Search results for: attacks and controls

Authors: Karim Abouelmehdi, Loubna Dali, Elmoutaoukkil Abdelmajid, Hoda Elsayed, Eladnani Fatiha, Benihssane Abderahim

Abstract:

The security of cloud services is the concern of cloud service providers. In this paper, we will mention different classifications of cloud attacks referred by specialized organizations. Each agency has its classification of well-defined properties. The purpose is to present a high-level classification of current research in cloud computing security. This classification is organized around attack strategies and corresponding defenses.

Keywords: cloud computing, classification, risk, security

Procedia PDF Downloads 506

Authors: Bandar Alahmadi

Abstract:

The fact that people tend to remember pictures better than texts, motivates researchers to develop graphical passwords as an alternative to textual passwords. Graphical passwords as such were introduced as a possible alternative to traditional text passwords, in which users prove their identity by clicking on pictures rather than typing alphanumerical text. In this paper, we present a scheme for graphical passwords that are resistant to shoulder surfing attacks and spyware attacks. The proposed scheme introduces a clicking technique to chosen images. First, the users choose a set of images, the images are then included in a grid where users can click in the cells around each image, the location of the click and the number of clicks are saved. As a result, the proposed scheme can be safe from shoulder surface and spyware attacks.

Keywords: security, password, authentication, attack, applications

Procedia PDF Downloads 139

Authors: Ghaleb Bin Huraib

Abstract:

Atopic dermatitis (AD), also known as atopic eczema, is a chronic inflammatory skin disease characterized by severe itching and recurrent, relapsing eczema-like skin lesions, affecting up to 20% of children and 10% of adults in industrialized countries. AD is a complex multifactorial disease, and its exact etiology and pathogenesis have not been fully elucidated. The aim of this study was to investigate the impact of gene polymorphisms of T helper cell subtype Th1 and Th2 cytokines, interferon-gamma (IFN-γ), interleukin-6 (IL-6) and transforming growth factor (TGF)-β1on AD susceptibility in a Saudi cohort. One hundred four unrelated patients with AD and 195 healthy controls were genotyped for IFN-γ (874A/T), IL-6 (174G/C) and TGF-β1 (509C/T) polymorphisms using ARMS-PCR and PCR-RFLP technique. The frequency of genotypes AA and AT of IFN-γ (874A/T) differed significantly among patients and controls (P 0.001). The genotype AT was increased while genotype AA was decreased in AD patients as compared to controls. AD patients also had a higher frequency of T-containing genotypes (AT+TT) than controls (P = 0.001). The frequencies of alleles T and A were statistically different in patients and controls (P = 0.04). The frequencies of genotype GG and allele G of IL-6 (174G/C) were significantly higher, while genotype GC and allele C were lower in AD patients than in controls. There was no significant difference in the frequencies of alleles and genotypes of TGF-β1 (509C/T) polymorphism between the patient and control groups. These results showed that susceptibility to AD is influenced by the presence or absence of genotypes of IFN-γ (874A/T) and IL-6 (174G/C) polymorphisms. It is concluded T-allele and T-containing genotypes (AT+TT) of IFN-γ (874A/T) and G-allele and GG genotype ofIL-6 (174G/C) polymorphisms are susceptible to AD in Saudis. On the other hand, the TGF-β1 (509C/T) polymorphism may not be associated with AD risk in our population; however, further studies with large sample sizes are required to confirm these results.

Keywords: atopic dermatitis, Polymorphism, Interferon, IL-6

Procedia PDF Downloads 39

Authors: Gigih Supriyatno

Abstract:

SQL injection is one of the most common types of attacks and has a very critical impact on web servers. In the worst case, an attacker can perform post-exploitation after a successful SQL injection attack. In the case of forensics web servers, web server analysis is closely related to log file analysis. But sometimes large file sizes and different log types make it difficult for investigators to look for traces of attackers on the server. The purpose of this paper is to help investigator take appropriate steps to investigate when the web server gets attacked. We use attack scenarios using SQL injection attacks including PHP backdoor injection as post-exploitation. We perform post-mortem analysis of web server logs based on Hypertext Transfer Protocol (HTTP) POST and HTTP GET method approaches that are characteristic of SQL injection attacks. In addition, we also propose structured analysis method between the web server application log file, database application, and other additional logs that exist on the webserver. This method makes the investigator more structured to analyze the log file so as to produce evidence of attack with acceptable time. There is also the possibility that other attack techniques can be detected with this method. On the other side, it can help web administrators to prepare their systems for the forensic readiness.

