Search results for: armed attack

Authors: Manas Tripathi, Arunabha Mukhopadhyay

Abstract:

In Cloud computing environment, cloud servers, sometimes may crash after receiving huge amount of request and cloud services may stop which can create huge loss to users of that cloud services. This situation is called Denial of Service (DoS) attack. In Distributed Denial of Service (DDoS) attack, an attacker targets multiple network paths by compromising various vulnerable systems (zombies) and floods the victim with huge amount of request through these zombies. There are many solutions to mitigate this challenge but most of the methods allows the attack traffic to arrive at Cloud Service Provider (CSP) and then only takes actions against mitigation. Here in this paper we are rather focusing on preventive mechanism to deal with these attacks. We analyze network topology and find most vulnerable paths beforehand without waiting for the traffic to arrive at CSP. We have used Dijkstra's and Yen’s algorithm. Finally, risk assessment of these paths can be done by multiplying the probabilities of attack for these paths with the potential loss.

Keywords: cloud computing, DDoS, Dijkstra, Yen’s k-shortest path, network security

Procedia PDF Downloads 256

Authors: Jonathan Sohn

Abstract:

Deep neural networks (DNNs) have shown state-of-the-art performance for many applications, including computer vision, natural language processing, and speech recognition. Recently, adversarial attacks have been studied in the context of deep neural networks, which aim to alter the results of deep neural networks by modifying the inputs slightly. For example, an adversarial attack on a DNN used for object detection can cause the DNN to miss certain objects. As a result, the reliability of DNNs is undermined by their lack of robustness against adversarial attacks, raising concerns about their use in safety-critical applications such as autonomous driving. In this paper, we focus on studying the adversarial attacks and defenses on DNNs for image classification. There are two types of adversarial attacks studied which are fast gradient sign method (FGSM) attack and projected gradient descent (PGD) attack. A DNN forms decision boundaries that separate the input images into different categories. The adversarial attack slightly alters the image to move over the decision boundary, causing the DNN to misclassify the image. FGSM attack obtains the gradient with respect to the image and updates the image once based on the gradients to cross the decision boundary. PGD attack, instead of taking one big step, repeatedly modifies the input image with multiple small steps. There is also another type of attack called the target attack. This adversarial attack is designed to make the machine classify an image to a class chosen by the attacker. We can defend against adversarial attacks by incorporating adversarial examples in training. Specifically, instead of training the neural network with clean examples, we can explicitly let the neural network learn from the adversarial examples. In our experiments, the digit recognition accuracy on the MNIST dataset drops from 97.81% to 39.50% and 34.01% when the DNN is attacked by FGSM and PGD attacks, respectively. If we utilize FGSM training as a defense method, the classification accuracy greatly improves from 39.50% to 92.31% for FGSM attacks and from 34.01% to 75.63% for PGD attacks. To further improve the classification accuracy under adversarial attacks, we can also use a stronger PGD training method. PGD training improves the accuracy by 2.7% under FGSM attacks and 18.4% under PGD attacks over FGSM training. It is worth mentioning that both FGSM and PGD training do not affect the accuracy of clean images. In summary, we find that PGD attacks can greatly degrade the performance of DNNs, and PGD training is a very effective way to defend against such attacks. PGD attacks and defence are overall significantly more effective than FGSM methods.

Keywords: deep neural network, adversarial attack, adversarial defense, adversarial machine learning

Procedia PDF Downloads 158

Authors: Hakan Erol, Altan Elibol, Ömer Eryılmaz, Mehmet Şimşek

Abstract:

Organizations aim to manage information in a most possible effective way for sustainment and development. In doing so, they apply various procedures and methods. The very same situation is valid for each service of Armed Forces. During long-lasting endeavors such as shaping and maintaining security environment, supporting and securing peace, knowledge management is a crucial asset. Optimum Balance Model aims to promote the system from a decisive point to a higher decisive point. In this context, this paper analyses the application of optimum balance model to knowledge management in Armed Forces and tries to find answer to the question how Optimum Balance Model is integrated in knowledge management.

