Search results for: panic attacks

Authors: Sandhya Armoogum

Abstract:

In distributed systems and in open systems such as the Internet, often mobile code has to run on unknown and potentially hostile hosts. Mobile code such as a mobile agent is vulnerable when executing on remote hosts. The mobile agent may be subjected to various attacks such as tampering, inspection, and replay attack by a malicious host. Much research has been done to provide solutions for various security problems, such as authentication of mobile agent and hosts, integrity and confidentiality of the data carried by the mobile agent. Many of such proposed solutions in literature are not suitable for open systems whereby the mobile code arrives and executes on a host which is not known and trusted by the mobile agent owner. In this paper, we propose the adoption of the reference monitor by hosts in an open system for providing trust and security for mobile code execution. A secure protocol for the distribution of the reference monitor entity is described. This reference monitor entity on the remote host may also provide several security services such as authentication and integrity to the mobile code.

Keywords: security, mobile agents, reference monitor, trust

Procedia PDF Downloads 413

Authors: Kitty Kioskli, Nineta Polemi

Abstract:

Evaluating the levels of cyber-security risks within an enterprise is most important in protecting its information system, services and all its digital assets against security incidents (e.g. accidents, malicious acts, massive cyber-attacks). The existing risk assessment methodologies (e.g. eBIOS, OCTAVE, CRAMM, NIST-800) adopt a technical approach considering as attack factors only the capability, intention and target of the attacker, and not paying attention to the attacker’s psychological profile and personality traits. In this paper, a socio-technical approach is proposed in cyber risk assessment, in order to achieve more realistic risk estimates by considering the personality traits of the attackers. In particular, based upon principles from investigative psychology and behavioural science, a multi-dimensional, extended, quantifiable model for an attacker’s profile is developed, which becomes an additional factor in the cyber risk level calculation.

Keywords: attacker, behavioural models, cyber risk assessment, cybersecurity, human factors, investigative psychology, ISO27001, ISO27005

Procedia PDF Downloads 129

Authors: Ahmidah Elgali

Abstract:

SCADA is the abbreviation for "Administrative Control And Data Acquisition." SCADA frameworks are generally utilized in industry for administrative control and information securing of modern cycles. Regular SCADA frameworks use PC, journal, slim client, and PDA as a client. In this paper, a Java-empowered cell phone has been utilized as a client in an example SCADA application to show and regulate the place of an example model crane. The paper presents a genuine execution of the online controlling of the model crane through a cell phone. The remote correspondence between the cell phone and the SCADA server is performed through a base station by means of general parcel radio assistance GPRS and remote application convention WAP. This application can be used in industrial sites in areas that are likely to be exposed to a security emergency (like terrorist attacks) which causes the sudden exit of the operators; however, no time to perform the shutdown procedures for the plant. Hence this application allows shutting down units and equipment remotely by mobile and so avoids damage and losses.

Keywords: control, industrial, mobile, network, remote, SCADA

Procedia PDF Downloads 51

Authors: Suba Periyal Subramaniam, Babette Scheres, Altomare Corrado, Holger Schuttrumpf

Abstract:

Due to the climatic change and the usage of coastal areas, there is an increasing risk of dike failures along the coast worldwide. Wave run-up plays a key role in planning and design of a coastal structure. The coastal dike lines are bent either due to geological characteristics or due to influence of anthropogenic activities. The effect of the curvature of coastal dikes on wave run-up and overtopping is not yet investigated. The scope of this research is to find the effects of the dike curvature on wave run-up by employing numerical model studies for various dike opening angles. Numerical simulation is carried out using DualSPHysics, a meshless method, and OpenFOAM, a mesh-based method. The numerical results of the wave run-up on a curved dike and the wave transformation process for various opening angles, wave attacks, and wave parameters will be compared and discussed. This research aims to contribute a more precise analysis and understanding the influence of the curvature in the dike line and thus ensuring a higher level of protection in the future development of coastal structures.

