Search results for: malicious attacks

Authors: M. Samadzadeh Mahabadi, J. Shanbehzadeh

Abstract:

This paper presents a hybrid digital image-watermarking scheme, which is robust against varieties of attacks and geometric distortions. The image content is represented by important feature points obtained by an image-texture-based adaptive Harris corner detector. These feature points are extracted from LL2 of 2-D discrete wavelet transform which are obtained by using the Harris-Laplacian detector. We calculate the Fourier transform of circular regions around these points. The amplitude of this transform is rotation invariant. The experimental results demonstrate the robustness of the proposed method against the geometric distortions and various common image processing operations such as JPEG compression, colour reduction, Gaussian filtering, median filtering, and rotation.

Keywords: digital watermarking, geometric distortions, geometrical attack, Harris Laplace, important feature points, rotation, scale invariant feature

Procedia PDF Downloads 477

Authors: Faraji Sepideh

Abstract:

Nowadays, purchase rate of the smart device is increasing and user authentication is one of the important issues in information security. Alphanumeric strong passwords are difficult to memorize and also owners write them down on papers or save them in a computer file. In addition, text password has its own flaws and is vulnerable to attacks. Graphical password can be used as an alternative to alphanumeric password that users choose images as a password. This type of password is easier to use and memorize and also more secure from pervious password types. In this paper we have designed a more secure graphical password system to prevent shoulder surfing, smudge and brute force attack. This scheme is a combination of two types of graphical passwords recognition based and Cued recall based. Evaluation the usability and security of our proposed scheme have been explained in conclusion part.

Keywords: brute force attack, graphical password, shoulder surfing attack, smudge attack

Procedia PDF Downloads 121

Authors: Ahmidah Elgali

Abstract:

SCADA is the abbreviation for "Administrative Control And Data Acquisition." SCADA frameworks are generally utilized in industry for administrative control and information securing of modern cycles. Regular SCADA frameworks use PC, journal, slim client, and PDA as a client. In this paper, a Java-empowered cell phone has been utilized as a client in an example SCADA application to show and regulate the place of an example model crane. The paper presents a genuine execution of the online controlling of the model crane through a cell phone. The remote correspondence between the cell phone and the SCADA server is performed through a base station by means of general parcel radio assistance GPRS and remote application convention WAP. This application can be used in industrial sites in areas that are likely to be exposed to a security emergency (like terrorist attacks) which causes the sudden exit of the operators; however, no time to perform the shutdown procedures for the plant. Hence this application allows shutting down units and equipment remotely by mobile and so avoids damage and losses.

Keywords: control, industrial, mobile, network, remote, SCADA

Procedia PDF Downloads 51

Authors: Suba Periyal Subramaniam, Babette Scheres, Altomare Corrado, Holger Schuttrumpf

Abstract:

Due to the climatic change and the usage of coastal areas, there is an increasing risk of dike failures along the coast worldwide. Wave run-up plays a key role in planning and design of a coastal structure. The coastal dike lines are bent either due to geological characteristics or due to influence of anthropogenic activities. The effect of the curvature of coastal dikes on wave run-up and overtopping is not yet investigated. The scope of this research is to find the effects of the dike curvature on wave run-up by employing numerical model studies for various dike opening angles. Numerical simulation is carried out using DualSPHysics, a meshless method, and OpenFOAM, a mesh-based method. The numerical results of the wave run-up on a curved dike and the wave transformation process for various opening angles, wave attacks, and wave parameters will be compared and discussed. This research aims to contribute a more precise analysis and understanding the influence of the curvature in the dike line and thus ensuring a higher level of protection in the future development of coastal structures.

Keywords: curved dikes, DualSPHysics, OpenFOAM, wave run-up

Procedia PDF Downloads 123

Authors: Alireza Pour Ebrahimi, Vahid Abasi

Abstract:

Recently by the extension of internet usage, Research on the intrusion detection system takes a significant importance. Many of improvement systems prevent internal and external network attacks by providing security through firewalls and antivirus. In recently years, intrusion detection systems gradually turn from host-based systems and depend on O.S to the distributed systems which are running on multiple O.S. In this work, by considering the diversity of computer networks whit respect to structure, architecture, resource, services, users and also security goals requirement a fully distributed collaborative intrusion detection system based on peer to peer architecture is suggested. in this platform each partner device (matched device) considered as a peer-to-peer network. All transmitted information to network are visible only for device that use security scanning of a source. Experimental results show that the distributed architecture is significantly upgradeable in respect to centralized approach.

