Search results for: attack

Authors: Damola O. Lawal, David W. Gresty, Diane E. Gan, Louise Hewitt

Abstract:

This paper investigates the feasibility of using a programmable USB such as the O.MG Cable to perform a file tampering attack. Here, the O.MG Cable, an apparently harmless mobile device charger, is used in an unauthorized way to alter the content of a file (accounts record-January_Contributions.xlsx). The aim is to determine if a forensics analyst can reliably determine who has altered the target file; the O.MG Cable or the user of the machine. This work highlights some of the traces of the O.MG Cable left behind on the target computer itself, such as the Product ID (PID) and Vendor ID (ID). Also discussed is the O.MG Cable’s behavior during the experiments. We determine if a forensics analyst could identify if any evidence has been left behind by the programmable device on the target file once it has been removed from the computer to establish if the analyst would be able to link the traces left by the O.MG Cable to the file tampering. It was discovered that the forensic analyst might mistake the actions of the O.MG Cable for the computer users. Experiments carried out in this work could further the discussion as to whether an innocent user could be punished for the unauthorized changes made by a programmable device.

Keywords: O.MG cable, programmable USB, file tampering attack, digital evidence credibility, miscarriage of justice, cyber fraud

Procedia PDF Downloads 127

Authors: Majed Sanan, Mohammad Rammal, Wassim Rammal

Abstract:

Today, security is a major concern. Intrusion Detection, Prevention Systems and Honeypot can be used to moderate attacks. Many researchers have proposed to use many IDSs ((Intrusion Detection System) time to time. Some of these IDS’s combine their features of two or more IDSs which are called Hybrid Intrusion Detection Systems. Most of the researchers combine the features of Signature based detection methodology and Anomaly based detection methodology. For a signature based IDS, if an attacker attacks slowly and in organized way, the attack may go undetected through the IDS, as signatures include factors based on duration of the events but the actions of attacker do not match. Sometimes, for an unknown attack there is no signature updated or an attacker attack in the mean time when the database is updating. Thus, signature-based IDS fail to detect unknown attacks. Anomaly based IDS suffer from many false-positive readings. So there is a need to hybridize those IDS which can overcome the shortcomings of each other. In this paper we propose a new approach to IDS (Intrusion Detection System) which is more efficient than the traditional IDS (Intrusion Detection System). The IDS is based on Honeypot Technology and Anomaly based Detection Methodology. We have designed Architecture for the IDS in a packet tracer and then implemented it in real time. We have discussed experimental results performed: both the Honeypot and Anomaly based IDS have some shortcomings but if we hybridized these two technologies, the newly proposed Hybrid Intrusion Detection System (HIDS) is capable enough to overcome these shortcomings with much enhanced performance. In this paper, we present a modified Hybrid Intrusion Detection System (HIDS) that combines the positive features of two different detection methodologies - Honeypot methodology and anomaly based intrusion detection methodology. In the experiment, we ran both the Intrusion Detection System individually first and then together and recorded the data from time to time. From the data we can conclude that the resulting IDS are much better in detecting intrusions from the existing IDSs.

Keywords: security, intrusion detection, intrusion prevention, honeypot, anomaly-based detection, signature-based detection, cloud computing, kfsensor

Procedia PDF Downloads 339

Authors: W. Handoko, F. Pahlevani, V. Sahajwalla

Abstract:

Dual-phase high carbon steels (DHCS) are commonly known for their improved strength, hardness, and abrasive resistance properties due to co-presence of retained austenite and martensite at the same time. Retained austenite is a meta-stable phase at room temperature, and stability of this phase governs the response of DHCS at different conditions. This research paper studies the effect of RA stability on corrosion behaviour of high carbon steels after they have been immersed into 1.0 M NaCl solution for various times. For this purpose, two different steels with different RA stabilities have been investigated. The surface morphology of the samples before and after corrosion attack was observed by secondary electron microscopy (SEM) and atomic force microscopy (AFM), along with the weight loss and Vickers hardness analysis. Microstructural investigations proved the preferential attack to retained austenite phase during corrosion. Hence, increase in the stability of retained austenite in dual-phase steels led to decreasing the weight loss rate.

Keywords: high carbon steel, austenite stability, atomic force microscopy, corrosion

Procedia PDF Downloads 186

Authors: Mohan Ramasundaram, Amutha Prabakar Muniyandi

Abstract:

Remote user authentication is one of the important tasks for any kind of remote server applications. Several remote authentication schemes are proposed by the researcher for Telecare Medicine Information System (TMIS). Most of the existing techniques have limitations, vulnerable to various kind attacks, lack of functionalities, information leakage, no perfect forward security and ineffectiveness. Authentication is a process of user verification mechanism for allows him to access the resources of a server. Nowadays, most of the remote authentication protocols are using two-factor authentications. We have made a survey of several remote authentication schemes using three factors and this survey shows that the most of the schemes are inefficient and subject to several attacks. We observed from the experimental evaluation; the proposed scheme is very secure against various known attacks that include replay attack, man-in-the-middle attack. Furthermore, the analysis based on the communication cost and computational cost estimation of the proposed scheme with related schemes shows that our proposed scheme is efficient.

Keywords: Telecare Medicine Information System, elliptic curve cryptography, three-factor, biometric, random oracle

Procedia PDF Downloads 191

Authors: Xie Kai, Laith K. Abbas, Chen Dongyang, Yang Fufeng, Rui Xiaoting

Abstract:

Effect of plunging motion on the pitch oscillating NACA0012 airfoil is investigated using computational fluid dynamics (CFD). A simulation model based on overset grid technology and k - ω shear stress transport (SST) turbulence model is established, and the numerical simulation results are compared with available experimental data and other simulations. Two cases of phase angle φ = 0, μ which represents the phase difference between the pitching and plunging motions of an airfoil are performed. Airfoil vortex generation, moving, and shedding are discussed in detail. Good agreements have been achieved with the available literature. The upward plunging motion made the equivalent angle of attack less than the actual one during pitching analysis. It is observed that the formation of the stall vortex is suppressed, resulting in a decrease in the lift coefficient and a delay of the stall angle. However, the downward plunging motion made the equivalent angle of attack higher the actual one.