Keywords: curved dikes, DualSPHysics, OpenFOAM, wave run-up

Procedia PDF Downloads 123

Authors: Alireza Pour Ebrahimi, Vahid Abasi

Abstract:

Recently by the extension of internet usage, Research on the intrusion detection system takes a significant importance. Many of improvement systems prevent internal and external network attacks by providing security through firewalls and antivirus. In recently years, intrusion detection systems gradually turn from host-based systems and depend on O.S to the distributed systems which are running on multiple O.S. In this work, by considering the diversity of computer networks whit respect to structure, architecture, resource, services, users and also security goals requirement a fully distributed collaborative intrusion detection system based on peer to peer architecture is suggested. in this platform each partner device (matched device) considered as a peer-to-peer network. All transmitted information to network are visible only for device that use security scanning of a source. Experimental results show that the distributed architecture is significantly upgradeable in respect to centralized approach.

Keywords: network, intrusion detection system, peer to peer, internal and external network

Procedia PDF Downloads 513

Authors: Sneha Leslie

Abstract:

The current situation in the cyber world is that crimes performed by Botnets are increasing and the masterminds (botmaster) are not detectable easily. The botmaster in the botnet compromises the legitimate host machines in the network and make them bots or zombies to initiate the cyber-attacks. This paper will focus on the live detection of the botmaster in the network by using the strong framework 'metasploit', when distributed denial of service (DDOS) attack is performed by the botnet. The affected victim machine will be continuously monitoring its incoming packets. Once the victim machine gets to know about the excessive count of packets from any IP, that particular IP is noted and details of the noted systems are gathered. Using the vulnerabilities present in the zombie machines (already compromised by botmaster), the victim machine will compromise them. By gaining access to the compromised systems, applications are run remotely. By analyzing the incoming packets of the zombies, the victim comes to know the address of the botmaster. This is an effective and a simple system where no specific features of communication protocol are considered.

Keywords: bonet, DDoS attack, network security, detection system, metasploit framework

Procedia PDF Downloads 225

Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.

Keywords: digital forensic, detection, eradication, targeted attack, malware

Procedia PDF Downloads 244

Authors: M. Eckert, M. Oliveira

Abstract:

The intensive use of natural aggregates, near cities and towns, associated to the increase of the global population, leads to its depletion and increases the transport distances. The uncontrolled deposition of construction and demolition waste in landfills and city outskirts, causes pollution and takes up space. The use of recycled aggregates in concrete preparation would contribute to mitigate the problem. However, it arises the problem that the high water absorption of recycled aggregate decreases the bleeding rate of concrete, and when this gets lower than the evaporation rate, plastic shrinkage cracking occurs. This phenomenon can be particularly problematic in hot and windy curing environments. Cracking facilitates the flow of liquid and gas into concrete which attacks the reinforcement and degrades the concrete. These factors reduce the durability of concrete structures and consequently the lifetime of buildings. A ring test was used, cured in a wind tunnel, to evaluate the plastic shrinkage cracking sensitivity of recycled aggregate concrete, in order to implement preventive means to control this phenomenon. The role of several aggregate properties on the concrete segregation and cracking mechanisms were also discussed.

Keywords: recycled aggregate, plastic shrinkage cracking, wind tunnel, durability

Procedia PDF Downloads 386

Authors: Tushar K. Routh

Abstract:

If inputs are engineered in certain manners, they can influence deep neural networks’ (DNN) performances by facilitating misclassifications, a phenomenon well-known as adversarial attacks that question networks’ vulnerability. Recent studies have unfolded the relationship between vulnerability of such networks with their complexity. In this paper, the distinctive influence of additional convolutional layers at the decision boundaries of several DNN architectures was investigated. Here, to engineer inputs from widely known image datasets like MNIST, Fashion MNIST, and Cifar 10, we have exercised One Step Spectral Attack (OSSA) and Fast Gradient Method (FGM) techniques. The aftermaths of adding layers to the robustness of the architectures have been analyzed. For reasoning, separation width from linear class partitions and local geometry (curvature) near the decision boundary have been examined. The result reveals that model complexity has significant roles in adjusting relative distances from margins, as well as the local features of decision boundaries, which impact robustness.