Keywords: network, intrusion detection system, peer to peer, internal and external network

Procedia PDF Downloads 513

Authors: Sneha Leslie

Abstract:

The current situation in the cyber world is that crimes performed by Botnets are increasing and the masterminds (botmaster) are not detectable easily. The botmaster in the botnet compromises the legitimate host machines in the network and make them bots or zombies to initiate the cyber-attacks. This paper will focus on the live detection of the botmaster in the network by using the strong framework 'metasploit', when distributed denial of service (DDOS) attack is performed by the botnet. The affected victim machine will be continuously monitoring its incoming packets. Once the victim machine gets to know about the excessive count of packets from any IP, that particular IP is noted and details of the noted systems are gathered. Using the vulnerabilities present in the zombie machines (already compromised by botmaster), the victim machine will compromise them. By gaining access to the compromised systems, applications are run remotely. By analyzing the incoming packets of the zombies, the victim comes to know the address of the botmaster. This is an effective and a simple system where no specific features of communication protocol are considered.

Keywords: bonet, DDoS attack, network security, detection system, metasploit framework

Procedia PDF Downloads 224

Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.

Keywords: digital forensic, detection, eradication, targeted attack, malware

Procedia PDF Downloads 242

Authors: M. Eckert, M. Oliveira

Abstract:

The intensive use of natural aggregates, near cities and towns, associated to the increase of the global population, leads to its depletion and increases the transport distances. The uncontrolled deposition of construction and demolition waste in landfills and city outskirts, causes pollution and takes up space. The use of recycled aggregates in concrete preparation would contribute to mitigate the problem. However, it arises the problem that the high water absorption of recycled aggregate decreases the bleeding rate of concrete, and when this gets lower than the evaporation rate, plastic shrinkage cracking occurs. This phenomenon can be particularly problematic in hot and windy curing environments. Cracking facilitates the flow of liquid and gas into concrete which attacks the reinforcement and degrades the concrete. These factors reduce the durability of concrete structures and consequently the lifetime of buildings. A ring test was used, cured in a wind tunnel, to evaluate the plastic shrinkage cracking sensitivity of recycled aggregate concrete, in order to implement preventive means to control this phenomenon. The role of several aggregate properties on the concrete segregation and cracking mechanisms were also discussed.

Keywords: recycled aggregate, plastic shrinkage cracking, wind tunnel, durability

Procedia PDF Downloads 383

Authors: Tushar K. Routh

Abstract:

If inputs are engineered in certain manners, they can influence deep neural networks’ (DNN) performances by facilitating misclassifications, a phenomenon well-known as adversarial attacks that question networks’ vulnerability. Recent studies have unfolded the relationship between vulnerability of such networks with their complexity. In this paper, the distinctive influence of additional convolutional layers at the decision boundaries of several DNN architectures was investigated. Here, to engineer inputs from widely known image datasets like MNIST, Fashion MNIST, and Cifar 10, we have exercised One Step Spectral Attack (OSSA) and Fast Gradient Method (FGM) techniques. The aftermaths of adding layers to the robustness of the architectures have been analyzed. For reasoning, separation width from linear class partitions and local geometry (curvature) near the decision boundary have been examined. The result reveals that model complexity has significant roles in adjusting relative distances from margins, as well as the local features of decision boundaries, which impact robustness.

Keywords: DNN robustness, decision boundary, local curvature, network complexity

Procedia PDF Downloads 44

Authors: Jihan Mahmoud

Abstract:

This paper examines the role played by Arabic novelists in revolutionary change in the Arab world, discussing themes of identity, sexuality and fundamentalism as portrayed in a selection of modern and contemporary Arabic novels that are either written in English or translated from Arabic into English. It particularly focuses on the post-Naguib Mahfouz era. Taking my cue from the current political changes in the Arab world, starting with 9/11/ terrorist attacks in the USA and the UK, the ‘Arab Spring’ revolutions, the rise of political Islam and the emergence of Isis, the Islamic state in Iraq and the Levant, the study analyses the differences in the ways contemporary Arab novelists from different Arabic countries represent the interaction between identity, sexual politics and fundamentalist ideas in the Arab world, with a specific focus on the overlap between literature, religion and international politics in the region. It argues that the post-Mahfouz era marked a new phase in the development of the political Arabic novel not only as a force of resistance against political-religious oppression, but as a call for revolution as well. Thus, the Arabic novel reshapes values and prompts future action.

