors: Vasileios Anastopoulos

Abstract:

Cyber threat intelligence assists organizations in understanding the threats they face and helps them make educated decisions on preparing their defenses. Sharing of threat intelligence and threat information is increasingly leveraged by organizations and enterprises, and various software solutions are already available, with the open-source malware information sharing platform (MISP) being a popular one. In this work, a methodology for the production of cyber threat intelligence using the threat information stored in MISP is proposed. The methodology leverages the discipline of social network analysis and the diamond model, a model used for intrusion analysis, to produce cyber threat intelligence. The workings are demonstrated with a case study on a production MISP instance of a real organization. The paper concluded with a discussion on the proposed methodology and possible directions for further research.

Keywords: cyber threat intelligence, diamond model, malware information sharing platform, social network analysis

Procedia PDF Downloads 124

Authors: Srinivasarao Akuthota, Rajasekhar Pabolu, Bharathi Hepattam

Abstract:

Purpose: To assess the efficacy of intravitreal Avastin in subjects with recurrent wet AMD and persistent diffuse DME on the basis of OCT. Design: Retrospective, non-comparative, observational study,single center study. Conclusion: The study showed that intravitreal Avastin has an equivalent effect on recurrent AMD and in persistent diffuse DME.

Keywords: age-related macular degeneration (AMD), diffuse diabetic retinopathy (DME), intravitreal Avastin (IVA), optical coherence tomography (OCT)

Procedia PDF Downloads 335

Authors: Aleksandra Gajda

Abstract:

Among students between 12 and 13, the probability of activating the stereotype threat increases noticeably. Girls consider themselves weaker in science, while boys consider themselves weaker in the field of language skills. This phenomenon is disturbing because it may result in wrong choices of the further path of education, not consistent with the actual competences of the students. Meanwhile, negative effects of the stereotype threat, observable in the loss of focus on the task and transferring it to dealing with fear of failure, can be reduced by various factors. The study examined the impact of creativity on eliminating the stereotype threat. The experiment in the form of a 2 (gender: male vs. female) x 3 (traditional gender roles: neutral version vs. nontraditional gender roles) x 2 (creativity: low vs. high) factorial design was conducted. The results showed that a high level of creative abilities may reduce the negative effects of stereotype threat in educational setting.

Keywords: creativity, education, language skills, mathematical skills, stereotype threat

Procedia PDF Downloads 83

Authors: Mirko Sailio

Abstract:

Border crossing automatization reduces required human resources in handling people crossing borders. As technology replaces and augments the work done by border officers, new cyber threats arise to threaten border security. This research analyses the current cyber threat actors and their capabilities. The analysis is conducted by gathering the threat actor data from a wide range of public sources. A model for a general border automatization system is presented, and its most significant cyber-security attributes are then compared to threat actor activity and capabilities in order to predict priorities in securing such systems. Organized crime and nation-state actors present the clearest threat to border cyber-security, and additional focus is given to their motivations and activities.

Keywords: border automation, cyber-security, threat actors, border cyber-security

Procedia PDF Downloads 168

Authors: Jihen Bennaceur, Wissem Zouaghi, Ali Mabrouk

Abstract:

The major aim of cyber threat intelligence (CTI) is to provide sophisticated knowledge about cybersecurity threats to ensure internal and external safeguards against modern cyberattacks. Inaccurate, incomplete, outdated, and invaluable threat intelligence is the main problem. Therefore, data analysis based on AI algorithms is one of the emergent solutions to overcome the threat of information-sharing issues. In this paper, we propose a supervised machine learning-based algorithm to improve threat information sharing by providing a sophisticated classification of cyber threats and data. Extensive simulations investigate the accuracy, precision, recall, f1-score, and support overall to validate the designed algorithm and to compare it with several supervised machine learning algorithms.

