Search results for: vulnerability discoverers
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 126

Search results for: vulnerability discoverers

126 Software Vulnerability Markets: Discoverers and Buyers

Authors: Abdullah M. Algarni, Yashwant K. Malaiya

Abstract:

Some of the key aspects of vulnerability—discovery, dissemination, and disclosure—have received some attention recently. However, the role of interaction among the vulnerability discoverers and vulnerability acquirers has not yet been adequately addressed. Our study suggests that a major percentage of discoverers, a majority in some cases, are unaffiliated with the software developers and thus are free to disseminate the vulnerabilities they discover in any way they like. As a result, multiple vulnerability markets have emerged. In some of these markets, the exchange is regulated, but in others, there is little or no regulation. In recent vulnerability discovery literature, the vulnerability discoverers have remained anonymous individuals. Although there has been an attempt to model the level of their efforts, information regarding their identities, modes of operation, and what they are doing with the discovered vulnerabilities has not been explored.

Reports of buying and selling of the vulnerabilities are now appearing in the press; however, the existence of such markets requires validation, and the natures of the markets need to be analyzed. To address this need, we have attempted to collect detailed information. We have identified the most prolific vulnerability discoverers throughout the past decade and examined their motivation and methods. A large percentage of these discoverers are located in Eastern and Western Europe and in the Far East. We have contacted several of them in order to collect firsthand information regarding their techniques, motivations, and involvement in the vulnerability markets. We examine why many of the discoverers appear to retire after a highly successful vulnerability-finding career. The paper identifies the actual vulnerability markets, rather than the hypothetical ideal markets that are often examined. The emergence of worldwide government agencies as vulnerability buyers has significant implications. We discuss potential factors that can impact the risk to society and the need for detailed exploration.

Keywords: Risk management, software security, vulnerability discoverers, vulnerability markets.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3263
125 Vulnerability Assessment of Blida City

Authors: K. Tadjer, M. Bensaibi, A. Chaid

Abstract:

The seismic vulnerability of an urban area is of a great deal for local authorities especially those facing earthquakes. So, it is important to have an efficient tool to assess the vulnerability of existing buildings. The use of the VIP (Vulnerability Index Program) and the GIS (Geographic Information System) let us to identify the most vulnerable districts of an urban area. The use of the vulnerability index method lets us to assess the vulnerability of the center town of Blida (Algeria) which is a historical town and which has grown enormously during the last decades. In this method, three levels of vulnerability are defined. The GIS has been used to build a data base in order to perform different thematic analyses. These analyses show the seismic vulnerability of Blida.

Keywords: Blida, Earthquake, GIS, Seismic vulnerability, Urban area.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1842
124 Seismic Vulnerability Assessment of Buildings in Algiers Area

Authors: F. Lazzali, M. Farsi

Abstract:

Several models of vulnerability assessment have been proposed. The selection of one of these models depends on the objectives of the study. The classical methodologies for seismic vulnerability analysis, as a part of seismic risk analysis, have been formulated with statistical criteria based on a rapid observation. The information relating to the buildings performance is statistically elaborated. In this paper, we use the European Macroseismic Scale EMS-98 to define the relationship between damage and macroseismic intensity to assess the seismic vulnerability. Applying to Algiers area, the first step is to identify building typologies and to assign vulnerability classes. In the second step, damages are investigated according to EMS-98.

Keywords: Damage, EMS-98, inventory building, vulnerability classes

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1817
123 Assessment of Vulnerability and Risk of Taijiang Coastal Areas to Climatic Changes

Authors: Yu-Chen Lin, Tzong-Yeang Lee

Abstract:

This study aims to assess the vulnerability and risk of the coastal areas of Taijiang to abnormal oceanographic phenomena. In addition, this study aims to investigate and collect data regarding the disaster losses, land utilization, and other social, economic, and environmental issues in these coastal areas to construct a coastal vulnerability and risk map based on the obtained climate-change risk assessment results. Considering the indexes of the three coastal vulnerability dimensions, namely, man-made facilities, environmental geography, and social economy, this study adopted the equal weighting process and Analytic Hierarchy Process to analyze the vulnerability of these coastal areas to disasters caused by climatic changes. Among the areas with high coastal vulnerability to climatic changes, three towns had the highest coastal vulnerability and four had the highest relative vulnerability. Areas with lower disaster risks were found to be increasingly vulnerable to disasters caused by climatic changes as time progresses.