Keywords: optimum balance model, knowledge management, security environment, supporting peace

Procedia PDF Downloads 367

Authors: G. Usha, S. Kannimuthu, K. Mahalakshmi

Abstract:

Mobile Adhoc Network (MANET) is one of the most promising technologies that have applications ranging from various portable devices to military networks. MANET has no fixed infrastructure and the security of such network is a big concern. Therefore, in order to operate MANET’s securely, the misbehavior and intrusions should be detected before the attackers affect the network communication. In this article, we make a comprehensive survey against black hole attack that is a serious threat against MANET that exploits the routing behavior of the MANET. We have given broad survey solutions that detect black hole attacks in MANET. This is achieved by analyzing the techniques involved in detecting the attacks in each scheme. Furthermore, we examine about the challenges to the researchers for constructing an in-depth solution against black hole attack.

Keywords: AODV, cross layer security, mobile Adhoc network (MANET), packet delivery ratio, single layer security

Procedia PDF Downloads 379

Authors: Rakesh Kumar, A. K. Ghosh

Abstract:

The paper presents the modeling of linear and nonlinear longitudinal aerodynamics using real flight data of Hansa-3 aircraft gathered at low and high angles of attack. The Neural-Gauss-Newton (NGN) method has been applied to model the linear and nonlinear longitudinal dynamics and estimate parameters from flight data. Unsteady aerodynamics due to flow separation at high angles of attack near stall has been included in the aerodynamic model using Kirchhoff’s quasi-steady stall model. NGN method is an algorithm that utilizes Feed Forward Neural Network (FFNN) and Gauss-Newton optimization to estimate the parameters and it does not require any a priori postulation of mathematical model or solving of equations of motion. NGN method was validated on real flight data generated at moderate angles of attack before application to the data at high angles of attack. The estimates obtained from compatible flight data using NGN method were validated by comparing with wind tunnel values and the maximum likelihood estimates. Validation was also carried out by comparing the response of measured motion variables with the response generated by using estimates a different control input. Next, NGN method was applied to real flight data generated by executing a well-designed quasi-steady stall maneuver. The results obtained in terms of stall characteristics and aerodynamic parameters were encouraging and reasonably accurate to establish NGN as a method for modeling nonlinear aerodynamics from real flight data at high angles of attack.

Keywords: parameter estimation, NGN method, linear and nonlinear, aerodynamic modeling

Procedia PDF Downloads 413

Authors: Jaimin Patel

Abstract:

Cloud computing is one of the most sharp and important movement in various computing technologies. It provides flexibility to users, cost effectiveness, location independence, easy maintenance, enables multitenancy, drastic performance improvements, and increased productivity. On the other hand, there are also major issues like security. Being a common server, security for a cloud is a major issue; it is important to provide security to protect user’s private data, and it is especially important in e-commerce and social networks. In this paper, encryption algorithms such as Advanced Encryption Standard algorithms, their vulnerabilities, risk of attacks, optimal time and complexity management and comparison with other algorithms based on software implementation is proposed. Encryption techniques to improve the performance of AES algorithms and to reduce risk management are given. Secure Hash Algorithms, their vulnerabilities, software implementations, risk of attacks and comparison with other hashing algorithms as well as the advantages and disadvantages between hashing techniques and encryption are given.

Keywords: Cloud computing, encryption algorithm, secure hashing algorithm, brute force attack, birthday attack, plaintext attack, man in middle attack

Procedia PDF Downloads 250

Authors: Edmilson Nhambe, Belisario Machaieie

Abstract:

Since the signing of the General Peace Agreement-GPA in 1992, Mozambique has seen successive setbacks in the search for effective peace, civil war, social conflicts, terrorism, and armed conflicts mix the reality of Mozambican democracy. The article seeks to understand the dynamics of conflict and peace in Mozambique. Specifically, it seeks to analyze the structural factors that lead to (violent) conflict situations and the factors that favor or promote peace. For this purpose, desk research was chosen to analyze studies of peace and conflict. This article develops the argument that the non-violation of the peace agreement, in particular the GPA in Rome, as it had a structuring effect on the Mozambican political system, no longer guarantees in itself the irreversibility of the pacification process. In fact, the country is currently stagnating in the category of a fragile peace process with the risk of slipping into a situation of war or open armed conflict.