Keywords: threat information sharing, supervised learning, data classification, performance evaluation

Procedia PDF Downloads 109

Authors: Sarah Mhae Diaz, Erika Anna De Leon, Jacklin Alwil Cartagena, Geordan Caruncong, Micah Riezl Gonzales

Abstract:

This study examined the intervention of threat and surveillance on the obedience of 100 preschool children through a task variable experiment replicated from the previous studies of Higbee (1979), and Chua, J., Chua, M., & Pico (1983). Nowadays, obedience among Filipino children to authority is disregarded since they are more outspoken and rebel due to social influences. With this, aside from corporal punishment, threat and surveillance became a mean of inducing obedience. Threat, according to the Dissonance Theory, can give attitudinal change. On the other hand, surveillance, according to the Theory of Social Facilitation, can either contribute to the completion or failure to do a task. Through a 2x2 factorial design, results show; (1) threat (F(1,96) = 12.487, p < 0.05) and (2) surveillance (F(1,96)=9.942, p<.05) had a significant main effect on obedience, suggesting that the Dissonance Theory and Theory of Social Facilitation is respectively true in the study. On the other hand, (3) no interaction (F(1,96)=1.303, p > .05) was seen since threat and surveillance both have a main effect that could be positive or negative, or could be because of their complementary property as supported by the post-hoc results. Also, (4) most effective commanding style is threat and surveillance setting (M = 30.04, SD = 7.971) due to the significant main effect of the two variables. With this, in the Filipino Setting, threat and surveillance has proven to be a very effective strategy to discipline and induce obedience from a child.

Keywords: experimental study, obedience, preschool children, surveillance, threat

Procedia PDF Downloads 462

Authors: Azene Zenebe

Abstract:

Deep learning is a subset of machine learning which incorporates techniques for the construction of artificial neural networks and found to be useful for modeling complex problems with large dataset. Deep learning requires a very high power computational and longer time for training. By aggregating computing power, high performance computer (HPC) has emerged as an approach to resolving advanced problems and performing data-driven research activities. Cyber threat intelligence (CIT) is actionable information or insight an organization or individual uses to understand the threats that have, will, or are currently targeting the organization. Results of review of literature will be presented along with results of experimental study that compares the performance of tree-based and function-base machine learning including deep learning algorithms using secondary dataset collected from darknet.

Keywords: deep-learning, cyber security, cyber threat modeling, tree-based machine learning, function-based machine learning, data science

Procedia PDF Downloads 119

Authors: Anisul Islam

Abstract:

The U.S. has a very strong trade relationship with China but with a large and persistent trade deficit. Some has argued that the undervalued Chinese Yuan is to be blamed for the persistent trade deficit. The empirical results are mixed at best. This paper empirically estimates the U.S. export function along with the U.S. import function with its trade with China with the purpose of testing for the existence of the Marshall-Lerner (ML) condition as well for the possible existence of the J-curve hypothesis. Annual export and import data will be utilized for as long as the time series data exists. The export and import functions will be estimated using advanced econometric techniques, along with appropriate diagnostic tests performed to examine the validity and reliability of the estimated results. The annual time-series data covers from 1975 to 2022 with a sample size of 48 years, the longest period ever utilized before in any previous study. The data is collected from several sources, such as the World Bank’s World Development Indicators, IMF Financial Statistics, IMF Direction of Trade Statistics, and several other sources. The paper is expected to shed important light on the ongoing debate regarding the persistent U.S. trade deficit with China and the policies that may be useful to reduce such deficits over time. As such, the paper will be of great interest for the academics, researchers, think tanks, global organizations, and policy makers in both China and the U.S.