Keywords: DNN robustness, decision boundary, local curvature, network complexity

Procedia PDF Downloads 45

Authors: Jihan Mahmoud

Abstract:

This paper examines the role played by Arabic novelists in revolutionary change in the Arab world, discussing themes of identity, sexuality and fundamentalism as portrayed in a selection of modern and contemporary Arabic novels that are either written in English or translated from Arabic into English. It particularly focuses on the post-Naguib Mahfouz era. Taking my cue from the current political changes in the Arab world, starting with 9/11/ terrorist attacks in the USA and the UK, the ‘Arab Spring’ revolutions, the rise of political Islam and the emergence of Isis, the Islamic state in Iraq and the Levant, the study analyses the differences in the ways contemporary Arab novelists from different Arabic countries represent the interaction between identity, sexual politics and fundamentalist ideas in the Arab world, with a specific focus on the overlap between literature, religion and international politics in the region. It argues that the post-Mahfouz era marked a new phase in the development of the political Arabic novel not only as a force of resistance against political-religious oppression, but as a call for revolution as well. Thus, the Arabic novel reshapes values and prompts future action.

Keywords: Arabic novel, Islam, politics, sexuality

Procedia PDF Downloads 494

Authors: Kuan-Chou Chen

Abstract:

This paper will demonstrate a simulation model of an information security system by using the systems dynamic approach. The relationships in the system model are designed to be simple and functional and do not necessarily represent any particular information security environments. The purpose of the paper aims to develop a generic system dynamic information security system model with implications on information security research. The interrelated and interdependent relationships of five primary sectors in the system dynamic model will be presented in this paper. The integrated information security systems model will include (1) information security characteristics, (2) users, (3) technology, (4) business functions, and (5) policy and management. Environments, attacks, government and social culture will be defined as the external sector. The interactions within each of these sectors will be depicted by system loop map as well. The proposed system dynamic model will not only provide a conceptual framework for information security analysts and designers but also allow information security managers to remove the incongruity between the management of risk incidents and the management of knowledge and further support information security managers and decision makers the foundation for managerial actions and policy decisions.

Keywords: system thinking, information security systems, security management, simulation

Procedia PDF Downloads 399

Authors: Yin Cheung Lam

Abstract:

In 1949, the ratification of the Geneva Conventions heralded the international community’s adoption of a new universal and non-discriminatory approach to human rights in situations of conflict. However, with the proliferation of international terrorism after the 9/11 attacks on the United States (U.S.), the international community’s uneven and contradictory implementations of international humanitarian law (IHL) questioned its agenda of universal human rights. Specifically, the derogation from IHL has never been so pronounced in the U.S. led ‘War on Terror’. While an extensive literature has ‘assessed the impact’ of the implementation of the Geneva Conventions, limited attention has been paid to interrogating the ways in which the Geneva Conventions and its resulting implementation have functioned to discursively reproduce certain understandings of human rights between states and non-state actors. Through a discursive analysis of the Geneva Conventions and the conceptualization of human rights in relation to terrorism, this thesis problematises the way in which the U.S. has understood and reproduced understandings of human rights. Using the U.S. ‘War on Terror’ as an example, it seeks to extend previous analyses of the U.S.’ practice of IHL through a qualitative discursive analysis of the human rights content that appears in the Geneva Conventions in addition to the speeches and policy documents on the ‘War on Terror’.

Keywords: discursive analysis, human rights, non-state actors, war on terror

Procedia PDF Downloads 580

Authors: Amjad Khan

Abstract:

The security of Vehicular ad hoc networking is of great importance as it involves serious life threats. Thus to provide secure communication amongst Vehicles on road, the conventional security system is not enough. It is necessary to prevent the network resources from wastage and give them protection against malicious nodes so that to ensure the data bandwidth availability to the legitimate nodes of the network. This work is related to provide a non conventional security system by introducing some constraints to minimize the DoS (Denial of services) especially data and bandwidth. The data packets received by a node in the network will pass through a number of tests and if any of the test fails, the node will drop those data packets and will not forward it anymore. Also if a node claims to be the nearest node for forwarding emergency messages then the sender can effectively identify the true or false status of the claim by using these constraints. Consequently the DoS(Denial of Services) attack is minimized by the instant availability of data without wasting the network resources.

