Search results for: cyber attack

Authors: Mina Latif Ghaly Sawiras

Abstract:

The difference between Islamic terrorism and human-rights has become a big question in the fight against Islamic terrorism globally. This is was raised on the fact that terrorism and human rights are interrelated to the extent that, when the former starts, the latter is violated. This direct linkage was recognized in the Vienna Declaration and Program of Action as adopted by the World Conference on Human Rights in Vienna on 25 June 1993 which agreed that acts of terrorism in all its forms and manifestations are aimed at the destruction of human rights. Hence, Islamic-terrorism constitutes a violation on our most basic human rights. To this end, the first part of this paper will focus on the nexus between terrorism and human rights and endeavors to draw a co-relation between these two concepts. The second part thereafter will analyse the emerging concept of cyber-terrorism and how it takes place. Further, an analysis of cyber counter-terrorism balanced as against human rights will also be undertaken. This will be done through the analysis of the concept of ‘securitization’ of human rights as well as the need to create a balance between counterterrorism efforts as against the protection of human rights at all costs. The paper will then conclude with recommendations on how to balance counter-terrorism and human rights in the modern age.

Keywords: balance, counter-terrorism, cyber-terrorism, human rights, security, violation

Procedia PDF Downloads 30

Authors: Bandar Alahmadi, Lethia Jackson

Abstract:

Machine Learning model is used today in many real-life applications. The safety and security of such model is important, so the results of the model are as accurate as possible. One challenge of machine learning model security is the adversarial examples attack. Adversarial examples are designed by the attacker to cause the machine learning model to misclassify the input. We propose a method to generate adversarial examples to attack image classifiers. We are modifying the successfully classified images, so a classifier misclassifies them after the modification. In our method, we do not update the whole image, but instead we detect the important region, modify it, place it back to the original image, and then run it through a classifier. The algorithm modifies the detected region using two methods. First, it will add abstract image matrix on back of the detected image matrix. Then, it will perform a rotation attack to rotate the detected region around its axes, and embed the trace of image in image background. Finally, the attacked region is placed in its original position, from where it was removed, and a smoothing filter is applied to smooth the background with foreground. We test our method in cascade classifier, and the algorithm is efficient, the classifier confident has dropped to almost zero. We also try it in CNN (Convolutional neural network) with higher setting and the algorithm was successfully worked.

Keywords: adversarial examples, attack, computer vision, image processing

Procedia PDF Downloads 309

Authors: Najla Althuniyan

Abstract:

Online discussions take place across different platforms. These discussions have the potential to extract crowd wisdom and capture the collective intelligence from a different perspective. However, certain phenomena, such as controversy, often appear in online argumentation that makes the discussion between participants heated. Heated discussions can be used to extract new knowledge. Therefore, detecting the presence of controversy is an essential task to determine if collective intelligence can be extracted from online discussions. This paper uses existing measures for estimating controversy quantitatively in cyber-argumentation. First, it defines controversy in different fields, and then it identifies the attributes of controversy in online discussions. The distributions of user opinions and the distance between opinions are used to calculate the controversial degree of a discussion. Finally, the results from each controversy measure are discussed and analyzed using an empirical study generated by a cyber-argumentation tool. This is an improvement over the existing measurements because it does not require ground-truth data or specific settings and can be adapted to distribution-based or distance-based opinions.

Keywords: online argumentation, controversy, collective intelligence, agreement analysis, collaborative decision-making, fuzzy logic

Procedia PDF Downloads 97

Authors: Roy. H. A. Lindelauf

Abstract:

Cyberattacks are complex processes consisting of multiple interwoven tasks conducted by a set of agents. Interdictions and defenses against such attacks often rely on cyber kill chain (CKC) models. A CKC is a framework that tries to capture the actions taken by a cyber attacker. There exists a growing body of literature on CKCs. Most of this work either a) describes the CKC with respect to one or more specific cyberattacks or b) discusses the tools and technologies used by the attacker at each stage of the CKC. Defenders, facing scarce resources, have to decide where to allocate their resources given the CKC and partial knowledge on the tools and techniques attackers use. In this presentation CKCs are analyzed through the lens of covert projects, i.e., interrelated tasks that have to be conducted by agents (human and/or computer) with the aim of going undetected. Various aspects of covert project models have been studied abundantly in the operations research and game theory domain, think of resource-limited interdiction actions that maximally delay completion times of a weapons project for instance. This presentation has investigated both cooperative and non-cooperative game theoretic covert project models and elucidated their relation to CKC modelling. To view a CKC as a covert project each step in the CKC is broken down into tasks and there are players of which each one is capable of executing a subset of the tasks. Additionally, task inter-dependencies are represented by a schedule. Using multi-glove cooperative games it is shown how a defender can optimize the allocation of his scarce resources (what, where and how to monitor) against an attacker scheduling a CKC. This study presents and compares several cooperative game theoretic solution concepts as metrics for assigning resources to the monitoring of agents.