Keywords: dynamic stall, pitching-plunging, computational fluid dynamics, helicopter blade rotor, airfoil

Procedia PDF Downloads 199

Authors: Bong Borero Lumabao

Abstract:

This qualitative research is a study on the lines of Fliptop talks performed by the Fliptop rappers employing Finnegan’s (2008) discourse analysis. This paper aimed to analyze the phonological, morphological, and semantic features of the fliptop talk, to explore the structures in the lines of Fliptop among Filipino youth, and to uncover the various insights that can be gained from it. The corpora of the study included all the 20 Fliptop Videos downloaded from the Youtube Channel of Fliptop. Results revealed that Fliptop contains phonological features such as assonance, consonance, deletion, lengthening, and rhyming. Morphological features include acronym, affixation, blending, borrowing, code-mixing and switching, compounding, conversion or functional shifts, and dysphemism. Semantics presented the lexical category, meaning, and words used in the fliptop talks. Structure of Fliptop revolves on the personal attack (physical attributes), attack on the bars (rapping skills), extension: family members and friends, antithesis, profane words, figurative languages, sexual undertones, anime characters, homosexuality, and famous celebrities involvement.

Keywords: discourse analysis, fliptop talks, filipino youth, fliptop videos, Philippines

Procedia PDF Downloads 199

Authors: Sauradipta Ganguly, Akhato Sumi, Sanjeet Kumar Hom, Ajan T. Lotha

Abstract:

Populus deltoides is a hardwood used predominantly for the manufacturing of plywood, matchsticks, and paper in India and hence has a higher economical significance. Wood-decaying fungi cause serious damage to Populus deltoides products, as the wood itself is perishable and vulnerable to decaying agents, decreasing their aesthetical value which in return results in significant monetary loss for the wood industries concerned. The aim of the study was to determine the antifungal activity of Cedrus deodara oil against three primary wood-decaying fungi namely white-rot fungi (Trametes versicolor), brown-rot fungi (Oligoporus placentus) and soft-rot fungi (Xylaria acuminata) on Populus deltoides samples under optimum laboratory conditions. The susceptibility of Populus deltoides samples on the fungal attack and the ability of deodar oil to control colonization of the wood rotting fungi on the samples were assessed. Three concentrations of deodar oil were considered for the study as treating solutions, i.e., 4%, 5%, and 6%. The Populus deltoides samples were treated with treating solutions, and the ability of the same to prevent a fungal attack on the samples were assessed using accelerated test in the laboratory at Biochemical Oxygen Demand incubator at temperature (25 ± 2°C) and relative humidity 70 ± 4%. Efficacy test and statistical analysis of deodar oil against Trametes versicolor, Oligoporus placentus, and Xylariaacuminataon P. deltoides samples exhibited light, minor and negligible mycelia growth at 4 %, 5% and 6% concentrations of deodar oil, respectively. Whereas, moderate to heavy attack was observed on the surface of the control samples. Statistical analysis further established that the treatments were statistically significant and had significantly inhibited fungal growth of all the three fungus spp by almost 3 to 5 times.

Keywords: populus deltoides, Trametes versicolor, Oligoporus placentus, Xylaria acuminata, Deodar oil, treatment

Procedia PDF Downloads 92

Authors: Daniel O. Kleinsman

Abstract:

The 2019 terrorist attack on two masjidain in Christchurch, New Zealand, was a shocking demonstration of the harm that can be caused by hate crime. As legal and governmental responses to the attack struggle to provide effective remedies to its victims, restorative justice has emerged as a tool that can assist, in terms of both meeting victims’ needs and discharging the obligations of the state under the International Covenant on Civil and Political Rights (ICCPR), arts 2(3), 26, 27. Restorative justice is a model that emphasizes the repair of harm caused or revealed by unjust behavior. It also prioritises the facilitation of dialogue, the restoration of equitable relationships, and the prevention of future harm. Returning to the case study, in the remarks of the sentencing judge, the terrorist’s actions were described as a hate crime of vicious malevolence that the Court was required to decisively reject, as anathema to the values of acceptance, tolerance and mutual respect upon which New Zealand’s inclusive society is based and which the country strives to maintain. This was one of the reasons for which the terrorist received a life sentence with no possibility of parole. However, in the report of the Royal Commission of Inquiry into the Attack, it was found that victims felt the attack occurred within the context of widespread racism, discrimination and Islamophobia, where hostile behaviors, including hate-based threats and attacks, were rarely recorded, analysed or acted on. It was also found that the Government had inappropriately concentrated intelligence resources on the risk of ‘Islamist’ terrorism and had failed to adequately respond to concerns raised about threats against the Muslim community. In this light, the remarks of the sentencing judge can be seen to reflect a criminal justice system that, in the absence of other remedies, denies systemic accountability and renders hate crime an isolated incident rather than an expression of more widespread discrimination and hate to be holistically addressed. One of the recommendations of the Royal Commission was to explore with victims the desirability and design of restorative justice processes. This presents an opportunity for victims to meet with state representatives and pursue effective remedies (ICCPR art 2(3)) not only for the harm caused by the terrorist but the harm revealed by a system that has exposed the minority Muslim community in New Zealand to hate in all forms, including but not limited to violent extremism. In this sense, restorative justice can also assist the state in discharging its wider obligations to protect all persons from discrimination (art 26) and allow ethnic and religious minorities to enjoy their own culture and profess and practice their own religion (art 27). It can also help give effect to the law and its purpose as a remedy to hate crime, as expressed in this case study by the sentencing judge.