Keywords: Climate change, coastal disaster, risk, vulnerability

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1802
122 SVID: Structured Vulnerability Intelligence for Building Deliberated Vulnerable Environment

Authors: Wenqing Fan, Yixuan Cheng, Wei Huang

Abstract:

The diversity and complexity of modern IT systems make it almost impossible for internal teams to find vulnerabilities in all software before the software is officially released. The emergence of threat intelligence and vulnerability reporting policy has greatly reduced the burden on software vendors and organizations to find vulnerabilities. However, to prove the existence of the reported vulnerability, it is necessary but difficult for security incident response team to build a deliberated vulnerable environment from the vulnerability report with limited and incomplete information. This paper presents a structured, standardized, machine-oriented vulnerability intelligence format, that can be used to automate the orchestration of Deliberated Vulnerable Environment (DVE). This paper highlights the important role of software configuration and proof of vulnerable specifications in vulnerability intelligence, and proposes a triad model, which is called DIR (Dependency Configuration, Installation Configuration, Runtime Configuration), to define software configuration. Finally, this paper has also implemented a prototype system to demonstrate that the orchestration of DVE can be automated with the intelligence.

Keywords: DIR Triad Model, DVE, vulnerability intelligence, vulnerability recurrence.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 692
121 Remote Sensing, GIS, and AHP for Assessing Physical Vulnerability to Tsunami Hazard

Authors: Abu Bakar Sambah, Fusanori Miura

Abstract:

Remote sensing image processing, spatial data analysis through GIS approach, and analytical hierarchy process were introduced in this study for assessing the vulnerability area and inundation area due to tsunami hazard in the area of Rikuzentakata, Iwate Prefecture, Japan. Appropriate input parameters were derived from GSI DEM data, ALOS AVNIR-2, and field data. We used the parameters of elevation, slope, shoreline distance, and vegetation density. Five classes of vulnerability were defined and weighted via pairwise comparison matrix. The assessment results described that 14.35km2 of the study area was under tsunami vulnerability zone. Inundation areas are those of high and slightly high vulnerability. The farthest area reached by a tsunami was about 7.50km from the shoreline and shows that rivers act as flooding strips that transport tsunami waves into the hinterland. This study can be used for determining a priority for land-use planning in the scope of tsunami hazard risk management.

Keywords: AHP, GIS, remote sensing, tsunami vulnerability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3335
120 Assessment of Vulnerability Curves Using Vulnerability Index Method for Reinforced Concrete Structures

Authors: F. I. Belheouane, M. Bensaibi

Abstract:

The seismic feedback experiences in Algeria have shown higher percentage of damages for non-code conforming reinforced concrete (RC) buildings. Furthermore, the vulnerability of these buildings was further aggravated due to presence of many factors (e.g. weak the seismic capacity of these buildings, shorts columns, Pounding effect, etc.). Consequently Seismic risk assessments were carried out on populations of buildings to identify the buildings most likely to undergo losses during an earthquake. The results of such studies are important in the mitigation of losses under future seismic events as they allow strengthening intervention and disaster management plans to be drawn up. Within this paper, the state of the existing structures is assessed using "the vulnerability index" method. This method allows the classification of RC constructions taking into account both, structural and non structural parameters, considered to be ones of the main parameters governing the vulnerability of the structure. Based on seismic feedback from past earthquakes DPM (damage probability matrices) were developed too.

Keywords: Seismic vulnerability, Reinforced concrete buildings, Earthquake, DPM, Algeria.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2924
119 Seismic Performance of Masonry Buildings in Algeria

Authors: F. Lazzali, S. Bedaoui

Abstract:

Structural performance and seismic vulnerability of masonry buildings in Algeria are investigated in this paper. Structural classification of such buildings is carried out regarding their structural elements. Seismicity of Algeria is briefly discussed. Then vulnerability of masonry buildings and their failure mechanisms in the Boumerdes earthquake (May, 2003) are examined.

Keywords: Masonry building, seismic deficiencies, vulnerability classes

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2363
118 Hardware Approach to Solving Password Exposure Problem through Keyboard Sniff

Authors: Kyungroul Lee, Kwangjin Bae, Kangbin Yim

Abstract:

This paper introduces a hardware solution to password exposure problem caused by direct accesses to the keyboard hardware interfaces through which a possible attacker is able to grab user-s password even where existing countermeasures are deployed. Several researches have proposed reasonable software based solutions to the problem for years. However, recently introduced hardware vulnerability problems have neutralized the software approaches and yet proposed any effective software solution to the vulnerability. Hardware approach in this paper is expected as the only solution to the vulnerability

Keywords: Keyboard sniff, password exposure, hardware vulnerability, privacy problem, insider security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1578
117 Water Resources Vulnerability Assessment to Climate Change in a Semi-Arid Basin of South India

Authors: K. Shimola, M. Krishnaveni

Abstract:

This paper examines vulnerability assessment of water resources in a semi-arid basin using the 4-step approach. The vulnerability assessment framework is developed to study the water resources vulnerability which includes the creation of GIS-based vulnerability maps. These maps represent the spatial variability of the vulnerability index. This paper introduces the 4-step approach to assess vulnerability that incorporates a new set of indicators. The approach is demonstrated using a framework composed of a precipitation data for (1975–2010) period, temperature data for (1965–2010) period, hydrological model outputs and the water resources GIS data base. The vulnerability assessment is a function of three components such as exposure, sensitivity and adaptive capacity. The current water resources vulnerability is assessed using GIS based spatio-temporal information. Rainfall Coefficient of Variation, monsoon onset and end date, rainy days, seasonality indices, temperature are selected for the criterion ‘exposure’. Water yield, ground water recharge, evapotranspiration (ET) are selected for the criterion ‘sensitivity’. Type of irrigation and storage structures are selected for the criterion ‘Adaptive capacity’. These indicators were mapped and integrated in GIS environment using overlay analysis. The five sub-basins, namely Arjunanadhi, Kousiganadhi, Sindapalli-Uppodai and Vallampatti Odai, fall under medium vulnerability profile, which indicates that the basin is under moderate stress of water resources. The paper also explores prioritization of sub-basinwise adaptation strategies to climate change based on the vulnerability indices.

Keywords: Adaptive capacity, exposure, overlay analysis, sensitivity, vulnerability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1124
116 Vulnerability of Groundwater Resources Selected for Emergency Water Supply

Authors: Frantisek Bozek, Alena Bumbova, Eduard Bakos

Abstract:

Paper is dealing with vulnerability concerning elements of hydrological structures and elements of technological equipments which are acceptable for groundwater resources. The vulnerability assessment stems from the application of the register of hazards and a potential threat to individual water source elements within each type of hazard. The proposed procedure is pattern for assessing the risks of disturbance, damage, or destruction of water source by the identified natural or technological hazards and consequently for classification of these risks in relation to emergency water supply. Using of this procedure was verified on selected groundwater resource in particular region, which seems to be as potentially useful for crisis planning system.

Keywords: Hazard, Hydrogeological Structure, Elements, Index, Sensitivity, Water Source, Vulnerability

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1444
115 Earthquake Vulnerability and Repair Cost Estimation of Masonry Buildings in the Old City Center of Annaba, Algeria

Authors: Allaeddine Athmani, Abdelhacine Gouasmia, Tiago Ferreira, Romeu Vicente

Abstract:

The seismic risk mitigation from the perspective of the old buildings stock is truly essential in Algerian urban areas, particularly those located in seismic prone regions, such as Annaba city, and which the old buildings present high levels of degradation associated with no seismic strengthening and/or rehabilitation concerns. In this sense, the present paper approaches the issue of the seismic vulnerability assessment of old masonry building stocks through the adaptation of a simplified methodology developed for a European context area similar to that of Annaba city, Algeria. Therefore, this method is used for the first level of seismic vulnerability assessment of the masonry buildings stock of the old city center of Annaba. This methodology is based on a vulnerability index that is suitable for the evaluation of damage and for the creation of large-scale loss scenarios. Over 380 buildings were evaluated in accordance with the referred methodology and the results obtained were then integrated into a Geographical Information System (GIS) tool. Such results can be used by the Annaba city council for supporting management decisions, based on a global view of the site under analysis, which led to more accurate and faster decisions for the risk mitigation strategies and rehabilitation plans.

Keywords: Damage scenarios, masonry buildings, old city center, seismic vulnerability, vulnerability index.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2097
114 A Medical Vulnerability Scoring System Incorporating Health and Data Sensitivity Metrics

Authors: Nadir A. Carreón, Christa Sonderer, Aakarsh Rao, Roman Lysecky

Abstract:

With the advent of complex software and increased connectivity, security of life-critical medical devices is becoming an increasing concern, particularly with their direct impact to human safety. Security is essential, but it is impossible to develop completely secure and impenetrable systems at design time. Therefore, it is important to assess the potential impact on security and safety of exploiting a vulnerability in such critical medical systems. The common vulnerability scoring system (CVSS) calculates the severity of exploitable vulnerabilities. However, for medical devices, it does not consider the unique challenges of impacts to human health and privacy. Thus, the scoring of a medical device on which a human life depends (e.g., pacemakers, insulin pumps) can score very low, while a system on which a human life does not depend (e.g., hospital archiving systems) might score very high. In this paper, we present a Medical Vulnerability Scoring System (MVSS) that extends CVSS to address the health and privacy concerns of medical devices. We propose incorporating two new parameters, namely health impact and sensitivity impact. Sensitivity refers to the type of information that can be stolen from the device, and health represents the impact to the safety of the patient if the vulnerability is exploited (e.g., potential harm, life threatening). We evaluate 15 different known vulnerabilities in medical devices and compare MVSS against two state-of-the-art medical device-oriented vulnerability scoring system and the foundational CVSS.