Keywords: cyber defense, cyber kill chain, game theory, information warfare techniques

Procedia PDF Downloads 114

Authors: Mehmet Karabekir

Abstract:

Attack helicopters (AHs) are usually deployed in conventional warfare to destroy armored and mechanized forces of enemy. In addition, AHs are able to perform various tasks in the deep, and close operations – intelligence, surveillance, reconnaissance, air assault operations, and search and rescue operations. Apache helicopters were properly employed in the Gulf Wars and contributed the success of campaign by destroying a large number of armored and mechanized vehicles of Iraq Army. The purpose of this article is to discuss the deployment of AHs in conventional warfare in the light of Gulf Wars. First, the employment of AHs in deep and close operations will be addressed regarding the doctrine. Second, the US armed forces AH-64 doctrinal and tactical usage will be argued in the 1st and 2nd Gulf Wars.

Keywords: attack helicopter, conventional warfare, gulf wars

Procedia PDF Downloads 440

Authors: Saima Nazir, Mustansar Ali Ghazanfar, Sanay Muhammad Umar Saeed, Muhammad Awais Azam, Saad Ali Alahmari

Abstract:

Terrorism is an important and challenging concern. The entire world is threatened by only few sophisticated terrorist groups and especially in Gulf Region and Pakistan, it has become extremely destructive phenomena in recent years. Predicting the pattern of attack type, attack group and target type is an intricate task. This study offers new insight on terrorist group’s attack type and its chosen target. This research paper proposes a framework for prediction of terrorist attacks using the historical data and making an association between terrorist group, their attack type and target. Analysis shows that the number of attacks per year will keep on increasing, and Al-Harmayan in Saudi Arabia, Al-Qai’da in Gulf Region and Tehreek-e-Taliban in Pakistan will remain responsible for many future terrorist attacks. Top main targets of each group will be private citizen & property, police, government and military sector under constant circumstances.

Keywords: data mining, counter terrorism, machine learning, SVM

Procedia PDF Downloads 380

Authors: N. N. Mosola, K. F. Moeketsi, R. Sehobai, N. Pule

Abstract:

The Internet brings increasing use of Information and Communications Technology (ICT) services and facilities. Consequently, new computing paradigms emerge to provide services over the Internet. Although there are several benefits stemming from these services, they pose several risks inherited from the Internet. For example, cybercrime, identity theft, malware etc. To thwart these risks, this paper proposes a holistic approach. This approach involves multidisciplinary interactions. The paper proposes a top-down and bottom-up approach to deal with cyber security concerns in developing countries. These concerns range from regulatory and legislative areas, cyber awareness, research and development, technical dimensions etc. The main focus areas are highlighted and a cybersecurity model solution is proposed. The paper concludes by combining all relevant solutions into a proposed cybersecurity model to assist developing countries in enhancing a cyber-safe environment to instill and promote a culture of cybersecurity.

Keywords: cybercrime, cybersecurity, computer emergency response team, computer security incident response team

Procedia PDF Downloads 126

Authors: Bandar Alahmadi, Manohar Mareboyana, Lethia Jackson

Abstract:

Today, there are many applications that are using computer vision models, such as face recognition, image classification, and object detection. The accuracy of these models is very important for the performance of these applications. One challenge that facing the computer vision models is the adversarial examples attack. In computer vision, the adversarial example is an image that is intentionally designed to cause the machine learning model to misclassify it. One of very well-known method that is used to attack the Convolution Neural Network (CNN) is Fast Gradient Sign Method (FGSM). The goal of this method is to find the perturbation that can fool the CNN using the gradient of the cost function of CNN. In this paper, we introduce a novel model that can attack Regional-Convolution Neural Network (R-CNN) that use FGSM. We first extract the regions that are detected by R-CNN, and then we resize these regions into the size of regular images. Then, we find the best perturbation of the regions that can fool CNN using FGSM. Next, we add the resulted perturbation to the attacked region to get a new region image that looks similar to the original image to human eyes. Finally, we placed the regions back to the original image and test the R-CNN with the attacked images. Our model could drop the accuracy of the R-CNN when we tested with Pascal VOC 2012 dataset.