Keywords: hate crime, restorative justice, minorities, victims' rights

Procedia PDF Downloads 78

Authors: Brian Connett, Bryan O'Halloran

Abstract:

Systems assets within critical infrastructures were seemingly safe from the exploitation or attack by nefarious cyberspace actors. Now, critical infrastructure is a target and the resources to exploit the cyber physical systems exist. These resources are characterized in terms of patience, stealth, replication-ability and extraordinary robustness. System owners are obligated to maintain a high level of protection measures. The difficulty lies in knowing when to fortify a critical infrastructure against an impending attack. Models currently exist that demonstrate the value of knowing the attacker’s capabilities in the cyber realm and the strength of the target. The shortcomings of these models are that they are not designed to respond to the inherent fast timing of an attack, an impetus that can be derived based on open-source reporting, common knowledge of exploits of and the physical architecture of the infrastructure. A useful model will inform systems owners how to align infrastructure architecture in a manner that is responsive to the capability, willingness and timing of the attacker. This research group has used an existing theoretical model for estimating parameters, and through analysis, to develop a decision tool for would-be target owners. The continuation of the research develops further this model by estimating the variable parameters. Understanding these parameter estimations will uniquely position the decision maker to posture having revealed the vulnerabilities of an attacker’s, persistence and stealth. This research explores different approaches to improve on current attacker-defender models that focus on cyber threats. An existing foundational model takes the point of view of an attacker who must decide what cyber resource to use and when to use it to exploit a system vulnerability. It is valuable for estimating parameters for the model, and through analysis, develop a decision tool for would-be target owners.

Keywords: critical infrastructure, cyber physical systems, modeling, exploitation

Procedia PDF Downloads 162

Authors: Jean Rosemond Dora, Karol Nemoga

Abstract:

In this work, we tackle a frequent problem that frequently occurs in the cybersecurity field which is the exploitation of websites by XSS attacks, which are nowadays considered a complicated attack. These types of attacks aim to execute malicious scripts in a web browser of the client by including code in a legitimate web page. A serious matter is when a website accepts the “user-input” option. Attackers can exploit the web application (if vulnerable), and then steal sensitive data (session cookies, passwords, credit cards, etc.) from the server and/or from the client. However, the difficulty of the exploitation varies from website to website. Our focus is on the usage of ontology in cybersecurity against XSS attacks, on the importance of the ontology, and its core meaning for cybersecurity. We explain how a vulnerable website can be exploited, and how different JavaScript payloads can be used to detect vulnerabilities. We also enumerate some tools to use for an efficient analysis. We present detailed reasoning on what can be done to improve the security of a website in order to resist attacks, and we provide supportive examples. Then, we apply an ontology model against XSS attacks to strengthen the protection of a web application. However, we note that the existence of ontology does not improve the security itself, but it has to be properly used and should require a maximum of security layers to be taken into account.

Keywords: cybersecurity, web application vulnerabilities, cyber threats, ontology model

Procedia PDF Downloads 131

Authors: Ali Kargar, Kamyar Mansour

Abstract:

In this paper, experimental results of using hot wire anemometer and smoke visualization are presented. The results obtained on the hot wire anemometer for critical Reynolds number and transitional Reynolds number are compared by previous results. Excellent agreement is found for the transitional Reynolds number. The results for the transitional Reynolds number are also compared by previous linear stability results. The results of the smoke visualization clearly show the cross flow vortices which arise in the transition process from a laminar to a turbulent flow. A non-zero angle of attack is also considered. We compare our results by linear stability theory which was done by Garret et. Al (2007). We just emphasis, Also the visualization and hot wire anemometer results have been compared graphically. The goal in this paper is to check reliability of using hot wire anemometer and smoke visualization in transition problems and check reliability of linear stability theory for this case and compare our results with some trusty experimental works.

Keywords: transitional reynolds number, wind tunnel, rotating cone, smoke visualization

Procedia PDF Downloads 273

Authors: Winnie Kung, Xinhua Liu, Debbie Huang, Patricia Kim, Keon Kim, Xiaoran Wang, Lawrence Yang

Abstract:

Considerable Asian Americans were exposed to the World Trade Center attack due to the proximity of the site to Chinatown and a sizeable number of South Asians working in the collapsed and damaged buildings nearby. Few studies focused on Asians in examining the disaster’s mental health impact, and even less longitudinal studies were reported beyond the first couple of years after the event. Based on the World Trade Center Health Registry, this study examined the trajectory of PTSD of individuals directly exposed to the attack from 2-3 to 5-6 years after the attack, comparing Asians against the non-Hispanic White group. Participants included 2,431 Asians and 31,455 Whites. Trajectories were delineated into the resilient, chronic, delayed-onset and remitted groups using PTSD checklist cut-off score at 44 at the 2 waves. Logistic regression analyses were conducted to compare the poorer trajectories against the resilient as a reference group, using predictors of baseline sociodemographic, exposure to the disaster, lower respiratory symptoms and previous depression/anxiety disorder diagnosis, and recruitment source as the control variable. Asians had significant lower socioeconomic status in terms of income, education and employment status compared to Whites. Over 3/4 of participants from both races were resilient, though slightly less for Asians than Whites (76.5% vs 79.8%). Asians had a higher proportion with chronic PTSD (8.6% vs 7.4%) and remission (5.9% vs 3.4%) than Whites. A considerable proportion of participants had delayed-onset in both races (9.1% Asians vs 9.4% Whites). The distribution of trajectories differed significantly by race (p<0.0001) with Asians faring poorer. For Asians, in the chronic vs resilient group, significant protective factors included age >65, annual household income >$50,000, and never married vs married/cohabiting; risk factors were direct disaster exposure, job loss due to 9/11, lost someone, and tangible loss; lower respiratory symptoms and previous mental disorder diagnoses. Similar protective and risk factors were noted for the delayed-onset group, except education being protective; and being an immigrant a risk. Between the 2 comparisons, the chronic group was more vulnerable than the delayed-onset as expected. It should also be noted that in both comparisons, Asians’ current employment status had no significant impact on their PTSD trajectory. Comparing between Asians against Whites, the direction of the relationships between the predictors and the PTSD trajectories were mostly the same, although more factors were significant for Whites than for Asians. A few factors showed significant racial difference: Higher risk for lower respiratory symptoms for Whites than Asians, higher risk for pre-9/11 mental disorder diagnosis for Asians than Whites, and immigrant a risk factor for the remitted vs resilient groups for Whites but not for Asians. Over 17% Asians still suffered from PTSD 5-6 years after the WTC attack signified its persistent impact which incurred substantial human, social and economic costs. The more disadvantaged socioeconomic status of Asians rendered them more vulnerable in their mental health trajectories relative to Whites. Together with their well-documented low tendency to seek mental health help, outreach effort to this population is needed to ensure follow-up treatment and prevention.

Keywords: PTSD, Asian Americans, World Trade Center Attack, racial differences

Procedia PDF Downloads 229

Authors: K. K. Soundra Pandian, Bhupendra Gupta

Abstract:

In the modern era, as the application data’s are massive and complex, it needs to be secured from the adversary attack. In this context, a non-recursive key based integrated spritz stream cipher with the circulant hash function using delayed feedback with carry shift register (d-FCSR) is proposed in this paper. The novelty of this proposed stream cipher algorithm is to engender the improved keystream using d-FCSR. The proposed algorithm is coded using Verilog HDL to produce dynamic binary key stream and implemented on commercially available FPGA device Virtex 5 xc5vlx110t-2ff1136. The implementation of stream cipher using d-FCSR on the FPGA device operates at a maximum frequency of 60.62 MHz. It achieved the data throughput of 492 Mbps and improved in terms of efficiency (throughput/area) compared to existing techniques. This paper also briefs the cryptanalysis of proposed circulant hash value based spritz stream cipher using d-FCSR is against the adversary attack on a hardware platform for the hardware based cryptography applications.

Keywords: cryptography, circulant function, field programmable gated array, hash value, spritz stream cipher

Procedia PDF Downloads 219

Authors: Dharni Vasudhevan Venkatesan, K. E. Shanjay, H. Sujith Kumar, N. A. Abhilash, D. Aswin Ram, V. R. Sanal Kumar

Abstract:

Numerical studies on race car aerodynamics at wing in ground effect have been carried out using a steady 3d, double precision, pressure-based, and standard k-epsilon turbulence model. Through various parametric analytical studies we have observed that at a particular speed and ground clearance of the wings a favorable negative lift was found high at a particular angle of attack for all the physical models considered in this paper. The fact is that if the ground clearance height to chord length (h/c) is too small, the developing boundary layers from either side (the ground and the lower surface of the wing) can interact, leading to an altered variation of the aerodynamic characteristics at wing in ground effect. Therefore a suitable ground clearance must be predicted throughout the racing for a better performance of the race car, which obviously depends upon the coupled effects of the topography, wing orientation with respect to the ground, the incoming flow features and/or the race car speed. We have concluded that for the design of high performance and high speed race cars the adjustable wings capable to alter the ground clearance and the angles of attack is the best design option for any race car for racing safely with variable speeds.

Keywords: external aerodynamics, external flow choking, race car aerodynamics, wing in ground effect

Procedia PDF Downloads 328

Authors: Vincent Andrew Cappellano

Abstract:

In the early phases of critical infrastructure system design, translating distributed computing requirements to an architecture has risk given the multitude of approaches (e.g., cloud, edge, fog). In many systems, a single requirement for system uptime / availability is used to encompass the system’s intended operations. However, when architected systems may perform to those availability requirements only during normal operations and not during component failure, or during outages caused by adversary attacks on critical infrastructure (e.g., physical, cyber). System designers lack a structured method to evaluate availability requirements against candidate system architectures through deep degradation scenarios (i.e., normal ops all the way down to significant damage of communications or physical nodes). This increases risk of poor selection of a candidate architecture due to the absence of insight into true performance for systems that must operate as a piece of critical infrastructure. This research effort proposes a process to analyze critical infrastructure system availability requirements and a candidate set of systems architectures, producing a metric assessing these architectures over a spectrum of degradations to aid in selecting appropriate resilient architectures. To accomplish this effort, a set of simulation and evaluation efforts are undertaken that will process, in an automated way, a set of sample requirements into a set of potential architectures where system functions and capabilities are distributed across nodes. Nodes and links will have specific characteristics and based on sampled requirements, contribute to the overall system functionality, such that as they are impacted/degraded, the impacted functional availability of a system can be determined. A machine learning reinforcement-based agent will structurally impact the nodes, links, and characteristics (e.g., bandwidth, latency) of a given architecture to provide an assessment of system functional uptime/availability under these scenarios. By varying the intensity of the attack and related aspects, we can create a structured method of evaluating the performance of candidate architectures against each other to create a metric rating its resilience to these attack types/strategies. Through multiple simulation iterations, sufficient data will exist to compare this availability metric, and an architectural recommendation against the baseline requirements, in comparison to existing multi-factor computing architectural selection processes. It is intended that this additional data will create an improvement in the matching of resilient critical infrastructure system requirements to the correct architectures and implementations that will support improved operation during times of system degradation due to failures and infrastructure attacks.