Keywords: black hole attack, grey hole attack, intransient traffic tempering, networking

Procedia PDF Downloads 260

Authors: Amirmohammad Dahouri

Abstract:

Each year, more than 795,000 individuals in the United States grieve a stroke, and by 2030, it is predictable that 4% of the U.S. people will have had a stroke. Ischemic stroke, accounting for about 80% of all strokes, is one of the main causes of disability. The goal of stroke rehabilitation is to help patients return to physical and mental functions and relearn the required aids to living everyday life. This flagging has an adverse effect on patients’ quality of life and affects their daily living activities. In recent years, the rehabilitation of ischemic stroke attractions more attention in the world. A review of the rudimentary perceptions of stroke rehabilitation that are price stressing to all specialists who delicacy patients with stroke. Ideas are made for patients on how to functionally manage daily activities after they have qualified for a stroke. It is vital for home healthcare clinicians to understand the process from acute events to medical equilibrium and rehabilitation to adaptation. Different sources such as Pub Med Google Scholar and science direct have been used and various contemporary articles in this era have been analyzed. The care plan must also foundation actual actions to protect against recurrent stroke, as stroke patients are generally at significant risk for further ischemic or hemorrhagic attacks. Here, we review evidence of rehabilitation in treating post-stroke impairment.

Keywords: rehabilitation, stroke, ischemic, hemorrhagic, brain

Procedia PDF Downloads 126

Authors: Jared Oluoch

Abstract:

Connected vehicles are equipped with wireless sensors that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication. These vehicles will in the near future provide road safety, improve transport efficiency, and reduce traffic congestion. One of the challenges for connected vehicles is how to ensure that information sent across the network is secure. If security of the network is not guaranteed, several attacks can occur, thereby compromising the robustness, reliability, and efficiency of the network. This paper discusses existing security mechanisms and unique properties of connected vehicles. The methodology employed in this work is exploratory. The paper reviews existing security solutions for connected vehicles. More concretely, it discusses various cryptographic mechanisms available, and suggests areas of improvement. The study proposes a combination of symmetric key encryption and public key cryptography to improve security. The study further proposes message aggregation as a technique to overcome message redundancy. This paper offers a comprehensive overview of connected vehicles technology, its applications, its security mechanisms, open challenges, and potential areas of future research.

Keywords: VANET, connected vehicles, 802.11p, WAVE, DSRC, trust, security, cryptography

Procedia PDF Downloads 277

Authors: Nazish Saleem Abbas, Muhammad Haris Jamil, Hamid Sharif

Abstract:

Digital watermarking is a technique that allows an individual to add and hide secret information, copyright notice, or other verification message inside a digital audio, video, or image. Today, with the advancement of technology, modern healthcare systems manage patients’ diagnostic information in a digital way in many countries. When transmitted between hospitals through the internet, the medical data becomes vulnerable to attacks and requires security and confidentiality. Digital watermarking techniques are used in order to ensure the authenticity, security and management of medical images and related information. This paper proposes a watermarking technique that embeds a watermark in medical images imperceptibly and securely. In this work, digital watermarking on medical images is carried out using the Least Significant Bit (LSB) with the Discrete Cosine Transform (DCT). The proposed methods of embedding and extraction of a watermark in a watermarked image are performed in the frequency domain using LSB by XOR operation. The quality of the watermarked medical image is measured by the Peak signal-to-noise ratio (PSNR). It was observed that the watermarked medical image obtained performing XOR operation between DCT and LSB survived compression attack having a PSNR up to 38.98.