Keywords: adversarial examples, attack, computer vision, image processing

Procedia PDF Downloads 158

Authors: Yi-Tun Huang, Chih-Yang Wu, Shu-Wei Huang

Abstract:

In this work, we examine fluid mixing in a full three-stream mixing channel with longitudinal vortex generators (LVGs) built on the channel bottom by numerical simulation and experiment. The effects of the asymmetrical arrangement and the attack angle of the LVGs on fluid mixing are investigated. The results show that the micromixer with LVGs at a small asymmetry index (defined by the ratio of the distance from the center plane of the gap between the winglets to the center plane of the main channel to the width of the main channel) is superior to the micromixer with symmetric LVGs and that with LVGs at a large asymmetry index. The micromixer using five mixing modules of the LVGs with an attack angle between 16.5 degrees and 22.5 degrees can achieve excellent mixing over a wide range of Reynolds numbers. Here, we call a section of channel with two pairs of staggered asymmetrical LVGs a mixing module. Besides, the micromixer with LVGs at a small attack angle is more efficient than that with a larger attack angle when pressure losses are taken into account.

Keywords: microfluidics, mixing, longitudinal vortex generators, two stream interfaces

Procedia PDF Downloads 489

Authors: Babatunde Osabiya

Abstract:

Cybersecurity has emerged as a pressing policy problem in recent years, affecting individuals, businesses, and governments worldwide. This research paper aims to critically review the literature on cybersecurity policy and apply policy theory to propose a policy approach that balances the freedom to access and use technology with the human rights risks and threats posed by cyber. Drawing on various credible sources, the paper examines the scale and seriousness of cyber threats, highlighting the growing threat posed by cybercriminals, hackers, and nation-states. The paper also identifies the key challenges facing policymakers, including the need for more significant investment in cybersecurity research and development and the importance of balancing the benefits of technological innovation with the risks to privacy, security, and human rights. To address these challenges, the paper proposes a policy approach emphasizing investing in cybersecurity research and development to maintain a technological edge over potential adversaries. This approach also highlights the need for greater collaboration between government, industry, and civil society to develop effective cybersecurity policies and practices that protect the rights and freedoms of people while mitigating the risks posed by cyber threats. This paper will contribute to the growing body of literature on cybersecurity policy and offers a policy framework for addressing this critical policy challenge.

Keywords: security risk, legal framework, cyber security and policy, national security

Procedia PDF Downloads 60

Authors: Eniye Tebekaemi, Martin Zhao

Abstract:

The dichotomy between the skills set of newly minted college graduates and the skills required by cybersecurity employers is on the rise. Colleges are struggling to cope with the rapid pace of technology evolution using outdated tools and practices. Industries are getting frustrated due to the need to retrain fresh college graduates on skills they should have acquired. There is a dire need for academic institutions to develop new tools and systems to deliver cybersecurity education to meet the ever-evolving technology demands of the industry. The Cyber-Softbook project’s goal is to bridge the tech industry and tech education gap by providing educators a framework to collaboratively design, manage, and deliver cybersecurity academic courses that meet the needs of the tech industry. The Cyber-Softbook framework, when developed, will provide a platform for academic institutions and tech industries to collaborate on tech education and for students to learn about cybersecurity with all the resources they need to understand concepts and gain valuable skills available on a single platform.

Keywords: cybersecurity, education, skills, labs, curriculum

Procedia PDF Downloads 57

Authors: Manas Tripathi, Arunabha Mukhopadhyay

Abstract:

In Cloud computing environment, cloud servers, sometimes may crash after receiving huge amount of request and cloud services may stop which can create huge loss to users of that cloud services. This situation is called Denial of Service (DoS) attack. In Distributed Denial of Service (DDoS) attack, an attacker targets multiple network paths by compromising various vulnerable systems (zombies) and floods the victim with huge amount of request through these zombies. There are many solutions to mitigate this challenge but most of the methods allows the attack traffic to arrive at Cloud Service Provider (CSP) and then only takes actions against mitigation. Here in this paper we are rather focusing on preventive mechanism to deal with these attacks. We analyze network topology and find most vulnerable paths beforehand without waiting for the traffic to arrive at CSP. We have used Dijkstra's and Yen’s algorithm. Finally, risk assessment of these paths can be done by multiplying the probabilities of attack for these paths with the potential loss.