Keywords: exports, imports, marshall-lerner condition, j-curve hypothesis, united states, china

Procedia PDF Downloads 32

Authors: Senay Yitmen

Abstract:

This research investigated individual’s support and helping intentions towards Syrian refugees in Turkey. This is examined in relation to perceived threat and negative emotions, and also to the perceptions of whether one’s intimate social network (family and friends) considers Syrians a threat (descriptive network norm) and whether this network morally supports Syrian refugees (injunctive norms). A questionnaire study was conducted among Turkish participants (n= 565) and the results showed that perception of threat was associated with negative emotions which, in turn, were related to less support of Syrian refugees. Additionally, descriptive norms moderated the relationship between perceived threat and negative emotions towards Syrian refugees. Furthermore, injunctive norms moderated the relationship between negative emotions and support to Syrian refugees. Specifically, the findings indicate that perceived threat is associated with less support of Syrian refugees through negative emotions when descriptive norms are weak and injunctive norms are strong. Injunctive norms appear to trigger a dilemma over the decision to conform or not to conform: when one has negative emotions as a result of perceived threat, it becomes more difficult to conform to the moral obligation of injunctive norms which is associated with less support of Syrian refugees. Hence, these findings demonstrate that both descriptive and injunctive norms are important and play different roles in individual’s support of Syrian refugees.

Keywords: descriptive norms, emotions, injunctive norms, the perception of threat

Procedia PDF Downloads 158

Authors: Nisha Gaur, K.Narasimhulu, Pydi Setty Yelamarthy

Abstract:

Persistent organic pollutants (POPs) have become a great concern due to their toxicity, transformation and bioaccumulation property. Therefore, this review highlights the types, sources, classification health hazards and mobility of organochlorine pesticides, industrial chemicals and their by-products. Moreover, with the signing of Aarhus and Stockholm convention on POPs there is an increased demand to identify and characterise such chemicals from industries and environment which are toxic in nature or to existing biota. Due to long life, persistent nature they enter into body through food and transfer to all tropic levels of ecological unit. In addition, POPs are lipophilic in nature and accumulate in lipid-containing tissues and organs which further indicates the adverse symptoms after the threshold limit. Though, several potential enzymes are reported from various categories of microorganism and their interaction with POPs may break down the complex compounds either through biodegradation, biostimulation or bioaugmentation process, however technological advancement and human activities have also indicated to explore the possibilities for the role of genetically modified organisms and metagenomics and metabolomics. Though many studies have been done to develop low cost, effective and reliable method for detection, determination and removal of ultra-trace concentration of persistent organic pollutants (POPs) but due to insufficient knowledge and non-feasibility of technique, the safe management of POPs is still a global challenge.

Keywords: persistent organic pollutants, bioaccumulation, biostimulation, microbial remediation

Procedia PDF Downloads 257

Authors: Jonathan W. Z. Lim, Vrizlynn L. L. Thing

Abstract:

Cybercrimes are on the rise, in part due to technological advancements, as well as increased avenues of exploitation. Sophisticated threat actors are leveraging on such advancements to execute their malicious intentions. The increase in cybercrimes is prevalent, and it seems unlikely that they can be easily eradicated. A more serious concern is that the community may come to accept the notion that this will become the trend. As such, the key question revolves around how we can reduce cybercrime in this evolving landscape. In our paper, we propose to build a systematic framework through the lens of a cyber threat actor. We explore the motivation factors behind the crimes and the crime stages of the threat actors. We then formulate intervention plans so as to discourage the act of committing malicious cyber activities and also aim to integrate ex-cyber offenders back into society.

Keywords: crime motivations, crime prevention, cybercrime, ex-cyber criminals

Procedia PDF Downloads 108

Authors: Arun Prabhakar

Abstract:

Threat modeling is an important activity carried out in the initial stages of the development lifecycle that helps in building proactive security measures in the product. Though there are many techniques and tools available today, one of the common challenges with the traditional methods is the lack of a systematic approach in identifying security threats. The proposed solution describes an organized model by defining ontologies that help in building patterns to enumerate threats. The concepts of graph theory are applied to build the pattern for discovering threats for any given scenario. This graph-based solution also brings in other benefits, making it a customizable and scalable model.

