Random Access Performance of Distributed Sensors Attacked by Unknown Jammers

Directory of Open Access Journals (Sweden)

Dae-Kyo Jeong

2017-11-01

Full Text Available In this paper, we model and investigate the random access (RA performance of sensor nodes (SN in a wireless sensor network (WSN. In the WSN, a central head sensor (HS collects the information from distributed SNs, and jammers disturb the information transmission primarily by generating interference. In this paper, two jamming attacks are considered: power and code jamming. Power jammers (if they are friendly jammers generate noises and, as a result, degrade the quality of the signal from SNs. Power jamming is equally harmful to all the SNs that are accessing HS and simply induces denial of service (DoS without any need to hack HS or SNs. On the other hand, code jammers mimic legitimate SNs by sending fake signals and thus need to know certain system parameters that are used by the legitimate SNs. As a result of code jamming, HS falsely allocates radio resources to SNs. The code jamming hence increases the failure probability in sending the information messages, as well as misleads the usage of radio resources. In this paper, we present the probabilities of successful preamble transmission with power ramping according to the jammer types and provide the resulting throughput and delay of information transmission by SNs, respectively. The effect of two jamming attacks on the RA performances is compared with numerical investigation. The results show that, compared to RA without jammers, power and code jamming degrade the throughput by up to 30.3% and 40.5%, respectively, while the delay performance by up to 40.1% and 65.6%, respectively.

Effects of Motivation: Rewarding Hackers for Undetected Attacks Cause Analysts to Perform Poorly.

Science.gov (United States)

Maqbool, Zahid; Makhijani, Nidhi; Pammi, V S Chandrasekhar; Dutt, Varun

2017-05-01

The aim of this study was to determine how monetary motivations influence decision making of humans performing as security analysts and hackers in a cybersecurity game. Cyberattacks are increasing at an alarming rate. As cyberattacks often cause damage to existing cyber infrastructures, it is important to understand how monetary rewards may influence decision making of hackers and analysts in the cyber world. Currently, only limited attention has been given to this area. In an experiment, participants were randomly assigned to three between-subjects conditions ( n = 26 for each condition): equal payoff, where the magnitude of monetary rewards for hackers and defenders was the same; rewarding hacker, where the magnitude of monetary reward for hacker's successful attack was 10 times the reward for analyst's successful defense; and rewarding analyst, where the magnitude of monetary reward for analyst's successful defense was 10 times the reward for hacker's successful attack. In all conditions, half of the participants were human hackers playing against Nash analysts and half were human analysts playing against Nash hackers. Results revealed that monetary rewards for human hackers and analysts caused a decrease in attack and defend actions compared with the baseline. Furthermore, rewarding human hackers for undetected attacks made analysts deviate significantly from their optimal behavior. If hackers are rewarded for their undetected attack actions, then this causes analysts to deviate from optimal defend proportions. Thus, analysts need to be trained not become overenthusiastic in defending networks. Applications of our results are to networks where the influence of monetary rewards may cause information theft and system damage.

A performance study of unmanned aerial vehicle-based sensor networks under cyber attack

Science.gov (United States)

Puchaty, Ethan M.

In UAV-based sensor networks, an emerging area of interest is the performance of these networks under cyber attack. This study seeks to evaluate the performance trade-offs from a System-of-Systems (SoS) perspective between various UAV communications architecture options in the context two missions: tracking ballistic missiles and tracking insurgents. An agent-based discrete event simulation is used to model a sensor communication network consisting of UAVs, military communications satellites, ground relay stations, and a mission control center. Network susceptibility to cyber attack is modeled with probabilistic failures and induced data variability, with performance metrics focusing on information availability, latency, and trustworthiness. Results demonstrated that using UAVs as routers increased network availability with a minimal latency penalty and communications satellite networks were best for long distance operations. Redundancy in the number of links between communication nodes helped mitigate cyber-caused link failures and add robustness in cases of induced data variability by an adversary. However, when failures were not independent, redundancy and UAV routing were detrimental in some cases to network performance. Sensitivity studies indicated that long cyber-caused downtimes and increasing failure dependencies resulted in build-ups of failures and caused significant degradations in network performance.

DDOS ATTACK DETECTION SIMULATION AND HANDLING MECHANISM

Directory of Open Access Journals (Sweden)

Ahmad Sanmorino

2013-11-01

Full Text Available In this study we discuss how to handle DDoS attack that coming from the attacker by using detection method and handling mechanism. Detection perform by comparing number of packets and number of flow. Whereas handling mechanism perform by limiting or drop the packets that detected as a DDoS attack. The study begins with simulation on real network, which aims to get the real traffic data. Then, dump traffic data obtained from the simulation used for detection method on our prototype system called DASHM (DDoS Attack Simulation and Handling Mechanism. From the result of experiment that has been conducted, the proposed method successfully detect DDoS attack and handle the incoming packet sent by attacker.

Effects of aspirin on risk and severity of early recurrent stroke after transient ischaemic attack and ischaemic stroke : time-course analysis of randomised trials

NARCIS (Netherlands)

Rothwell, Peter M; Algra, Ale; Chen, Zhengming; Diener, Hans-Christoph; Norrving, Bo; Mehta, Ziyah

2016-01-01

BACKGROUND: Aspirin is recommended for secondary prevention after transient ischaemic attack (TIA) or ischaemic stroke on the basis of trials showing a 13% reduction in long-term risk of recurrent stroke. However, the risk of major stroke is very high for only the first few days after TIA and minor

Terrorists on Trial: A Performative Perspective

NARCIS (Netherlands)

de Graaf, B.A.

On 30 March 2011, ICCT – The Hague organised an Expert Meeting entitled ‘Terrorism Trials as Theatre: A Performative Perspective’. The Expert Meeting applied a performative perspective to three well known and recent trials in different parts of the world: the trials against the Dutch Hofstad Group,

Whispering through DDoS attack

Directory of Open Access Journals (Sweden)

Miralem Mehic

2016-03-01

Full Text Available Denial of service (DoS attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes of hiding data or concealing the existing covert channel. In addition, in this paper we analyzed the possibility of detection of such covert communication with the well-known statistical method. Also, we proposed the coordination mechanisms of the attack which may be used. A lot of research has been done in order to describe and prevent DDoS attacks, yet research on steganography on this field is still scarce.

Simulating Effects of High Angle of Attack on Turbofan Engine Performance

Science.gov (United States)

Liu, Yuan; Claus, Russell W.; Litt, Jonathan S.; Guo, Ten-Huei

2013-01-01

A method of investigating the effects of high angle of attack (AOA) flight on turbofan engine performance is presented. The methodology involves combining a suite of diverse simulation tools. Three-dimensional, steady-state computational fluid dynamics (CFD) software is used to model the change in performance of a commercial aircraft-type inlet and fan geometry due to various levels of AOA. Parallel compressor theory is then applied to assimilate the CFD data with a zero-dimensional, nonlinear, dynamic turbofan engine model. The combined model shows that high AOA operation degrades fan performance and, thus, negatively impacts compressor stability margins and engine thrust. In addition, the engine response to high AOA conditions is shown to be highly dependent upon the type of control system employed.

Plasma Exchange in Severe Attacks of Neuromyelitis Optica

Directory of Open Access Journals (Sweden)

Mickael Bonnan

2012-01-01

Full Text Available Background. Neuromyelitis optica (NMO attacks are poorly controlled by steroids and evolve in stepwise neurological impairments. Assuming the strong humoral response underlying NMO attacks, plasma exchange (PLEX is an appropriate technique in severe NMO attacks. Objective. Presenting an up-to-date review of the literature of PLEX in NMO. Methods. We summarize the rationale of PLEX in relation with the physiology of NMO, the main technical aspects, and the available studies. Results. PLEX in severe attacks from myelitis or optic neuritis are associated with a better outcome, depending on PLEX delay (“time is cord and eyes”. NMO-IgG status has no influence. Finally, we build up an original concept linking the inner dynamic of the lesion, the timing of PLEX onset and the expected clinical results. Conclusion. PLEX is a safe and efficient add-on therapy in NMO, in synergy with steroids. Large therapeutic trials are required to definitely assess the procedure and define the time opportunity window.

Practical quantum private query with better performance in resisting joint-measurement attack

Science.gov (United States)

Wei, Chun-Yan; Wang, Tian-Yin; Gao, Fei

2016-04-01

As a kind of practical protocol, quantum-key-distribution (QKD)-based quantum private queries (QPQs) have drawn lots of attention. However, joint-measurement (JM) attack poses a noticeable threat to the database security in such protocols. That is, by JM attack a malicious user can illegally elicit many more items from the database than the average amount an honest one can obtain. Taking Jacobi et al.'s protocol as an example, by JM attack a malicious user can obtain as many as 500 bits, instead of the expected 2.44 bits, from a 104-bit database in one query. It is a noticeable security flaw in theory, and would also arise in application with the development of quantum memories. To solve this problem, we propose a QPQ protocol based on a two-way QKD scheme, which behaves much better in resisting JM attack. Concretely, the user Alice cannot get more database items by conducting JM attack on the qubits because she has to send them back to Bob (the database holder) before knowing which of them should be jointly measured. Furthermore, JM attack by both Alice and Bob would be detected with certain probability, which is quite different from previous protocols. Moreover, our protocol retains the good characters of QKD-based QPQs, e.g., it is loss tolerant and robust against quantum memory attack.

Performance Evaluation of Localization Accuracy for a Log-Normal Shadow Fading Wireless Sensor Network under Physical Barrier Attacks.

Science.gov (United States)

Hussein, Ahmed Abdulqader; Rahman, Tharek A; Leow, Chee Yen

2015-12-04

Localization is an apparent aspect of a wireless sensor network, which is the focus of much interesting research. One of the severe conditions that needs to be taken into consideration is localizing a mobile target through a dispersed sensor network in the presence of physical barrier attacks. These attacks confuse the localization process and cause location estimation errors. Range-based methods, like the received signal strength indication (RSSI), face the major influence of this kind of attack. This paper proposes a solution based on a combination of multi-frequency multi-power localization (C-MFMPL) and step function multi-frequency multi-power localization (SF-MFMPL), including the fingerprint matching technique and lateration, to provide a robust and accurate localization technique. In addition, this paper proposes a grid coloring algorithm to detect the signal hole map in the network, which refers to the attack-prone regions, in order to carry out corrective actions. The simulation results show the enhancement and robustness of RSS localization performance in the face of log normal shadow fading effects, besides the presence of physical barrier attacks, through detecting, filtering and eliminating the effect of these attacks.

Performance Evaluation of Localization Accuracy for a Log-Normal Shadow Fading Wireless Sensor Network under Physical Barrier Attacks

Science.gov (United States)

Abdulqader Hussein, Ahmed; Rahman, Tharek A.; Leow, Chee Yen

2015-01-01

Localization is an apparent aspect of a wireless sensor network, which is the focus of much interesting research. One of the severe conditions that needs to be taken into consideration is localizing a mobile target through a dispersed sensor network in the presence of physical barrier attacks. These attacks confuse the localization process and cause location estimation errors. Range-based methods, like the received signal strength indication (RSSI), face the major influence of this kind of attack. This paper proposes a solution based on a combination of multi-frequency multi-power localization (C-MFMPL) and step function multi-frequency multi-power localization (SF-MFMPL), including the fingerprint matching technique and lateration, to provide a robust and accurate localization technique. In addition, this paper proposes a grid coloring algorithm to detect the signal hole map in the network, which refers to the attack-prone regions, in order to carry out corrective actions. The simulation results show the enhancement and robustness of RSS localization performance in the face of log normal shadow fading effects, besides the presence of physical barrier attacks, through detecting, filtering and eliminating the effect of these attacks. PMID:26690159

Temporal Cyber Attack Detection.