Keywords: cloud computing, DDoS, Dijkstra, Yen’s k-shortest path, network security

Procedia PDF Downloads 257

Authors: Jonathan Sohn

Abstract:

Deep neural networks (DNNs) have shown state-of-the-art performance for many applications, including computer vision, natural language processing, and speech recognition. Recently, adversarial attacks have been studied in the context of deep neural networks, which aim to alter the results of deep neural networks by modifying the inputs slightly. For example, an adversarial attack on a DNN used for object detection can cause the DNN to miss certain objects. As a result, the reliability of DNNs is undermined by their lack of robustness against adversarial attacks, raising concerns about their use in safety-critical applications such as autonomous driving. In this paper, we focus on studying the adversarial attacks and defenses on DNNs for image classification. There are two types of adversarial attacks studied which are fast gradient sign method (FGSM) attack and projected gradient descent (PGD) attack. A DNN forms decision boundaries that separate the input images into different categories. The adversarial attack slightly alters the image to move over the decision boundary, causing the DNN to misclassify the image. FGSM attack obtains the gradient with respect to the image and updates the image once based on the gradients to cross the decision boundary. PGD attack, instead of taking one big step, repeatedly modifies the input image with multiple small steps. There is also another type of attack called the target attack. This adversarial attack is designed to make the machine classify an image to a class chosen by the attacker. We can defend against adversarial attacks by incorporating adversarial examples in training. Specifically, instead of training the neural network with clean examples, we can explicitly let the neural network learn from the adversarial examples. In our experiments, the digit recognition accuracy on the MNIST dataset drops from 97.81% to 39.50% and 34.01% when the DNN is attacked by FGSM and PGD attacks, respectively. If we utilize FGSM training as a defense method, the classification accuracy greatly improves from 39.50% to 92.31% for FGSM attacks and from 34.01% to 75.63% for PGD attacks. To further improve the classification accuracy under adversarial attacks, we can also use a stronger PGD training method. PGD training improves the accuracy by 2.7% under FGSM attacks and 18.4% under PGD attacks over FGSM training. It is worth mentioning that both FGSM and PGD training do not affect the accuracy of clean images. In summary, we find that PGD attacks can greatly degrade the performance of DNNs, and PGD training is a very effective way to defend against such attacks. PGD attacks and defence are overall significantly more effective than FGSM methods.

Keywords: deep neural network, adversarial attack, adversarial defense, adversarial machine learning

Procedia PDF Downloads 158

Authors: Johannes Günther

Abstract:

Time Sensitive Networking (TSN), standardized in the IEEE 802.1 standard, has been lent increasing attention in the context of mission critical systems. Such mission critical systems, e.g., in the automotive domain, aviation, industrial, and smart factory domain, are responsible for coordinating complex functionalities in real time. In many of these contexts, a reliable data exchange fulfilling hard time constraints and quality of service (QoS) conditions is of critical importance. TSN standards are able to provide guarantees for deterministic communication behaviour, which is in contrast to common best-effort approaches. Therefore, the superior QoS guarantees of TSN may aid in the development of new technologies, which rely on low latencies and specific bandwidth demands being fulfilled. TSN extends existing Ethernet protocols with numerous standards, providing means for synchronization, management, and overall real-time focussed capabilities. These additional QoS guarantees, as well as management mechanisms, lead to an increased attack surface for potential malicious attackers. As TSN guarantees certain deadlines for priority traffic, an attacker may degrade the QoS by delaying a packet beyond its deadline or even execute a denial of service (DoS) attack if the delays lead to packets being dropped. However, thus far, security concerns have not played a major role in the design of such standards. Thus, while TSN does provide valuable additional characteristics to existing common Ethernet protocols, it leads to new attack vectors on networks and allows for a range of potential attacks. One answer to these security risks is to deploy defense mechanisms according to a moving target defense (MTD) strategy. The core idea relies on the reduction of the attackers' knowledge about the network. Typically, mission-critical systems suffer from an asymmetric disadvantage. DoS or QoS-degradation attacks may be preceded by long periods of reconnaissance, during which the attacker may learn about the network topology, its characteristics, traffic patterns, priorities, bandwidth demands, periodic characteristics on links and switches, and so on. Here, we implemented and tested several MTD-like defense strategies against different attacker models of varying capabilities and budgets, as well as collaborative attacks of multiple attackers within a network, all within the context of TSN networks. We modelled the networks and tested our defense strategies on an OMNET++ testbench, with networks of different sizes and topologies, ranging from a couple dozen hosts and switches to significantly larger set-ups.

Keywords: network security, time sensitive networking, moving target defense, cyber security

Procedia PDF Downloads 41

Authors: G. Usha, S. Kannimuthu, K. Mahalakshmi

Abstract:

Mobile Adhoc Network (MANET) is one of the most promising technologies that have applications ranging from various portable devices to military networks. MANET has no fixed infrastructure and the security of such network is a big concern. Therefore, in order to operate MANET’s securely, the misbehavior and intrusions should be detected before the attackers affect the network communication. In this article, we make a comprehensive survey against black hole attack that is a serious threat against MANET that exploits the routing behavior of the MANET. We have given broad survey solutions that detect black hole attacks in MANET. This is achieved by analyzing the techniques involved in detecting the attacks in each scheme. Furthermore, we examine about the challenges to the researchers for constructing an in-depth solution against black hole attack.