Keywords: directed acyclic graph, ontology, patterns, threat identification, threat modeling

Procedia PDF Downloads 108

Authors: Anyaphat Srithanasuwan, Noppason Pangprasit, Montira Intanon, Phongsakorn Chuammitri, Witaya Suriyasathaporn, Ynte H. Schukken

Abstract:

Streptococcus uberis is one of the most common mastitis-causing pathogens, with a wide range of intramammary infection (IMI) durations and pathogenicity. This study aimed to compare shared or unique virulence factor gene clusters distinguishing persistent and transient strains of S. uberis. A total of 139 S. uberis strains were isolated from three small-holder dairy herds with a high prevalence of S. uberis mastitis. The duration of IMI was used to categorize bacteria into two groups: transient and persistent strains with an IMI duration of less than 1 month and longer than 2 months, respectively. Six representative S. uberis strains, three from each group (transience and persistence) were selected for analysis. All transient strains exhibited multi-locus sequence types (MLST), indicating a highly diverse population of transient S. uberis. In contrast, MLST of persistent strains was available in an online database (pubMLST). Identification of virulence genes was performed using whole-genome sequencing (WGS) data. Differences in genomic size and number of virulent genes were found. For example, the BCA gene or alpha-c protein and the gene associated with capsule formation (hasAB), found in persistent strains, are important for attachment and invasion, as well as the evasion of the antimicrobial mechanisms and survival persistence, respectively. These findings suggest a genetic-level difference between the two strain types. Consequently, a comprehensive study of 139 S. uberis isolates will be conducted to perform an in-depth genetic assessment through WGS analysis on an Illumina platform.

Keywords: Streptococcus Uberis, mastitis, whole genome sequence, intramammary infection, persistent S. Uberis, transient s. Uberis

Procedia PDF Downloads 17

Authors: Raluca Ana Maria Viziteu, Anna Prudnikova

Abstract:

Industrial control systems (ICS) have received much attention in recent years due to the convergence of information technology (IT) and operational technology (OT) that has increased the interdependence of safety and security issues to be considered. These issues require ICS-tailored solutions. That led to the need to creation of a methodology for supporting ICS device manufacturers and system integrators in carrying out threat modeling of embedded ICS devices in a way that guarantees the quality of the identified threats and minimizes subjectivity in the threat identification process. To research, the possibility of creating such a methodology, a set of existing standards, regulations, papers, and publications related to threat modeling in the ICS sector and other sectors was reviewed to identify various existing methodologies and methods used in threat modeling. Furthermore, the most popular ones were tested in an exploratory phase on a specific PLC device. The outcome of this exploratory phase has been used as a basis for defining specific characteristics of ICS embedded devices and their deployment scenarios, identifying the factors that introduce subjectivity in the threat modeling process of such devices, and defining metrics for evaluating the minimum quality requirements of identified threats associated to the deployment of the devices in existing infrastructures. Furthermore, the threat modeling methodology was created based on the previous steps' results. The usability of the methodology was evaluated through a set of standardized threat modeling requirements and a standardized comparison method for threat modeling methodologies. The outcomes of these verification methods confirm that the methodology is effective. The full paper includes the outcome of research on different threat modeling methodologies that can be used in OT, their comparison, and the results of implementing each of them in practice on a PLC device. This research is further used to build a threat modeling methodology tailored to OT environments; a detailed description is included. Moreover, the paper includes results of the evaluation of created methodology based on a set of parameters specifically created to rate threat modeling methodologies.

Keywords: device manufacturers, embedded devices, industrial control systems, threat modeling

Procedia PDF Downloads 52

Authors: Anna Siegler, Sara Bigazzi, Sara Serdult, Ildiko Bokretas

Abstract:

Social identity emerging from group membership defines the representational processes of our social reality. Based on our theoretical assumption the subjective perception of identity threat leads to an instable identity structure. The need to re-establish the positive identity will lead us to strengthen group boundaries. Prejudice in our perspective offer psychological security those who thinking in exclusive barriers, and we suggest that those who identify highly with their ingroup/national identity and less with superordinate identities take distance from others and this is related to their perception of threat. In our study we used a newly developed questionnaire, the Multiple Threat and Prejudice Questionnaire (MTPQ) which measure identity threat at different dimensions of identification (national, existential, gender, religious) and the distancing of different outgroups, over and above we worked with Social Dominance Orientation (SDO) and Identification with All Humanity Scale (IWAH). We conduct one data collection (N=1482) in a Hungarian sample to examine the connection between national threat and distance-taking, and this survey includes the investigation (N=218) of identification with different group categories. Our findings confirmed that those who feel themselves threatened in their national identity aspects are less likely to identify themselves with superordinate groups and this correlation is much stronger when they think about the nation as a bio-cultural unit, while if nation defined as a social-economy entity this connection is less powerful and has just the opposite direction.