Keywords: watermarking, image processing, DCT, LSB, PSNR

Procedia PDF Downloads 8

Authors: Da Eun Sung

Abstract:

In today’s world, cyber security has become an important international agenda. As the information age has arrived, the need for cyber defense against cyber attacks is mounting, and the significance of cyber cooperation in the international community is drawing attention. Through the course, international society has agreed that the institutionalization of international norms dealing with cyber space and cyber security is crucial ever. Nevertheless, the West, led by the United States of America, and 'the East', composed of Russia and China, have shown conflicting views on forming international norms and principles which would regulate and ward off the possible threats in cyber space. Thus, the international community hasn’t yet to reach an agreement on cyber security. In other words, the difference between both sides on the approach and understanding of principles, objects, and the definition has rendered such. Firstly, this dissertation will cover the Russia’s perception, strategy, and definition on cyber security through analyzing primary source. Then, it will delve into the two contrasting cyber security strategy between Russia and the US by comparing them. And in the conclusion, it will seek the possible solution for the cooperation in the field of cyber security. It is quite worthwhile to look into Russia’s views, which is the main counterpart to the US in this field, especially when the efforts to institutionalize cyber security by the US-led international community have met with their boundaries, and when the legitimacy of them have been challenged.

Keywords: cyber security, cyber security strategic, international relation in cyberspace, Russia

Procedia PDF Downloads 276

Authors: Ivan Župan

Abstract:

Critical infrastructure is essential for the functioning of a country and is designated for special protection by governments worldwide. Due to the increase in smart technology usage in every facet of the industry, including critical infrastructure, the exposure to malicious cyber-physical attacks has grown in the last few years. Proper security measures must be undertaken in order to defend against cyber-physical threats that can disrupt the normal functioning of critical infrastructure and, consequently the functioning of the country. This paper provides a review of the scientific literature of models, methods and technologies used to protect from cyber-physical threats in industries. The focus of the literature was observed from three aspects. The first aspect, resilience, concerns itself with the robustness of the system’s defense against threats, as well as preparation and education about potential future threats. The second aspect concerns security risk management for systems with cyber-physical aspects, and the third aspect investigates available testbed environments for testing developed models on scaled models of vulnerable infrastructure.

Keywords: critical infrastructure, cyber-physical security, smart industry, security methodology, security technology

Procedia PDF Downloads 51

Authors: Francesco Buccafurri, Celeste Romolo

Abstract:

Nowadays phishing is the most frequent starting point of cyber-attack vectors. Phishing is implemented both via email and social network messages. While a wide scientific literature exists which addresses the problem of contrasting email spam-phishing, no specific countermeasure has been so far proposed for phishing included into private messages of social network platforms. Unfortunately, the problem is severe. This paper proposes an approach against social network phishing, based on a non invasive collaborative information-sharing approach which leverages blockchain. The detection method works by filtering candidate messages, by distilling them by means of a distance-preserving hash function, and by publishing hashes over a public blockchain through a trusted smart contract (thus avoiding denial of service attacks). Phishing detection exploits social information embedded into social network profiles to identify similar messages belonging to disjoint contexts. The main contribution of the paper is to introduce a new approach to contrasting the problem of social network phishing, which, despite its severity, received little attention by both research and industry.

Keywords: phishing, social networks, information sharing, blockchain

Procedia PDF Downloads 297

Authors: Halima Adel Halim Shnishah, David Mulvaney

Abstract:

Applying traditional symmetric cryptography algorithms while computing encryption and decryption provides immunity to secret keys against different attacks. One of the popular techniques generating automated secret keys is evolutionary computing by using Eureqa API tool, which got attention in 2013. In this paper, we are generating automated secret keys for image encryption and decryption using Eureqa API (tool which is used in evolutionary computing technique). Eureqa API models pseudo-random input data obtained from a suitable source to generate secret keys. The validation of generated secret keys is investigated by performing various statistical tests (histogram, chi-square, correlation of two adjacent pixels, correlation between original and encrypted images, entropy and key sensitivity). Experimental results obtained from methods including histogram analysis, correlation coefficient, entropy and key sensitivity, show that the proposed image encryption algorithms are secure and reliable, with the potential to be adapted for secure image communication applications.