Keywords: Common vulnerability system, medical devices, medical device security, vulnerabilities.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 746
113 The Vulnerability Analysis of Java Bytecode Based on Points-to Dataflow

Authors: Tang Hong, Zhang Lufeng, Chen Hua, Zhang Jianbo

Abstract:

Today many developers use the Java components collected from the Internet as external LIBs to design and develop their own software. However, some unknown security bugs may exist in these components, such as SQL injection bug may comes from the components which have no specific check for the input string by users. To check these bugs out is very difficult without source code. So a novel method to check the bugs in Java bytecode based on points-to dataflow analysis is in need, which is different to the common analysis techniques base on the vulnerability pattern check. It can be used as an assistant tool for security analysis of Java bytecode from unknown softwares which will be used as extern LIBs.

Keywords: Java bytecode, points-to dataflow, vulnerability analysis

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1764
112 Forest Risk and Vulnerability Assessment: A Case Study from East Bokaro Coal Mining Area in India

Authors: Sujata Upgupta, Prasoon Kumar Singh

Abstract:

The expansion of large scale coal mining into forest areas is a potential hazard for the local biodiversity and wildlife. The objective of this study is to provide a picture of the threat that coal mining poses to the forests of the East Bokaro landscape. The vulnerable forest areas at risk have been assessed and the priority areas for conservation have been presented. The forested areas at risk in the current scenario have been assessed and compared with the past conditions using classification and buffer based overlay approach. Forest vulnerability has been assessed using an analytical framework based on systematic indicators and composite vulnerability index values. The results indicate that more than 4 km2 of forests have been lost from 1973 to 2016. Large patches of forests have been diverted for coal mining projects. Forests in the northern part of the coal field within 1-3 km radius around the coal mines are at immediate risk. The original contiguous forests have been converted into fragmented and degraded forest patches. Most of the collieries are located within or very close to the forests thus threatening the biodiversity and hydrology of the surrounding regions. Based on the vulnerability values estimated, it was concluded that more than 90% of the forested grids in East Bokaro are highly vulnerable to mining. The forests in the sub-districts of Bermo and Chandrapura have been identified as the most vulnerable to coal mining activities. This case study would add to the capacity of the forest managers and mine managers to address the risk and vulnerability of forests at a small landscape level in order to achieve sustainable development.

Keywords: Coal mining, forest, indicators, vulnerability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1160
111 Mental Vulnerability and Coping Strategies as a Factor for Academic Success for Pupils with Special Education Needs

Authors: T. Dubayova

Abstract:

Slovak, as well as foreign authors, believe that the influence of non-cognitive factors on a student's academic success or failure is unquestionable. The aim of this paper is to establish a link between the mental vulnerability and coping strategies used by 4th grade elementary school students in dealing with stressful situations and their academic performance, which was used as a simple quantitative indicator of academic success. The research sample consists of 320 students representing the standard population and 60 students with special education needs (SEN), who were assessed by the Strengths and Difficulties Questionnaire (SDQ) by their teachers and the Children’s Coping Strategies Checklist (CCSC-R1) filled in by themselves. Students with SEN recorded an extraordinarily high frequency of mental vulnerability (34.5 %) than students representing the standard population (7 %). The poorest academic performance of students with SEN was associated with the avoidance behavior displayed during stressful situations. Students of the standard population did not demonstrate this association. Students with SEN are more likely to display mental health problems than students of the standard population. This may be caused by the accumulation of and frequent exposure to situations that they perceive as stressful.

Keywords: Coping, mental vulnerability, students with special education needs, academic performance, academic success.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1557
110 A Remote Sensing Approach for Vulnerability and Environmental Change in Apodi Valley Region, Northeast Brazil

Authors: Mukesh Singh Boori, Venerando Eustáquio Amaro

Abstract:

The objective of this study was to improve our understanding of vulnerability and environmental change; it's causes basically show the intensity, its distribution and human-environment effect on the ecosystem in the Apodi Valley Region, This paper is identify, assess and classify vulnerability and environmental change in the Apodi valley region using a combined approach of landscape pattern and ecosystem sensitivity. Models were developed using the following five thematic layers: Geology, geomorphology, soil, vegetation and land use/cover, by means of a Geographical Information Systems (GIS)-based on hydro-geophysical parameters. In spite of the data problems and shortcomings, using ESRI-s ArcGIS 9.3 program, the vulnerability score, to classify, weight and combine a number of 15 separate land cover classes to create a single indicator provides a reliable measure of differences (6 classes) among regions and communities that are exposed to similar ranges of hazards. Indeed, the ongoing and active development of vulnerability concepts and methods have already produced some tools to help overcome common issues, such as acting in a context of high uncertainties, taking into account the dynamics and spatial scale of asocial-ecological system, or gathering viewpoints from different sciences to combine human and impact-based approaches. Based on this assessment, this paper proposes concrete perspectives and possibilities to benefit from existing commonalities in the construction and application of assessment tools.