Keywords: web forensic, SQL injection, investigation, web shell

Procedia PDF Downloads 120

Authors: Muhammad R. Ahmed, Mohammed Aseeri

Abstract:

Wireless Sensor Network (WSN) consists of low-cost and multi functional resources constrain nodes that communicate at short distances through wireless links. It is open media and underpinned by an application driven technology for information gathering and processing. It can be used for many different applications range from military implementation in the battlefield, environmental monitoring, health sector as well as emergency response of surveillance. With its nature and application scenario, security of WSN had drawn a great attention. It is known to be valuable to variety of attacks for the construction of nodes and distributed network infrastructure. In order to ensure its functionality especially in malicious environments, security mechanisms are essential. Malicious or internal attacker has gained prominence and poses the most challenging attacks to WSN. Many works have been done to secure WSN from internal attacks but most of it relay on either training data set or predefined threshold. Without a fixed security infrastructure a WSN needs to find the internal attacks is a challenge. In this paper we present an internal attack detection method based on maximum entropy model. The final experimental works showed that the proposed algorithm does work well at the designed level.

Keywords: internal attack, wireless sensor network, network security, entropy

Procedia PDF Downloads 430

Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez

Abstract:

In this paper, we treat a model that falls in the area of protecting targeted systems from intelligent threats including terrorism. We introduce the concept of system survivability, in the context of continuous attacks, as the probability that a system under attack will continue operation up to some fixed time t. We define a constant attack rate (CAR) process as an attack on a targeted system that follows an exponential distribution. We consider the superposition of several CAR processes. From the attacker side, we determine the optimal attack strategy that minimizes the system survivability. We also determine the optimal strengthening strategy that maximizes the system survivability under limited defensive resources. We use operations research techniques to identify optimal strategies of each antagonist. Our results may be used as interesting starting points to develop realistic protection strategies against intentional attacks.

Keywords: CAR processes, defense/attack strategies, exponential failure, survivability

Procedia PDF Downloads 364

Authors: Nareshkumar Harale, B. B. Meshram

Abstract:

The continued exponential growth of successful cyber intrusions against today’s businesses has made it abundantly clear that traditional perimeter security measures are no longer adequate and effective. We evolved the network trust architecture from trust-untrust to Zero-Trust, With Zero Trust, essential security capabilities are deployed in a way that provides policy enforcement and protection for all users, devices, applications, data resources, and the communications traffic between them, regardless of their location. Information exchange over the Internet, in spite of inclusion of advanced security controls, is always under innovative, inventive and prone to cyberattacks. TCP/IP protocol stack, the adapted standard for communication over network, suffers from inherent design vulnerabilities such as communication and session management protocols, routing protocols and security protocols are the major cause of major attacks. With the explosion of cyber security threats, such as viruses, worms, rootkits, malwares, Denial of Service attacks, accomplishing efficient and effective intrusion detection and prevention is become crucial and challenging too. In this paper, we propose a design and analysis model for next generation network intrusion detection and protection system as part of layered security strategy. The proposed system design provides intrusion detection for wide range of attacks with layered architecture and framework. The proposed network intrusion classification framework deals with cyberattacks on standard TCP/IP protocol, routing protocols and security protocols. It thereby forms the basis for detection of attack classes and applies signature based matching for known cyberattacks and data mining based machine learning approaches for unknown cyberattacks. Our proposed implemented software can effectively detect attacks even when malicious connections are hidden within normal events. The unsupervised learning algorithm applied to network audit data trails results in unknown intrusion detection. Association rule mining algorithms generate new rules from collected audit trail data resulting in increased intrusion prevention though integrated firewall systems. Intrusion response mechanisms can be initiated in real-time thereby minimizing the impact of network intrusions. Finally, we have shown that our approach can be validated and how the analysis results can be used for detecting and protection from the new network anomalies.

Keywords: network intrusion detection, network intrusion prevention, association rule mining, system analysis and design

Procedia PDF Downloads 200

Authors: Ashish Ashish

Abstract:

In the last few decades, the discrete chaos of difference equations has gained a massive attention of academicians and scholars due to its tremendous applications in each and every branch of science, such as cryptography, traffic control models, secure communications, weather forecasting, and engineering. In this article, a generalized logistic discrete map is established and discrete chaos is reported through period doubling bifurcation, period three orbit and Lyapunov exponent. It is interesting to see that the generalized logistic map exhibits superior chaos due to the presence of an extra degree of freedom of an ordered parameter. The period doubling bifurcation and Lyapunov exponent are demonstrated for some particular values of parameter and the discrete chaos is determined in the sense of Devaney's definition of chaos theoretically as well as numerically. Moreover, the study discusses an extended chaos based image encryption and decryption scheme in cryptography using this novel system. Surprisingly, a larger key space for coding and more sensitive dependence on initial conditions are examined for encryption and decryption of text messages, images and videos which secure the system strongly from external cyber attacks, coding attacks, statistic attacks and differential attacks.