Keywords: peace, conflict, GPA, instability

Procedia PDF Downloads 157

Authors: Piret Pernik

Abstract:

Based on strategic, operational, and technical analysis of the ongoing armed conflict in Ukraine, this paper will examine the opportunities and risks of using small commercial drones (dual-use unmanned aerial vehicles, UAV) for military purposes. The paper discusses the opportunities and risks in the information domain, encompassing both cyber and electromagnetic interference and attacks. The paper will draw conclusions on a possible strategic impact to the battlefield outcomes in the modern armed conflicts by the widespread use of dual-use UAVs. This article will contribute to filling the gap in the literature by examining based on empirical data cyberattacks and electromagnetic interference. Today, more than one hundred states and non-state actors possess UAVs ranging from low cost commodity models, widely are dual-use, available and affordable to anyone, to high-cost combat UAVs (UCAV) with lethal kinetic strike capabilities, which can be enhanced with Artificial Intelligence (AI) and Machine Learning (ML). Dual-use UAVs have been used by various actors for intelligence, reconnaissance, surveillance, situational awareness, geolocation, and kinetic targeting. Thus they function as force multipliers enabling kinetic and electronic warfare attacks and provide comparative and asymmetric operational and tactical advances. Some go as far as argue that automated (or semi-automated) systems can change the character of warfare, while others observe that the use of small drones has not changed the balance of power or battlefield outcomes. UAVs give considerable opportunities for commanders, for example, because they can be operated without GPS navigation, makes them less vulnerable and dependent on satellite communications. They can and have been used to conduct cyberattacks, electromagnetic interference, and kinetic attacks. However, they are highly vulnerable to those attacks themselves. So far, strategic studies, literature, and expert commentary have overlooked cybersecurity and electronic interference dimension of the use of dual use UAVs. The studies that link technical analysis of opportunities and risks with strategic battlefield outcomes is missing. It is expected that dual use commercial UAV proliferation in armed and hybrid conflicts will continue and accelerate in the future. Therefore, it is important to understand specific opportunities and risks related to the crowdsourced use of dual-use UAVs, which can have kinetic effects. Technical countermeasures to protect UAVs differ depending on a type of UAV (small, midsize, large, stealth combat), and this paper will offer a unique analysis of small UAVs both from the view of opportunities and risks for commanders and other actors in armed conflict.

Keywords: dual-use technology, cyber attacks, electromagnetic warfare, case studies of cyberattacks in armed conflicts

Procedia PDF Downloads 71

Authors: Zhan Chen, Wenquan Bi, Xiaoyun Wang

Abstract:

The Midori family of light weight block cipher is proposed in ASIACRYPT2015. It has attracted the attention of numerous cryptanalysts. There are two versions of Midori: Midori64 which takes a 64-bit block size and Midori128 the size of which is 128-bit. In this paper an improved 10-round impossible differential attack on Midori64 is proposed. Pre-whitening keys are considered in this attack. A better impossible differential path is used to reduce time complexity by decreasing the number of key bits guessed. A hash table is built in the pre-computation phase to reduce computational complexity. Partial abort technique is used in the key seiving phase. The attack requires 259 chosen plaintexts, 214.58 blocks of memory and 268.83 10-round Midori64 encryptions.

Keywords: cryptanalysis, impossible differential, light weight block cipher, Midori

Procedia PDF Downloads 325

Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez, Mehdi Mrad

Abstract:

We investigate the large scale of networks in the context of network survivability under attack. We use appropriate techniques to evaluate and the attacker-based- and the defender-based-network survivability. The attacker is unaware of the operated links by the defender. Each attacked link has some pre-specified probability to be disconnected. The defender choice is so that to maximize the chance of successfully sending the flow to the destination node. The attacker however will select the cut-set with the highest chance to be disabled in order to partition the network. Moreover, we extend the problem to the case of selecting the best p paths to operate by the defender and the best k cut-sets to target by the attacker, for arbitrary integers p,k > 1. We investigate some variations of the problem and suggest polynomial-time solutions.

Keywords: defense/attack strategies, large scale, networks, partitioning a network

Procedia PDF Downloads 245

Authors: Said Abdul Ahad Ahadi, Elyas Baray, Nitin Rakesh, Sudeep Varshney

Abstract:

Wi-Fi is a widely used internet source that is used to provide internet access in many areas such as Stores, Cafes, University campuses, Restaurants and so on. This technology brought more facilities in communication and networking. On the other hand, due to the transmission of data over the air, which makes the network vulnerable, so it becomes prone to various threats such as Evil Twin and etc. The Evil Twin is a kind of adversary which impersonates a legitimate access point (LAP) as it can happen by spoofing the name (SSID) and MAC address (BSSID) of a legitimate access point (LAP). And this attack can cause many threats such as MITM, Service Interruption, Access point service blocking. Various Evil Twin Attack Detection Techniques are proposed, but they require additional hardware, or they require protocol modification. In this paper, we proposed a new technique based on Access Point’s two fingerprints, Received Signal Strength Indicator (RSSI) and Hop Count, that is hard to copy by an adversary. And we implemented the technique in a system called “ETDetector,” which can detect and prevent the attack.