Keywords: architecture, resiliency, availability, cyber-attack

Procedia PDF Downloads 69

Authors: Adel Sabry Eesa, Adnan Mohsin Abdulazeez Brifcani, Zeynep Orman

Abstract:

Feature selection has been used in many fields such as classification, data mining and object recognition and proven to be effective for removing irrelevant and redundant features from the original data set. In this paper, a new design of distributed intrusion detection system using a combination feature selection model based on bees and decision tree. Bees algorithm is used as the search strategy to find the optimal subset of features, whereas decision tree is used as a judgment for the selected features. Both the produced features and the generated rules are used by Decision Making Mobile Agent to decide whether there is an attack or not in the networks. Decision Making Mobile Agent will migrate through the networks, moving from node to another, if it found that there is an attack on one of the nodes, it then alerts the user through User Interface Agent or takes some action through Action Mobile Agent. The KDD Cup 99 data set is used to test the effectiveness of the proposed system. The results show that even if only four features are used, the proposed system gives a better performance when it is compared with the obtained results using all 41 features.

Keywords: distributed intrusion detection system, mobile agent, feature selection, bees algorithm, decision tree

Procedia PDF Downloads 366

Authors: Johannes Günther

Abstract:

Time Sensitive Networking (TSN), standardized in the IEEE 802.1 standard, has been lent increasing attention in the context of mission critical systems. Such mission critical systems, e.g., in the automotive domain, aviation, industrial, and smart factory domain, are responsible for coordinating complex functionalities in real time. In many of these contexts, a reliable data exchange fulfilling hard time constraints and quality of service (QoS) conditions is of critical importance. TSN standards are able to provide guarantees for deterministic communication behaviour, which is in contrast to common best-effort approaches. Therefore, the superior QoS guarantees of TSN may aid in the development of new technologies, which rely on low latencies and specific bandwidth demands being fulfilled. TSN extends existing Ethernet protocols with numerous standards, providing means for synchronization, management, and overall real-time focussed capabilities. These additional QoS guarantees, as well as management mechanisms, lead to an increased attack surface for potential malicious attackers. As TSN guarantees certain deadlines for priority traffic, an attacker may degrade the QoS by delaying a packet beyond its deadline or even execute a denial of service (DoS) attack if the delays lead to packets being dropped. However, thus far, security concerns have not played a major role in the design of such standards. Thus, while TSN does provide valuable additional characteristics to existing common Ethernet protocols, it leads to new attack vectors on networks and allows for a range of potential attacks. One answer to these security risks is to deploy defense mechanisms according to a moving target defense (MTD) strategy. The core idea relies on the reduction of the attackers' knowledge about the network. Typically, mission-critical systems suffer from an asymmetric disadvantage. DoS or QoS-degradation attacks may be preceded by long periods of reconnaissance, during which the attacker may learn about the network topology, its characteristics, traffic patterns, priorities, bandwidth demands, periodic characteristics on links and switches, and so on. Here, we implemented and tested several MTD-like defense strategies against different attacker models of varying capabilities and budgets, as well as collaborative attacks of multiple attackers within a network, all within the context of TSN networks. We modelled the networks and tested our defense strategies on an OMNET++ testbench, with networks of different sizes and topologies, ranging from a couple dozen hosts and switches to significantly larger set-ups.

Keywords: network security, time sensitive networking, moving target defense, cyber security

Procedia PDF Downloads 40

Authors: Imine Zakaria, Meftah Sidi Mohamed El Amine

Abstract:

One of the most vital aerodynamic organs of a flying machine is the wing, which allows it to fly in the air efficiently. The flow around the wing is very sensitive to changes in the angle of attack. Beyond a value, there is a phenomenon of the boundary layer separation on the upper surface, which causes instability and total degradation of aerodynamic performance called a stall. However, controlling flow around an airfoil has become a researcher concern in the aeronautics field. There are two techniques for controlling flow around a wing to improve its aerodynamic performance: passive and active controls. Blowing and suction are among the active techniques that control the boundary layer separation around an airfoil. Their objective is to give energy to the air particles in the boundary layer separation zones and to create vortex structures that will homogenize the velocity near the wall and allow control. Blowing and suction have long been used as flow control actuators around obstacles. In 1904 Prandtl applied a permanent blowing to a cylinder to delay the boundary layer separation. In the present study, several numerical investigations have been developed to predict a turbulent flow around an aerodynamic profile. CFD code was used for several angles of attack in order to validate the present work with that of the literature in the case of a clean profile. The variation of the lift coefficient CL with the momentum coefficient

Keywords: CFD, control flow, lift, slot

Procedia PDF Downloads 153

Authors: A. Lubis, L. Setiawati, A. R. Setyoningrum, A. Suryawan, Irwanto

Abstract:

Asthma is a condition that causing chronic health problems in children. In addition to basic therapy against disease, we must try to reduce the impact of chronic health problems and also optimize their medical aspect of growth and development. A boy with mild asthma attack frequent episode did not showed any improvement with medical treatment and his asthma control test was 11. From radiologic examination he got hyperaerated lung and billateral sinusitis maxillaris; skin test results were house dust, food and pet allergy; an overweight body; bad school grades; psychological and environmental problem. We followed and evaluated this boy in 6 months, treated holistically. Even we could not do much on environmental but no more psychological and school problems, his on a good bodyweight and his asthma control test was 22. A case of a child with mild asthma attack frequent episode was reported. Asthma clinical course show no significant improvement when other predisposing factor is not well-controlled and a child’s growth and development may be affected. Improving condition of the patient can be created with the help of loving and caring way of nurturing from the parents and supportive peer group. Therefore, continuous and consistent monitoring is required because prognosis of asthma is generally good when regularly and properly controlled.