Keywords: chaos, period-doubling, logistic map, Lyapunov exponent, image encryption

Procedia PDF Downloads 113

Authors: Farheen Tabassum, Shoab Ahmed Khan

Abstract:

The brutality of attacks on networks and decisive infrastructures are on the climb over recent years and appears to continue to do so. Distributed Denial of service attack is the most prevalent and easy attack on the availability of a service due to the easy availability of large botnet computers at cheap price and the general lack of protection against these attacks. Application layer DDoS attack is DDoS attack that is targeted on wed server, application server or database server. These types of attacks are much more sophisticated and challenging as they get around most conventional network security devices because attack traffic often impersonate normal traffic and cannot be recognized by network layer anomalies. Conventional techniques of single-hosted security systems are becoming gradually less effective in the face of such complicated and synchronized multi-front attacks. In order to protect from such attacks and intrusion, corporation among all network devices is essential. To overcome this issue, a collaborative intrusion detection system (CIDS) is proposed in which multiple network devices share valuable information to identify attacks, as a single device might not be capable to sense any malevolent action on its own. So it helps us to take decision after analyzing the information collected from different sources. This novel attack detection technique helps to detect seemingly benign packets that target the availability of the critical infrastructure, and the proposed solution methodology shall enable the incident response teams to detect and react to DDoS attacks at the earliest stage to ensure that the uptime of the service remain unaffected. Experimental evaluation shows that the proposed collaborative detection approach is much more effective and efficient than the previous approaches.

Keywords: Distributed Denial-of-Service (DDoS), Collaborative Intrusion Detection System (CIDS), Slowloris, OSSIM (Open Source Security Information Management tool), OSSEC HIDS

Procedia PDF Downloads 335

Authors: Yang Yu, Jian Wang, Jiqiang Liu, Lei Han, Xudong He, Shaohua Lv

Abstract:

As the increasing network attacks become more and more complex, network situation assessment based on log analysis cannot meet the requirements to ensure network security because of the low quality of logs and alerts. This paper addresses the lack of consideration of security attributes of hosts and attacks in the network. Identity and effectiveness of Distributed Denial of Service (DDoS) are hard to be proved in risk assessment based on alerts and flow matching. This paper proposes a multi-dimension threat situation assessment method based on network security attributes. First, the paper offers an improved Common Vulnerability Scoring System (CVSS) calculation, which includes confident risk, integrity risk, availability risk and a weighted risk. Second, the paper introduces deterioration rate of properties collected by sensors in hosts and network, which aimed at assessing the time and level of DDoS attacks. Third, the paper introduces distribution of asset value in security attributes considering features of attacks and network, which aimed at assessing and show the whole situation. Experiments demonstrate that the approach reflects effectiveness and level of DDoS attacks, and the result can show the primary threat in network and security requirement of network. Through comparison and analysis, the method reflects more in security requirement and security risk situation than traditional methods based on alert and flow analyzing.

Keywords: DDoS evaluation, improved CVSS, network security attribute, threat situation assessment

Procedia PDF Downloads 183

Authors: Zahra Abdolkarimi, Naser Zourikalatehsamad,

Abstract:

Up to 40 years ago, after recognition of epilepsy, it was generally believed that these attacks occurred randomly and suddenly. However, thanks to the advance of mathematics and engineering, such attacks can be predicted within a few minutes or hours. In this way, various algorithms for long-term prediction of the time and frequency of the first attack are presented. In this paper, by considering the nonlinear nature of brain signals and dynamic recorded brain signals, ANFIS model is presented to predict the brain signals, since according to physiologic structure of the onset of attacks, more complex neural structures can better model the signal during attacks. Contribution of this work is the co-evolution algorithm for optimization of ANFIS network parameters. Our objective is to predict brain signals based on time series obtained from brain signals of the people suffering from epilepsy using ANFIS. Results reveal that compared to other methods, this method has less sensitivity to uncertainties such as presence of noise and interruption in recorded signals of the brain as well as more accuracy. Long-term prediction capacity of the model illustrates the usage of planted systems for warning medication and preventing brain signals.