Energy Technology Data Exchange (ETDEWEB)

Ingram, Joey Burton [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Draelos, Timothy J. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Galiardi, Meghan [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Doak, Justin E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2017-11-01

Rigorous characterization of the performance and generalization ability of cyber defense systems is extremely difficult, making it hard to gauge uncertainty, and thus, confidence. This difficulty largely stems from a lack of labeled attack data that fully explores the potential adversarial space. Currently, performance of cyber defense systems is typically evaluated in a qualitative manner by manually inspecting the results of the system on live data and adjusting as needed. Additionally, machine learning has shown promise in deriving models that automatically learn indicators of compromise that are more robust than analyst-derived detectors. However, to generate these models, most algorithms require large amounts of labeled data (i.e., examples of attacks). Algorithms that do not require annotated data to derive models are similarly at a disadvantage, because labeled data is still necessary when evaluating performance. In this work, we explore the use of temporal generative models to learn cyber attack graph representations and automatically generate data for experimentation and evaluation. Training and evaluating cyber systems and machine learning models requires significant, annotated data, which is typically collected and labeled by hand for one-off experiments. Automatically generating such data helps derive/evaluate detection models and ensures reproducibility of results. Experimentally, we demonstrate the efficacy of generative sequence analysis techniques on learning the structure of attack graphs, based on a realistic example. These derived models can then be used to generate more data. Additionally, we provide a roadmap for future research efforts in this area.

Lead exposure potentiates predatory attack behavior in the cat

International Nuclear Information System (INIS)

Li Wenjie; Han Shenggao; Gregg, T.R.; Kemp, F.W.Francis W.; Davidow, A.L.; Louria, D.B.; Siegel, Allan; Bogden, J.D.

2003-01-01

Epidemiologic studies have demonstrated that environmental lead exposure is associated with aggressive behavior in children; however, numerous confounding variables limit the ability of these studies to establish a causal relationship. The study of aggressive behavior using a validated animal model was used to test the hypothesis that there is a causal relationship between lead exposure and aggression in the absence of confounding variables. We studied the effects of lead exposure on a feline model of aggression: predatory (quiet biting) attack of an anesthetized rat. Five cats were stimulated with a precisely controlled electrical current via electrodes inserted into the lateral hypothalamus. The response measure was the predatory attack threshold current (i.e., the current required to elicit an attack response on 50% of the trials). Blocks of trials were administered in which predatory attack threshold currents were measured three times a week for a total of 6-10 weeks, including before, during, and after lead exposure. Lead was incorporated into cat food 'treats' at doses of 50-150 mg/kg/day. Two of the five cats received a second period of lead exposure. Blood lead concentrations were measured twice a week and were <1, 21-77, and <20 μg/dL prior to, during, and after lead exposure, respectively. The predatory attack threshold decreased significantly during initial lead exposure in three of five cats and increased after the cessation of lead exposure in four of the five cats (P<0.01). The predatory attack thresholds and blood lead concentrations for each cat were inversely correlated (r=-0.35 to -0.74). A random-effects mixed model demonstrated a significant (P=0.0019) negative association between threshold current and blood lead concentration. The data of this study demonstrate that lead exposure enhances predatory aggression in the cat and provide experimental support for a causal relationship between lead exposure and aggressive behavior in humans

Situational awareness of a coordinated cyber attack

Science.gov (United States)

Sudit, Moises; Stotz, Adam; Holender, Michael

2005-03-01

As technology continues to advance, services and capabilities become computerized, and an ever increasing amount of business is conducted electronically the threat of cyber attacks gets compounded by the complexity of such attacks and the criticality of the information which must be secured. A new age of virtual warfare has dawned in which seconds can differentiate between the protection of vital information and/or services and a malicious attacker attaining their goal. In this paper we present a novel approach in the real-time detection of multistage coordinated cyber attacks and the promising initial testing results we have obtained. We introduce INFERD (INformation Fusion Engine for Real-time Decision-making), an adaptable information fusion engine which performs fusion at levels zero, one, and two to provide real-time situational assessment and its application to the cyber domain in the ECCARS (Event Correlation for Cyber Attack Recognition System) system. The advantages to our approach are fourfold: (1) The complexity of the attacks which we consider, (2) the level of abstraction in which the analyst interacts with the attack scenarios, (3) the speed at which the information fusion is presented and performed, and (4) our disregard for ad-hoc rules or a priori parameters.

Activity Modelling and Comparative Evaluation of WSN MAC Security Attacks

DEFF Research Database (Denmark)

Pawar, Pranav M.; Nielsen, Rasmus Hjorth; Prasad, Neeli R.

2012-01-01

and initiate security attacks that disturb the normal functioning of the network in a severe manner. Such attacks affect the performance of the network by increasing the energy consumption, by reducing throughput and by inducing long delays. Of all existing WSN attacks, MAC layer attacks are considered...... the most harmful as they directly affect the available resources and thus the nodes’ energy consumption. The first endeavour of this paper is to model the activities of MAC layer security attacks to understand the flow of activities taking place when mounting the attack and when actually executing it....... The second aim of the paper is to simulate these attacks on hybrid MAC mechanisms, which shows the performance degradation of aWSN under the considered attacks. The modelling and implementation of the security attacks give an actual view of the network which can be useful in further investigating secure...

Dolichoectasia and Small Vessel Disease in Young Patients With Transient Ischemic Attack and Stroke.

Science.gov (United States)

Thijs, Vincent; Grittner, Ulrike; Fazekas, Franz; McCabe, Dominick J H; Giese, Anne-Katrin; Kessler, Christof; Martus, Peter; Norrving, Bo; Ringelstein, Erich Bernd; Schmidt, Reinhold; Tanislav, Christian; Putaala, Jukka; Tatlisumak, Turgut; von Sarnowski, Bettina; Rolfs, Arndt; Enzinger, Christian

2017-09-01

We evaluated whether basilar dolichoectasia is associated with markers of cerebral small vessel disease in younger transient ischemic attack and ischemic stroke patients. We used data from the SIFAP1 study (Stroke in Young Fabry Patients), a large prospective, hospital-based, screening study for Fabry disease in young (ischemic attack/stroke patients in whom detailed clinical data and brain MRI were obtained, and stroke subtyping with TOAST classification (Trial of ORG 10172 in Acute Stroke Treatment) was performed. Dolichoectasia was found in 508 of 3850 (13.2%) of patients. Dolichoectasia was associated with older age (odds ratio per decade, 1.26; 95% confidence interval, 1.09-1.44), male sex (odds ratio, 1.96; 95% confidence interval, 1.59-2.42), and hypertension (odds ratio, 1.39; 95% confidence interval, 1.13-1.70). Dolichoectasia was more common in patients with small infarctions (33.9% versus 29.8% for acute lesions, P =0.065; 29.1% versus 16.5% for old lesions, P ischemic attack and ischemic stroke. URL: http://www.clinicaltrials.gov. Unique identifier: NCT00414583. © 2017 American Heart Association, Inc.

Modelling Social-Technical Attacks with Timed Automata

DEFF Research Database (Denmark)

David, Nicolas; David, Alexandre; Hansen, Rene Rydhof

2015-01-01

. In this paper we develop an approach towards modelling socio-technical systems in general and socio-technical attacks in particular, using timed automata and illustrate its application by a complex case study. Thanks to automated model checking and automata theory, we can automatically generate possible attacks...... in our model and perform analysis and simulation of both model and attack, revealing details about the specific interaction between attacker and victim. Using timed automata also allows for intuitive modelling of systems, in which quantities like time and cost can be easily added and analysed....

Inflammation and neuropathic attacks in hereditary brachial plexus neuropathy

Science.gov (United States)

Klein, C; Dyck, P; Friedenberg, S; Burns, T; Windebank, A; Dyck, P

2002-01-01

Objective: To study the role of mechanical, infectious, and inflammatory factors inducing neuropathic attacks in hereditary brachial plexus neuropathy (HBPN), an autosomal dominant disorder characterised by attacks of pain and weakness, atrophy, and sensory alterations of the shoulder girdle and upper limb muscles. Methods: Four patients from separate kindreds with HBPN were evaluated. Upper extremity nerve biopsies were obtained during attacks from a person of each kindred. In situ hybridisation for common viruses in nerve tissue and genetic testing for a hereditary tendency to pressure palsies (HNPP; tomaculous neuropathy) were undertaken. Two patients treated with intravenous methyl prednisolone had serial clinical and electrophysiological examinations. One patient was followed prospectively through pregnancy and during the development of a stereotypic attack after elective caesarean delivery. Results: Upper extremity nerve biopsies in two patients showed prominent perivascular inflammatory infiltrates with vessel wall disruption. Nerve in situ hybridisation for viruses was negative. There were no tomaculous nerve changes. In two patients intravenous methyl prednisolone ameliorated symptoms (largely pain), but with tapering of steroid dose, signs and symptoms worsened. Elective caesarean delivery did not prevent a typical postpartum attack. Conclusions: Inflammation, probably immune, appears pathogenic for some if not all attacks of HBPN. Immune modulation may be useful in preventing or reducing the neuropathic attacks, although controlled trials are needed to establish efficacy, as correction of the mutant gene is still not possible. The genes involved in immune regulation may be candidates for causing HBPN disorders. PMID:12082044

Adaptive cyber-attack modeling system

Science.gov (United States)

Gonsalves, Paul G.; Dougherty, Edward T.

2006-05-01

The pervasiveness of software and networked information systems is evident across a broad spectrum of business and government sectors. Such reliance provides an ample opportunity not only for the nefarious exploits of lone wolf computer hackers, but for more systematic software attacks from organized entities. Much effort and focus has been placed on preventing and ameliorating network and OS attacks, a concomitant emphasis is required to address protection of mission critical software. Typical software protection technique and methodology evaluation and verification and validation (V&V) involves the use of a team of subject matter experts (SMEs) to mimic potential attackers or hackers. This manpower intensive, time-consuming, and potentially cost-prohibitive approach is not amenable to performing the necessary multiple non-subjective analyses required to support quantifying software protection levels. To facilitate the evaluation and V&V of software protection solutions, we have designed and developed a prototype adaptive cyber attack modeling system. Our approach integrates an off-line mechanism for rapid construction of Bayesian belief network (BN) attack models with an on-line model instantiation, adaptation and knowledge acquisition scheme. Off-line model construction is supported via a knowledge elicitation approach for identifying key domain requirements and a process for translating these requirements into a library of BN-based cyber-attack models. On-line attack modeling and knowledge acquisition is supported via BN evidence propagation and model parameter learning.

Simulation of Attacks for Security in Wireless Sensor Network.

Science.gov (United States)

Diaz, Alvaro; Sanchez, Pablo

2016-11-18

The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node's software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work.

Simulation of Attacks for Security in Wireless Sensor Network

Science.gov (United States)

Diaz, Alvaro; Sanchez, Pablo

2016-01-01

The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node’s software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work. PMID:27869710

Understanding How Components of Organisations Contribute to Attacks

DEFF Research Database (Denmark)

Gu, Min; Aslanyan, Zaruhi; Probst, Christian W.

2016-01-01

Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors is diffi......Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors...... is difficult. Recently, system models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However......, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, understanding the relations between several model...

Coronary heart disease risk in patients with stroke or transient ischemic attack and no known coronary heart disease: findings from the Stroke Prevention by Aggressive Reduction in Cholesterol Levels (SPARCL) trial

DEFF Research Database (Denmark)

Amarenco, Pierre; Goldstein, Larry B; Sillesen, Henrik

2010-01-01

Noncoronary forms of atherosclerosis (including transient ischemic attacks or stroke of carotid origin or >50% stenosis of the carotid artery) are associated with a 10-year vascular risk of >20% and are considered as a coronary heart disease (CHD) -risk equivalent from the standpoint of lipid...... management. The Stroke Prevention by Aggressive Reduction in Cholesterol Levels (SPARCL) trial included patients with stroke or transient ischemic attack and no known CHD regardless of the presence of carotid atherosclerosis. We evaluated the risk of developing clinically recognized CHD in SPARCL patients....