Keywords: AODV, cross layer security, mobile Adhoc network (MANET), packet delivery ratio, single layer security

Procedia PDF Downloads 380

Authors: Saidu I. R., Shittu S. S.

Abstract:

As the trend of personal devices accessing corporate data continues to rise through Bring Your Own Device (BYOD) practices, organizations recognize the potential cost reduction and productivity gains. However, the associated security risks pose a significant threat to these benefits. Often, organizations adopt BYOD environments without fully considering the vulnerabilities introduced by human factors in this context. This study presents an enhanced assessment model that evaluates the security posture of employees in BYOD environments using cyber hygiene principles. The framework assesses users' adherence to best practices and guidelines for maintaining a secure computing environment, employing scales and the Euclidean distance formula. By utilizing this algorithm, the study measures the distance between users' security practices and the organization's optimal security policies. To facilitate user evaluation, a simple and intuitive interface for automated assessment is developed. To validate the effectiveness of the proposed framework, design science research methods are employed, and empirical assessments are conducted using five artifacts to analyze user suitability in BYOD environments. By addressing the human factor vulnerabilities through the assessment of cyber hygiene practices, this study aims to enhance the overall security of BYOD environments and enable organizations to leverage the advantages of this evolving trend while mitigating potential risks.

Keywords: security, BYOD, vulnerability, risk, cyber hygiene

Procedia PDF Downloads 43

Authors: Rakesh Kumar, A. K. Ghosh

Abstract:

The paper presents the modeling of linear and nonlinear longitudinal aerodynamics using real flight data of Hansa-3 aircraft gathered at low and high angles of attack. The Neural-Gauss-Newton (NGN) method has been applied to model the linear and nonlinear longitudinal dynamics and estimate parameters from flight data. Unsteady aerodynamics due to flow separation at high angles of attack near stall has been included in the aerodynamic model using Kirchhoff’s quasi-steady stall model. NGN method is an algorithm that utilizes Feed Forward Neural Network (FFNN) and Gauss-Newton optimization to estimate the parameters and it does not require any a priori postulation of mathematical model or solving of equations of motion. NGN method was validated on real flight data generated at moderate angles of attack before application to the data at high angles of attack. The estimates obtained from compatible flight data using NGN method were validated by comparing with wind tunnel values and the maximum likelihood estimates. Validation was also carried out by comparing the response of measured motion variables with the response generated by using estimates a different control input. Next, NGN method was applied to real flight data generated by executing a well-designed quasi-steady stall maneuver. The results obtained in terms of stall characteristics and aerodynamic parameters were encouraging and reasonably accurate to establish NGN as a method for modeling nonlinear aerodynamics from real flight data at high angles of attack.

Keywords: parameter estimation, NGN method, linear and nonlinear, aerodynamic modeling

Procedia PDF Downloads 414

Authors: C. Smith, T. Goga, T. Hancock

Abstract:

Bullying has been an increasingly prevalent problem among society for decades. Approximately one out of every four students report being bullied at least once during the school year. Additionally, these instances of bullying are often witnessed but not reported by the bystanders, which could be dependent on the type of bullying situation. Thus, the present study aims to investigate any possible perceptual differences which may exist between traditional bullying (i.e., face to face) and cyberbullying from the bystander’s point of view. Undergraduate students were given a bullying scenario to read from either the traditional condition or the cyber condition. They were then asked to rate how severe they perceived this behavior on a Likert based scale. Participants were also asked if they would intervene (yes or no) and what their individual response would be to the witnessed behavior (report/ignore/confront/other). Results indicated that, while there was no significant difference in perceived severity between the two bullying conditions, there was a significant difference in whether or not participants would intervene between the two types of scenarios. A significant effect was also found between the scenarios for response type. Together, these findings suggest that even though individuals may not be aware of how severe they perceive certain bullying behaviors, the responses they exhibit might suggest otherwise.

Keywords: bullying, bystander, cyber, severity, traditional

Procedia PDF Downloads 112

Authors: Jaimin Patel

Abstract:

Cloud computing is one of the most sharp and important movement in various computing technologies. It provides flexibility to users, cost effectiveness, location independence, easy maintenance, enables multitenancy, drastic performance improvements, and increased productivity. On the other hand, there are also major issues like security. Being a common server, security for a cloud is a major issue; it is important to provide security to protect user’s private data, and it is especially important in e-commerce and social networks. In this paper, encryption algorithms such as Advanced Encryption Standard algorithms, their vulnerabilities, risk of attacks, optimal time and complexity management and comparison with other algorithms based on software implementation is proposed. Encryption techniques to improve the performance of AES algorithms and to reduce risk management are given. Secure Hash Algorithms, their vulnerabilities, software implementations, risk of attacks and comparison with other hashing algorithms as well as the advantages and disadvantages between hashing techniques and encryption are given.