Keywords: Arabic novel, Islam, politics, sexuality

Procedia PDF Downloads 493

Authors: Bingying Liu, Dandong Ge, Xinlan Zhang, Haoyang Liang

Abstract:

Over the past two years, a new generation of No-Pile Bike sharing, represented by the Ofo, Mobike and HelloBike, has sprung up in various cities in China, and spread rapidly in countries such as Britain, Japan, the United States and Singapore. As a new green public transportation mode, bike sharing can bring a series of benefits to urban space. At first, this paper analyzes the specific impact of bike sharing on urban space in China. Based on the market research and data analyzing, it is found that bike sharing can improve the quality of urban space in three aspects: expanding the radius of public transportation service, filling service blind spots, alleviating urban traffic congestion, and enhancing the vitality of urban space. On the other hand, due to the immature market and the imperfect system, bike sharing has gradually revealed some difficulties, such as parking chaos, malicious damage, safety problems, imbalance between supply and demand, and so on. Then the paper investigates the characteristics of shared bikes, business model, operating mechanism on Chinese market currently. Finally, in order to make bike sharing serve urban construction better, this paper puts forward some specific countermeasures from four aspects. In terms of market operations, it is necessary to establish a public-private partnership model and set up a unified bike-sharing integrated management platform. From technical methods level, the paper proposes to develop an intelligent parking system for regulating parking. From policy formulation level, establishing a bike-sharing assessment mechanism would strengthen supervision. As to urban planning, sharing data and redesigning slow roadway is beneficial for transportation and spatial planning.

Keywords: bike sharing, impact analysis, improvement strategy, urban space

Procedia PDF Downloads 142

Authors: Kuan-Chou Chen

Abstract:

This paper will demonstrate a simulation model of an information security system by using the systems dynamic approach. The relationships in the system model are designed to be simple and functional and do not necessarily represent any particular information security environments. The purpose of the paper aims to develop a generic system dynamic information security system model with implications on information security research. The interrelated and interdependent relationships of five primary sectors in the system dynamic model will be presented in this paper. The integrated information security systems model will include (1) information security characteristics, (2) users, (3) technology, (4) business functions, and (5) policy and management. Environments, attacks, government and social culture will be defined as the external sector. The interactions within each of these sectors will be depicted by system loop map as well. The proposed system dynamic model will not only provide a conceptual framework for information security analysts and designers but also allow information security managers to remove the incongruity between the management of risk incidents and the management of knowledge and further support information security managers and decision makers the foundation for managerial actions and policy decisions.

Keywords: system thinking, information security systems, security management, simulation

Procedia PDF Downloads 397

Authors: Yin Cheung Lam

Abstract:

In 1949, the ratification of the Geneva Conventions heralded the international community’s adoption of a new universal and non-discriminatory approach to human rights in situations of conflict. However, with the proliferation of international terrorism after the 9/11 attacks on the United States (U.S.), the international community’s uneven and contradictory implementations of international humanitarian law (IHL) questioned its agenda of universal human rights. Specifically, the derogation from IHL has never been so pronounced in the U.S. led ‘War on Terror’. While an extensive literature has ‘assessed the impact’ of the implementation of the Geneva Conventions, limited attention has been paid to interrogating the ways in which the Geneva Conventions and its resulting implementation have functioned to discursively reproduce certain understandings of human rights between states and non-state actors. Through a discursive analysis of the Geneva Conventions and the conceptualization of human rights in relation to terrorism, this thesis problematises the way in which the U.S. has understood and reproduced understandings of human rights. Using the U.S. ‘War on Terror’ as an example, it seeks to extend previous analyses of the U.S.’ practice of IHL through a qualitative discursive analysis of the human rights content that appears in the Geneva Conventions in addition to the speeches and policy documents on the ‘War on Terror’.