Keywords: image encryption algorithms, Eureqa, statistical measurements, automated key generation

Procedia PDF Downloads 457

Authors: Ajish Sreedharan

Abstract:

Security in transmission and storage of digital images has its importance in today’s image communications and confidential video conferencing. Due to the increasing use of images in industrial process, it is essential to protect the confidential image data from unauthorized access. Advanced Encryption Standard (AES) is a well known block cipher that has several advantages in data encryption. However, it is not suitable for real-time applications. This paper presents modifications to the Advanced Encryption Standard to reflect a high level security and better image encryption. The modifications are done by adjusting the ShiftRow Transformation and using On Dynamic chaotic S-BOX. In AES the Substitute bytes, Shift row and Mix columns by themselves would provide no security because they do not use the key. In Dynamic chaotic S-BOX Based AES the Substitute bytes provide security because the S-Box is constructed from the key. Experimental results verify and prove that the proposed modification to image cryptosystem is highly secure from the cryptographic viewpoint. The results also prove that with a comparison to original AES encryption algorithm the modified algorithm gives better encryption results in terms of security against statistical attacks.

Keywords: advanced encryption standard (AES), on dynamic chaotic S-BOX, image encryption, security analysis, ShiftRow transformation

Procedia PDF Downloads 404

Authors: Toni Maristela C. Estabillo, Michaela V. Matienzo, Mikaela L. Sabangan, Rosette M. Tienzo, Justine L. Bahinting

Abstract:

This study is about blind watermarking on images with different categories and properties using two algorithms namely, Discrete Wavelet Transform and Patchwork Algorithm. A program is created to perform watermark embedding, extraction and evaluation. The evaluation is based on three watermarking criteria namely: image quality degradation, perceptual transparency and security. Image quality is measured by comparing the original properties with the processed one. Perceptual transparency is measured by a visual inspection on a survey. Security is measured by implementing geometrical and non-geometrical attacks through a pass or fail testing. Values used to measure the following criteria are mostly based on Mean Squared Error (MSE) and Peak Signal to Noise Ratio (PSNR). The results are based on statistical methods used to interpret and collect data such as averaging, z Test and survey. The study concluded that the combined DWT and Patchwork algorithms were less efficient and less capable of watermarking than DWT algorithm only.

Keywords: blind watermarking, discrete wavelet transform algorithm, patchwork algorithm, digital watermark

Procedia PDF Downloads 243

Authors: F. Zamani Ashni, P. Gerber

Abstract:

In today's religious and political climate, Muslims find themselves the focus of much attention, often in the form of discrimination and vilification. There is a widely held belief that Islam and terrorism are inextricably intertwined. An anti-Muslim narrative has been shaping policy around the world for some time now. This study, which focuses on the experience of Muslims in Australia, provides guidance on legislative and other steps that can be taken by Australia to help address Islamophobia. This study provides a doctrinal analysis of the state, territory, and federal anti-discrimination laws in Australia. Using principles of statutory interpretation along aside an analysis of relevant jurisprudence, this study concludes that Australian anti-discrimination laws are ill-equipped to address modern-day Islamophobia. The study also finds that laws alone are insufficient to combat Islamophobia, and a more holistic approach is required. Six strategies are identified, which can, in combination, help to successfully respond to Islamophobia. In addition to legislative initiatives, combating Islamophobia requires Australia to promote inclusive human rights education, fair media coverage, strong leadership, integration of the Islamic community, and comprehensive documentation of anti-Muslim attacks.

Keywords: Australia, discrimination, Islamophobia, Muslim

Procedia PDF Downloads 110

Authors: Sreejith Gopinath, Aspen Olmsted

Abstract:

This paper is based on our previous work that proposed a risk-transference-based architecture for healthcare systems to store sensitive data outside the system boundary, rendering the system unattractive to would-be bad actors. This architecture also allows a compromised system to be abandoned and a new system instance spun up in place to ensure business continuity without paying a ransom or engaging with a bad actor. This paper delves into the details of various attacks we simulated against the prototype system. In the paper, we discuss at length the time and computational costs associated with storing and retrieving data in the prototype system, abandoning a compromised system, and setting up a new instance with existing data. Lastly, we simulate some analytical workloads over the data stored in our specialized data storage system and discuss the time and computational costs associated with running analytics over data in a specialized storage system outside the system boundary. In summary, this paper discusses the total costs of data storage, access, and analytics incurred with the proposed architecture.