Lead exposure potentiates predatory attack behavior in the cat.

Science.gov (United States)

Li, Wenjie; Han, Shenggao; Gregg, Thomas R; Kemp, Francis W; Davidow, Amy L; Louria, Donald B; Siegel, Allan; Bogden, John D

2003-07-01

Epidemiologic studies have demonstrated that environmental lead exposure is associated with aggressive behavior in children; however, numerous confounding variables limit the ability of these studies to establish a causal relationship. The study of aggressive behavior using a validated animal model was used to test the hypothesis that there is a causal relationship between lead exposure and aggression in the absence of confounding variables. We studied the effects of lead exposure on a feline model of aggression: predatory (quiet biting) attack of an anesthetized rat. Five cats were stimulated with a precisely controlled electrical current via electrodes inserted into the lateral hypothalamus. The response measure was the predatory attack threshold current (i.e., the current required to elicit an attack response on 50% of the trials). Blocks of trials were administered in which predatory attack threshold currents were measured three times a week for a total of 6-10 weeks, including before, during, and after lead exposure. Lead was incorporated into cat food "treats" at doses of 50-150 mg/kg/day. Two of the five cats received a second period of lead exposure. Blood lead concentrations were measured twice a week and were cats and increased after the cessation of lead exposure in four of the five cats (Pcat were inversely correlated (r=-0.35 to -0.74). A random-effects mixed model demonstrated a significant (P=0.0019) negative association between threshold current and blood lead concentration. The data of this study demonstrate that lead exposure enhances predatory aggression in the cat and provide experimental support for a causal relationship between lead exposure and aggressive behavior in humans.

Attack Potential Evaluation in Desktop and Smartphone Fingerprint Sensors: Can They Be Attacked by Anyone?

Directory of Open Access Journals (Sweden)

Ines Goicoechea-Telleria

2018-01-01

Full Text Available The use of biometrics keeps growing. Every day, we use biometric recognition to unlock our phones or to have access to places such as the gym or the office, so we rely on the security manufacturers offer when protecting our privileges and private life. It is well known that it is possible to hack into a fingerprint sensor using fake fingers made of Play-Doh and other easy-to-obtain materials but to what extent? Is this true for all users or only for specialists with a deep knowledge on biometrics? Are smartphone fingerprint sensors as reliable as desktop sensors? To answer these questions, we performed 3 separate evaluations. First, we evaluated 4 desktop fingerprint sensors of different technologies by attacking them with 7 different fake finger materials. All of them were successfully attacked by an experienced attacker. Secondly, we carried out a similar test on 5 smartphones with embedded sensors using the most successful materials, which also hacked the 5 sensors. Lastly, we gathered 15 simulated attackers with no background in biometrics to create fake fingers of several materials, and they had one week to attack the fingerprint sensors of the same 5 smartphones, with the starting point of a short video with the techniques to create them. All 5 smartphones were successfully attacked by an inexperienced attacker. This paper will provide the results achieved, as well as an analysis on the attack potential of every case. All results are given following the metrics of the standard ISO/IEC 30107-3.

Disclosure of investigators' recruitment performance in multicenter clinical trials

DEFF Research Database (Denmark)

Dal-Ré, Rafael; Moher, David; Gluud, Christian

2011-01-01

Rafael Dal-Ré and colleagues argue that the recruitment targets and performance of all site investigators in multi-centre clinical trials should be disclosed in trial registration sites before a trial starts, and when it ends.......Rafael Dal-Ré and colleagues argue that the recruitment targets and performance of all site investigators in multi-centre clinical trials should be disclosed in trial registration sites before a trial starts, and when it ends....

Data-plane Defenses against Routing Attacks on Tor

Directory of Open Access Journals (Sweden)

Tan Henry

2016-10-01

Full Text Available Tor is susceptible to traffic correlation attacks in which an adversary who observes flows entering and leaving the anonymity network can apply statistical techniques to correlate flows and de-anonymize their endpoints. While an adversary may not be naturally positioned to conduct such attacks, a recent study shows that the Internet’s control-plane can be manipulated to increase an adversary’s view of the network, and consequently, improve its ability to perform traffic correlation. This paper explores, in-depth, the effects of control-plane attacks on the security of the Tor network. Using accurate models of the live Tor network, we quantify Tor’s susceptibility to these attacks by measuring the fraction of the Tor network that is vulnerable and the advantage to the adversary of performing the attacks. We further propose defense mechanisms that protect Tor users from manipulations at the control-plane. Perhaps surprisingly, we show that by leveraging existing trust anchors in Tor, defenses deployed only in the data-plane are sufficient to detect most control-plane attacks. Our defenses do not assume the active participation of Internet Service Providers, and require only very small changes to Tor. We show that our defenses result in a more than tenfold decrease in the effectiveness of certain control-plane attacks.

Adaptive optimisation-offline cyber attack on remote state estimator

Science.gov (United States)

Huang, Xin; Dong, Jiuxiang

2017-10-01

Security issues of cyber-physical systems have received increasing attentions in recent years. In this paper, deception attacks on the remote state estimator equipped with the chi-squared failure detector are considered, and it is assumed that the attacker can monitor and modify all the sensor data. A novel adaptive optimisation-offline cyber attack strategy is proposed, where using the current and previous sensor data, the attack can yield the largest estimation error covariance while ensuring to be undetected by the chi-squared monitor. From the attacker's perspective, the attack is better than the existing linear deception attacks to degrade the system performance. Finally, some numerical examples are provided to demonstrate theoretical results.

Network attacks and defenses a hands-on approach

CERN Document Server

Trabelsi, Zouheir; Al Braiki, Arwa; Mathew, Sujith Samuel

2012-01-01

The attacks on computers and business networks are growing daily, and the need for security professionals who understand how malfeasants perform attacks and compromise networks is a growing requirement to counter the threat. Network security education generally lacks appropriate textbooks with detailed, hands-on exercises that include both offensive and defensive techniques. Using step-by-step processes to build and generate attacks using offensive techniques, Network Attacks and Defenses: A Hands-on Approach enables students to implement appropriate network security solutions within a laborat

An Analysis of Cyber-Attack on NPP Considering Physical Impact

Energy Technology Data Exchange (ETDEWEB)

Lee, In Hyo; Kang, Hyun Gook [KAIST, Daejeon (Korea, Republic of); Son, Han Seong [Joonbu University, Geumsan (Korea, Republic of)

2016-05-15

Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans.

An Analysis of Cyber-Attack on NPP Considering Physical Impact

International Nuclear Information System (INIS)

Lee, In Hyo; Kang, Hyun Gook; Son, Han Seong

2016-01-01

Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans

Interaction of Insecticide and Media Moisture on Ambrosia Beetle (Coleoptera: Curculionidae) Attacks on Selected Ornamental Trees.

Science.gov (United States)

Frank, Steven D; Anderson, Amanda L; Ranger, Christopher M

2017-12-08

Exotic ambrosia beetles, particularly Xylosandrus crassiusculus (Motschulsky) (Coleoptera: Curculionidae: Scolytinae) and Xylosandrus germanus (Blandford) (Coleoptera: Curculionidae: Scolytinae), are among the most damaging pests of ornamental trees in nurseries. Growers have had few tactics besides insecticide applications to reduce ambrosia beetle attacks but recent research has shown that attacks may be reduced by maintaining media moisture below a 50% threshold thereby reducing flood stress. We compared the efficacy of managing media moisture and insecticide applications for reducing ambrosia beetle attacks on three ornamental tree species in North Carolina. During trials in spring 2013 and 2015, flooded Cornus florida and Cornus kousa were heavily attacked despite sprays with permethrin, but nonflooded C. kousa or C. florida were not attacked. In spring 2015 trials, both nonflooded and flooded Styrax japonicus were heavily attacked regardless of permethrin applications. Although ethanol emissions were not measured, the apparently healthy nonflooded S. japonicus trees may have been exposed to an unknown physiological stress, such as low temperature injury, the previous winter, which predisposed them to beetle attack. However, ethanol levels within host tissues were not measured as part of the current study. X. crassiusculus (75%), Xyloborinus saxesenii Ratzburg (13%), and X. germanus (9%) were the most abundant species collected in ethanol baited traps deployed in 2015, while X. crassiusculus (63%) and X. germanus (36%) were the predominant species reared from attacked trees. Results indicate that managing media moisture levels at or below 50%, and maximizing tree health overall, may provide significant protection against Xylosandrus spp. attacks in flood intolerant tree species. © The Authors 2017. Published by Oxford University Press on behalf of Entomological Society of America. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com.

Behavioral Modeling of WSN MAC Layer Security Attacks: A Sequential UML Approach

DEFF Research Database (Denmark)

Pawar, Pranav M.; Nielsen, Rasmus Hjorth; Prasad, Neeli R.

2012-01-01

is the vulnerability to security attacks/threats. The performance and behavior of a WSN are vastly affected by such attacks. In order to be able to better address the vulnerabilities of WSNs in terms of security, it is important to understand the behavior of the attacks. This paper addresses the behavioral modeling...... of medium access control (MAC) security attacks in WSNs. The MAC layer is responsible for energy consumption, delay and channel utilization of the network and attacks on this layer can introduce significant degradation of the individual sensor nodes due to energy drain and in performance due to delays....... The behavioral modeling of attacks will be beneficial for designing efficient and secure MAC layer protocols. The security attacks are modeled using a sequential diagram approach of Unified Modeling Language (UML). Further, a new attack definition, specific to hybrid MAC mechanisms, is proposed....

ShadowNet: An Active Defense Infrastructure for Insider Cyber Attack Prevention

Energy Technology Data Exchange (ETDEWEB)

Cui, Xiaohui [ORNL; Beaver, Justin M [ORNL; Treadwell, Jim N [ORNL

2012-01-01

The ShadowNet infrastructure for insider cyber attack prevention is comprised of a tiered server system that is able to dynamically redirect dangerous/suspicious network traffic away from production servers that provide web, ftp, database and other vital services to cloned virtual machines in a quarantined environment. This is done transparently from the point of view of both the attacker and normal users. Existing connections, such as SSH sessions, are not interrupted. Any malicious activity performed by the attacker on a quarantined server is not reflected on the production server. The attacker is provided services from the quarantined server, which creates the impression that the attacks performed are successful. The activities of the attacker on the quarantined system are able to be recorded much like a honeypot system for forensic analysis.

Machine Learning Methods for Attack Detection in the Smart Grid.

Science.gov (United States)

Ozay, Mete; Esnaola, Inaki; Yarman Vural, Fatos Tunay; Kulkarni, Sanjeev R; Poor, H Vincent

2016-08-01

Attack detection problems in the smart grid are posed as statistical learning problems for different attack scenarios in which the measurements are observed in batch or online settings. In this approach, machine learning algorithms are used to classify measurements as being either secure or attacked. An attack detection framework is provided to exploit any available prior knowledge about the system and surmount constraints arising from the sparse structure of the problem in the proposed approach. Well-known batch and online learning algorithms (supervised and semisupervised) are employed with decision- and feature-level fusion to model the attack detection problem. The relationships between statistical and geometric properties of attack vectors employed in the attack scenarios and learning algorithms are analyzed to detect unobservable attacks using statistical learning methods. The proposed algorithms are examined on various IEEE test systems. Experimental analyses show that machine learning algorithms can detect attacks with performances higher than attack detection algorithms that employ state vector estimation methods in the proposed attack detection framework.

Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers

NARCIS (Netherlands)

Pieters, Wolter; Davarynejad, Mohsen

2015-01-01

Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in

Fault attacks, injection techniques and tools for simulation

NARCIS (Netherlands)

Piscitelli, R.; Bhasin, S.; Regazzoni, F.

2015-01-01

Faults attacks are a serious threat to secure devices, because they are powerful and they can be performed with extremely cheap equipment. Resistance against fault attacks is often evaluated directly on the manufactured devices, as commercial tools supporting fault evaluation do not usually provide

PMFA: Toward Passive Message Fingerprint Attacks on Challenge-Based Collaborative Intrusion Detection Networks

DEFF Research Database (Denmark)

Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For

2016-01-01

To enhance the performance of single intrusion detection systems (IDSs), collaborative intrusion detection networks (CIDNs) have been developed, which enable a set of IDS nodes to communicate with each other. In such a distributed network, insider attacks like collusion attacks are the main threat...... to advanced insider attacks in practical deployment. In this paper, we design a novel type of collusion attack, called passive message fingerprint attack (PMFA), which can collect messages and identify normal requests in a passive way. In the evaluation, we explore the attack performance under both simulated...... and real network environments. Experimental results indicate that under our attack, malicious nodes can send malicious responses to normal requests while maintaining their trust values....

Gait biometrics under spoofing attacks: an experimental investigation

Science.gov (United States)

Hadid, Abdenour; Ghahramani, Mohammad; Kellokumpu, Vili; Feng, Xiaoyi; Bustard, John; Nixon, Mark

2015-11-01

Gait is a relatively biometric modality which has a precious advantage over other modalities, such as iris and voice, in that it can be easily captured from a distance. Although it has recently become a topic of great interest in biometric research, there has been little investigation into gait spoofing attacks where a person tries to imitate the clothing or walking style of someone else. We recently analyzed for the first time the effects of spoofing attacks on silhouette-based gait biometric systems and showed that it was indeed possible to spoof gait biometric systems by clothing impersonation and the deliberate selection of a target that has a similar build to the attacker. To gain deeper insight into the performance of current gait biometric systems under spoofing attacks, we provide a thorough investigation on how clothing can be used to spoof a target and evaluate the performance of two state-of-the-art recognition methods on a gait spoofing database recorded at the University of Southampton. Furthermore, we describe and evaluate an initial solution coping with gait spoofing attacks. The obtained results are very promising and point out interesting findings which can be used for future investigations.

Multilevel Modeling of Distributed Denial of Service Attacks in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Katarzyna Mazur

2016-01-01

Full Text Available The growing popularity of wireless sensor networks increases the risk of security attacks. One of the most common and dangerous types of attack that takes place these days in any electronic society is a distributed denial of service attack. Due to the resource constraint nature of mobile sensors, DDoS attacks have become a major threat to its stability. In this paper, we established a model of a structural health monitoring network, being disturbed by one of the most common types of DDoS attacks, the flooding attack. Through a set of simulations, we explore the scope of flood-based DDoS attack problem, assessing the performance and the lifetime of the network under the attack condition. To conduct our research, we utilized the Quality of Protection Modeling Language. With the proposed approach, it was possible to examine numerous network configurations, parameters, attack options, and scenarios. The results of the carefully performed multilevel analysis allowed us to identify a new kind of DDoS attack, the delayed distributed denial of service, by the authors, referred to as DDDoS attack. Multilevel approach to DDoS attack analysis confirmed that, examining endangered environments, it is significant to take into account many characteristics at once, just to not overlook any important aspect.

Modeling attacking of high skills volleyball players

Directory of Open Access Journals (Sweden)

Vladimir Gamaliy

2014-12-01

Full Text Available Purpose: to determine the model indicators of technical and tactical actions in the attack highly skilled volleyball players. Material and Methods: the study used statistical data of major international competitions: Olympic Games – 2012 World Championships – 2010, World League – 2010–2014 European Championship – 2010–2014. A total of 130 analyzed games. Methods were used: analysis and generalization of scientific and methodological literature, analysis of competitive activity highly skilled volleyball players, teacher observation, modeling technical and tactical actions in attacking highly skilled volleyball players. Results: it was found that the largest volume application of technical and tactical actions in the attack belongs to the group tactics «supple movement», whose indicator is 21,3%. The smallest amount of application belongs to the group tactics «flight level» model whose indicators is 5,4%, the efficiency of 3,4%, respectively. It is found that the power service in the jump from model parameters used in 51,6% of cases, the planning targets – 21,7% and 4,4% planning to reduce. Attacks performed with the back line, on model parameters used in the amount of 20,8% efficiency –13,7%. Conclusions: we prove that the performance of technical and tactical actions in the attack can be used as model in the control system of training and competitive process highly skilled volleyball players

Efficacy of a Community-Based Physical Activity Program KM2H2 for Stroke and Heart Attack Prevention among Senior Hypertensive Patients: A Cluster Randomized Controlled Phase-II Trial.

Directory of Open Access Journals (Sweden)

Jie Gong

Full Text Available To evaluate the efficacy of the program Keep Moving toward Healthy Heart and Healthy Brain (KM2H2 in encouraging physical activities for the prevention of heart attack and stroke among hypertensive patients enrolled in the Community-Based Hypertension Control Program (CBHCP.Cluster randomized controlled trial with three waves of longitudinal assessments at baseline, 3 and 6 months post intervention.Community-based and patient-centered self-care for behavioral intervention in urban settings of China.A total of 450 participants diagnosed with hypertension from 12 community health centers in Wuhan, China were recruited, and were randomly assigned by center to receive either KM2H2 plus standard CBHCP care (6 centers and 232 patients or the standard care only (6 centers and 218 patients.KM2H2 is a behavioral intervention guided by the Transtheoretical Model, the Model of Personalized Medicine and Social Capital Theory. It consists of six intervention sessions and two booster sessions engineered in a progressive manner. The purpose is to motivate and maintain physical activities for the prevention of heart attack and stroke.Heart attack and stroke (clinically diagnosed, primary outcome, blood pressure (measured, secondary outcome, and physical activity (self-report, tertiary outcome were assessed at the individual level during the baseline, 3- and 6-month post-intervention.Relative to the standard care, receiving KM2H2 was associated with significant reductions in the incidence of heart attack (3.60% vs. 7.03%, p < .05 and stroke (5.11% vs. 9.90%, p<0.05, and moderate reduction in blood pressure (-3.72 mmHg in DBP and -2.92 mmHg in DBP at 6-month post-intervention; and significant increases in physical activity at 3- (d = 0.53, 95% CI: 0.21, 0.85 and 6-month (d = 0.45, 95% CI: 0.04, 0.85 post-intervention, respectively.The program KM2H2 is efficacious to reduce the risk of heart attack and stroke among senior patients who are on anti

Cyber Attacks, Information Attacks, and Postmodern Warfare

Directory of Open Access Journals (Sweden)

Valuch Jozef

2017-06-01

Full Text Available The aim of this paper is to evaluate and differentiate between the phenomena of cyberwarfare and information warfare, as manifestations of what we perceive as postmodern warfare. We describe and analyse the current examples of the use the postmodern warfare and the reactions of states and international bodies to these phenomena. The subject matter of this paper is the relationship between new types of postmodern conflicts and the law of armed conflicts (law of war. Based on ICJ case law, it is clear that under current legal rules of international law of war, cyber attacks as well as information attacks (often performed in the cyberspace as well can only be perceived as “war” if executed in addition to classical kinetic warfare, which is often not the case. In most cases perceived “only” as a non-linear warfare (postmodern conflict, this practice nevertheless must be condemned as conduct contrary to the principles of international law and (possibly a crime under national laws, unless this type of conduct will be recognized by the international community as a “war” proper, in its new, postmodern sense.

Bluetooth security attacks comparative analysis, attacks, and countermeasures

CERN Document Server

Haataja, Keijo; Pasanen, Sanna; Toivanen, Pekka

2013-01-01

This overview of Bluetooth security examines network vulnerabilities and offers a comparative analysis of recent security attacks. It also examines related countermeasures and proposes a novel attack that works against all existing Bluetooth versions.

Mixed methods feasibility study for a trial of blood pressure telemonitoring for people who have had stroke/transient ischaemic attack (TIA).

Science.gov (United States)

Hanley, Janet; Fairbrother, Peter; Krishan, Ashma; McCloughan, Lucy; Padfield, Paul; Paterson, Mary; Pinnock, Hilary; Sheikh, Aziz; Sudlow, Cathie; Todd, Allison; McKinstry, Brian

2015-03-25

Good blood pressure (BP) control reduces the risk of recurrence of stroke/transient ischaemic attack (TIA). Although there is strong evidence that BP telemonitoring helps achieve good control, none of the major trials have considered the effectiveness in stroke/TIA survivors. We therefore conducted a feasibility study for a trial of BP telemonitoring for stroke/TIA survivors with uncontrolled BP in primary care. Phase 1 was a pilot trial involving 55 patients stratified by stroke/TIA randomised 3:1 to BP telemonitoring for 6 months or usual care. Phase 2 was a qualitative evaluation and comprised semi-structured interviews with 16 trial participants who received telemonitoring and 3 focus groups with 23 members of stroke support groups and 7 carers. Overall, 125 patients (60 stroke patients, 65 TIA patients) were approached and 55 (44%) patients were randomised including 27 stroke patients and 28 TIA patients. Fifty-two participants (95%) attended the 6-month follow-up appointment, but one declined the second daytime ambulatory blood pressure monitoring (ABPM) measurement resulting in a 93% completion rate for ABPM - the proposed primary outcome measure for a full trial. Adherence to telemonitoring was good; of the 40 participants who were telemonitoring, 38 continued to provide readings throughout the 6 months. There was a mean reduction of 10.1 mmHg in systolic ABPM in the telemonitoring group compared with 3.8 mmHg in the control group, which suggested the potential for a substantial effect from telemonitoring. Our qualitative analysis found that many stroke patients were concerned about their BP and telemonitoring increased their engagement, was easy, convenient and reassuring. A full-scale trial is feasible, likely to recruit well and have good rates of compliance and follow-up. ISRCTN61528726 15/12/2011.

Program of rehabilitative exercise and education to avert vascular events after non-disabling stroke or transient ischemic attack (PREVENT Trial: a multi-centred, randomised controlled trial

Directory of Open Access Journals (Sweden)

Thompson Kara

2010-12-01

Full Text Available Abstract Background Despite lack of outward signs, most individuals after non-disabling stroke (NDS and transient ischemic attack (TIA have significant cardiovascular and cerebrovascular disease and are at high risk of a major stroke, hospitalization for other vascular events, or death. Most have multiple modifiable risk factors (e.g., hypertension, physical inactivity, hyperlipidaemia, diabetes, tobacco consumption, psychological stress. In addition, accelerated rates of depression, cognitive decline, and poor quality of sleep have been reported following TIA, which correlate with poor functional outcomes and reduced quality of life. Thus, NSD and TIA are important warning signs that should not be overlooked. The challenge is not unlike that facing other 'silent' conditions - to identify a model of care that is effective in changing people's current behaviors in order to avert further morbidity. Methods/Design A single blind, randomized controlled trial will be conducted at two sites to compare the effectiveness of a program of rehabilitative exercise and education versus usual care in modifying vascular risk factors in adults after NDS/TIA. 250 adults within 90 days of being diagnosed with NDS/TIA will be randomly allocated to a 12-week program of exercise and education (PREVENT or to an outpatient clinic assessment and discussion of secondary prevention recommendations with return clinic visits as indicated (USUAL CARE. Primary outcome measures will include blood pressure, waist circumference, 12-hour fasting lipid profile, and 12-hour fasting glucose/hemoglobin A1c. Secondary measures will include exercise capacity, walking endurance, physical activity, cognitive function, depression, goal attainment and health-related quality of life. Outcome assessment will be conducted at baseline, post-intervention, and 6- and 12-month follow-ups. Direct health care costs incurred over one year by PREVENT versus USUAL CARE participants will also be

SYN Flood Attack Detection in Cloud Computing using Support Vector Machine

Directory of Open Access Journals (Sweden)

Zerina Mašetić

2017-11-01

Full Text Available Cloud computing is a trending technology, as it reduces the cost of running a business. However, many companies are skeptic moving about towards cloud due to the security concerns. Based on the Cloud Security Alliance report, Denial of Service (DoS attacks are among top 12 attacks in the cloud computing. Therefore, it is important to develop a mechanism for detection and prevention of these attacks. The aim of this paper is to evaluate Support Vector Machine (SVM algorithm in creating the model for classification of DoS attacks and normal network behaviors. The study was performed in several phases: a attack simulation, b data collection, cfeature selection, and d classification. The proposedmodel achieved 100% classification accuracy with true positive rate (TPR of 100%. SVM showed outstanding performance in DoS attack detection and proves that it serves as a valuable asset in the network security area.