Keywords: discursive analysis, human rights, non-state actors, war on terror

Procedia PDF Downloads 578

Authors: Eman W. Boghdady, A. R. Shehata, M. A. Azem

Abstract:

Database (DB) security demands permitting authorized users and prohibiting non-authorized users and intruders actions on the DB and the objects inside it. Organizations that are running successfully demand the confidentiality of their DBs. They do not allow the unauthorized access to their data/information. They also demand the assurance that their data is protected against any malicious or accidental modification. DB protection and confidentiality are the security concerns. There are four types of controls to obtain the DB protection, those include: access control, information flow control, inference control, and cryptographic. The cryptographic control is considered as the backbone for DB security, it secures the DB by encryption during storage and communications. Current cryptographic techniques are classified into two types: traditional classical cryptography using standard algorithms (DES, AES, IDEA, etc.) and chaos cryptography using continuous (Chau, Rossler, Lorenz, etc.) or discreet (Logistics, Henon, etc.) algorithms. The important characteristics of chaos are its extreme sensitivity to initial conditions of the system. In this paper, DB-security systems based on chaotic algorithms are described. The Pseudo Random Numbers Generators (PRNGs) from the different chaotic algorithms are implemented using Matlab and their statistical properties are evaluated using NIST and other statistical test-suits. Then, these algorithms are used to secure conventional DB (plaintext), where the statistical properties of the ciphertext are also tested. To increase the complexity of the PRNGs and to let pass all the NIST statistical tests, we propose two hybrid PRNGs: one based on two chaotic Logistic maps and another based on two chaotic Henon maps, where each chaotic algorithm is running side-by-side and starting from random independent initial conditions and parameters (encryption keys). The resulted hybrid PRNGs passed the NIST statistical test suit.

Keywords: algorithms and data structure, DB security, encryption, chaotic algorithms, Matlab, NIST

Procedia PDF Downloads 242

Authors: Amirmohammad Dahouri

Abstract:

Each year, more than 795,000 individuals in the United States grieve a stroke, and by 2030, it is predictable that 4% of the U.S. people will have had a stroke. Ischemic stroke, accounting for about 80% of all strokes, is one of the main causes of disability. The goal of stroke rehabilitation is to help patients return to physical and mental functions and relearn the required aids to living everyday life. This flagging has an adverse effect on patients’ quality of life and affects their daily living activities. In recent years, the rehabilitation of ischemic stroke attractions more attention in the world. A review of the rudimentary perceptions of stroke rehabilitation that are price stressing to all specialists who delicacy patients with stroke. Ideas are made for patients on how to functionally manage daily activities after they have qualified for a stroke. It is vital for home healthcare clinicians to understand the process from acute events to medical equilibrium and rehabilitation to adaptation. Different sources such as Pub Med Google Scholar and science direct have been used and various contemporary articles in this era have been analyzed. The care plan must also foundation actual actions to protect against recurrent stroke, as stroke patients are generally at significant risk for further ischemic or hemorrhagic attacks. Here, we review evidence of rehabilitation in treating post-stroke impairment.

Keywords: rehabilitation, stroke, ischemic, hemorrhagic, brain

Procedia PDF Downloads 124

Authors: Jared Oluoch

Abstract:

Connected vehicles are equipped with wireless sensors that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication. These vehicles will in the near future provide road safety, improve transport efficiency, and reduce traffic congestion. One of the challenges for connected vehicles is how to ensure that information sent across the network is secure. If security of the network is not guaranteed, several attacks can occur, thereby compromising the robustness, reliability, and efficiency of the network. This paper discusses existing security mechanisms and unique properties of connected vehicles. The methodology employed in this work is exploratory. The paper reviews existing security solutions for connected vehicles. More concretely, it discusses various cryptographic mechanisms available, and suggests areas of improvement. The study proposes a combination of symmetric key encryption and public key cryptography to improve security. The study further proposes message aggregation as a technique to overcome message redundancy. This paper offers a comprehensive overview of connected vehicles technology, its applications, its security mechanisms, open challenges, and potential areas of future research.