Keywords: cybersecurity, healthcare, ransomware, resilience, risk transference

Procedia PDF Downloads 111

Authors: Cavidan Yakupoglu, Kurt Rohloff

Abstract:

In this study, we aim to provide a novel parameter selection model for the BFVrns scheme, which is one of the prominent FHE schemes. Parameter selection in lattice-based FHE schemes is a practical challenges for experts or non-experts. Towards a solution to this problem, we introduce a hybrid principles-based approach that combines theoretical with experimental analyses. To begin, we use regression analysis to examine the parameters on the performance and security. The fact that the FHE parameters induce different behaviors on performance, security and Ciphertext Expansion Factor (CEF) that makes the process of parameter selection more challenging. To address this issue, We use a multi-objective optimization algorithm to select the optimum parameter set for performance, CEF and security at the same time. As a result of this optimization, we get an improved parameter set for better performance at a given security level by ensuring correctness and security against lattice attacks by providing at least 128-bit security. Our result enables average ~ 5x smaller CEF and mostly better performance in comparison to the parameter sets given in [1]. This approach can be considered a semiautomated parameter selection. These studies are conducted using the PALISADE homomorphic encryption library, which is a well-known HE library. The abstract goes here.

Keywords: lattice cryptography, fully homomorphic encryption, parameter selection, LWE, RLWE

Procedia PDF Downloads 119

Authors: Mustapha Hedabou, Ali Azougaghe, Ahmed Bentajer, Hicham Boukhris, Mourad Eddiwani, Zakaria Igarramen

Abstract:

Software-as-a-service (SaaS) is emerging as a dominant approach to delivering software. It encompasses a range of business, technical opportunities, issue, and challenges. Trustiness in the cloud services regarding the security and the privacy of the delivered data is the most critical issue with the SaaS model. In this paper, we survey the security concerns related to the SaaS model, and we propose the design of a trusted SaaS model that gives users more confidence into SaaS services by leveraging a trust in a neutral source code certifying authority. The proposed design is based on the use of the multisignature mechanism for signing the source code of the application service. In our model, the cloud provider acts as a root of trust by ensuring the integrity of the application service when it was running on its platform. The proposed design prevents insider attacks from tampering with application service before and after it was launched in a cloud provider platform.

Keywords: cloud computing, SaaS Platform, TPM, trustiness, code source certification, multi-signature schemes

Procedia PDF Downloads 248

Authors: Hongmei Chi

Abstract:

The Blockchain has become a necessity for many different societal industries and ordinary lives including cryptocurrency technology, supply chain, health care, public safety, education, etc. Therefore, training our future blockchain developers to know blockchain programming vulnerability and I.T. students' cyber security is in high demand. In this work, we propose a framework including learning modules and hands-on labs to guide future I.T. professionals towards developing secure blockchain programming habits and mitigating source code vulnerabilities at the early stages of the software development lifecycle following the concept of Secure Software Development Life Cycle (SSDLC). In this research, our goal is to make blockchain programmers and I.T. students aware of the vulnerabilities of blockchains. In summary, we develop a framework that will (1) improve students' skills and awareness of blockchain source code vulnerabilities, detection tools, and mitigation techniques (2) integrate concepts of blockchain vulnerabilities for IT students, (3) improve future IT workers’ ability to master the concepts of blockchain attacks.

Keywords: software vulnerability detection, hands-on lab, static analysis tools, vulnerabilities, blockchain, active learning

Procedia PDF Downloads 57

Authors: John Onyima, Ikechukwu Ezepue

Abstract:

Virtualization and cloud computing are among the fast-growing computing innovations in recent times. Organisations all over the world are moving their computing services towards the cloud this is because of its rapid transformation of the organization’s infrastructure and improvement of efficient resource utilization and cost reduction. However, this technology brings new security threats and challenges about safety, reliability and data confidentiality. Evidently, no single security technique can guarantee security or protection against malicious attacks on a cloud computing network hence an integrated model of intrusion detection and prevention system has been proposed. Anomaly-based and signature-based detection techniques will be integrated to enable the network and its host defend themselves with some level of intelligence. The anomaly-base detection was implemented using the local deviation factor graph-based (LDFGB) algorithm while the signature-based detection was implemented using the snort algorithm. Results from this collaborative intrusion detection and prevention techniques show robust and efficient security architecture for cloud computing networks.