Keywords: group boundaries, identity threat, prejudice, superordinate groups

Procedia PDF Downloads 372

Authors: Yang Luo, Beibei Wang

Abstract:

In this paper, we present a design methodology of lightweight register transfer level (RTL) hardware threat implemented based on a MAX II FPGA platform. The dynamic power consumed by the toggling of the various bit of registers as well as the dynamic power consumed per unit of logic circuits were analyzed. The hardware threat was designed taking advantage of the differences in dynamic power consumed per unit of logic circuits to hide the transfer information. The experiment result shows that the register hardware threat was successfully implemented by using different dynamic power consumed per unit of logic circuits to hide the key information of DES encryption module. It needs more than 100000 sample curves to reduce the background noise by comparing the sample space when it completely meets the time alignment requirement. In additional, an external trigger signal is playing a very important role to detect the hardware threat in this experiment.

Keywords: side-channel analysis, hardware Trojan, register transfer level, dynamic power

Procedia PDF Downloads 250

Authors: Jun Su Ha

Abstract:

Various advanced technologies will be adopted in Advanced Control Rooms (ACRs) of advanced Nuclear Power Plants (NPPs), which is thought to increase operators’ performance. However, potential human factors issues coupled with digital technologies might be troublesome. Human factors issues in ACRs are identified and strategies (or countermeasures) for evaluating and analyzing each of issues are addressed in this study.

Keywords: advanced control room, human factor issues, human performance, human error, nuclear power plant

Procedia PDF Downloads 433

Authors: Anmari Viljamaa, Elina Varamäki

Abstract:

In this study we compare the profiles of transitory hybrid entrepreneurs and persistent hybrid entrepreneurs to determine how they differ. Hybrid entrepreneurs (HEs) represent a significant share of entrepreneurial activity yet little is known about them. We define HEs as individuals who are active as entrepreneurs but do no support themselves primarily by their enterprise. Persistent HEs (PHEs) are not planning to transition to fulltime entrepreneurship whereas transitory HEs (THEs) consider it probable. Our results show that THEs and PHEs are quite similar in background. THEs are more interested in increasing their turnover than PHEs, as expected, but also emphasize self-fulfillment as a motive for entrepreneurship more than PHEs. The clearest differences between THEs and PHEs are found in their views on how well their immediate circle supports full-time entrepreneurship, and their views of their own entrepreneurial abilities and the market potential of their firm. Our results support earlier arguments that hybrids should be considered separately in research on entrepreneurial entry and self-employment.

Keywords: hybrid entrepreneurship, part-time entrepreneurship, self-employment, Theory of Planned Behavior

Procedia PDF Downloads 375

Authors: Minh Quang Le, Dane Taylor

Abstract:

Convection is a well-studied topic in fluid dynamics, yet it is less understood in the context of networks flows. Here, we incorporate techniques from topological data analysis (namely, persistent homology) to automate the detection and characterization of convective/cyclic/chiral flows over networks, particularly those that arise for irreversible Markov chains (MCs). As two applications, we study convection cycles arising under the PageRank algorithm, and we investigate chiral edges flows for a stochastic model of a bi-monomer's configuration dynamics. Our experiments highlight how system parameters---e.g., the teleportation rate for PageRank and the transition rates of external and internal state changes for a monomer---can act as homology regularizers of convection, which we summarize with persistence barcodes and homological bifurcation diagrams. Our approach establishes a new connection between the study of convection cycles and homology, the branch of mathematics that formally studies cycles, which has diverse potential applications throughout the sciences and engineering.