Subclinical endophthalmitis following a rooster attack.

Science.gov (United States)

Lekse Kovach, Jaclyn; Maguluri, Srilakshmi; Recchia, Franco M

2006-12-01

Ocular injury resulting from rooster attacks is rarely reported in the literature. Sadly, the target of these attacks is most often children younger than 3 years old, whose naiveté of the aggressive, territorial behavior of birds can place them at risk. Acute sequelae of these attacks can result in a lifetime of visual impairment. The possibility of a subacute or occult infection is an unusual occurrence that must always be considered. In an effort to prevent future attacks and ocular casualties, we present a case of a 12-month-old boy who suffered an open globe following a rooster attack. The open globe was emergently repaired. One week later, a white cataract was noticed on examination in the absence of systemic or ocular signs of inflammation. Traumatic endophthalmitis and lenticular abscess were suspected during examination under anesthesia. Vitrectomy, lensectomy, and injection of intravitreal antibiotics were performed. Culture of lenticular and vitreous aspirates grew alpha-streptococcus. Alpha-streptococcal endophthalmitis can result from ocular injuries caused by rooster pecking. The infection may present insidiously and without typical ocular or systemic symptoms or signs. Management is challenging and may require surgery.

On the potential of IPv6 open resolvers for DDoS attacks

NARCIS (Netherlands)

Hendriks, Luuk; de Oliveira Schmidt, Ricardo; van Rijswijk-Deij, Roland; Pras, Aiko; Kaafar, Mohamed Ali; Uhlig, Steve; Amann, Johanna

2017-01-01

Distributed Denial of Service (DDoS) attacks have become a daily problem in today’s Internet. These attacks aim at overwhelm- ing online services or network infrastrucure. Some DDoS attacks explore open services to perform reflected and amplified attacks; and the DNS is one of the most (mis)used

DETECTION AND LOCALIZATION OF MULTIPLE SPOOFING ATTACKERS FOR MOBILE WIRELESS NETWORKS

Directory of Open Access Journals (Sweden)

R. Maivizhi

2015-06-01

Full Text Available The openness nature of wireless networks allows adversaries to easily launch variety of spoofing attacks and causes havoc in network performance. Recent approaches used Received Signal Strength (RSS traces, which only detect spoofing attacks in mobile wireless networks. However, it is not always desirable to use these methods as RSS values fluctuate significantly over time due to distance, noise and interference. In this paper, we discusses a novel approach, Mobile spOofing attack DEtection and Localization in WIireless Networks (MODELWIN system, which exploits location information about nodes to detect identity-based spoofing attacks in mobile wireless networks. Also, this approach determines the number of attackers who used the same node identity to masquerade as legitimate device. Moreover, multiple adversaries can be localized accurately. By eliminating attackers the proposed system enhances network performance. We have evaluated our technique through simulation using an 802.11 (WiFi network and an 802.15.4 (Zigbee networks. The results prove that MODELWIN can detect spoofing attacks with a very high detection rate and localize adversaries accurately.

Nonvitamin-K-antagonist oral anticoagulants versus warfarin in patients with atrial fibrillation and previous stroke or transient ischemic attack: An updated systematic review and meta-analysis of randomized controlled trials.

Science.gov (United States)

Ntaios, George; Papavasileiou, Vasileios; Diener, Hans-Chris; Makaritsis, Konstantinos; Michel, Patrik

2017-08-01

Background In a previous systematic review and meta-analysis, we assessed the efficacy and safety of nonvitamin-K antagonist oral anticoagulants versus warfarin in patients with atrial fibrillation and stroke or transient ischemic attack. Since then, new information became available. Aim The aim of the present work was to update the results of the previous systematic review and meta-analysis. Methods We searched PubMed until 24 August 2016 for randomized controlled trials using the following search items: "atrial fibrillation" and "anticoagulation" and "warfarin" and "previous stroke or transient ischemic attack." Eligible studies had to be phase III trials in patients with atrial fibrillation comparing warfarin with nonvitamin-K antagonist oral anticoagulants currently on the market or with the intention to be brought to the market in North America or Europe. The outcomes assessed in the efficacy analysis included stroke or systemic embolism, stroke, ischemic or unknown stroke, disabling or fatal stroke, hemorrhagic stroke, cardiovascular death, death from any cause, and myocardial infarction. The outcomes assessed in the safety analysis included major bleeding, intracranial bleeding, and major gastrointestinal bleeding. We performed fixed effects analyses on intention-to-treat basis. Results Among 183 potentially eligible articles, four were included in the meta-analysis. In 20,500 patients, compared to warfarin, nonvitamin-K antagonist oral anticoagulants were associated with a significant reduction of stroke/systemic embolism (relative risk reduction: 13.7%, absolute risk reduction: 0.78%, number needed to treat to prevent one event: 127), hemorrhagic stroke (relative risk reduction: 50.0%, absolute risk reduction: 0.63%, number needed to treat: 157), any stroke (relative risk reduction: 13.1%, absolute risk reduction: 0.7%, number needed to treat: 142), and intracranial hemorrhage (relative risk reduction: 46.1%, absolute risk reduction: 0.88%, number needed

A clinical trial protocol to treat massive Africanized honeybee (Apis mellifera) attack with a new apilic antivenom.

Science.gov (United States)

Barbosa, Alexandre Naime; Boyer, Leslie; Chippaux, Jean-Philippe; Medolago, Natalia Bronzatto; Caramori, Carlos Antonio; Paixão, Ariane Gomes; Poli, João Paulo Vasconcelos; Mendes, Mônica Bannwart; Dos Santos, Lucilene Delazari; Ferreira, Rui Seabra; Barraviera, Benedito

2017-01-01

Envenomation caused by multiple stings from Africanized honeybees Apis mellifera constitutes a public health problem in the Americas. In 2015, the Brazilian Ministry of Health reported 13,597 accidents (incidence of seven cases per 100,000 inhabitants) with 39 deaths (lethality of 0.25%). The toxins present in the venom, which include melittin and phospholipase A 2 , cause lesions in diverse organs and systems that may be fatal. As there has been no specific treatment to date, management has been symptomatic and supportive only. In order to evaluate the safety and neutralizing capacity of a new apilic antivenom, as well as to confirm its lowest effective dose, a clinical protocol was developed to be applied in a multicenter, non-randomized and open phase I/II clinical trial. Twenty participants with more than five stings, aged more than 18 years, of both sexes, who have not previously received the heterologous serum against bee stings, will be included for 24 months. The proposed dose was based on the antivenom neutralizing capacity and the number of stings. Treatment will be administered only in a hospital environment and the participants will be evaluated for a period up to 30 days after discharge for clinical and laboratory follow-up. This protocol, approved by the Brazilian regulatory agencies for ethics (National Commission for Ethics on Research - CONEP) and sanitation (National Health Surveillance Agency - ANVISA), is a guideline constituted by specific, adjuvant, symptomatic and complementary treatments, in addition to basic orientations for conducting a clinical trial involving heterologous sera. This is the first clinical trial protocol designed specifically to evaluate the preliminary efficacy and safety of a new antivenom against stings from the Africanized honeybee Apis mellifera . The results will support future studies to confirm a new treatment for massive bee attack that has a large impact on public health in the Americas.

A novel proposed network security management approach for cyber attacks

International Nuclear Information System (INIS)

Ahmed, Z.; Nazir, B.; Zafar, M.F.; Anwar, M.M.; Azam, K.; Asar, A.U.

2007-01-01

Network security is a discipline that focuses on securing networks from unauthorized access. Given the Escalating threats of malicious cyber attacks, modern enterprises employ multiple lines of defense. A comprehensive defense strategy against such attacks should include (I) an attack detection component that deter- mines the fact that a program is compromised, (2) an attack identification and prevention component that identifies attack packets so that one can block such packets in the future and prevents the attack from further propagation. Over the last decade, a significant amount of research has been vested in the systems that can detect cyber attacks either statically at compile time or dynamically at run time, However, not much effort is spent on automated attack packet identification or attack prevention. In this paper we present a unified solution to the problems mentioned above. We implemented this solution after the forward engineering of Open Source Security Information Management (OSSIM) system called Preventive Information Security management (PrISM) system that correlates input from different sensors so that the resulting product can automatically detect any cyber attack against it and prevents by identifying the actual attack packet(s). The PrISM was always able to detect the attacks, identify the attack packets and most often prevent by blocking the attacker's IP address to continue normal execution. There is no additional run-time performance overhead for attack prevention. (author)

Optimizing power system investments and resilience against attacks

International Nuclear Information System (INIS)

Fang, Yiping; Sansavini, Giovanni

2017-01-01

This paper studies the combination of capacity expansion and switch installation in electric systems that ensures optimum performance under nominal operations and attacks. The planner–attacker–defender model is adopted to develop decisions that minimize investment and operating costs, and functionality loss after attacks. The model bridges long-term system planning for transmission expansion and short-term switching operations in reaction to attacks. The mixed-integer optimization is solved by decomposition via two-layer cutting plane algorithm. Numerical results on an IEEE system shows that small investments in transmission line switching enhance resilience by responding to disruptions via system reconfiguration. Sensitivity analyses show that transmission planning under the assumption of small-scale attacks provides the most robust strategy, i.e. the minimum-regret planning, if many constraints and limited investment budget affect the planning. On the other hand, the assumption of large-scale attacks provides the most robust strategy if the planning process involves large flexibility and budget. - Highlights: • Investment optimization in power systems under attacks is presented. • Capacity expansion and switch installation for system reconfiguration are combined. • The problem is solved by decomposition via two-layer cutting plane algorithm. • Small investments in switch installation enhance resilience by response to attacks. • Sensitivity analyses identify robust planning against different attack scenarios.

Finite Energy and Bounded Actuator Attacks on Cyber-Physical Systems

Energy Technology Data Exchange (ETDEWEB)

Djouadi, Seddik M [ORNL; Melin, Alexander M [ORNL; Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Dong, Jin [ORNL; Drira, Anis [ORNL

2015-01-01

As control system networks are being connected to enterprise level networks for remote monitoring, operation, and system-wide performance optimization, these same connections are providing vulnerabilities that can be exploited by malicious actors for attack, financial gain, and theft of intellectual property. Much effort in cyber-physical system (CPS) protection has focused on protecting the borders of the system through traditional information security techniques. Less effort has been applied to the protection of cyber-physical systems from intelligent attacks launched after an attacker has defeated the information security protections to gain access to the control system. In this paper, attacks on actuator signals are analyzed from a system theoretic context. The threat surface is classified into finite energy and bounded attacks. These two broad classes encompass a large range of potential attacks. The effect of theses attacks on a linear quadratic (LQ) control are analyzed, and the optimal actuator attacks for both finite and infinite horizon LQ control are derived, therefore the worst case attack signals are obtained. The closed-loop system under the optimal attack signals is given and a numerical example illustrating the effect of an optimal bounded attack is provided.

SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks

DEFF Research Database (Denmark)

Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For

2017-01-01

The development of collaborative intrusion detection networks (CIDNs) aims to enhance the performance of a single intrusion detection system (IDS), through communicating and collecting information from other IDS nodes. To defend CIDNs against insider attacks, trust-based mechanisms are crucial...... and render CIDNs still vulnerable to advanced insider attacks in a practical deployment. In this paper, our motivation is to investigate the effect of On-Off attacks on challenge-based CIDNs. In particular, as a study, we explore a special On-Off attack (called SOOA), which can keep responding normally...... to one node while acting abnormally to another node. In the evaluation, we explore the attack performance under simulated CIDN environments. Experimental results indicate that our attack can interfere the effectiveness of trust computation for CIDN nodes....

Quantifying and visualizing site performance in clinical trials.

Science.gov (United States)

Yang, Eric; O'Donovan, Christopher; Phillips, JodiLyn; Atkinson, Leone; Ghosh, Krishnendu; Agrafiotis, Dimitris K

2018-03-01

One of the keys to running a successful clinical trial is the selection of high quality clinical sites, i.e., sites that are able to enroll patients quickly, engage them on an ongoing basis to prevent drop-out, and execute the trial in strict accordance to the clinical protocol. Intuitively, the historical track record of a site is one of the strongest predictors of its future performance; however, issues such as data availability and wide differences in protocol complexity can complicate interpretation. Here, we demonstrate how operational data derived from central laboratory services can provide key insights into the performance of clinical sites and help guide operational planning and site selection for new clinical trials. Our methodology uses the metadata associated with laboratory kit shipments to clinical sites (such as trial and anonymized patient identifiers, investigator names and addresses, sample collection and shipment dates, etc.) to reconstruct the complete schedule of patient visits and derive insights about the operational performance of those sites, including screening, enrollment, and drop-out rates and other quality indicators. This information can be displayed in its raw form or normalized to enable direct comparison of site performance across studies of varied design and complexity. Leveraging Covance's market leadership in central laboratory services, we have assembled a database of operational metrics that spans more than 14,000 protocols, 1400 indications, 230,000 unique investigators, and 23 million patient visits and represents a significant fraction of all clinical trials run globally in the last few years. By analyzing this historical data, we are able to assess and compare the performance of clinical investigators across a wide range of therapeutic areas and study designs. This information can be aggregated across trials and geographies to gain further insights into country and regional trends, sometimes with surprising results. The

Cardiac rehabilitation adapted to transient ischaemic attack and stroke (CRAFTS: a randomised controlled trial

Directory of Open Access Journals (Sweden)

Blake Catherine

2009-02-01

Full Text Available Abstract Background Coronary Heart Disease and Cerebrovascular Disease share many predisposing, modifiable risk factors (hypertension, abnormal blood lipids and lipoproteins, cigarette smoking, physical inactivity, obesity and diabetes mellitus. Lifestyle interventions and pharmacological therapy are recognised as the cornerstones of secondary prevention. Cochrane review has proven the benefits of programmes incorporating exercise and lifestyle counselling in the cardiac disease population. A Cochrane review highlighted as priority, the need to establish feasibility and efficacy of exercise based interventions for Cerebrovascular Disease. Methods A single blind randomised controlled trial is proposed to examine a primary care cardiac rehabilitation programme for adults post transient ischemic attack (TIA and stroke in effecting a positive change in the primary outcome measures of cardiac risk scores derived from Blood Pressure, lipid profile, smoking and diabetic status and lifestyle factors of habitual smoking, exercise and healthy eating participation. Secondary outcomes of interest include health related quality of life as measured by the Hospital Anxiety and Depression Scale, the Stroke Specific Quality of Life scale and WONCA COOP Functional Health Status charts and cardiovascular fitness as measured by a sub-maximal fitness test. A total of 144 patients, over 18 years of age with confirmed diagnosis of ischaemic stroke or TIA, will be recruited from Dublin community stroke services and two tertiary T.I.A clinics. Exclusion criteria will include oxygen dependence, unstable cardiac conditions, uncontrolled diabetes, major medical conditions, claudication, febrile illness, pregnancy or cognitive impairment. Participants will be block-statified, randomly allocated to one of two groups using a pre-prepared computer generated randomisation schedule. Both groups will receive a two hour education class on risk reduction post stroke. The

Cyber attack analysis on cyber-physical systems: Detectability, severity, and attenuation strategy

Science.gov (United States)

Kwon, Cheolhyeon

computational cost. The proposed algorithm is validated through a linearized longitudinal motion of a UAV example. Finally, we propose an attack attenuation strategy via the controller design for CPSs that are robust to various types of cyber attacks. While the previous studies have investigated a secure control by assuming a specific attack strategy, in this research we propose a hybrid robust control scheme that contains multiple sub-controllers, each matched to a specific type of cyber attacks. Then the system can be adapted to various cyber attacks (including those that are not assumed for sub-controller design) by switching its sub-controllers to achieve the best performance. Then, a method for designing a secure switching logic to counter all possible cyber attacks is proposed and it verifies mathematically the system's performance and stability as well. The performance of the proposed control scheme is demonstrated by an example with the hybrid H2 - H-infinity controller applied to a UAV example.

Cooperating attackers in neural cryptography.

Science.gov (United States)

Shacham, Lanir N; Klein, Einat; Mislovaty, Rachel; Kanter, Ido; Kinzel, Wolfgang

2004-06-01

A successful attack strategy in neural cryptography is presented. The neural cryptosystem, based on synchronization of neural networks by mutual learning, has been recently shown to be secure under different attack strategies. The success of the advanced attacker presented here, called the "majority-flipping attacker," does not decay with the parameters of the model. This attacker's outstanding success is due to its using a group of attackers which cooperate throughout the synchronization process, unlike any other attack strategy known. An analytical description of this attack is also presented, and fits the results of simulations.

Crony Attack: Strategic Attack’s Silver Bullet

Science.gov (United States)

2006-11-01

physical assets or financial assets. The form of crony attack that most closely resembles classic strategic attack is to deny, degrade, or destroy a money...February 1951. Reprinted in Airpower Studies Coursebook , Air Command and Staff College, Maxwell AFB, AL, 2002, 152–58. Hirsch, Michael. “NATO’s Game of

The effect of extrinsic motivation on cycle time trial performance.

Science.gov (United States)

Hulleman, Michiel; De Koning, Jos J; Hettinga, Florentina J; Foster, Carl

2007-04-01

Athletes occasionally follow pacing patterns that seem unreasonably aggressive compared with those of prerace performances, potentially because of the motivation provided by competition. This study evaluated the effect of extrinsic motivation on cyclists' time trial performance. Well-trained recreational cyclists (N=7) completed four 1500-m laboratory time trials including a practice trial, two self-paced trials, and a trial where a monetary reward was offered. Time, total power output, power output attributable to aerobic and anaerobic metabolic sources, VO2, and HR were measured. The time required for the second, third, and last (extrinsically motivated) time trials was 133.1 +/- 2.1, 134.1 +/- 3.4, and 133.6 +/- 3.0 s, respectively, and was not different (P>0.05). There were no differences for total (396 +/- 19, 397 +/- 23, and 401 +/- 17 W), aerobic (253 +/- 12, 254 +/- 10, and 246 +/- 13 W), and anaerobic (143 +/- 14, 143 +/- 21, and 155 +/- 11 W) power output. The highest VO2 was not different over consecutive time trials (3.76 +/- 0.19, 3.73 +/- 0.16, and 3.71 +/- 0.22 L x min(-1)). When ranked by performance, without reference to the extrinsic motivation (131.9 +/- 2.4, 133.4 +/- 2.4, and 135.4 +/- 2.5 s), there was a significant difference for the first 100 m and from 100 to 300 m in power output, with a larger total power (560 +/- 102, 491 +/- 82, and 493 +/- 93; and 571 +/- 94, 513 +/- 41, and 484 +/- 88 W) and power attributable to anaerobic sources (446 +/- 100, 384 +/- 80, and 324 +/- 43; and 381 +/- 87, 383 +/- 90, and 289 +/- 91 W) for the fastest trial. Extrinsic motivation did not change the time trial performance, suggesting that 1500-m performance is extremely stable and not readily changeable with simple external motivation. The results suggest that spontaneous improvement in performance for time trials of this duration is attributable to greater early power output, which is primarily attributable to anaerobic metabolic sources.

Performance analysis and implementation of proposed mechanism for detection and prevention of security attacks in routing protocols of vehicular ad-hoc network (VANET

Directory of Open Access Journals (Sweden)

Parul Tyagi

2017-07-01

Full Text Available Next-generation communication networks have become widely popular as ad-hoc networks, broadly categorized as the mobile nodes based on mobile ad-hoc networks (MANET and the vehicular nodes based vehicular ad-hoc networks (VANET. VANET is aimed at maintaining safety to vehicle drivers by begin autonomous communication with the nearby vehicles. Each vehicle in the ad-hoc network performs as an intelligent mobile node characterized by high mobility and formation of dynamic networks. The ad-hoc networks are decentralized dynamic networks that need efficient and secure communication requirements due to the vehicles being persistently in motion. These networks are more susceptible to various attacks like Warm Hole attacks, denial of service attacks and Black Hole Attacks. The paper is a novel attempt to examine and investigate the security features of the routing protocols in VANET, applicability of AODV (Ad hoc On Demand protocol to detect and tackle a particular category of network attacks, known as the Black Hole Attacks. A new algorithm is proposed to enhance the security mechanism of AODV protocol and to introduce a mechanism to detect Black Hole Attacks and to prevent the network from such attacks in which source node stores all route replies in a look up table. This table stores the sequences of all route reply, arranged in ascending order using PUSH and POP operations. The priority is calculated based on sequence number and discard the RREP having presumably very high destination sequence number. The result show that proposed algorithm for detection and prevention of Black Hole Attack increases security in Intelligent Transportation System (ITS and reduces the effect of malicious node in the VANET. NCTUNs simulator is used in this research work.

On node replication attack in wireless sensor networks

International Nuclear Information System (INIS)

Qabulio, M.; Malkani, Y.A.

2015-01-01

WSNs (Wireless Sensor Networks) comprise a large number of small, inexpensive, low power and memory constrained sensing devices (called sensor nodes) that are densely deployed to measure a given physical phenomenon. Since WSNs are commonly deployed in a hostile and unattended environment, it is easy for an adversary to physically capture one or more legitimate sensor nodes, re-program and redeploy them in the network. As a result, the adversary becomes able to deploy several identical copies of physically captured nodes in the network in order to perform illegitimate activities. This type of attack is referred to as Node Replication Attack or Clone Node Attack. By launching node replication attack, an adversary can easily get control on the network which consequently is the biggest threat to confidentiality, integrity and availability of data and services. Thus, detection and prevention of node replication attack in WSNs has become an active area of research and to date more than two dozen schemes have been proposed, which address this issue. In this paper, we present a comprehensive review, classification and comparative analysis of twenty five of these schemes which help to detect and/or prevent node replication attack in WSNs. (author)

On Node Replication Attack in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Mumtaz Qabulio

2016-04-01

Full Text Available WSNs (Wireless Sensor Networks comprise a large number of small, inexpensive, low power and memory constrained sensing devices (called sensor nodes that are densely deployed to measure a given physical phenomenon. Since WSNs are commonly deployed in a hostile and unattended environment, it is easy for an adversary to physically capture one or more legitimate sensor nodes, re-program and redeploy them in the network. As a result, the adversary becomes able to deploy several identical copies of physically captured nodes in the network in order to perform illegitimate activities. This type of attack is referred to as Node Replication Attack or Clone Node Attack. By launching node replication attack, an adversary can easily get control on the network which consequently is the biggest threat to confidentiality, integrity and availability of data and services. Thus, detection and prevention of node replication attack in WSNs has become an active area of research and to date more than two dozen schemes have been proposed, which address this issue. In this paper, we present a comprehensive review, classification and comparative analysis of twenty five of these schemes which help to detect and/or prevent node replication attack in WSNs

Effect of attack angle on flow characteristic of centrifugal fan

Science.gov (United States)

Wu, Y.; Dou, H. S.; Wei, Y. K.; Chen, X. P.; Chen, Y. N.; Cao, W. B.