Keywords: anomaly-based detection, cloud computing, intrusion detection, intrusion prevention, signature-based detection

Procedia PDF Downloads 272

Authors: Mirjana Petronijević, Sanja Panić, Aleksandra Cvetanović, Branko Kordić, Nenad Grba

Abstract:

Enzyme peroxidases are biological catalysts and play a major role in phenolic wastewater treatments and other environmental applications. The most studied species from the peroxidases family is horseradish peroxidase (HRP). In environmental processes, HRP could be used in its free or immobilized form. Enzyme immobilization onto solid support is performed to improve the enzyme properties, prolong its lifespan and operational stability and allow its reuse in industrial applications. One of the enzyme supports of a newer generation is magnetic particles (MPs). Fe₃O₄ MPs are the most widely pursued immobilization of enzymes owing to their remarkable advantages of biocompatibility and non-toxicity. Also, MPs can be easily separated and recovered from the water by applying an external magnetic field. On the other hand, metals and metal oxides are not suitable for the covalent binding of enzymes, so it is necessary to perform their surface modification. Fe₃O₄ MPs functionalization could be performed during the process of their synthesis if it takes place in the presence of plant extracts. Extracts of plant material, such as wild plants, herbs, even waste materials of the food and agricultural industry (bark, shell, leaves, peel), are rich in various bioactive components such as polyphenols, flavonoids, sugars, etc. When the synthesis of magnetite is performed in the presence of plant extracts, bioactive components are incorporated into the surface of the magnetite, thereby affecting its functionalization. In this paper, the suitability of bio-magnetite as solid support for covalent immobilization of HRP across glutaraldehyde was examined. The activity of immobilized HRP at different pH values (4-9) and temperatures (20-80°C) and reusability were examined. Bio-MP was synthesized by co-precipitation method from Fe(II) and Fe(III) sulfate salts in the presence of water extract of the Allium cepa peel. The water extract showed 81% of antiradical potential (according to DPPH assay), which is connected with the high content of polyphenols. According to the FTIR analysis, the bio-magnetite contains oxygen functional groups (-OH, -COOH, C=O) suitable for binding to glutaraldehyde, after which the enzyme is covalently immobilized. The immobilized enzyme showed high activity at ambient temperature and pH 7 (30 U/g) and retained ≥ 80% of its activity at a wide range of pH (5-8) and temperature (20-50°C). The HRP immobilized onto bio-MPs showed remarkable stability towards temperature and pH variations compared to the free enzyme form. On the other hand, immobilized HRP showed low reusability after the first washing cycle enzyme retains 50% of its activity, while after the third washing cycle retains only 22%.

Keywords: bio-magnetite, enzyme immobilization, water extracts, environmental protection

Procedia PDF Downloads 184

Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez

Abstract:

We consider the problem of attacks on networks. We define the concept of system survivability in networks in the presence of intelligent threats. Our setting of the problem assumes a flow to be sent from one source node to a destination node. The attacker attempts to disable the network by preventing the flow to reach its destination while the defender attempts to identify the best path-set to use to maximize the chance of arrival of the flow to the destination node. Our concept is shown to be different from the classical concept of network reliability. We distinguish two types of network survivability related to the defender and to the attacker of the network, respectively. We prove that the defender-based-network survivability plays the role of a lower bound while the attacker-based-network survivability plays the role of an upper bound of network reliability. We also prove that both concepts almost never agree nor coincide with network reliability. Moreover, we use the shortest-path problem to determine the defender-based-network survivability and the min-cut problem to determine the attacker-based-network survivability. We extend the problem to a variety of models including the minimum-spanning-tree problem and the multiple source-/destination-network problems.

Keywords: defense/attack strategies, information, networks, reliability, survivability

Procedia PDF Downloads 356