Keywords: Cloud computing, encryption algorithm, secure hashing algorithm, brute force attack, birthday attack, plaintext attack, man in middle attack

Procedia PDF Downloads 250

Authors: Zhan Chen, Wenquan Bi, Xiaoyun Wang

Abstract:

The Midori family of light weight block cipher is proposed in ASIACRYPT2015. It has attracted the attention of numerous cryptanalysts. There are two versions of Midori: Midori64 which takes a 64-bit block size and Midori128 the size of which is 128-bit. In this paper an improved 10-round impossible differential attack on Midori64 is proposed. Pre-whitening keys are considered in this attack. A better impossible differential path is used to reduce time complexity by decreasing the number of key bits guessed. A hash table is built in the pre-computation phase to reduce computational complexity. Partial abort technique is used in the key seiving phase. The attack requires 259 chosen plaintexts, 214.58 blocks of memory and 268.83 10-round Midori64 encryptions.

Keywords: cryptanalysis, impossible differential, light weight block cipher, Midori

Procedia PDF Downloads 325

Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez, Mehdi Mrad

Abstract:

We investigate the large scale of networks in the context of network survivability under attack. We use appropriate techniques to evaluate and the attacker-based- and the defender-based-network survivability. The attacker is unaware of the operated links by the defender. Each attacked link has some pre-specified probability to be disconnected. The defender choice is so that to maximize the chance of successfully sending the flow to the destination node. The attacker however will select the cut-set with the highest chance to be disabled in order to partition the network. Moreover, we extend the problem to the case of selecting the best p paths to operate by the defender and the best k cut-sets to target by the attacker, for arbitrary integers p,k > 1. We investigate some variations of the problem and suggest polynomial-time solutions.

Keywords: defense/attack strategies, large scale, networks, partitioning a network

Procedia PDF Downloads 245

Authors: Yeoju Chung

Abstract:

Adolescents internet and smartphone addiction are increasing in Korea. But differences between internet addiction and smartphone addiction have been researched in these days. The main objective of this article is to explore the presence of clusters within a sample of adolescents based on dimensions associated with addiction and internet usage needs. The sample consists of 617 adolescents in the 14-19 year age group who were recruited in Korea A cluster analysis identified four groups of participants: internet overuse(IO), smartphone overuse(SO), both overuse(B) and normal(N) use group. MANOVA analysis based on internet usage showed that there are differences among four groups in internet usage needs. IO has higher cyber self-seeking needs and emotion and thought expression needs than SO. SO has higher real relationship and life needs with cyberworld than IO, B, and N. B has the highest cyber self-seeking needs and emotion and thought expression needs, however, game fun seeking needs is the highest in IO. These results support that IO seeks game fun needs, SO seeks real relationship and life needs, and B seeks cyber self and expression in cyberworld.

Keywords: addiction, internet, needs, smartphone

Procedia PDF Downloads 250

Authors: Said Abdul Ahad Ahadi, Elyas Baray, Nitin Rakesh, Sudeep Varshney

Abstract:

Wi-Fi is a widely used internet source that is used to provide internet access in many areas such as Stores, Cafes, University campuses, Restaurants and so on. This technology brought more facilities in communication and networking. On the other hand, due to the transmission of data over the air, which makes the network vulnerable, so it becomes prone to various threats such as Evil Twin and etc. The Evil Twin is a kind of adversary which impersonates a legitimate access point (LAP) as it can happen by spoofing the name (SSID) and MAC address (BSSID) of a legitimate access point (LAP). And this attack can cause many threats such as MITM, Service Interruption, Access point service blocking. Various Evil Twin Attack Detection Techniques are proposed, but they require additional hardware, or they require protocol modification. In this paper, we proposed a new technique based on Access Point’s two fingerprints, Received Signal Strength Indicator (RSSI) and Hop Count, that is hard to copy by an adversary. And we implemented the technique in a system called “ETDetector,” which can detect and prevent the attack.