Keywords: evil twin, LAP, SSID, Wi-Fi security, signal variation, ETAD, kali linux, scapy, python

Procedia PDF Downloads 119

Authors: Noureddine Mohtaram, Jeremy Patrix, Jerome Verny

Abstract:

As an enormous number of online services have been developed into web applications, security problems based on web applications are becoming more serious now. Most intrusion detection systems rely on each request to find the cyber-attack rather than on user behavior, and these systems can only protect web applications against known vulnerabilities rather than certain zero-day attacks. In order to detect new attacks, we analyze the HTTP protocols of web servers to divide them into two categories: normal attacks and malicious attacks. On the other hand, the quality of the results obtained by deep learning (DL) in various areas of big data has given an important motivation to apply it to cybersecurity. Deep learning for attack detection in cybersecurity has the potential to be a robust tool from small transformations to new attacks due to its capability to extract more high-level features. This research aims to take a new approach, deep learning to cybersecurity, to classify these two categories to eliminate attacks and protect web servers of the defense sector which encounters different web traffic compared to other sectors (such as e-commerce, web app, etc.). The result shows that by using a machine learning method, a higher accuracy rate, and a lower false alarm detection rate can be achieved.

Keywords: anomaly detection, HTTP protocol, logs, cyber attack, deep learning

Procedia PDF Downloads 177

Authors: Yuri Boiko, Iluju Kiringa, Tet Yeap

Abstract:

Current drainage attack suggested previously is further studied in regular settings of closed-loop controlled Brushless DC (BLDC) motor with Kalman filter in the feedback loop. Modeling and simulation experiments are conducted in a Matlab environment, implementing the closed-loop control model of BLDC motor operation in position sensorless mode under Kalman filter drive. The current increase in the motor windings is caused by the controller (p-controller in our case) affected by false data injection of substitution of the angular velocity estimates with distorted values. Operation of multiplication to distortion coefficient, values of which are taken from the distortion function synchronized in its periodicity with the rotor’s position change. A saw function with a triangular tooth shape is studied herewith for the purpose of carrying out the bias injection with current drainage consequences. The specific focus here is on how the asymmetry of the tooth in the saw function affects the flow of current drainage. The purpose is two-fold: (i) to produce and collect the signature of an asymmetric saw in the attack for further pattern recognition process, and (ii) to determine conditions of improving stealthiness of such attack via regulating asymmetry in saw function used. It is found that modification of the symmetry in the saw tooth affects the periodicity of current drainage modulation. Specifically, the modulation frequency of the drained current for a fully asymmetric tooth shape coincides with the saw function modulation frequency itself. Increasing the symmetry parameter for the triangle tooth shape leads to an increase in the modulation frequency for the drained current. Moreover, such frequency reaches the switching frequency of the motor windings for fully symmetric triangular shapes, thus becoming undetectable and improving the stealthiness of the attack. Therefore, the collected signatures of the attack can serve for attack parameter identification via the pattern recognition route.

Keywords: bias injection attack, Kalman filter, BLDC motor, control system, closed loop, P-controller, PID-controller, current drainage, saw-function, asymmetry

Procedia PDF Downloads 51

Authors: Gigih Supriyatno

Abstract:

SQL injection is one of the most common types of attacks and has a very critical impact on web servers. In the worst case, an attacker can perform post-exploitation after a successful SQL injection attack. In the case of forensics web servers, web server analysis is closely related to log file analysis. But sometimes large file sizes and different log types make it difficult for investigators to look for traces of attackers on the server. The purpose of this paper is to help investigator take appropriate steps to investigate when the web server gets attacked. We use attack scenarios using SQL injection attacks including PHP backdoor injection as post-exploitation. We perform post-mortem analysis of web server logs based on Hypertext Transfer Protocol (HTTP) POST and HTTP GET method approaches that are characteristic of SQL injection attacks. In addition, we also propose structured analysis method between the web server application log file, database application, and other additional logs that exist on the webserver. This method makes the investigator more structured to analyze the log file so as to produce evidence of attack with acceptable time. There is also the possibility that other attack techniques can be detected with this method. On the other side, it can help web administrators to prepare their systems for the forensic readiness.