Keywords: homology, persistent homolgy, markov chains, convection cycles, filtration

Procedia PDF Downloads 101

Authors: B. Lokuketagoda, M. Weerakoon, U. Madushan, A. N. Senaratne, K. Y. Abeywardena

Abstract:

Ransomware has become a common threat in past few years and the recent threat reports show an increase of growth in Ransomware infections. Researchers have identified different variants of Ransomware families since 2015. Lack of knowledge of the user about the threat is a major concern. Ransomware detection methodologies are still growing through the industry. Email is the easiest method to send Ransomware to its victims. Uninformed users tend to click on links and attachments without much consideration assuming the emails are genuine. As a solution to this in this paper R-Killer Ransomware detection tool is introduced. Tool can be integrated with existing email services. The core detection Engine (CDE) discussed in the paper focuses on separating suspicious samples from emails and handling them until a decision is made regarding the suspicious mail. It has the capability of preventing execution of identified ransomware processes. On the other hand, Sandboxing and URL analyzing system has the capability of communication with public threat intelligence services to gather known threat intelligence. The R-Killer has its own mechanism developed in its Proactive Monitoring System (PMS) which can monitor the processes created by downloaded email attachments and identify potential Ransomware activities. R-killer is capable of gathering threat intelligence without exposing the user’s data to public threat intelligence services, hence protecting the confidentiality of user data.

Keywords: ransomware, deep learning, recurrent neural networks, email, core detection engine

Procedia PDF Downloads 178

Authors: Eashwar V. Somasundaram, Raoul R. Wadhwa, Jacob G. Scott

Abstract:

The use of radiomics in measuring geometric properties of tumor images such as size, surface area, and volume has been invaluable in assessing cancer diagnosis, treatment, and prognosis. In addition to analyzing geometric properties, radiomics would benefit from measuring topological properties using persistent homology. Intuitively, features uncovered by persistent homology may correlate to tumor structural features. One example is necrotic cavities (corresponding to 2D topological features), which are markers of very aggressive tumors. We develop a data pipeline in R that clusters tumors images based on persistent homology is used to identify meaningful clinical distinctions between tumors and possibly new relationships not captured by established clinical categorizations. A preliminary analysis was performed on 16 Magnetic Resonance Imaging (MRI) breast tissue segments downloaded from the 'Investigation of Serial Studies to Predict Your Therapeutic Response with Imaging and Molecular Analysis' (I-SPY TRIAL or ISPY1) collection in The Cancer Imaging Archive. Each segment represents a patient’s breast tumor prior to treatment. The ISPY1 dataset also provided the estrogen receptor (ER), progesterone receptor (PR), and human epidermal growth factor receptor 2 (HER2) status data. A persistent homology matrix up to 2-dimensional features was calculated for each of the MRI segmentation. Wasserstein distances were then calculated between all pairwise tumor image persistent homology matrices to create a distance matrix for each feature dimension. Since Wasserstein distances were calculated for 0, 1, and 2-dimensional features, three hierarchal clusters were constructed. The adjusted Rand Index was used to see how well the clusters corresponded to the ER/PR/HER2 status of the tumors. Triple-negative cancers (negative status for all three receptors) significantly clustered together in the 2-dimensional features dendrogram (Adjusted Rand Index of .35, p = .031). It is known that having a triple-negative breast tumor is associated with aggressive tumor growth and poor prognosis when compared to non-triple negative breast tumors. The aggressive tumor growth associated with triple-negative tumors may have a unique structure in an MRI segmentation, which persistent homology is able to identify. This preliminary analysis shows promising results in the use of persistent homology on tumor imaging to assess the severity of breast tumors. The next step is to apply this pipeline to other tumor segment images from The Cancer Imaging Archive at different sites such as the lung, kidney, and brain. In addition, whether other clinical parameters, such as overall survival, tumor stage, and tumor genotype data are captured well in persistent homology clusters will be assessed. If analyzing tumor MRI segments using persistent homology consistently identifies clinical relationships, this could enable clinicians to use persistent homology data as a noninvasive way to inform clinical decision making in oncology.