Keywords: evil twin, LAP, SSID, Wi-Fi security, signal variation, ETAD, kali linux, scapy, python

Procedia PDF Downloads 119

Authors: Jonathan Heng, Yoong Cheah Huei

Abstract:

A strategic model that does not trigger any false alarms to detect anomalies in Secure Water Treatment (SWaT) test bed is presented. This model uses machine learning invariants formulated from streamlining the general form of Auto-Regressive models with eXogenous input. A creative generalized CUSUM algorithm to integrate the invariants and the detection strategy technique is successfully developed and tested in the SWaT Programmable Logic Controllers (PLCs). Three steps to fine-tune parameters, b and τ in the generalized algorithm are stated and an example used to demonstrate the tuning process is discussed. This approach can swiftly and effectively detect various scopes of cyber-attacks such as multiple points single stage and multiple points multiple stages in SWaT. This technique can be applied in water treatment plants and other cyber physical systems like power and gas plants too.

Keywords: machine learning invariants, generalized CUSUM algorithm with invariants and detection strategy, scope of cyber attacks, strategic model, tuning parameters

Procedia PDF Downloads 155

Authors: Nathaniel Evans, Jessica Boersma, Kenneth Kass

Abstract:

With technology and STEM fields growing every day, there is a significant projected shortfall in qualified cybersecurity workers. As such, it is essential to develop a cybersecurity curriculum that builds skills and cultivates interest in cybersecurity early on. With new jobs being created every day and an already significant gap in the job market, it is vital that educators are pro-active in introducing a cybersecurity curriculum where students are able to learn new skills and engage in an age-appropriate cyber curriculum. Within this growing world of cybersecurity, students should engage in age-appropriate technology and cybersecurity curriculum, starting with elementary school (k-5), extending through high school, and ultimately into college. Such practice will provide students with the confidence, skills, and, ultimately, the opportunity to work in the burgeoning information security field. This paper examines educational methods, pedagogical practices, current cybersecurity curricula, and other educational resources and conducts analysis for false assumptions and developmental appropriateness. It also examines and identifies common mistakes with current cyber curriculum and lessons and discuss strategies for improvement. Throughout the lessons that were reviewed, many common mistakes continued to pop up. These mistakes included age appropriateness, technology resources that were available, and consistency of student’s skill levels. Many of these lessons were written for the wrong grade levels. The ones written for the elementary level all had activities that assumed that every student in the class could read at grade level and also had background knowledge of the cyber activity at hand, which is not always the case. Another major mistake was that these lessons assumed that all schools had any kind of technology resource available to them. Some schools are 1:1, and others are only allotted three computers in their classroom where the students have to share. While coming up with a cyber-curriculum, it has to be kept in mind that not all schools are the same, not every classroom is the same. There are many students who are not reading at their grade level or have not had exposure to the digital world. We need to start slow and ease children into the cyber world. Once they have a better understanding, it will be easier to move forward with these lessons and get the students engaged. With a better understanding of common mistakes that are being made, a more robust curriculum and lessons can be created that no only spark a student’s interest in this much-needed career field but encourage learning while keeping our students safe from cyber-attacks.

Keywords: assumptions, cybersecurity, k-12, teacher

Procedia PDF Downloads 136

Authors: Yuri Boiko, Iluju Kiringa, Tet Yeap

Abstract:

Current drainage attack suggested previously is further studied in regular settings of closed-loop controlled Brushless DC (BLDC) motor with Kalman filter in the feedback loop. Modeling and simulation experiments are conducted in a Matlab environment, implementing the closed-loop control model of BLDC motor operation in position sensorless mode under Kalman filter drive. The current increase in the motor windings is caused by the controller (p-controller in our case) affected by false data injection of substitution of the angular velocity estimates with distorted values. Operation of multiplication to distortion coefficient, values of which are taken from the distortion function synchronized in its periodicity with the rotor’s position change. A saw function with a triangular tooth shape is studied herewith for the purpose of carrying out the bias injection with current drainage consequences. The specific focus here is on how the asymmetry of the tooth in the saw function affects the flow of current drainage. The purpose is two-fold: (i) to produce and collect the signature of an asymmetric saw in the attack for further pattern recognition process, and (ii) to determine conditions of improving stealthiness of such attack via regulating asymmetry in saw function used. It is found that modification of the symmetry in the saw tooth affects the periodicity of current drainage modulation. Specifically, the modulation frequency of the drained current for a fully asymmetric tooth shape coincides with the saw function modulation frequency itself. Increasing the symmetry parameter for the triangle tooth shape leads to an increase in the modulation frequency for the drained current. Moreover, such frequency reaches the switching frequency of the motor windings for fully symmetric triangular shapes, thus becoming undetectable and improving the stealthiness of the attack. Therefore, the collected signatures of the attack can serve for attack parameter identification via the pattern recognition route.