Keywords: Vulnerability, Land use/cover, Ecosystem, Remotesensing, GIS.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2946
109 Using Vulnerability to Reduce False Positive Rate in Intrusion Detection Systems

Authors: Nadjah Chergui, Narhimene Boustia

Abstract:

Intrusion Detection Systems are an essential tool for network security infrastructure. However, IDSs have a serious problem which is the generating of massive number of alerts, most of them are false positive ones which can hide true alerts and make the analyst confused to analyze the right alerts for report the true attacks. The purpose behind this paper is to present a formalism model to perform correlation engine by the reduction of false positive alerts basing on vulnerability contextual information. For that, we propose a formalism model based on non-monotonic JClassicδє description logic augmented with a default (δ) and an exception (є) operator that allows a dynamic inference according to contextual information.

Keywords: Context, exception, default, IDS, Non-monotonic Description Logic JClassicδє, vulnerability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1430
108 Seismic Behavior and Capacity/Demand Analyses of a Simply-Supported Multi-Span Precast Bridge

Authors: Nasim Shatarat, Adel Assaf

Abstract:

This paper presents the results of an analytical study on the seismic response of a Multi-Span-Simply-Supported precast bridge in Washington State. The bridge was built in the early 1960's along Interstate 5 and was widened the first time in 1979 and the second time in 2001. The primary objective of this research project is to determine the seismic vulnerability of the bridge in order to develop the required retrofit measure. The seismic vulnerability of the bridge is evaluated using two seismic evaluation methods presented in the FHWA Seismic Retrofitting Manual for Highway Bridges, Method C and Method D2. The results of the seismic analyses demonstrate that Method C and Method D2 vary markedly in terms of the information they provide to the bridge designer regarding the vulnerability of the bridge columns.

Keywords: Bridges, Capacity, Demand, Seismic, Static pushover, Retrofit.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2954
107 Urban Growth, Sewerage Network and Flooding Risk: Flooding of November 10, 2001 in Algiers

Authors: Boualem El Kechebour, Djilali Benouar

Abstract:

The objective of this work is to present a expertise on flooding hazard analysis and how to reduce the risk. The analysis concerns the disaster induced by the flood on November 10/11, 2001 in the Bab El Oued district of the city of Algiers.The study begins by an expertise of damages in related with the urban environment and the history of the urban growth of the site. After this phase, the work is focalized on the identification of the existing correlations between the development of the town and its vulnerability. The final step consists to elaborate the interpretations on the interactions between the urban growth, the sewerage network and the vulnerability of the urban system.In conclusion, several recommendations are formulated permitting the mitigation of the risk in the future. The principal recommendations concern the new urban operations and the existing urbanized sites.

Keywords: urban growth, sewerage network, vulnerability of town, flooding risk, mitigation

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1648
106 The Impact of Supply Chain Strategy and Integration on Supply Chain Performance: Supply Chain Vulnerability as a Moderator

Authors: Yi-Chun Kuo, Jo-Chieh Lin

Abstract:

The objective of a supply chain strategy is to reduce waste and increase efficiency to attain cost benefits, and to guarantee supply chain flexibility when facing the ever-changing market environment in order to meet customer requirements. Strategy implementation aims to fulfill common goals and attain benefits by integrating upstream and downstream enterprises, sharing information, conducting common planning, and taking part in decision making, so as to enhance the overall performance of the supply chain. With the rise of outsourcing and globalization, the increasing dependence on suppliers and customers and the rapid development of information technology, the complexity and uncertainty of the supply chain have intensified, and supply chain vulnerability has surged, resulting in adverse effects on supply chain performance. Thus, this study aims to use supply chain vulnerability as a moderating variable and apply structural equation modeling (SEM) to determine the relationships among supply chain strategy, supply chain integration, and supply chain performance, as well as the moderating effect of supply chain vulnerability on supply chain performance. The data investigation of this study was questionnaires which were collected from the management level of enterprises in Taiwan and China, 149 questionnaires were received. The result of confirmatory factor analysis shows that the path coefficients of supply chain strategy on supply chain integration and supply chain performance are positive (0.497, t= 4.914; 0.748, t= 5.919), having a significantly positive effect. Supply chain integration is also significantly positively correlated to supply chain performance (0.192, t = 2.273). The moderating effects of supply chain vulnerability on supply chain strategy and supply chain integration to supply chain performance are significant (7.407; 4.687). In Taiwan, 97.73% of enterprises are small- and medium-sized enterprises (SMEs) focusing on receiving original equipment manufacturer (OEM) and original design manufacturer (ODM) orders. In order to meet the needs of customers and to respond to market changes, these enterprises especially focus on supply chain flexibility and their integration with the upstream and downstream enterprises. According to the observation of this research, the effect of supply chain vulnerability on supply chain performance is significant, and so enterprises need to attach great importance to the management of supply chain risk and conduct risk analysis on their suppliers in order to formulate response strategies when facing emergency situations. At the same time, risk management is incorporated into the supply chain so as to reduce the effect of supply chain vulnerability on the overall supply chain performance.

Keywords: Supply chain integration, supply chain performance, supply chain vulnerability, structural equation modeling.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 904
105 Static Analysis of Security Issues of the Python Packages Ecosystem

Authors: Adam Gorine, Faten Spondon

Abstract:

Python is considered the most popular programming language and offers its own ecosystem for archiving and maintaining open-source software packages. This system is called the Python Package Index (PyPI), the repository of this programming language. Unfortunately, one-third of these software packages have vulnerabilities that allow attackers to execute code automatically when a vulnerable or malicious package is installed. This paper contributes to large-scale empirical studies investigating security issues in the Python ecosystem by evaluating package vulnerabilities. These provide a series of implications that can help the security of software ecosystems by improving the process of discovering, fixing, and managing package vulnerabilities. The vulnerable dataset is generated using the NVD, the National Vulnerability Database, and the Snyk vulnerability dataset. In addition, we evaluated 807 vulnerability reports in the NVD and 3900 publicly known security vulnerabilities in Python Package Manager (Pip) from the Snyk database from 2002 to 2022. As a result, many Python vulnerabilities appear in high severity, followed by medium severity. The most problematic areas have been improper input validation and denial of service attacks. A hybrid scanning tool that combines the three scanners, Bandit, Snyk and Dlint, which provide a clear report of the code vulnerability, is also described.

Keywords: Python vulnerabilities, Bandit, Snyk, Dlint, Python Package Index, ecosystem, static analysis, malicious attacks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 243
104 DEVS Modeling of Network Vulnerability

Authors: Hee Suk Seo, Tae Kyung Kim

Abstract:

As network components grow larger and more diverse, and as securing them on a host-by-host basis grow more difficult, more sites are turning to a network security model. We concentrate on controlling network access to various hosts and the services they offer, rather than on securing them one by one with a network security model. We present how the policy rules from vulnerabilities stored in SVDB (Simulation based Vulnerability Data Base) are inducted, and how to be used in PBN. In the network security environment, each simulation model is hierarchically designed by DEVS (Discrete EVent system Specification) formalism.

Keywords: SVDB, PBN, DEVS, Network security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1570
103 Determining the Spatial Vulnerability Levels and Typologies of Coastal Cities to Climate Change: Case of Turkey

Authors: Mediha B. Sılaydın Aydın, Emine D. Kahraman

Abstract:

One of the important impacts of climate change is the sea level rise. Turkey is a peninsula, so the coastal areas of the country are threatened by the problem of sea level rise. Therefore, the urbanized coastal areas are highly vulnerable to climate change. At the aim of enhancing spatial resilience of urbanized areas, this question arises: What should be the priority intervention subject in the urban planning process for a given city. To answer this question, by focusing on the problem of sea level rise, this study aims to determine spatial vulnerability typologies and levels of Turkey coastal cities based on morphological, physical and social characteristics. As a method, spatial vulnerability of coastal cities is determined by two steps as level and type. Firstly, physical structure, morphological structure and social structure were examined in determining spatial vulnerability levels. By determining these levels, most vulnerable areas were revealed as a priority in adaptation studies. Secondly, all parameters are also used to determine spatial typologies. Typologies are determined for coastal cities in order to use as a base for urban planning studies. Adaptation to climate change is crucial for developing countries like Turkey so, this methodology and created typologies could be a guide for urban planners as spatial directors and an example for other developing countries in the context of adaptation to climate change. The results demonstrate that the urban settlements located on the coasts of the Marmara Sea, the Aegean Sea and the Mediterranean respectively, are more vulnerable than the cities located on the Black Sea’s coasts to sea level rise.