Keywords: web forensic, SQL injection, investigation, web shell

Procedia PDF Downloads 120

Authors: Amir B. Khoshnevis, Morteza Mirhosseini

Abstract:

The paper deals with a sub-part of an extensive research program on the wake survey method in various Reynolds numbers and angles of attack. This research experimentally investigates the wake flow characteristics behind S823 and S822 airfoils in which designed for small wind turbines. Velocity measurements determined by using hot-wire anemometer. Data acquired in the wake of the airfoil at locations(c is the chord length): 0.01c - 3c. Reynolds number increased due to increase of free stream velocity. Results showed that mean velocity profiles depend on the angle of attack and location of data collections. Data acquired at the low Reynolds numbers (smaller than 10^5). Effects of Reynolds numbers on the mean velocity profiles are more significant in near locations the trailing edge and these effects decrease by taking distance from trailing edge toward downstream. Mean velocity profiles region increased by increasing the angle of attack, except for 7°, and also the maximum velocity deficit (velocity defect) increased. The difference of mean velocity in and out of the wake decreased by taking distance from trailing edge, and mean velocity profile become wider and more uniform.

Keywords: angle of attack, Reynolds number, velocity deficit, separation

Procedia PDF Downloads 350

Authors: Karima Djebaili, Lamine Melkemi

Abstract:

Elgamal encryption is a fundamental public-key encryption in cryptography, which is based on the difficulty of discrete logarithm problem and the Diffie-Hellman problem. Supposing the Diffie–Hellman problem is computationally infeasible then Elgamal is secure under a chosen plaintext attack, where security indicates it is difficult for the attacker, given the ciphertext, to restore the whole of the plaintext. However, although it is secure against chosen plaintext attack, Elgamal is absolutely malleable i.e. is not secure against an adaptive chosen ciphertext attack, where the attacker can recover the plaintext. We present a extension on Elgamal encryption which result in non-malleability against adaptive chosen plaintext attack using concatenation and a cryptographic hash function, our evidence utilizes the device of plaintext aware. The algorithm proposed can be used in cryptography voting protocol given its level security. Our protocol protects the confidentiality of voters because each voter encrypts their choice before casting their vote, offers public verifiability using a signing algorithm, the final result is correctly computed using homomorphic property, and works even in the presence of an adversary due to the propriety of non-malleability. Moreover, the protocol prevents some parties colluding to fix the vote results.

Keywords: Elgamal encryption, non-malleability, plaintext aware, e-voting

Procedia PDF Downloads 422

Authors: B. Yanıktepe, C. Özalp, B. Şahin

Abstract:

Delta wing planform is an essential aerodynamic configuration, which could be effectively used at relatively high angles of attack than conventional wings in subsonic flow conditions. The flow over delta wings can be characterized by a pair of leading edge vortices emanating from wing apex. Boundary layer separation causes these vortical structures formed by rolling up of viscous flow sheet. This flow separation mechanism is occurred due to angle of attack and sharp leading edges of the delta wing. Therefore, complexity and variety in planform designs rise to catch the best under abnormal flow conditions. The present experimental study investigates the near surface flow structure and aerodynamic flow characteristics of X-45 type non-slender delta wing planform using dye visualization, Stereoscopic Particle Image Velocimetry (stereo-PIV). The instantaneous images are acquired on the plan-view plane within 5o≤α≤20o to calculate the time-averaged flow data. It can be concluded that vortical flow with a pair of well-defined LEVs over X-45 develop at very low angles of attack, secondary vortex are also evident and form close to the wing surface similar to delta and lambda planforms. The stall occurs at an angle of attack α=32o.

Keywords: aerodynamic, delta wing, PIV, vortex breakdown

Procedia PDF Downloads 386

Authors: İbrahi̇m Kara, Seher Arslankaya

Abstract:

Frequently preferred in the field of engineering in particular, data mining has now begun to be used in the field of health as well since the data in the health sector have reached great dimensions. With data mining, it is aimed to reveal models from the great amounts of raw data in agreement with the purpose and to search for the rules and relationships which will enable one to make predictions about the future from the large amount of data set. It helps the decision-maker to find the relationships among the data which form at the stage of decision-making. In this study, it is aimed to determine the risk of heart attack at the first stage, to control it, and to make its resource planning with the method of data mining. Through the early and correct diagnosis of heart attacks, it is aimed to reveal the factors which affect the diseases, to protect health and choose the right treatment methods, to reduce the costs in health expenditures, and to shorten the durations of patients’ stay at hospitals. In this way, the diagnosis and treatment costs of a heart attack will be scrutinized, which will be useful to determine the risk of the disease at the first stage, to control it, and to make its resource planning.