Keywords: asthma, chronic health problems, growth, development

Procedia PDF Downloads 203

Authors: Maria Brás

Abstract:

The main purpose of the presentation is to identify the impacts and appropriate measures to prevent potential attacks, or minimize the risk of an attack in tourist destination. Terrorism has been growing in the shadow of unpredictability, however, is possible to minimize the danger of a terrorist attack by doing the: (1) recognition; (2); evaluation; (3) avoidance; (4) threat reduction. The vulnerability of tourism industry to terrorism is an undeniable fact, and terrorists know it. They use this advantage attacking tourists for very specific reasons, such as the: (1) international coverage by the media, “if it bleeds it leads” ; (2) chances of getting different nationalities at the same place and time; (3) possibility of destroyed the economy of a destination, or destinations (“terrorism contamination effect”), through the reduction of tourist demand; (4) psychological, and social disruption based on fear of negative consequences. Security incidents, such as terrorism, include different preventive measures that can be conducted in partnership with: tourism industry (hotels, airports, tourist attractions, among others); central government; public and/or private sector; local community; and media. The recovery strategies must be based on the dissemination of positive information to the media; in creating new marketing strategies that emphasize the social and cultural values of the destination; encourage domestic tourism; get government, or state, financial support.

Keywords: terrorism, tourism, safety, security, impacts, prevention, recovery

Procedia PDF Downloads 310

Authors: Lan Zhang, Cailing Zhang

Abstract:

In recent years, many face anti-spoofing algorithms have high detection accuracy when detecting 2D face anti-spoofing or 3D mask face anti-spoofing alone in the field of face anti-spoofing, but their detection performance is greatly reduced in multidimensional and cross-datasets tests. The rPPG method used for face anti-spoofing uses the unique vital information of real face to judge real faces and face anti-spoofing, so rPPG method has strong stability compared with other methods, but its detection rate of 2D face anti-spoofing needs to be improved. Therefore, in this paper, we improve an rPPG(Remote Photoplethysmography) method(MrPPG) for face anti-spoofing which through color space fusion, using the correlation of pulse signals between real face regions and background regions, and introducing the cyclic neural network (LSTM) method to improve accuracy in 2D face anti-spoofing. Meanwhile, the MrPPG also has high accuracy and good stability in face anti-spoofing of multi-dimensional and cross-data datasets. The improved method was validated on Replay-Attack, CASIA-FASD, Siw and HKBU_MARs_V2 datasets, the experimental results show that the performance and stability of the improved algorithm proposed in this paper is superior to many advanced algorithms.

Keywords: face anti-spoofing, face presentation attack detection, remote photoplethysmography, MrPPG

Procedia PDF Downloads 142

Authors: Yasmeen Cheema, Parvinder Singh

Abstract:

The evolution of Islamic State (acronym IS) has an ultimate goal of restoring the caliphate. IS threat to the global security is main concern of international community but has also raised a factual concern for India about the regular radicalization of IS ideology among Indian youth. The incident of joining Arif Ejaz Majeed, an Indian as ‘jihadist’ in IS has set strident alarm in law & enforcement agencies. On 07.03.2017, many people were injured in an Improvised Explosive Device (IED) blast on-board of Bhopal Ujjain Express. One perpetrator of this incident was killed in encounter with police. But, the biggest shock is that the conspiracy was pre-planned and the assailants who carried out the blast were influenced by the ideology perpetrated by the Islamic State. This is the first time name of IS has cropped up in a terror attack in India. It is a red indicator of violent presence of IS in India, which is spreading through social media. The IS have the capacity to influence the younger Muslim generation in India through its brutal and aggressive propaganda videos, social media apps and hatred speeches. It is a well known fact that India is on the radar of IS, as well on its ‘Caliphate Map’. IS uses Twitter, Facebook and other social media platforms constantly. Islamic State has used enticing videos, graphics, and articles on social media and try to influence persons from India & globally that their jihad is worthy. According to arrested perpetrator of IS in different cases in India, the most of Indian youths are victims to the daydreams which are fondly shown by IS. The dreams that the Muslim empire as it was before 1920 can come back with all its power and also that the Caliph and its caliphate can be re-established are shown by the IS. Indian Muslim Youth gets attracted towards these euphemistic ideologies. Islamic State has used social media for disseminating its poisonous ideology, recruitment, operational activities and for future direction of attacks. IS through social media inspired its recruits & lone wolfs to continue to rely on local networks to identify targets and access weaponry and explosives. Recently, a pro-IS media group on its Telegram platform shows Taj Mahal as the target and suggested mode of attack as a Vehicle Born Improvised Explosive Attack (VBIED). Islamic State definitely has the potential to destroy the Indian national security & peace, if timely steps are not taken. No doubt, IS has used social media as a critical mechanism for recruitment, planning and executing of terror attacks. This paper will therefore examine the specific characteristics of social media that have made it such a successful weapon for Islamic State. The rise of IS in India should be viewed as a national crisis and handled at the central level with efficient use of modern technology.