Keywords: co-evolution algorithms, brain signals, time series, neural networks, ANFIS model, physiologic structure, time prediction, epilepsy suffering, illustrates model

Procedia PDF Downloads 247

Authors: Dada. O.Akinola, Uche. I. Ebele, Bamiro .A.Rafatu, Akinbami A. Akinsegun, Dada O. Adeyemi, Adeyemi. O. Ibukun, Okunowo O.Bolanle, Abdulateef O. Kareem, Ibrahim.N. Ismaila, Dosu Rihanat

Abstract:

Background: Hyperglycaemia alters qualitatively and quantitatively all the full blood count parameters. The alterations among other factors are responsible for the macrovascular and microvascular complications associated with diabetes mellitus (DM). This study is aimed at correlating haematological parameters in DM subjects with their fasting blood glucose (FBG) and anthropometric parameters. Materials and Methods: This was a cross-sectional study of participants attending DM clinic of Lagos State University Teaching Hospital (LASUTH), Ikeja. The study recruited one hundred and two (102) DM subjects and one hundred (100) non-DM controls. Venous blood samples were collected for full blood count (FBC) assay while FBG was done, structured questionnaires were administered, and anthropometric measurements of all participants were done. Data were analyzed with Statistical Package for Social Science (SPSS) version 23. P was set at ≤0.05. Results: The mean age of DM patients was 64.32± 11.31 years. Using a haemoglobin concentration cut-off of 11g/dl, 39.2%, and 13% DM and control participants respectively had values lower than 11g/dl. A total of 22.5% and 3% of DM and controls respectively gave a history of previous blood transfusion.White blood cells count and platelet count means were (6.12±1.60 and 5.30±7.52,p=0.59) and (213.31±73.58 and 228.91±73.21,p = 0.26) *109/L in DM subjects and controls respectively. FBG and all the anthropometric data in DM subjects were significantly higher than in controls. Conclusions: The prevalence of anaemia in DM subjects was three times higher than in controls. The white blood cell count was higher but not statistically significant in DM compared with controls. But platelet count was higher but not statistically significant in controls compared with DM subjects.

Keywords: haematological profile, diabetes mellitus, anthropometric data, fasting blood glucose

Procedia PDF Downloads 50

Authors: Ebtissam Saleh Al-Meghaiseeb, Abdulaziz Al Masood, Abdulrahman Al-Robayan, Reem Al-Amro, Misbahul Arfin, Abdulrahman Al Asmari

Abstract:

Objective: The objective of this study was to evaluate the role of apolipoprotein E (APOE) polymorphism on the onset of inflammatory bowel disease (IBD) in Saudi patients. Methods: APOE gene was genotyped to evaluate the frequencies of the alleles and genotypes in Saudi subjects, including IBD patients (n=200) and matched controls (n=200), using APOE StripAssayTM kit (ViennaLab Labordiagnostika GmbH, Vienna, Austria). Results: The frequencies of alleles and genotypes of APOE differed in patients and controls. The APOE allele ε2 and ε4, genotype ε2/ε3 and ε2/ε4 were significantly higher in the IBD patients than the healthy controls. The frequencies of ε3 allele and ε3/ε3 genotype were higher in the control group as compared to patients. The higher prevalence of allele ε2 and ε4 allele in patients compared to that in controls suggested that ε2 and ε4 alleles may increase the risk of IBD. Results also indicated that APOE ε4 allele was associated with early age at onset of IBD. On the other hand, the decreased frequencies of ε3 allele and ε3/ε3 genotype in patients as compared to those in the controls suggested a protective effect of APOE ε3 for IBD susceptibility. In this study, the frequency distribution of APOE alleles and genotypes was not affected by the gender or type of IBD (familial or sporadic). Conclusion: This study indicates that APOE polymorphism plays a significant role in developing IBD and early age of onset in Saudi patients. However, further studies with large-size sample are warranted to confirm this relationship.

Keywords: APOE, polymorphism, IBD, saudis

Procedia PDF Downloads 79

Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla

Abstract:

Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.

Keywords: Denial-of-Service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities

Procedia PDF Downloads 170

Authors: Ghaleb Bin Huraib, Fahad Al Harthi, Misbahul Arfin, Abdulrahman Al-Asmari

Abstract:

Atopic dermatitis (AD), also known as atopic eczema, is a chronic inflammatory skin disease characterized by severe itching and recurrent relapsing eczema-like skin lesions, affecting up to 20% of children and 10% of adults in industrialized countries. AD is a complex multifactorial disease, and its exact etiology and pathogenesis have not been fully elucidated. The aim of this study was to investigate the impact of gene polymorphisms of T helper cell subtype Th1 and Th2 cytokines, interferon-gamma (IFN-γ), interleukin-6 (IL-6) and transforming growth factor (TGF)-β1on AD susceptibility in a Saudi cohort. One hundred four unrelated patients with AD and 195 healthy controls were genotyped for IFN-γ (874A/T), IL-6 (174G/C) and TGF-β1 (509C/T) polymorphisms using ARMS-PCR and PCR-RFLP technique. The frequency of genotypes AA and AT of IFN-γ (874A/T) differed significantly among patients and controls (P 0.001). The genotype AT was increased while genotype AA was decreased in AD patients as compared to controls. AD patients also had higher frequency of T containing genotypes (AT+TT) than controls (P = 0.001). The frequencies of allele T and A were statistically different in patients and controls (P = 0.04). The frequencies of genotype GG and allele G of IL-6 (174G/C) were significantly higher while genotype GC and allele C were lower in AD patients than controls. There was no significant difference in the frequencies of alleles and genotypes of TGF-β1 (509C/T) polymorphism between patient and control groups. These results showed that susceptibility to AD is influenced by presence or absence of genotypes of IFN-γ (874A/T) and IL-6 (174G/C) polymorphisms. It is concluded that T-allele and T-containing genotypes (AT+TT) of IFN-γ (874A/T) and G-allele and GG genotype ofIL-6 (174G/C) polymorphisms are susceptible to AD in Saudis.On the other hand, the TGF-β1 (509C/T) polymorphism may not be associated with AD risk in Saudi population however further studies with large sample size are required to confirm these findings.

Keywords: atopic dermatitis, interferon-γ, interleukin-6, transforming growth factor-β1, polymorphism

Procedia PDF Downloads 80

Authors: Doaa Wael, Naswa Abdelbaky

Abstract:

Malware is malicious software that is built to cause destructive actions and damage information systems and networks. Malware infections increase rapidly, and types of malware have become more sophisticated, which makes the malware detection process more difficult. On the other side, the Internet of Things IoT technology is vulnerable to malware attacks. These IoT devices are always connected to the internet and lack security. This makes them easy for hackers to access. These malware attacks are becoming the go-to attack for hackers. Thus, in order to deal with this challenge, new malware detection techniques are needed. Currently, building a blockchain solution that allows IoT devices to download any file from the internet and to verify/approve whether it is malicious or not is the need of the hour. In recent years, blockchain technology has stood as a solution to everything due to its features like decentralization, persistence, and anonymity. Moreover, using blockchain technology overcomes some difficulties in malware detection and improves the malware detection ratio over-than the techniques that do not utilize blockchain technology. In this paper, we study malware detection models which are based on blockchain technology. Furthermore, we elaborate on the effect of blockchain technology in malware detection, especially in the android environment.

Keywords: malware analysis, blockchain, malware attacks, malware detection approaches

Procedia PDF Downloads 44

Authors: Preston Nabors, Nasseh Tabrizi

Abstract:

Portable Document Format (PDF) files have gained significant popularity for sharing and distributing documents due to their universal compatibility. However, the widespread use of PDF files has made them attractive targets for cybercriminals, who exploit vulnerabilities to deliver malware and compromise the security of end-user systems. This paper reviews notable contributions in PDF malware detection, including static, dynamic, signature-based, and hybrid analysis. It presents a comprehensive examination of PDF malware detection techniques, focusing on the emerging threat of adversarial sampling and the need for robust defense mechanisms. The paper highlights the vulnerability of machine learning classifiers to evasion attacks. It explores adversarial sampling techniques in PDF malware detection to produce mimicry and reverse mimicry evasion attacks, which aim to bypass detection systems. Improvements for future research are identified, including accessible methods, applying adversarial sampling techniques to malicious payloads, evaluating other models, evaluating the importance of features to malware, implementing adversarial defense techniques, and conducting comprehensive examination across various scenarios. By addressing these opportunities, researchers can enhance PDF malware detection and develop more resilient defense mechanisms against adversarial attacks.

Keywords: adversarial attacks, adversarial defense, adversarial machine learning, intrusion detection, PDF malware, malware detection, malware detection evasion

Procedia PDF Downloads 14

Authors: A. Vijayendra Chary, R. Hemalatha

Abstract:

Background: Vitamin D is a potent modulator of the immune system and is involved in regulating cell proliferation and differentiation. Vitamin D deficiency has been linked to increased severity of asthma in children. Asthma has dramatically increased in past decades, particular in developing countries and affects up to 20% of the population. IgE and its receptors, CD23 (FcεRII) and CD 21, play an essential role in all allergic conditions. Methods: A case control study was conducted on asthma and age and sex matched control children. 25 hydroxyvitamin D3 was quantified by HPLC; CD23; and CD21 expression on B cells were performed by flow cytometry. Total Histamine, total IGE and IL-5 and IFN-γ cytokines were determined by ELISA in blood samples of bronchial asthma (n=45) and control children (n=45). Results: The mean ± SE of vitamin D was significantly (p<0.05) low in asthma children (13.6±0.54 ng/mL) than in controls (17.4 ± 0.37 ng/mL). The mean (%) ± SE of CD23 and CD21 expression on B cells were significantly (p<0.01) high in asthma (1.02±0.09; 1.67± 0.13), when compared to controls (0.24±0.01; 0.94±0.03) respectively. The mean± SE of Serum IgE and blood histamine levels in asthma children (354.52 ± 17.33 IU/mL; 53.27 ± 2.54 nM/mL) were increased (P<0.05) when compared to controls (183.12±17.62 IU/mL 39.34±4.16 nM/mL) respectively and IFN-γ (Th1 cytokine) was lower (P<0.01) (16.37±1.27 pg/mL) than in controls (43.34±6.21 pg/mL). Conclusion: Our study provides evidence that low vitamin D levels are associated with increased IgE receptors CD23 and CD21 on B cells. In addition, there was preferential activation of Th2 (IL-5) and suppression of Th1 (IFN-γ) cytokines in children with asthma.

Keywords: bronchial asthma, CD23, IgE, vitamin D

Procedia PDF Downloads 450

Authors: Ersun N. Kurtulus

Abstract:

One of the strategic goals of left-wing terrorism, both in its Anarchist and Marxist-Leninist forms, was mobilization of masses as a first step in launching a revolution. However, in the canonical texts of left-wing terrorist literature (such as the works of Brousse, Nachaev, Bakunin, Kropotkin, Most, Heinzen, Guevara and Marighella) it is not clear how resort to terrorist tactics such as assassinations or bomb attacks will lead to mobilization of masses. This link is usually presumed and taken for granted. However, in other, less known terrorist texts, where there is some elaboration upon this link, two conflicting views emerge: (i) terrorist attacks are supposed to cause state repression which in turn radicalizes masses and opens up the way for recruitment and mobilization versus (ii) terrorist attacks are supposed to demonstrate the hollowness of the already existent state repression and thereby encourage mobilization of masses that are already radicalized but inactive due fear caused by state repression. The paper argues that terrorism studies have largely overemphasized the former while the latter has remained more or less unnoticed.

Keywords: terrorism, repression, radical left, mobilization of masses

Procedia PDF Downloads 187

Authors: Roshan Jelal, Charles Mbohwa

Abstract:

In today’s world, internal fraud remains one of the most challenging problems within companies worldwide and despite investment in controls and attention given to the problem, the instances of internal fraud has not abated. To the contrary it appears that internal fraud is on the rise especially in the wake of the economic downturn. Leadership within companies believes that the more sophisticated the controls employed the less likely it would be for employees to pilfer. This is a very antiquated view as investment in controls may not be enough to curtail internal fraud; however, ensuring that a company drives the correct culture and behaviour within the organisation is likely to yield desired results. This research aims to understand how creating a strong ethical culture and embedding the principle of good corporate governance impacts on levels of internal fraud with an organization (a South African Bank).

Keywords: internal fraud, corporate governance, ethics, reserve bank, the King Code

Procedia PDF Downloads 375

Authors: Ahmed M. Hjazi, Bader M. Hjazi

Abstract:

Protein 4.1 is a crucial component of complex interactions between the cytoskeleton and other junctional complex proteins. When the gene encoding this protein is altered, resulting in reduced expression, or when the protein is absent, the red cell undergoes a significant structural change. This research aims to achieve a deeper comprehension of the biochemical effects of red cell protein deficiency. A Tandem Mass Spectrometry Analysis (TMT-MS/MS) of patient cells lacking protein 4.1 compared to three healthy controls was achieved by the Proteomics Institute of the University of Bristol. The SDS-PAGE and Western blotting were utilized on the original patient sample and controls to partially confirm TMT MS/MS data analysis of the protein-4.1-deficient cells. Compared to healthy controls, protein levels in samples lacking protein 4.1 had a significantly higher concentration of proteins that probably originated from reticulocytes. This could occur if the patient has an elevated reticulocyte count. The increase in chaperone and reticulocyte-associated proteins was most notable in this study. This may result from elevated quantities of reticulocytes in patients with hereditary elliptocytosis.

Keywords: hereditary elliptocytosis, protein 4.1, red cells, tandem mass spectrometry data.