Keywords: data mining, decision support systems, heart attack, health sector

Procedia PDF Downloads 329

Authors: Marine Segui, Ruxandra Mihaela Botez

Abstract:

OpenVSP is an aerodynamic solver developed by National Aeronautics and Space Administration (NASA) that allows building a reliable model of an aircraft. This software performs an aerodynamic simulation according to the angle of attack of the aircraft makes between the incoming airstream, and its speed. A reliable aerodynamic model of the Cessna Citation X was designed but it required a lot of computation time. As a consequence, a prediction method was established that allowed predicting lift and drag coefficients for all Mach numbers and for all angles of attack, exclusively for stall conditions, from a computation of three angles of attack and only one Mach number. Aerodynamic coefficients given by the prediction method for a Cessna Citation X model were finally compared with aerodynamics coefficients obtained using a complete OpenVSP study.

Keywords: aerodynamic, coefficient, cruise, improving, longitudinal, openVSP, solver, time

Procedia PDF Downloads 202

Authors: Esther Chiramal, Kelvin Soh Boon Kai

Abstract:

Explainable AI is a strong strategy implemented to understand complex black-box model predictions in a human-interpretable language. It provides the evidence required to execute the use of trustworthy and reliable AI systems. On the other hand, however, it also opens the door to locating possible vulnerabilities in an AI model. Traditional adversarial text attack uses word substitution, data augmentation techniques, and gradient-based attacks on powerful pre-trained Bidirectional Encoder Representations from Transformers (BERT) variants to generate adversarial sentences. These attacks are generally white-box in nature and not practical as they can be easily detected by humans e.g., Changing the word from “Poor” to “Rich”. We proposed a simple yet effective Grey-box cum Black-box approach that does not require the knowledge of the model while using a set of surrogate Transformer/BERT models to perform the attack using Explainable AI techniques. As Transformers are the current state-of-the-art models for almost all Natural Language Processing (NLP) tasks, an attack generated from BERT1 is transferable to BERT2. This transferability is made possible due to the attention mechanism in the transformer that allows the model to capture long-range dependencies in a sequence. Using the power of BERT generalisation via attention, we attempt to exploit how transformers learn by attacking a few surrogate transformer variants which are all based on a different architecture. We demonstrate that this approach is highly effective to generate semantically good sentences by changing as little as one word that is not detectable by humans while still fooling other BERT models.

Keywords: BERT, explainable AI, Grey-box text attack, transformer

Procedia PDF Downloads 111

Authors: Farheen Tabassum, Shoab Ahmed Khan

Abstract:

The brutality of attacks on networks and decisive infrastructures are on the climb over recent years and appears to continue to do so. Distributed Denial of service attack is the most prevalent and easy attack on the availability of a service due to the easy availability of large botnet computers at cheap price and the general lack of protection against these attacks. Application layer DDoS attack is DDoS attack that is targeted on wed server, application server or database server. These types of attacks are much more sophisticated and challenging as they get around most conventional network security devices because attack traffic often impersonate normal traffic and cannot be recognized by network layer anomalies. Conventional techniques of single-hosted security systems are becoming gradually less effective in the face of such complicated and synchronized multi-front attacks. In order to protect from such attacks and intrusion, corporation among all network devices is essential. To overcome this issue, a collaborative intrusion detection system (CIDS) is proposed in which multiple network devices share valuable information to identify attacks, as a single device might not be capable to sense any malevolent action on its own. So it helps us to take decision after analyzing the information collected from different sources. This novel attack detection technique helps to detect seemingly benign packets that target the availability of the critical infrastructure, and the proposed solution methodology shall enable the incident response teams to detect and react to DDoS attacks at the earliest stage to ensure that the uptime of the service remain unaffected. Experimental evaluation shows that the proposed collaborative detection approach is much more effective and efficient than the previous approaches.