Keywords: ideology, India, Islamic State, national security, recruitment, social media, terror attack

Procedia PDF Downloads 199

Authors: Sukhleen Kaur

Abstract:

In security groundwork, Intrusion Detection System (IDS) has become an important component. The IDS has received increasing attention in recent years. IDS is one of the effective way to detect different kinds of attacks and malicious codes in a network and help us to secure the network. Data mining techniques can be implemented to IDS, which analyses the large amount of data and gives better results. Data mining can contribute to improving intrusion detection by adding a level of focus to anomaly detection. So far the study has been carried out on finding the attacks but this paper detects the malicious files. Some intruders do not attack directly, but they hide some harmful code inside the files or may corrupt those file and attack the system. These files are detected according to some defined parameters which will form two lists of files as normal files and harmful files. After that data mining will be performed. In this paper a hybrid classifier has been used via Naive Bayes and Ripper classification methods. The results show how the uploaded file in the database will be tested against the parameters and then it is characterised as either normal or harmful file and after that the mining is performed. Moreover, when a user tries to mine on harmful file it will generate an exception that mining cannot be made on corrupted or harmful files.

Keywords: data mining, association, classification, clustering, decision tree, intrusion detection system, misuse detection, anomaly detection, naive Bayes, ripper

Procedia PDF Downloads 388

Authors: Amani K. Abu-Shaheen, Abdullah Nofal, Humariya Heena

Abstract:

Introduction: Parental perceptions and practices are important for improving the asthma outcomes in children; indeed, evidence shows that parents of asthmatic children harbor considerable misperceptions of the disease. Objective: To identify the prevalence of asthma and to investigate the perceptions and practices of parents toward asthma and its management in Saudi children. Methods: A two-stage cross-sectional survey of 2000 parents of children aged 3–15 years from schools located in all five districts of Riyadh province located in central Saudi Arabia, was conducted. Data collection was accomplished using a self-administered questionnaire based on information obtained from the literature. Results: Of 1450 children whose parents participated in the study, 600 had asthma, dyspnea, or chest allergy. The overall number of children with parental reports of ever having been diagnosed with asthma was 478 (32.9%). The majority of parents (321, 53.5%) believed that asthma was a hereditary disease. Of these parents, 361 (60.3%) were concerned about side effects of inhaled steroids, and 192 (32%) about development of dependency on asthma medications. Three hundred sixty seven (61.2%) parents reported that they could treat the asthma attack at home and almost 76% of parents went to pediatric emergency department during asthma attack. Conclusions: In this study, the overall prevalence of children whose parents reported that they were diagnosed with asthma was high (32.9%). Furthermore, parents of children with asthma had misperceptions regarding asthma and exhibited ineffective practices in its management. To improve asthma care and compliance, adequate education should be provided to parents.

Keywords: asthma, management, parents, quality of life

Procedia PDF Downloads 249

Authors: Nir Nissim, Ran Yahalom, Tomer Lancewiki, Yuval Elovici, Boaz Lerner

Abstract:

Background: Attackers increasingly take advantage of innocent users who tend to use USB devices casually, assuming these devices benign when in fact they may carry an embedded malicious behavior or hidden malware. USB devices have many properties and capabilities that have become the subject of malicious operations. Many of the recent attacks targeting individuals, and especially organizations, utilize popular and widely used USB devices, such as mice, keyboards, flash drives, printers, and smartphones. However, current detection tools, techniques, and solutions generally fail to detect both the known and unknown attacks launched via USB devices. Significance: We propose USBWARE, a project that focuses on the vulnerabilities of USB devices and centers on the development of a comprehensive detection framework that relies upon a crucial attack repository. USBWARE will allow researchers and companies to better understand the vulnerabilities and attacks associated with USB devices as well as providing a comprehensive platform for developing detection solutions. Methodology: The framework of USBWARE is aimed at accurate detection of both known and unknown USB-based attacks by a process that efficiently enhances the framework's detection capabilities over time. The framework will integrate two main security approaches in order to enhance the detection of USB-based attacks associated with a variety of USB devices. The first approach is aimed at the detection of known attacks and their variants, whereas the second approach focuses on the detection of unknown attacks. USBWARE will consist of six independent but complimentary detection modules, each detecting attacks based on a different approach or discipline. These modules include novel ideas and algorithms inspired from or already developed within our team's domains of expertise, including cyber security, electrical and signal processing, machine learning, and computational biology. The establishment and maintenance of the USBWARE’s dynamic and up-to-date attack repository will strengthen the capabilities of the USBWARE detection framework. The attack repository’s infrastructure will enable researchers to record, document, create, and simulate existing and new USB-based attacks. This data will be used to maintain the detection framework’s updatability by incorporating knowledge regarding new attacks. Based on our experience in the cyber security domain, we aim to design the USBWARE framework so that it will have several characteristics that are crucial for this type of cyber-security detection solution. Specifically, the USBWARE framework should be: Novel, Multidisciplinary, Trusted, Lightweight, Extendable, Modular and Updatable and Adaptable. Major Findings: Based on our initial survey, we have already found more than 23 types of USB-based attacks, divided into six major categories. Our preliminary evaluation and proof of concepts showed that our detection modules can be used for efficient detection of several basic known USB attacks. Further research, development, and enhancements are required so that USBWARE will be capable to cover all of the major known USB attacks and to detect unknown attacks. Conclusion: USBWARE is a crucial detection framework that must be further enhanced and developed.

Keywords: USB, device, cyber security, attack, detection

Procedia PDF Downloads 356

Authors: Georgi Bebrov, Rozalina Dimova

Abstract:

In the field of quantum secure communication, there is no evaluation that characterizes quantum secure communication (QSC) protocols in a complete, general manner. The current paper addresses the problem concerning the lack of such an evaluation for QSC protocols by introducing an optimality evaluation, which is expressed as the average over the three main parameters of QSC protocols: efficiency, security, and practicality. For the efficiency evaluation, the common expression of this parameter is used, which incorporates all the classical and quantum resources (bits and qubits) utilized for transferring a certain amount of information (bits) in a secure manner. By using criteria approach whether or not certain criteria are met, an expression for the practicality evaluation is presented, which accounts for the complexity of the QSC practical realization. Based on the error rates that the common quantum attacks (Measurement and resend, Intercept and resend, probe attack, and entanglement swapping attack) induce, the security evaluation for a QSC protocol is proposed as the minimum function taken over the error rates of the mentioned quantum attacks. For the sake of clarity, an example is presented in order to show how the optimality is calculated.