Keywords: VANET, connected vehicles, 802.11p, WAVE, DSRC, trust, security, cryptography

Procedia PDF Downloads 274

Authors: Da Eun Sung

Abstract:

In today’s world, cyber security has become an important international agenda. As the information age has arrived, the need for cyber defense against cyber attacks is mounting, and the significance of cyber cooperation in the international community is drawing attention. Through the course, international society has agreed that the institutionalization of international norms dealing with cyber space and cyber security is crucial ever. Nevertheless, the West, led by the United States of America, and 'the East', composed of Russia and China, have shown conflicting views on forming international norms and principles which would regulate and ward off the possible threats in cyber space. Thus, the international community hasn’t yet to reach an agreement on cyber security. In other words, the difference between both sides on the approach and understanding of principles, objects, and the definition has rendered such. Firstly, this dissertation will cover the Russia’s perception, strategy, and definition on cyber security through analyzing primary source. Then, it will delve into the two contrasting cyber security strategy between Russia and the US by comparing them. And in the conclusion, it will seek the possible solution for the cooperation in the field of cyber security. It is quite worthwhile to look into Russia’s views, which is the main counterpart to the US in this field, especially when the efforts to institutionalize cyber security by the US-led international community have met with their boundaries, and when the legitimacy of them have been challenged.

Keywords: cyber security, cyber security strategic, international relation in cyberspace, Russia

Procedia PDF Downloads 275

Authors: Francesco Buccafurri, Celeste Romolo

Abstract:

Nowadays phishing is the most frequent starting point of cyber-attack vectors. Phishing is implemented both via email and social network messages. While a wide scientific literature exists which addresses the problem of contrasting email spam-phishing, no specific countermeasure has been so far proposed for phishing included into private messages of social network platforms. Unfortunately, the problem is severe. This paper proposes an approach against social network phishing, based on a non invasive collaborative information-sharing approach which leverages blockchain. The detection method works by filtering candidate messages, by distilling them by means of a distance-preserving hash function, and by publishing hashes over a public blockchain through a trusted smart contract (thus avoiding denial of service attacks). Phishing detection exploits social information embedded into social network profiles to identify similar messages belonging to disjoint contexts. The main contribution of the paper is to introduce a new approach to contrasting the problem of social network phishing, which, despite its severity, received little attention by both research and industry.

Keywords: phishing, social networks, information sharing, blockchain

Procedia PDF Downloads 296

Authors: Halima Adel Halim Shnishah, David Mulvaney

Abstract:

Applying traditional symmetric cryptography algorithms while computing encryption and decryption provides immunity to secret keys against different attacks. One of the popular techniques generating automated secret keys is evolutionary computing by using Eureqa API tool, which got attention in 2013. In this paper, we are generating automated secret keys for image encryption and decryption using Eureqa API (tool which is used in evolutionary computing technique). Eureqa API models pseudo-random input data obtained from a suitable source to generate secret keys. The validation of generated secret keys is investigated by performing various statistical tests (histogram, chi-square, correlation of two adjacent pixels, correlation between original and encrypted images, entropy and key sensitivity). Experimental results obtained from methods including histogram analysis, correlation coefficient, entropy and key sensitivity, show that the proposed image encryption algorithms are secure and reliable, with the potential to be adapted for secure image communication applications.

Keywords: image encryption algorithms, Eureqa, statistical measurements, automated key generation

Procedia PDF Downloads 455

Authors: Ajish Sreedharan

Abstract:

Security in transmission and storage of digital images has its importance in today’s image communications and confidential video conferencing. Due to the increasing use of images in industrial process, it is essential to protect the confidential image data from unauthorized access. Advanced Encryption Standard (AES) is a well known block cipher that has several advantages in data encryption. However, it is not suitable for real-time applications. This paper presents modifications to the Advanced Encryption Standard to reflect a high level security and better image encryption. The modifications are done by adjusting the ShiftRow Transformation and using On Dynamic chaotic S-BOX. In AES the Substitute bytes, Shift row and Mix columns by themselves would provide no security because they do not use the key. In Dynamic chaotic S-BOX Based AES the Substitute bytes provide security because the S-Box is constructed from the key. Experimental results verify and prove that the proposed modification to image cryptosystem is highly secure from the cryptographic viewpoint. The results also prove that with a comparison to original AES encryption algorithm the modified algorithm gives better encryption results in terms of security against statistical attacks.