Procedia PDF Downloads 52

Authors: Nauman Idrees

Abstract:

Modeling and simulation during the conceptual design phase are the most effective means of system testing resulting in time and cost savings as compared to the testing of hardware prototypes, which are mostly not available during the conceptual design phase. This paper uses the model-based design (MBD) method in designing the fly-by-wire flight controls system of a fighter aircraft using Simulink. The process begins with system definition and layout where modeling requirements and system components were identified, followed by hierarchical system layout to identify the sequence of operation and interfaces of system with external environment as well as the internal interface between the components. In the second step, each component within the system architecture was modeled along with its physical and functional behavior. Finally, all modeled components were combined to form the fly-by-wire flight controls system of a fighter aircraft as per system architecture developed. The system model developed using this method can be simulated using any simulation software to ensure that desired requirements are met even without the development of a physical prototype resulting in time and cost savings.

Keywords: fly-by-wire, flight controls system, model based design, Simulink

Procedia PDF Downloads 92

Authors: Anum Ali, Kashaf ad Dooja, Asif Saleem

Abstract:

The future smart cities trend will be towards Internet of Things (IoT); IoT creates dynamic connections in a ubiquitous manner. Smart cities offer ease and flexibility for daily life matters. By using small devices that are connected to cloud servers based on IoT, network traffic between these devices is growing exponentially, whose security is a concerned issue, since ratio of cyber attack may make the network traffic vulnerable. This paper discusses the latest machine learning approaches in related work further to tackle the increasing rate of cyber attacks, machine learning algorithm is applied to IoT-based network traffic data. The proposed algorithm train itself on data and identify different sections of devices interaction by using supervised learning which is considered as a classifier related to a specific IoT device class. The simulation results clearly identify the attacks and produce fewer false detections.

Keywords: IoT, traffic security, deep learning, classification

Procedia PDF Downloads 124

Authors: S. B. Kumbalavati, J. D. Mallapur, K. Y. Bendigeri

Abstract:

A mobile Ad-hoc network (MANET) is a multihop wireless network where nodes communicate each other without any pre-deployed infrastructure. There is no central administrating unit. Hence, MANET is generally prone to many of the attacks. These attacks may alter, release or deny data. These attacks are nothing but intrusions. Intrusion is a set of actions that attempts to compromise integrity, confidentiality and availability of resources. A major issue in the design and operation of ad-hoc network is sharing the common spectrum or common channel bandwidth among all the nodes. We are performing intrusion detection using game theory approach. Game theory is a mathematical tool for analysing problems of competition and negotiation among the players in any field like marketing, e-commerce and networking. In this paper mathematical model is developed using game theory approach and intruders are detected and removed. Bandwidth utilization is estimated and comparison is made between bandwidth utilization with intrusion detection technique and without intrusion detection technique. Percentage of intruders and efficiency of the network is analysed.

Keywords: ad-hoc network, IDS, game theory, sensor networks

Procedia PDF Downloads 355

Authors: M. Mansouri, P. Jaklitsch, E. Teiniker

Abstract:

SQL injection on web applications is a very popular kind of attack. There are mechanisms such as intrusion detection systems in order to detect this attack. These strategies often rely on techniques implemented at high layers of the application but do not consider the low level of system calls. The problem of only considering the high level perspective is that an attacker can circumvent the detection tools using certain techniques such as URL encoding. One technique currently used for detecting low-level attacks on privileged processes is the tracing of system calls. System calls act as a single gate to the Operating System (OS) kernel; they allow catching the critical data at an appropriate level of detail. Our basic assumption is that any type of application, be it a system service, utility program or Web application, “speaks” the language of system calls when having a conversation with the OS kernel. At this level we can see the actual attack while it is happening. We conduct an experiment in order to demonstrate the suitability of system call analysis for detecting SQL injection. We are able to detect the attack. Therefore we conclude that system calls are not only powerful in detecting low-level attacks but that they also enable us to detect high-level attacks such as SQL injection.