Keywords: quantum cryptography, quantum secure communcation, quantum secure direct communcation security, quantum secure direct communcation efficiency, quantum secure direct communcation practicality

Procedia PDF Downloads 151

Authors: Behnam Zahednejad, Saeed Kosari

Abstract:

Widespread deployment of Internet of Things (IoT) has raised security and privacy issues in this environment. Designing a secure two-factor authentication scheme between the user and server is still a challenging task. In this paper, we focus on Cancelable Biometric (CB) as an authentication factor in IoT. We show that previous CB-based scheme fail to provide real two-factor security, Perfect Forward Secrecy (PFS) and suffer database attacks and traceability of the user. Then we propose our improved scheme based on CB and Physically Unclonable Functions (PUF), which can provide real two-factor security, PFS, user’s unlinkability, and resistance to database attack. In addition, Key Compromise Impersonation (KCI) resilience is achieved in our scheme. We also prove the security of our proposed scheme formally using both Real-Or-Random (RoR) model and the ProVerif analysis tool. For the usability of our scheme, we conducted a performance analysis and showed that our scheme has the least communication cost compared to the previous CB-based scheme. The computational cost of our scheme is also acceptable for the IoT environment.

Keywords: IoT, two-factor security, cancelable biometric, key compromise impersonation resilience, perfect forward secrecy, database attack, real-or-random model, ProVerif

Procedia PDF Downloads 69

Authors: Nuur Ezaini Akmar Ismail, Norbazilah Rahim, Norul Huda Md Rasdi, Maslina Daud

Abstract:

A web application is the most targeted by the attacker because the web application is accessible by the end users. It has become more advantageous to the attacker since not all the end users aware of what kind of sensitive data already leaked by them through the Internet especially via social network in shake on ‘sharing’. The attacker can use this information such as personal details, a favourite of artists, a favourite of actors or actress, music, politics, and medical records to customize phishing attack thus trick the user to click on malware-laced attachments. The Phishing attack is one of the most popular attacks for social engineering technique against web applications. There are several methods to detect phishing websites such as Blacklist/Whitelist based detection, heuristic-based, and visual similarity-based detection. This paper illustrated a comparison between the heuristic-based technique using features of a uniform resource locator (URL) and visual similarity-based detection techniques that compares the content of a suspected phishing page with the legitimate one in order to detect new phishing sites based on the paper reviewed from the past few years. The comparison focuses on three indicators which are false positive and negative, accuracy of the method, and time consumed to detect phishing website.

Keywords: heuristic-based technique, phishing detection, social engineering and visual similarity-based technique

Procedia PDF Downloads 150

Authors: Talakokula Visalakshi

Abstract:

Concrete is the most commonly used construction material across the globe, its usage is second only to water. It is prepared using ordinary Portland cement whose production contributes to 5-8% of total carbon emission in the world. On the other hand the fly ash by product from the power plants is produced in huge quantities is termed as waste and disposed in landfills. In order to address the above issues mentioned, it is essential that other forms of binding material must be developed in place of cement to make concrete. The geo polymer concrete is one such alternative developed by Davidovits in 1980’s. Geopolymer do not form calcium-silicate hydrates for matrix formation and strength but undergo polycondensation of silica and alumina precursors to attain structural strength. Its setting mechanism depends upon polymerization rather than hydration. As a result it is able to achieve its strength in 3-5 days whereas concrete requires about a month to do the same. The objective of this research is to assess the performance of geopolymer concrete under sulphate and acid attack. The assessment is done based on the experiments conducted on geopolymer concrete. The expected outcomes include that if geopolymer concrete is more durable than normal concrete, then it could be a competitive replacement option of concrete and can lead to significant reduction of carbon foot print and have a positive impact on the environment. Fly ash based geopolymer concrete offers an opportunity to completely remove the cement content from concrete thereby making the concrete a greener and future construction material.

Keywords: fly ash, geo polymer, geopolymer concrete, construction material

Procedia PDF Downloads 459

Authors: Anwar Ul Haque, Waqar Asrar, Erwin Sulaeman, Jaffar S. M. Ali

Abstract:

Pressure distribution data of the standard airfoils is usually used for the calibration purposes in subsonic wind tunnels. Results of such experiments are quite old and obtained by using the model in the spanwise direction. In this manuscript, pressure distribution over NACA 4412 airfoil model was presented by placing the 3D model in the lateral direction. The model is made of metal with pressure ports distributed longitudinally as well as in the lateral direction. The pressure model was attached to the floor of the tunnel with the help of the base plate to give the specified angle of attack to the model. Before the start of the experiments, the pressure tubes of the respective ports of the 128 ports pressure scanner are checked for leakage, and the losses due to the length of the pipes were also incorporated in the results for the specified pressure range. Growth rate maps of the boundary layer thickness were also plotted. It was found that with the increase in the velocity, the dynamic pressure distribution was also increased for the alpha seep. Plots of pressure distribution so obtained were overlapped with those obtained by using XFLR software, a low fidelity tool. It was found that at moderate and high angles of attack, the distribution of the pressure coefficients obtained from the experiments is high when compared with the XFLR ® results obtained along with the span of the wing. This under-prediction by XFLR ® is more obvious on the windward than on the leeward side.

Keywords: subsonic flow, boundary layer, wind tunnel, pressure testing

Procedia PDF Downloads 294