2016-05-01

In this paper, numerical simulation is performed for the performance and internal flow of a centrifugal fan with different operating conditions using steady three-dimensional incompressible Navier-Stokes equations coupled with the RNG k-e turbulent model. The performance curves, the contours of static pressure, total pressure, radial velocity, relative streamlines and turbulence intensity at different attack angles are obtained. The distributions of static pressure and velocity on suction surface and pressure surface in the same impeller channel are compared for various attack angles. The research shows that the efficiency of the centrifugal fan is the highest when the attack angle is 8 degree. The main reason is that the vortex flow in the impeller is reduced, and the jet-wake pattern is weakened at the impeller outlet. The pressure difference between pressure side and suction side is smooth and the amplitude of the total pressure fluctuation is low along the circumferential direction. These phenomena may cause the loss reduced for the attack angle of about 8 degree.

A self-confirming engine for preventing man-in-the-middle attack

OpenAIRE

Kanamori, Masataka; Kobayashi, Takashi; Yamaguchi, Suguru

2004-01-01

In this paper, we focus on how to correct address mapping violation, in which an attacker rewrites the address mapping table of a victim to perform a Man-in-the-Middle (MITM) attack. We propose a technique for preventing MITM attacks in which a malicious user intercepts and possibly alters the data transmitted between two hosts. MITM attack is hard for legitimate users to notice during their normal communication, because each user believes they are communicating directly. Address mapping viol...

Composite Dos Attack Model

Directory of Open Access Journals (Sweden)

Simona Ramanauskaitė

2012-04-01

Full Text Available Preparation for potential threats is one of the most important phases ensuring system security. It allows evaluating possible losses, changes in the attack process, the effectiveness of used countermeasures, optimal system settings, etc. In cyber-attack cases, executing real experiments can be difficult for many reasons. However, mathematical or programming models can be used instead of conducting experiments in a real environment. This work proposes a composite denial of service attack model that combines bandwidth exhaustion, filtering and memory depletion models for a more real representation of similar cyber-attacks. On the basis of the introduced model, different experiments were done. They showed the main dependencies of the influence of attacker and victim’s properties on the success probability of denial of service attack. In the future, this model can be used for the denial of service attack or countermeasure optimization.

Privacy Leaks through Data Hijacking Attack on Mobile Systems

Directory of Open Access Journals (Sweden)

Zhang Daojuan

2017-01-01

Full Text Available To persistently eavesdrop on the mobile devices, attackers may obtain the elevated privilege and inject malicious modules into the user devices. Unfortunately, the attackers may not be able to obtain the privilege for a long period of time since the exploitable vulnerabilities may be fixed or the malware may be removed. In this paper, we propose a new data hijacking attack for the mobile apps. By employing the proposed method, the attackers are only required to obtain the root privilege of the user devices once, and they can persistently eavesdrop without any change to the original device. Specifically, we design a new approach to construct a shadow system by hijacking user data files. In the shadow system, attackers possess the identical abilities to the victims. For instance, if a victim has logged into the email app, the attacker can also access the email server in the shadow system without authentication in a long period of time. Without reauthentication of the app, it is difficult for victims to notice the intrusion since the whole eavesdropping is performed on other devices (rather than the user devices. In our experiments, we evaluate the effectiveness of the proposed attack and the result demonstrates that even the Android apps released by the top developers cannot resist this attack. Finally, we discuss some approaches to defend the proposed attack.

Protecting mobile agents from external replay attacks

OpenAIRE

Garrigues Olivella, Carles; Migas, Nikos; Buchanan, William; Robles, Sergi; Borrell Viader, Joan

2014-01-01

Peer-reviewed This paper presents a protocol for the protection of mobile agents against external replay attacks. This kind of attacks are performed by malicious platforms when dispatching an agent multiple times to a remote host, thus making it reexecute part of its itinerary. Current proposals aiming to address this problem are based on storing agent identifiers, or trip markers, inside agent platforms, so that future reexecutions can be detected and prevented. The problem of these solut...

Randomised trial on episodic cluster headache with an angiotensin II receptor blocker

DEFF Research Database (Denmark)

Tronvik, Erling; Wienecke, Troels; Monstad, Inge

2013-01-01

OBJECTIVES: The aim of this study was to evaluate the angiotensin II receptor antagonist candesartan as prophylactic medication in patients with episodic cluster headache. METHODS: This study comprised a prospective, placebo-controlled, double-blind, parallel-designed trial performed in seven cen...... the candesartan and placebo group was not significant with the pre-planned non-parametric ranking test, but a post-hoc exact Poisson test, which takes into account the temporal properties of the data, revealed a significant result ( P  ...... (primary efficacy variable) during the three-week treatment period was reduced from 14.3 ± 9.2 attacks in week 1 to 5.6 ± 7.0 attacks in week 3 (-61%) in the candesartan group and from 16.8 ± 14.1 attacks in week 1 to 10.5 ± 11.3 attacks in week 3 (-38%) in the placebo group. The difference between...

Blind Cartography for Side Channel Attacks: Cross-Correlation Cartography

Directory of Open Access Journals (Sweden)

Laurent Sauvage

2012-01-01

Full Text Available Side channel and fault injection attacks are major threats to cryptographic applications of embedded systems. Best performances for these attacks are achieved by focusing sensors or injectors on the sensible parts of the application, by means of dedicated methods to localise them. Few methods have been proposed in the past, and all of them aim at pinpointing the cryptoprocessor. However it could be interesting to exploit the activity of other parts of the application, in order to increase the attack's efficiency or to bypass its countermeasures. In this paper, we present a localisation method based on cross-correlation, which issues a list of areas of interest within the attacked device. It realizes an exhaustive analysis, since it may localise any module of the device, and not only those which perform cryptographic operations. Moreover, it also does not require a preliminary knowledge about the implementation, whereas some previous cartography methods require that the attacker could choose the cryptoprocessor inputs, which is not always possible. The method is experimentally validated using observations of the electromagnetic near field distribution over a Xilinx Virtex 5 FPGA. The matching between areas of interest and the application layout in the FPGA floorplan is confirmed by correlation analysis.

Prolonged Cardiac Monitoring to Detect Atrial Fibrillation after Cryptogenic Stroke or Transient Ischemic Attack: A Meta-Analysis of Randomized Controlled Trials.

Science.gov (United States)

Dahal, Khagendra; Chapagain, Bikas; Maharjan, Raju; Farah, Hussam W; Nazeer, Ayesha; Lootens, Robert J; Rosenfeld, Alan

2016-07-01

The cause of ischemic stroke or transient ischemic attack (TIA) remains unclear after initial cardiac monitoring in approximately one-third of patients. Randomized controlled trials (RCTs) showed that the prolonged cardiac monitoring of patients with cryptogenic stroke or TIA increased detection of atrial fibrillation (AF). We aimed to perform a meta-analysis of all RCTs that evaluated the prolonged monitoring ≥7 days in patients with cryptogenic stroke or TIA. We searched PubMed, EMBASE, Cochrane CENTRAL, and relevant references for RCTs without language restriction (inception through December 2014) and performed meta-analysis using random effects model. Detection of AF, use of anticoagulation at follow-up, recurrent stroke or TIA, and mortality were major outcomes. Four RCTs with 1149 total patients were included in the meta-analysis. Prolonged cardiac monitoring ≥7 days compared to shorter cardiac monitoring of ≤48 hours duration increased the detection of AF (≥30 seconds duration) in patients after cryptogenic stroke or TIA (13.8% vs. 2.5%; odds ratio [OR], 6.4; 95% confidence interval [CI], 3.50-11.73; P vs. 5.2%; 5.68[3.3-9.77]; P stroke or TIA (0.78[0.40-1.55]; P = 0.48; I(2) , 0%) and mortality (1.33[0.29-6.00]; P = 0.71; I(2) , 0%] were observed between two strategies. Prolonged cardiac monitoring improves detection of atrial fibrillation and anti-coagulation use after cryptogenic stroke or TIA and therefore should be considered instead of shorter duration of cardiac monitoring. © 2015 Wiley Periodicals, Inc.

Heart Attack Recovery FAQs

Science.gov (United States)

... recommendations to make a full recovery. View an animation of a heart attack . Heart Attack Recovery Questions ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

Seven Deadliest Wireless Technologies Attacks

CERN Document Server

Haines, Brad

2010-01-01

How can an information security professional keep up with all of the hacks, attacks, and exploits? One way to find out what the worst of the worst are is to read the seven books in our Seven Deadliest Attacks Series. Not only do we let you in on the anatomy of these attacks but we also tell you how to get rid of them and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve. Attacks featured in this book include:Bluetooth AttacksCredit Card, Access Card, and Passport AttacksBad Encryption

A Comprehensive Taxonomy and Analysis of IEEE 802.15.4 Attacks

Directory of Open Access Journals (Sweden)

Yasmin M. Amin

2016-01-01

Full Text Available The IEEE 802.15.4 standard has been established as the dominant enabling technology for Wireless Sensor Networks (WSNs. With the proliferation of security-sensitive applications involving WSNs, WSN security has become a topic of great significance. In comparison with traditional wired and wireless networks, WSNs possess additional vulnerabilities which present opportunities for attackers to launch novel and more complicated attacks against such networks. For this reason, a thorough investigation of attacks against WSNs is required. This paper provides a single unified survey that dissects all IEEE 802.15.4 PHY and MAC layer attacks known to date. While the majority of existing references investigate the motive and behavior of each attack separately, this survey classifies the attacks according to clear metrics within the paper and addresses the interrelationships and differences between the attacks following their classification. The authors’ opinions and comments regarding the placement of the attacks within the defined classifications are also provided. A comparative analysis between the classified attacks is then performed with respect to a set of defined evaluation criteria. The first half of this paper addresses attacks on the IEEE 802.15.4 PHY layer, whereas the second half of the paper addresses IEEE 802.15.4 MAC layer attacks.

Blocking of Brute Force Attack

OpenAIRE

M.Venkata Krishna Reddy

2012-01-01

A common threat Web developers face is a password-guessing attack known as a brute-force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. If your Web site requires user authentication, you are a good target for a brute-force attack. An attacker can always discover a password through a brute-force attack, but the downside is that it co...

Intrusion-Tolerant Replication under Attack

Science.gov (United States)

Kirsch, Jonathan

2010-01-01

Much of our critical infrastructure is controlled by large software systems whose participants are distributed across the Internet. As our dependence on these critical systems continues to grow, it becomes increasingly important that they meet strict availability and performance requirements, even in the face of malicious attacks, including those…

Numerical simulation of the optimal two-mode attacks for two-way continuous-variable quantum cryptography in reverse reconciliation

International Nuclear Information System (INIS)

Zhang, Yichen; Zhao, Yijia; Yu, Song; Li, Zhengyu; Guo, Hong

2017-01-01

We analyze the security of the two-way continuous-variable quantum key distribution protocol in reverse reconciliation against general two-mode attacks, which represent all accessible attacks at fixed channel parameters. Rather than against one specific attack model, the expression of secret key rates of the two-way protocol are derived against all accessible attack models. It is found that there is an optimal two-mode attack to minimize the performance of the protocol in terms of both secret key rates and maximal transmission distances. We identify the optimal two-mode attack, give the specific attack model of the optimal two-mode attack and show the performance of the two-way protocol against the optimal two-mode attack. Even under the optimal two-mode attack, the performances of two-way protocol are still better than the corresponding one-way protocol, which shows the advantage of making double use of the quantum channel and the potential of long-distance secure communication using a two-way protocol. (paper)

Solidarity under Attack

DEFF Research Database (Denmark)

Meret, Susi; Goffredo, Sergio

2017-01-01

https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack......https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack...