Keywords: advanced encryption standard (AES), on dynamic chaotic S-BOX, image encryption, security analysis, ShiftRow transformation

Procedia PDF Downloads 404

Authors: Toni Maristela C. Estabillo, Michaela V. Matienzo, Mikaela L. Sabangan, Rosette M. Tienzo, Justine L. Bahinting

Abstract:

This study is about blind watermarking on images with different categories and properties using two algorithms namely, Discrete Wavelet Transform and Patchwork Algorithm. A program is created to perform watermark embedding, extraction and evaluation. The evaluation is based on three watermarking criteria namely: image quality degradation, perceptual transparency and security. Image quality is measured by comparing the original properties with the processed one. Perceptual transparency is measured by a visual inspection on a survey. Security is measured by implementing geometrical and non-geometrical attacks through a pass or fail testing. Values used to measure the following criteria are mostly based on Mean Squared Error (MSE) and Peak Signal to Noise Ratio (PSNR). The results are based on statistical methods used to interpret and collect data such as averaging, z Test and survey. The study concluded that the combined DWT and Patchwork algorithms were less efficient and less capable of watermarking than DWT algorithm only.

Keywords: blind watermarking, discrete wavelet transform algorithm, patchwork algorithm, digital watermark

Procedia PDF Downloads 242

Authors: F. Zamani Ashni, P. Gerber

Abstract:

In today's religious and political climate, Muslims find themselves the focus of much attention, often in the form of discrimination and vilification. There is a widely held belief that Islam and terrorism are inextricably intertwined. An anti-Muslim narrative has been shaping policy around the world for some time now. This study, which focuses on the experience of Muslims in Australia, provides guidance on legislative and other steps that can be taken by Australia to help address Islamophobia. This study provides a doctrinal analysis of the state, territory, and federal anti-discrimination laws in Australia. Using principles of statutory interpretation along aside an analysis of relevant jurisprudence, this study concludes that Australian anti-discrimination laws are ill-equipped to address modern-day Islamophobia. The study also finds that laws alone are insufficient to combat Islamophobia, and a more holistic approach is required. Six strategies are identified, which can, in combination, help to successfully respond to Islamophobia. In addition to legislative initiatives, combating Islamophobia requires Australia to promote inclusive human rights education, fair media coverage, strong leadership, integration of the Islamic community, and comprehensive documentation of anti-Muslim attacks.

Keywords: Australia, discrimination, Islamophobia, Muslim

Procedia PDF Downloads 108

Authors: Sreejith Gopinath, Aspen Olmsted

Abstract:

This paper is based on our previous work that proposed a risk-transference-based architecture for healthcare systems to store sensitive data outside the system boundary, rendering the system unattractive to would-be bad actors. This architecture also allows a compromised system to be abandoned and a new system instance spun up in place to ensure business continuity without paying a ransom or engaging with a bad actor. This paper delves into the details of various attacks we simulated against the prototype system. In the paper, we discuss at length the time and computational costs associated with storing and retrieving data in the prototype system, abandoning a compromised system, and setting up a new instance with existing data. Lastly, we simulate some analytical workloads over the data stored in our specialized data storage system and discuss the time and computational costs associated with running analytics over data in a specialized storage system outside the system boundary. In summary, this paper discusses the total costs of data storage, access, and analytics incurred with the proposed architecture.

Keywords: cybersecurity, healthcare, ransomware, resilience, risk transference

Procedia PDF Downloads 109

Authors: Cavidan Yakupoglu, Kurt Rohloff

Abstract:

In this study, we aim to provide a novel parameter selection model for the BFVrns scheme, which is one of the prominent FHE schemes. Parameter selection in lattice-based FHE schemes is a practical challenges for experts or non-experts. Towards a solution to this problem, we introduce a hybrid principles-based approach that combines theoretical with experimental analyses. To begin, we use regression analysis to examine the parameters on the performance and security. The fact that the FHE parameters induce different behaviors on performance, security and Ciphertext Expansion Factor (CEF) that makes the process of parameter selection more challenging. To address this issue, We use a multi-objective optimization algorithm to select the optimum parameter set for performance, CEF and security at the same time. As a result of this optimization, we get an improved parameter set for better performance at a given security level by ensuring correctness and security against lattice attacks by providing at least 128-bit security. Our result enables average ~ 5x smaller CEF and mostly better performance in comparison to the parameter sets given in [1]. This approach can be considered a semiautomated parameter selection. These studies are conducted using the PALISADE homomorphic encryption library, which is a well-known HE library. The abstract goes here.