Keywords: cancer biology, oncology, persistent homology, radiomics, topological data analysis, tumor imaging

Procedia PDF Downloads 103

Authors: Ranj Tofik

Abstract:

This article aims to demonstrate a link and/or correlation between the rise of China and the US-Iranian conflict, from a US point of view. To demonstrate this link, the article relies on the content analysis method by analyzing American reports and official data. This article concludes that this correlation indicates that the more China rises and the greater the Chinese threat to America, the more changes will occur in the US-Iranian conflict and the US actions regarding this conflict will increase – in the form of imposing sanctions and using means of pressure on Iran, or trying to reach an agreement and settlement with Iran. This article, via noting and observing that correlation, also claims that before 2012, Iran was a regional threat to US interests in the Middle East. However, after 2012 when the rise of China became one of the major threats to America, Iran, because of its rapprochement with China, became also part of the Chinese threat, which is a threat to America's global standing. In addition, observing this correlation indicates the possibility that the rise of China and its threat to the USA has become one of the main drivers in the US-Iranian conflict. Consequently, it can be said that Iran has become a vital issue in the US-China rivalry, as it has become an appropriate gateway for China to enter the Middle East and undermine US hegemony there.

Keywords: China-Iran relations, China's rise, JCPOA, US-Chinese competition, US-Iranian conflict

Procedia PDF Downloads 55

Authors: Nadine Sammy, Mark Wilson, Samuel Vine

Abstract:

The Theory of Challenge and Threat States in Athletes (TCTSA) states that self-efficacy is an antecedent of challenge and threat. These states result from conscious and unconscious evaluations of situational demands and personal resources and are represented by both cognitive and physiological markers. Challenge is considered a more adaptive stress response as it is associated with a more efficient cardiovascular profile, as well as better performance and attention effects compared with threat. Self-efficacy is proposed to influence challenge/threat because an individual’s belief that they have the skills necessary to execute the courses of action required to succeed contributes to a perception that they can cope with the demands of the situation. This study experimentally examined the effects of self-efficacy on cardiovascular responses (challenge and threat), demand and resource evaluations, performance and attention under pressurised conditions. Forty-five university students were randomly assigned to either a control (n=15), low self-efficacy (n=15) or high self-efficacy (n=15) group and completed baseline and pressurised golf putting tasks. Self-efficacy was manipulated using false feedback adapted from previous studies. Measures of self-efficacy, cardiovascular reactivity, demand and resource evaluations, task performance and attention were recorded. The high self-efficacy group displayed more favourable cardiovascular reactivity, indicative of a challenge state, compared with the low self-efficacy group. The former group also reported high resource evaluations, but no task performance or attention effects were detected. These findings demonstrate that levels of self-efficacy influence cardiovascular reactivity and perceptions of resources under pressurised conditions.

Keywords: cardiovascular, challenge, performance, threat

Procedia PDF Downloads 204

Authors: Li Qiang, Yang Ze-Ming, Liu Bao-Xu, Jiang Zheng-Wei

Abstract:

With the increasing complexity of cyberspace security, the cyber-attack attribution has become an important challenge of the security protection systems. The difficult points of cyber-attack attribution were forced on the problems of huge data handling and key data missing. According to this situation, this paper presented a reasoning method of cyber-attack attribution based on threat intelligence. The method utilizes the intrusion kill chain model and Bayesian network to build attack chain and evidence chain of cyber-attack on threat intelligence platform through data calculation, analysis and reasoning. Then, we used a number of cyber-attack events which we have observed and analyzed to test the reasoning method and demo system, the result of testing indicates that the reasoning method can provide certain help in cyber-attack attribution.

Keywords: reasoning, Bayesian networks, cyber-attack attribution, Kill Chain, threat intelligence

Procedia PDF Downloads 407