Keywords: Distributed Denial-of-Service (DDoS), Collaborative Intrusion Detection System (CIDS), Slowloris, OSSIM (Open Source Security Information Management tool), OSSEC HIDS

Procedia PDF Downloads 335

Authors: Hesham A. El Zouka, Mustafa M. Hosni ka

Abstract:

The Radio Frequency Identification (RFID) technology has a diverse base of applications, but it is also prone to security threats. There are different types of security attacks that limit the range of the RFID applications. For example, deploying the RFID networks in insecure environments could make the RFID system vulnerable to many types of attacks such as spoofing attack, location traceability attack, physical attack and many more. Therefore, security is often an important requirement for RFID systems. In this paper, RFID mutual authentication protocol is implemented based on mobile agent technology and timestamp, which are used to provide strong authentication and integrity assurances to both the RFID readers and their corresponding RFID tags. The integration of mobile agent technology and timestamp provides promising results towards achieving this goal and towards reducing the security threats in RFID systems.

Keywords: RFID, security, authentication protocols, privacy, agent-based architecture, time-stamp, digital signature

Procedia PDF Downloads 228

Authors: Yang Zhou, Kangfeng Zheng, Wei Ni, Ren Ping Liu

Abstract:

Software-defined networking (SDN) provides a solution for scalable network framework with decoupled control and data plane. However, this architecture also induces a particular distributed denial-of-service (DDoS) attack that can affect or even overwhelm the SDN network. DDoS attack detection problem has to date been mostly researched as entropy comparison problem. However, this problem lacks the utilization of SDN, and the results are not accurate. In this paper, we propose a DDoS attack detection method, which interprets DDoS detection as a signature matching problem and is formulated as Earth Mover’s Distance (EMD) model. Considering the feasibility and accuracy, we further propose to define the cost function of EMD to be a generalized Kullback-Leibler divergence. Simulation results show that our proposed method can detect DDoS attacks by comparing EMD values with the ones computed in the case without attacks. Moreover, our method can significantly increase the true positive rate of detection.

Keywords: DDoS detection, EMD, relative entropy, SDN

Procedia PDF Downloads 303

Authors: Chowduru Ramachandra Sharma, Shatunjay Rawat

Abstract:

A false positive state is when the IDS/IPS identifies an activity as an attack, but the activity is acceptable behavior in the system. False positives in a Network Intrusion Detection System ( NIDS ) is an issue because they desensitize the administrator. It wastes computational power and valuable resources when rules are not tuned properly, which is the main issue with anomaly NIDS. Furthermore, most false positives reduction techniques are not performed during the real-time of attempted intrusions; instead, they have applied afterward on collected traffic data and generate alerts. Of course, false positives detection in ‘offline mode’ is tremendously valuable. Nevertheless, there is room for improvement here; automated techniques still need to reduce False Positives in real-time. This paper uses the Snort signature detection model to redirect the alerted attacks to Honeypots and verify attacks.

Keywords: honeypot, TPOT, snort, NIDS, honeybird, iptables, netfilter, redirection, attack detection, docker, snare, tanner

Procedia PDF Downloads 133

Authors: Vimala Rani P, Narasimha Malikarjunan, Mercy Shalinie S

Abstract:

Data Networking was brought forth as an instantiation of information-centric networking. The attackers can send a colossal number of spoofs to take hold of the Pending Interest Table (PIT) named an Interest Flooding attack (IFA) since the in- interests are recorded in the PITs of the intermediate routers until they receive corresponding Data Packets are go beyond the time limit. These attacks can be detrimental to network performance. PIT expiration rate or the Interest satisfaction rate, which cannot differentiate the IFA from attacks, is the criterion Traditional IFA detection techniques are concerned with. Threshold values can casually affect Threshold-based traditional methods. This article proposes an accurate IFA detection mechanism based on a Multiple Feature-based Extreme Learning Machine (MF-ELM). Accuracy of the attack detection can be increased by presenting the entropy of Internet names, Interest satisfaction rate and PIT usage as features extracted in the MF-ELM classifier. Furthermore, we deploy a queue-based hostile Interest prefix mitigation mechanism. The inference of this real-time test bed is that the mechanism can help the network to resist IFA with higher accuracy and efficiency.

Keywords: information-centric network, pending interest table, interest flooding attack, MF-ELM classifier, queue-based mitigation strategy

Procedia PDF Downloads 177

Authors: E. Hronyecz

Abstract:

Guaranteeing the independence of the V4 Member States, the protection of their national values and their citizens, and the security of the Central and Eastern European region requires the development of military capabilities in terms of the capabilities of nations. As a result, European countries have begun developing capabilities and forces, within which nations are seeking to strengthen the capabilities of their armies and make their interoperability more effective. One aspect of this is the upgrading of military equipment, personnel equipment, and other human resources. Based on the author's preliminary researches - analyzing the scientific literature, the relevant statistical data and conducting of professional consultations with the experts of the research field – it can clearly claimed for all four states of Visegrad Group that a change of direction in the field of defense has been noticeable since the second half of the last decade. Collective defense came to the forefront again; the military training, professionalism, and radical modernization of technical equipment becoming crucial.