Keywords: lattice cryptography, fully homomorphic encryption, parameter selection, LWE, RLWE

Procedia PDF Downloads 117

Authors: Mustapha Hedabou, Ali Azougaghe, Ahmed Bentajer, Hicham Boukhris, Mourad Eddiwani, Zakaria Igarramen

Abstract:

Software-as-a-service (SaaS) is emerging as a dominant approach to delivering software. It encompasses a range of business, technical opportunities, issue, and challenges. Trustiness in the cloud services regarding the security and the privacy of the delivered data is the most critical issue with the SaaS model. In this paper, we survey the security concerns related to the SaaS model, and we propose the design of a trusted SaaS model that gives users more confidence into SaaS services by leveraging a trust in a neutral source code certifying authority. The proposed design is based on the use of the multisignature mechanism for signing the source code of the application service. In our model, the cloud provider acts as a root of trust by ensuring the integrity of the application service when it was running on its platform. The proposed design prevents insider attacks from tampering with application service before and after it was launched in a cloud provider platform.

Keywords: cloud computing, SaaS Platform, TPM, trustiness, code source certification, multi-signature schemes

Procedia PDF Downloads 247

Authors: Hongmei Chi

Abstract:

The Blockchain has become a necessity for many different societal industries and ordinary lives including cryptocurrency technology, supply chain, health care, public safety, education, etc. Therefore, training our future blockchain developers to know blockchain programming vulnerability and I.T. students' cyber security is in high demand. In this work, we propose a framework including learning modules and hands-on labs to guide future I.T. professionals towards developing secure blockchain programming habits and mitigating source code vulnerabilities at the early stages of the software development lifecycle following the concept of Secure Software Development Life Cycle (SSDLC). In this research, our goal is to make blockchain programmers and I.T. students aware of the vulnerabilities of blockchains. In summary, we develop a framework that will (1) improve students' skills and awareness of blockchain source code vulnerabilities, detection tools, and mitigation techniques (2) integrate concepts of blockchain vulnerabilities for IT students, (3) improve future IT workers’ ability to master the concepts of blockchain attacks.

Keywords: software vulnerability detection, hands-on lab, static analysis tools, vulnerabilities, blockchain, active learning

Procedia PDF Downloads 56

Authors: Sandra Baez, Mariana Pino, Mildred Berrio, Hernando Santamaria-Garcia, Lucas Sedeno, Adolfo Garcia, Sol Fittipaldi, Agustin Ibanez

Abstract:

Schadenfreude refers to the perceiver’s experience of pleasure at another’s misfortune. This is a multidetermined emotion which can be evoked by hostile feelings and envy. The experience of Schadenfreude engages mechanisms implicated in diverse social cognitive processes. For instance, Schadenfreude involves heightened reward processing, accompanied by increased striatal engagement and it interacts with mentalizing and perspective-taking abilities. Patients with Huntington's disease (HD) exhibit reductions of Schadenfreude experience, suggesting a role of striatal degeneration in such an impairment. However, no study has directly assessed the relationship between regional brain atrophy in HD and reduced Schadenfreude. This study investigated whether gray matter (GM) atrophy in HD patients correlates with ratings of Schadenfreude. First, we compared the performance of 20 HD patients and 23 controls on an experimental task designed to trigger Schadenfreude and envy (another social emotion acting as a control condition). Second, we compared GM volume between groups. Third, we examined brain regions where atrophy might be associated with specific impairments in the patients. Results showed that while both groups showed similar ratings of envy, HD patients reported lower Schadenfreude. The latter pattern was related to atrophy in regions of the reward system (ventral striatum) and the mentalizing network (precuneus and superior parietal lobule). Our results shed light on the intertwining of reward and socioemotional processes in Schadenfreude, while offering novel evidence about their neural correlates. In addition, our results open the door to future studies investigating social emotion processing in other clinical populations characterized by striatal or mentalizing network impairments (e.g., Parkinson’s disease, schizophrenia, autism spectrum disorders).