Keywords: Climate change, coastal cities, sea level rise, urban land use planning, vulnerability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1538
102 Coastal Vulnerability Index and Its Projection for Odisha Coast, East Coast of India

Authors: Bishnupriya Sahoo, Prasad K. Bhaskaran

Abstract:

Tropical cyclone is one among the worst natural hazards that results in a trail of destruction causing enormous damage to life, property, and coastal infrastructures. In a global perspective, the Indian Ocean is considered as one of the cyclone prone basins in the world. Specifically, the frequency of cyclogenesis in the Bay of Bengal is higher compared to the Arabian Sea. Out of the four maritime states in the East coast of India, Odisha is highly susceptible to tropical cyclone landfall. Historical records clearly decipher the fact that the frequency of cyclones have reduced in this basin. However, in the recent decades, the intensity and size of tropical cyclones have increased. This is a matter of concern as the risk and vulnerability level of Odisha coast exposed to high wind speed and gusts during cyclone landfall have increased. In this context, there is a need to assess and evaluate the severity of coastal risk, area of exposure under risk, and associated vulnerability with a higher dimension in a multi-risk perspective. Changing climate can result in the emergence of a new hazard and vulnerability over a region with differential spatial and socio-economic impact. Hence there is a need to have coastal vulnerability projections in a changing climate scenario. With this motivation, the present study attempts to estimate the destructiveness of tropical cyclones based on Power Dissipation Index (PDI) for those cyclones that made landfall along Odisha coast that exhibits an increasing trend based on historical data. The study also covers the futuristic scenarios of integral coastal vulnerability based on the trends in PDI for the Odisha coast. This study considers 11 essential and important parameters; the cyclone intensity, storm surge, onshore inundation, mean tidal range, continental shelf slope, topo-graphic elevation onshore, rate of shoreline change, maximum wave height, relative sea level rise, rainfall distribution, and coastal geomorphology. The study signifies that over a decadal scale, the coastal vulnerability index (CVI) depends largely on the incremental change in variables such as cyclone intensity, storm surge, and associated inundation. In addition, the study also performs a critical analysis on the modulation of PDI on storm surge and inundation characteristics for the entire coastal belt of Odisha State. Interestingly, the study brings to light that a linear correlation exists between the storm-tide with PDI. The trend analysis of PDI and its projection for coastal Odisha have direct practical applications in effective coastal zone management and vulnerability assessment.

Keywords: Bay of Bengal, coastal vulnerability index, power dissipation index, tropical cyclone.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1307
101 Seismic Vulnerability Assessment of Masonry Buildings in Seismic Prone Regions: The Case of Annaba City, Algeria

Authors: Allaeddine Athmani, Abdelhacine Gouasmia, Tiago Ferreira, Romeu Vicente

Abstract:

Seismic vulnerability assessment of masonry buildings is a fundamental issue even for moderate to low seismic hazard regions. This fact is even more important when dealing with old structures such as those located in Annaba city (Algeria), which the majority of dates back to the French colonial era from 1830. This category of buildings is in high risk due to their highly degradation state, heterogeneous materials and intrusive modifications to structural and non-structural elements. Furthermore, they are usually shelter a dense population, which is exposed to such risk. In order to undertake a suitable seismic risk mitigation strategies and reinforcement process for such structures, it is essential to estimate their seismic resistance capacity at a large scale. In this sense, two seismic vulnerability index methods and damage estimation have been adapted and applied to a pilot-scale building area located in the moderate seismic hazard region of Annaba city: The first one based on the EMS-98 building typologies, and the second one derived from the Italian GNDT approach. To perform this task, the authors took the advantage of an existing data survey previously performed for other purposes. The results obtained from the application of the two methods were integrated and compared using a geographic information system tool (GIS), with the ultimate goal of supporting the city council of Annaba for the implementation of risk mitigation and emergency planning strategies.

Keywords: Annaba city, EMS98 concept, GNDT method, old city center, seismic vulnerability index, unreinforced masonry buildings.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1635
100 Vulnerability Analysis for Risk Zones Boundary Definition to Support a Decision Making Process at CBRNE Operations

Authors: Aliaksei Patsekha, Michael Hohenberger, Harald Raupenstrauch

Abstract:

An effective emergency response to accidents with chemical, biological, radiological, nuclear, or explosive materials (CBRNE) that represent highly dynamic situations needs immediate actions within limited time, information and resources. The aim of the study is to provide the foundation for division of unsafe area into risk zones according to the impact of hazardous parameters (heat radiation, thermal dose, overpressure, chemical concentrations). A decision on the boundary values for three risk zones is based on the vulnerability analysis that covered a variety of accident scenarios containing the release of a toxic or flammable substance which either evaporates, ignites and/or explodes. Critical values are selected for the boundary definition of the Red, Orange and Yellow risk zones upon the examination of harmful effects that are likely to cause injuries of varying severity to people and different levels of damage to structures. The obtained results provide the basis for creating a comprehensive real-time risk map for a decision support at CBRNE operations.