Keywords: bias injection attack, Kalman filter, BLDC motor, control system, closed loop, P-controller, PID-controller, current drainage, saw-function, asymmetry

Procedia PDF Downloads 51

Authors: Gigih Supriyatno

Abstract:

SQL injection is one of the most common types of attacks and has a very critical impact on web servers. In the worst case, an attacker can perform post-exploitation after a successful SQL injection attack. In the case of forensics web servers, web server analysis is closely related to log file analysis. But sometimes large file sizes and different log types make it difficult for investigators to look for traces of attackers on the server. The purpose of this paper is to help investigator take appropriate steps to investigate when the web server gets attacked. We use attack scenarios using SQL injection attacks including PHP backdoor injection as post-exploitation. We perform post-mortem analysis of web server logs based on Hypertext Transfer Protocol (HTTP) POST and HTTP GET method approaches that are characteristic of SQL injection attacks. In addition, we also propose structured analysis method between the web server application log file, database application, and other additional logs that exist on the webserver. This method makes the investigator more structured to analyze the log file so as to produce evidence of attack with acceptable time. There is also the possibility that other attack techniques can be detected with this method. On the other side, it can help web administrators to prepare their systems for the forensic readiness.

Keywords: web forensic, SQL injection, investigation, web shell

Procedia PDF Downloads 120

Authors: Amir B. Khoshnevis, Morteza Mirhosseini

Abstract:

The paper deals with a sub-part of an extensive research program on the wake survey method in various Reynolds numbers and angles of attack. This research experimentally investigates the wake flow characteristics behind S823 and S822 airfoils in which designed for small wind turbines. Velocity measurements determined by using hot-wire anemometer. Data acquired in the wake of the airfoil at locations(c is the chord length): 0.01c - 3c. Reynolds number increased due to increase of free stream velocity. Results showed that mean velocity profiles depend on the angle of attack and location of data collections. Data acquired at the low Reynolds numbers (smaller than 10^5). Effects of Reynolds numbers on the mean velocity profiles are more significant in near locations the trailing edge and these effects decrease by taking distance from trailing edge toward downstream. Mean velocity profiles region increased by increasing the angle of attack, except for 7°, and also the maximum velocity deficit (velocity defect) increased. The difference of mean velocity in and out of the wake decreased by taking distance from trailing edge, and mean velocity profile become wider and more uniform.

Keywords: angle of attack, Reynolds number, velocity deficit, separation

Procedia PDF Downloads 350

Authors: Karima Djebaili, Lamine Melkemi

Abstract:

Elgamal encryption is a fundamental public-key encryption in cryptography, which is based on the difficulty of discrete logarithm problem and the Diffie-Hellman problem. Supposing the Diffie–Hellman problem is computationally infeasible then Elgamal is secure under a chosen plaintext attack, where security indicates it is difficult for the attacker, given the ciphertext, to restore the whole of the plaintext. However, although it is secure against chosen plaintext attack, Elgamal is absolutely malleable i.e. is not secure against an adaptive chosen ciphertext attack, where the attacker can recover the plaintext. We present a extension on Elgamal encryption which result in non-malleability against adaptive chosen plaintext attack using concatenation and a cryptographic hash function, our evidence utilizes the device of plaintext aware. The algorithm proposed can be used in cryptography voting protocol given its level security. Our protocol protects the confidentiality of voters because each voter encrypts their choice before casting their vote, offers public verifiability using a signing algorithm, the final result is correctly computed using homomorphic property, and works even in the presence of an adversary due to the propriety of non-malleability. Moreover, the protocol prevents some parties colluding to fix the vote results.

Keywords: Elgamal encryption, non-malleability, plaintext aware, e-voting

Procedia PDF Downloads 422

Authors: B. Yanıktepe, C. Özalp, B. Şahin

Abstract:

Delta wing planform is an essential aerodynamic configuration, which could be effectively used at relatively high angles of attack than conventional wings in subsonic flow conditions. The flow over delta wings can be characterized by a pair of leading edge vortices emanating from wing apex. Boundary layer separation causes these vortical structures formed by rolling up of viscous flow sheet. This flow separation mechanism is occurred due to angle of attack and sharp leading edges of the delta wing. Therefore, complexity and variety in planform designs rise to catch the best under abnormal flow conditions. The present experimental study investigates the near surface flow structure and aerodynamic flow characteristics of X-45 type non-slender delta wing planform using dye visualization, Stereoscopic Particle Image Velocimetry (stereo-PIV). The instantaneous images are acquired on the plan-view plane within 5o≤α≤20o to calculate the time-averaged flow data. It can be concluded that vortical flow with a pair of well-defined LEVs over X-45 develop at very low angles of attack, secondary vortex are also evident and form close to the wing surface similar to delta and lambda planforms. The stall occurs at an angle of attack α=32o.

Keywords: aerodynamic, delta wing, PIV, vortex breakdown

Procedia PDF Downloads 387