Keywords: envy, Gray matter atrophy, Huntigton's disease, Schadenfreude, social emotions

Procedia PDF Downloads 308

Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez

Abstract:

We consider the problem of attacks on networks. We define the concept of system survivability in networks in the presence of intelligent threats. Our setting of the problem assumes a flow to be sent from one source node to a destination node. The attacker attempts to disable the network by preventing the flow to reach its destination while the defender attempts to identify the best path-set to use to maximize the chance of arrival of the flow to the destination node. Our concept is shown to be different from the classical concept of network reliability. We distinguish two types of network survivability related to the defender and to the attacker of the network, respectively. We prove that the defender-based-network survivability plays the role of a lower bound while the attacker-based-network survivability plays the role of an upper bound of network reliability. We also prove that both concepts almost never agree nor coincide with network reliability. Moreover, we use the shortest-path problem to determine the defender-based-network survivability and the min-cut problem to determine the attacker-based-network survivability. We extend the problem to a variety of models including the minimum-spanning-tree problem and the multiple source-/destination-network problems.

Keywords: defense/attack strategies, information, networks, reliability, survivability

Procedia PDF Downloads 355

Authors: Peiming Li

Abstract:

This paper presents an innovative blockchain-based approach to enhance the reliability and efficiency of federated learning systems. By integrating a decentralized oracle consensus mechanism into the federated learning framework, we address key challenges of data and model integrity. Our approach utilizes a network of redundant oracles, functioning as independent validators within an epoch-based training system in the federated learning model. In federated learning, data is decentralized, residing on various participants' devices. This scenario often leads to concerns about data integrity and model quality. Our solution employs blockchain technology to establish a transparent and tamper-proof environment, ensuring secure data sharing and aggregation. The decentralized oracles, a concept borrowed from blockchain systems, act as unbiased validators. They assess the contributions of each participant using a Hidden Markov Model (HMM), which is crucial for evaluating the consistency of participant inputs and safeguarding against model poisoning and malicious activities. Our methodology's distinct feature is its epoch-based training. An epoch here refers to a specific training phase where data is updated and assessed for quality and relevance. The redundant oracles work in concert to validate data updates during these epochs, enhancing the system's resilience to security threats and data corruption. The effectiveness of this system was tested using the Mnist dataset, a standard in machine learning for benchmarking. Results demonstrate that our blockchain-oriented federated learning approach significantly boosts system resilience, addressing the common challenges of federated environments. This paper aims to make these advanced concepts accessible, even to those with a limited background in blockchain or federated learning. We provide a foundational understanding of how blockchain technology can revolutionize data integrity in decentralized systems and explain the role of oracles in maintaining model accuracy and reliability.

Keywords: federated learning system, block chain, decentralized oracles, hidden markov model

Procedia PDF Downloads 29

Authors: Kai Qian, Lixin Tao

Abstract:

Mobile devices such as smartphones are getting more and more popular in our daily lives. The security vulnerability and threat attacks become a very emerging and important research and education topic in computing security discipline. There is a need to have an innovative mobile security hands-on laboratory to provide students with real world relevant mobile threat analysis and protection experience. This paper presents an authentic teaching and learning mobile security approach with smartphone devices which covers most important mobile threats in most aspects of mobile security. Each lab focuses on one type of mobile threats, such as mobile messaging threat, and conveys the threat analysis and protection in multiple ways, including lectures and tutorials, multimedia or app-based demonstration for threats analysis, and mobile app development for threat protections. This authentic learning approach is affordable and easily-adoptable which immerse students in a real world relevant learning environment with real devices. This approach can also be applied to many other mobile related courses such as mobile Java programming, database, network, and any security relevant courses so that can learn concepts and principles better with the hands-on authentic learning experience.

Keywords: mobile computing, Android, network, security, labware

Procedia PDF Downloads 377