Keywords: armed forces, cooperation, development, Visegrad Group

Procedia PDF Downloads 102

Authors: Charlotte Lülf

Abstract:

Migration flows cannot be tackled by single states but need to be addressed as a transnational and international responsibility. However, the current international framework staggers. Widely excluded from legal protection are people that flee from the indiscriminate effects of an armed conflict as well as people fleeing natural disasters. This paper as part of an on-going PhD Project deals with the current and partly contradicting approaches to the protection of so-called war- and climate refugees in the European Union. The analysis will emphasize and evaluate the role of the European judiciary to define, redefine and potentially expand legal protection. Changing jurisprudential practice of national and regional courts will be assessed, as will be their dialogue to interpret the international obligations of human rights law, migration laws and asylum laws in an interacting world.

Keywords: human rights law, asylum law, migration, refugee protection

Procedia PDF Downloads 241

Authors: S. M. Dash, K. B. Lua, T. T. Lim

Abstract:

This paper presents results of numerical and experimental studies on a two-dimensional (2D) flapping elliptic airfoil in a forward flight condition at Reynolds number of 5000. The study is motivated from an earlier investigation which shows that the deterioration in thrust performance of a sinusoidal heaving and pitching 2D (NACA0012) airfoil at high flapping frequency can be recovered by changing the effective angle of attack profile to square wave, sawtooth, or cosine wave shape. To better understand why such modifications lead to superior thrust performance, we take a closer look at the transient aerodynamic force behavior of an airfoil when the effective angle of attack profile changes gradually from a generic smooth trapezoidal profile to a sinusoid shape by modifying the base length of the trapezoid. The choice of using a smooth trapezoidal profile is to avoid the infinite acceleration condition encountered in the square wave profile. Our results show that the enhancement in the time-averaged thrust performance at high flapping frequency can be attributed to the delay and reduction in the drag producing valley region in the transient thrust force coefficient when the effective angle of attack profile changes from sinusoidal to trapezoidal.

Keywords: two-dimensional flapping airfoil, thrust performance, effective angle of attack, CFD, experiments

Procedia PDF Downloads 327

Authors: Reham Al-Zahrani, Noura Aleisa

Abstract:

The proliferation of Radio Frequency Identification (RFID) technology has raised concerns about system security, particularly regarding tag impersonation attacks. Regarding RFID systems, an appropriate authentication protocol must resist active and passive attacks. A tag impersonation occurs when an adversary's tag is used to fool an authenticating reader into believing it is a legitimate tag. This paper analyzed the security of the efficient, secure, and practical ultra-lightweight RFID Authentication Scheme (ESRAS). Then, the paper presents a comprehensive analysis of the Efficient, Secure, and Practical Ultra-Lightweight RFID Authentication Scheme (ESRAS) in the context of radio frequency identification (RFID) systems that employed the Scyther tool to examine the protocol's security against a tag impersonation attack.

Keywords: RFID, impersonation attack, authentication, ultra-lightweight protocols

Procedia PDF Downloads 29

Authors: Konstantinos Sotiriadis, Radosław Mróz

Abstract:

In the present work the internal sulfate attack on pastes made from pure clinker phases was studied. Two binders were produced: (a) a binder with 2% C3A and 18% C4AF content; (b) a binder with 10% C3A and C4AF content each. Gypsum was used as the sulfate bearing compound, while calcium carbonate added to differentiate the binders produced. The phases formed were identified by XRD analysis. The results showed that ettringite was the deterioration phase detected in the case of the low C3A content binder. Carbonation occurred in the specimen without calcium carbonate addition, while portlandite was observed in the one containing calcium carbonate. In the case of the high C3A content binder, traces of thaumasite were detected when calcium carbonate was not incorporated in the binder. A solid solution of thaumasite and ettringite was found when calcium carbonate was added. The amount of C3A had not fully reacted with sulfates, since its corresponding peaks were detected.

Keywords: tricalcium aluminate, calcium aluminate ferrite, sulfate attack, calcium carbonate, low temperature

Procedia PDF Downloads 303