Keywords: Boundary values, CBRNE threats, decision making process, hazardous effects, vulnerability analysis, risk zones.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 442
99 Surveying Earthquake Vulnerabilities of District 13 of Kabul City, Afghanistan

Authors: Mohsen Mohammadi, Toshio Fujimi

Abstract:

High population and irregular urban development in Kabul city, Afghanistan's capital, are among factors that increase its vulnerability to earthquake disasters (on top of its location in a high seismic region); this can lead to widespread economic loss and casualties. This study aims to evaluate earthquake risks in Kabul's 13th district based on scientific data. The research data, which include hazard curves of Kabul, vulnerability curves, and a questionnaire survey through sampling in district 13, have been incorporated to develop risk curves. To estimate potential casualties, we used a set of M parameters in a model developed by Coburn and Spence. The results indicate that in the worst case scenario, more than 90% of district 13, which comprises mostly residential buildings, is exposed to high risk; this may lead to nearly 1000 million USD economic loss and 120 thousand casualties (equal to 25.88% of the 13th district's population) for a nighttime earthquake. To reduce risks, we present the reconstruction of the most vulnerable buildings, which are primarily adobe and masonry buildings. A comparison of risk reduction between reconstructing adobe and masonry buildings indicates that rebuilding adobe buildings would be more effective.

Keywords: Earthquake risk evaluation, Kabul, mitigation, vulnerability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1635
98 Seismic Vulnerability of Structures Designed in Accordance with the Allowable Stress Design and Load Resistant Factor Design Methods

Authors: Mohammadreza Vafaei, Amirali Moradi, Sophia C. Alih

Abstract:

The method selected for the design of structures not only can affect their seismic vulnerability but also can affect their construction cost. For the design of steel structures, two distinct methods have been introduced by existing codes, namely allowable stress design (ASD) and load resistant factor design (LRFD). This study investigates the effect of using the aforementioned design methods on the seismic vulnerability and construction cost of steel structures. Specifically, a 20-story building equipped with special moment resisting frame and an eccentrically braced system was selected for this study. The building was designed for three different intensities of peak ground acceleration including 0.2 g, 0.25 g, and 0.3 g using the ASD and LRFD methods. The required sizes of beams, columns, and braces were obtained using response spectrum analysis. Then, the designed frames were subjected to nine natural earthquake records which were scaled to the designed response spectrum. For each frame, the base shear, story shears, and inter-story drifts were calculated and then were compared. Results indicated that the LRFD method led to a more economical design for the frames. In addition, the LRFD method resulted in lower base shears and larger inter-story drifts when compared with the ASD method. It was concluded that the application of the LRFD method not only reduced the weights of structural elements but also provided a higher safety margin against seismic actions when compared with the ASD method.

Keywords: Allowable stress design, load resistant factor design, nonlinear time history analysis, seismic vulnerability, steel structures.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1111
97 Assessing drought Vulnerability of Bulgarian Agriculture through Model Simulations

Authors: Z. Popova, L. S. Pereira, М. Ivanova, P. Alexandrova, K. Doneva, V. Alexandrov, M. Kercheva

Abstract:

This study assesses the vulnerability of Bulgarian agriculture to drought using the WINISAREG model and seasonal standard precipitation index SPI(2) for the period 1951-2004. This model was previously validated for maize on soils of different water holding capacity (TAW) in various locations. Simulations are performed for Plovdiv, Stara Zagora and Sofia. Results relative to Plovdiv show that in soils of large TAW (180 mm m-1) net irrigation requirements (NIRs) range 0-40 mm in wet years and 350-380 mm in dry years. In soils of small TAW (116 mm m-1), NIRs reach 440 mm in the very dry year. NIRs in Sofia are about 80 mm smaller. Rainfed maize is associated with great yield variability (29%91%) were found for seasonal agricultural drought relating the SPI (2) for “July-Aug" with the simulated RYD of rainfed maize while in Stara Zagora and Sofia the relationships are less accurate (R2>71%). When rainfed maize is grown on soils of large TAW economical losses are produced when high peak season SPI (2) < -0.50 in Plovdiv/Stara Zagora and SPI (2) < -0.90 in Sofia. The corresponding NIR thresholds were identified.

Keywords: Drought vulnerability, ISAREG simulation model, South Bulgaria, SPI-index

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1743