Keywords: Linux system calls, web attack detection, interception, SQL

Procedia PDF Downloads 324

Authors: Amirreza Fazely Hamedani, Muzzamil Aziz, Philipp Wieder, Ramin Yahyapour

Abstract:

Software-defined networking in recent years came into the sight of so many network designers as a successor to the traditional networking. Unlike traditional networks where control and data planes engage together within a single device in the network infrastructure such as switches and routers, the two planes are kept separated in software-defined networks (SDNs). All critical decisions about packet routing are made on the network controller, and the data level devices forward the packets based on these decisions. This type of network is vulnerable to DDoS attacks, degrading the overall functioning and performance of the network by continuously injecting the fake flows into it. This increases substantial burden on the controller side, and the result ultimately leads to the inaccessibility of the controller and the lack of network service to the legitimate users. Thus, the protection of this novel network architecture against denial of service attacks is essential. In the world of cybersecurity, attacks and new threats emerge every day. It is essential to have tools capable of managing and analyzing all this new information to detect possible attacks in real-time. These tools should provide a comprehensive solution to automatically detect, predict and prevent abnormalities in the network. Big data encompasses a wide range of studies, but it mainly refers to the massive amounts of structured and unstructured data that organizations deal with on a regular basis. On the other hand, it regards not only the volume of the data; but also that how data-driven information can be used to enhance decision-making processes, security, and the overall efficiency of a business. This paper presents an intelligent big data framework as a solution to handle illegitimate traffic burden on the SDN network created by the numerous DDoS attacks. The framework entails an efficient defence and monitoring mechanism against DDoS attacks by employing the state of the art machine learning techniques.

Keywords: apache spark, apache kafka, big data, DDoS attack, machine learning, SDN network

Procedia PDF Downloads 139

Authors: Sami M. Alshareef

Abstract:

The rapid growth of smart grid technology has brought significant advancements to the power industry. However, with the increasing interconnectivity and reliance on information and communication technologies, smart grids have become vulnerable to cyber-attacks, posing significant threats to the reliable operation of power systems. Among the critical components of smart grids, the Automatic Generation Control (AGC) system plays a vital role in maintaining the balance between generation and load demand. Therefore, protecting the AGC system from cyber threats is of paramount importance to maintain grid stability and prevent disruptions. Traditional security measures often fall short in addressing sophisticated and evolving cyber threats, necessitating the exploration of innovative approaches. Machine learning, with its ability to analyze vast amounts of data and learn patterns, has emerged as a promising solution to enhance AGC system security. Therefore, this research proposal aims to address the challenges associated with detecting and mitigating cyber-attacks on AGC in smart grids by leveraging machine learning techniques on automatic generation control of two-area power systems. By utilizing historical data, the proposed system will learn the normal behavior patterns of AGC and identify deviations caused by cyber-attacks. Once an attack is detected, appropriate mitigation strategies will be employed to safeguard the AGC system. The outcomes of this research will provide power system operators and administrators with valuable insights into the vulnerabilities of AGC systems in smart grids and offer practical solutions to enhance their cyber resilience.

Keywords: machine learning, cyber-attacks, automatic generation control, smart grid

Procedia PDF Downloads 55

Authors: Sara Alshehri, Bayan Alenzi, Atheer Alshehri, Samia Chelloug, Zainab Almry, Hussah Albugmai

Abstract:

This paper concerns body area networks sensor that collect signals around a human body. The black hole attacks are the main security challenging problem because the data traffic can be dropped at any node. The focus of our proposed solution is to efficiently route data packets while detecting black hole nodes.

Keywords: body sensor networks, security, black hole, routing, broadcasting, OMNeT++

Procedia PDF Downloads 613

Authors: Michaela Vašková

Abstract:

With the increasing dependence of countries on the critical infrastructure, it increases their vulnerability. Big threat is primarily in the human factor (personnel of the critical infrastructure) and in terrorist attacks. It emphasizes the development of methodology for searching of weak points and their subsequent elimination. This article discusses methods for the analysis of safety in the objects of critical infrastructure. It also contains proposal for methodology for training employees of security services in the objects of the critical infrastructure and developing scenarios of attacks on selected objects of the critical infrastructure.

Keywords: critical infrastructure, object of critical infrastructure, protection, safety, security, security audit

Procedia PDF Downloads 315

Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez

Abstract:

In this paper, we briefly introduce the concept of Poisson attacks in the case of defense/attack strategies where attacks are assumed to be continuous. We suggest a game model in which the attacker will combine both criteria of a sufficient confidence level of a successful attack and a reasonably small size of the estimation error in order to launch an attack. Here, estimation error arises from assessing the system failure upon attack using aggregate data at the system level. The corresponding error is referred to as aggregation error. On the other hand, the defender will attempt to deter attack by making one or both criteria inapplicable. The defender will build his/her strategy by both strengthening the targeted system and increasing the size of error. We will formulate the defender problem based on appropriate optimization models. The attacker will opt for a Bayesian updating in assessing the impact on the improvement made by the defender. Then, the attacker will evaluate the feasibility of the attack before making the decision of whether or not to launch it. We will provide illustrations to better explain the process.

Keywords: attacker, defender, game theory, information

Procedia PDF Downloads 429