Strengthening Crypto-1 Cipher Against Algebraic Attacks

Directory of Open Access Journals (Sweden)

Farah Afianti

2015-08-01

Full Text Available In the last few years, several studies addressed the problem of data security in Mifare Classic. One of its weaknesses is the low random number quality. This causes SAT solver attacks to have lower complexity. In order to strengthen Crypto-1 against SAT solver attacks, a modification of the feedback function with better cryptographic properties is proposed. It applies a primitive polynomial companion matrix. SAT solvers cannot directly attack the feedback shift register that uses the modified Boolean feedback function, the register has to be split into smaller groups. Experimental testing showed that the amount of memory and CPU time needed were highest when attacking the modified Crypto-1 using the modified feedback function and the original filter function. In addition, another modified Crypto-1, using the modified feedback function and a modified filter function, had the lowest percentage of revealed variables. It can be concluded that the security strength and performance of the modified Crypto-1 using the modified feedback function and the modified filter function are better than those of the original Crypto-1.

Attack surfaces

DEFF Research Database (Denmark)

Gruschka, Nils; Jensen, Meiko

2010-01-01

The new paradigm of cloud computing poses severe security risks to its adopters. In order to cope with these risks, appropriate taxonomies and classification criteria for attacks on cloud computing are required. In this work-in-progress paper we present one such taxonomy based on the notion...... of attack surfaces of the cloud computing scenario participants....

Defense of Cyber Infrastructures Against Cyber-Physical Attacks Using Game-Theoretic Models.

Science.gov (United States)

Rao, Nageswara S V; Poole, Stephen W; Ma, Chris Y T; He, Fei; Zhuang, Jun; Yau, David K Y

2016-04-01

The operation of cyber infrastructures relies on both cyber and physical components, which are subject to incidental and intentional degradations of different kinds. Within the context of network and computing infrastructures, we study the strategic interactions between an attacker and a defender using game-theoretic models that take into account both cyber and physical components. The attacker and defender optimize their individual utilities, expressed as sums of cost and system terms. First, we consider a Boolean attack-defense model, wherein the cyber and physical subinfrastructures may be attacked and reinforced as individual units. Second, we consider a component attack-defense model wherein their components may be attacked and defended, and the infrastructure requires minimum numbers of both to function. We show that the Nash equilibrium under uniform costs in both cases is computable in polynomial time, and it provides high-level deterministic conditions for the infrastructure survival. When probabilities of successful attack and defense, and of incidental failures, are incorporated into the models, the results favor the attacker but otherwise remain qualitatively similar. This approach has been motivated and validated by our experiences with UltraScience Net infrastructure, which was built to support high-performance network experiments. The analytical results, however, are more general, and we apply them to simplified models of cloud and high-performance computing infrastructures. © 2015 Society for Risk Analysis.

Changes in vestibular evoked myogenic potentials after Meniere attacks.

Science.gov (United States)

Kuo, Shih-Wei; Yang, Ting-Hua; Young, Yi-Ho

2005-09-01

The aim of this study was to apply videonystagmography (VNG) and vestibular evoked myogenic potential (VEMP) tests to patients with Meniere attacks, to explore the mechanics of where saccular disorders may affect the semicircular canals. From January 2001 to December 2003, 12 consecutive patients with unilateral definite Meniere's disease with vertiginous attacks underwent VNG for recording spontaneous nystagmus, as well as VEMP tests. At the very beginning of the Meniere attack, the spontaneous nystagmus beat toward the lesion side in 5 patients (42%) and toward the healthy side in 7 patients (58%). Twenty-four hours later, only 6 patients (50%) showed spontaneous nystagmus beating toward the healthy side. Nevertheless, spontaneous nystagmus subsided in all patients within 48 hours. The VEMP test was performed within 24 hours of a Meniere attack; the VEMPs were normal in 4 patients and abnormal in 8 patients (67%). After 48 hours, 4 patients with initially abnormal VEMPs had resolution and return to normal VEMPs, and the other 4 patients still had absent VEMPs. Most patients (67%) with Meniere attacks revealed abnormal VEMPs, indicating that the saccule participates in a Meniere attack. This is an important idea that stimulates consideration of the mechanism of Meniere attacks.

Low-Rate DDoS Attack Detection Using Expectation of Packet Size

Directory of Open Access Journals (Sweden)

Lu Zhou

2017-01-01

Full Text Available Low-rate Distributed Denial-of-Service (low-rate DDoS attacks are a new challenge to cyberspace, as the attackers send a large amount of attack packets similar to normal traffic, to throttle legitimate flows. In this paper, we propose a measurement—expectation of packet size—that is based on the distribution difference of the packet size to distinguish two typical low-rate DDoS attacks, the constant attack and the pulsing attack, from legitimate traffic. The experimental results, obtained using a series of real datasets with different times and different tolerance factors, are presented to demonstrate the effectiveness of the proposed measurement. In addition, extensive experiments are performed to show that the proposed measurement can detect the low-rate DDoS attacks not only in the short and long terms but also for low packet rates and high packet rates. Furthermore, the false-negative rates and the adjudication distance can be adjusted based on the detection sensitivity requirements.

Vulnerability of complex networks under intentional attack with incomplete information

International Nuclear Information System (INIS)

Wu, J; Deng, H Z; Tan, Y J; Zhu, D Z

2007-01-01

We study the vulnerability of complex networks under intentional attack with incomplete information, which means that one can only preferentially attack the most important nodes among a local region of a network. The known random failure and the intentional attack are two extreme cases of our study. Using the generating function method, we derive the exact value of the critical removal fraction f c of nodes for the disintegration of networks and the size of the giant component. To validate our model and method, we perform simulations of intentional attack with incomplete information in scale-free networks. We show that the attack information has an important effect on the vulnerability of scale-free networks. We also demonstrate that hiding a fraction of the nodes information is a cost-efficient strategy for enhancing the robustness of complex networks

Seven Deadliest Microsoft Attacks

CERN Document Server

Kraus, Rob; Borkin, Mike; Alpern, Naomi

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting Microsoft products? Then you need Seven Deadliest Microsoft Attacks. This book pinpoints the most dangerous hacks and exploits specific to Microsoft applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Windows Operating System-Password AttacksActive Directory-Escalat

Evaluation of current state of amplification-based DDoS attacks

NARCIS (Netherlands)

Bohte, Edgar; Stamatogiannakis, Manolis; Bos, Herbert

2018-01-01

Amplification-based DDoS attacks are still a big threat to the availability of the internet. In quite some time there is no new paper published that gave an update on the current state of amplification DDoS attacks, taken into consideration it was a huge problem a few years ago. We performed

MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 2

Directory of Open Access Journals (Sweden)

K. Smirnova

2017-11-01

Full Text Available The possibility of applying machine learning for the classification of malicious requests to aWeb application is considered. This approach excludes the use of deterministic analysis systems (for example, expert systems,and is based on the application of a cascade of neural networks or perceptrons on an approximate model to the real humanbrain. The main idea of the work is to enable to describe complex attack vectors consisting of feature sets, abstract terms forcompiling a training sample, controlling the quality of recognition and classifying each of the layers (networks participatingin the work, with the ability to adjust not the entire network, but only a small part of it, in the training of which a mistake orinaccuracy crept in. The design of the developed network can be described as a cascaded, scalable neural network.When using neural networks to detect attacks on web systems, the issue of vectorization and normalization of features isacute. The most commonly used methods for solving these problems are not designed for the case of deliberate distortion ofthe signs of an attack.The proposed approach makes it possible to obtain a neural network that has been studied in more detail by small features,and also to eliminate the normalization issues in order to avoid deliberately bypassing the intrusion detection system. Byisolating one more group of neurons in the network and teaching it to samples containing various variants of circumvention ofthe attack classification, the developed intrusion detection system remains able to classify any types of attacks as well as theiraggregates, putting forward more stringent measures to counteract attacks. This allows you to follow the life cycle of theattack in more detail: from the starting trial attack to deliberate sophisticated attempts to bypass the system and introducemore decisive measures to actively counteract the attack, eliminating the chances of a false alarm system.

Securing ad hoc wireless sensor networks under Byzantine attacks by implementing non-cryptographic method

Directory of Open Access Journals (Sweden)

Shabir Ahmad Sofi

2017-05-01

Full Text Available Ad Hoc wireless sensor network (WSN is a collection of nodes that do not need to rely on predefined infrastructure to keep the network connected. The level of security and performance are always somehow related to each other, therefore due to limited resources in WSN, cryptographic methods for securing the network against attacks is not feasible. Byzantine attacks disrupt the communication between nodes in the network without regard to its own resource consumption. This paper discusses the performance of cluster based WSN comparing LEACH with Advanced node based clusters under byzantine attacks. This paper also proposes an algorithm for detection and isolation of the compromised nodes to mitigate the attacks by non-cryptographic means. The throughput increases after using the algorithm for isolation of the malicious nodes, 33% in case of Gray Hole attack and 62% in case of Black Hole attack.

Security of Quantum-Readout PUFs against quadrature based challenge estimation attacks

NARCIS (Netherlands)

Skoric, B.; Mosk, Allard; Pinkse, Pepijn Willemszoon Harry

2013-01-01

The concept of quantum-secure readout of Physical Unclonable Functions (PUFs) has recently been realized experimentally in an optical PUF system. We analyze the security of this system under the strongest type of classical attack: the challenge estimation attack. The adversary performs a measurement

Investigation Model for DDoS Attack Detection in Real-Time

Directory of Open Access Journals (Sweden)

Abdulghani Ali Ahmed

2015-02-01

Full Text Available Investigating traffic of distributed denial of services (DDoS attack requires extra overhead which mostly results in network performance degradation. This study proposes an investigation model for detecting DDoS attack in real-time without causing negative degradation against network performance. The model investigates network traffic in a scalable way to detect user violations on quality of service regulations. Traffic investigation is triggered only when the network is congested; at that exact moment, burst gateways actually generate a congestion notification to misbehaving users. The misbehaving users are thus further investigated by measuring their consumption ratios of bandwidth. By exceeding the service level agreement bandwidth ratio, user traffic is filtered as DDoS traffic. Simulation results demonstrate that the proposed model efficiently monitors intrusive traffic and precisely detects DDoS attack.

Effect of β-alanine supplementation on 20 km cycling time trial performance

Directory of Open Access Journals (Sweden)

Ruth Margaret JAMES

2014-09-01

Full Text Available The effects of β-alanine supplementation on high-intensity cycling performance and capacity have been evaluated, although the effects on longer duration cycling performance are unclear. Nineteen UK category 1 male cyclists completed four 20 km cycling time trials, two before and two after supplementation with either 6.4 g•d-1 β-alanine (n = 10; BA or a matched placebo (n = 9; P. Performance time for the 20 km time trial and 1 km split times were recorded. There was no significant effect of β-alanine supplementation on 20 km time trial performance (BA-pre 1943 ± 129 s; BA-post 1950 ± 147 s; P-pre 1989 ± 106 s; P-post 1986 ± 115 s or on the performance of each 1 km split. The effect of β-alanine on 20 km time trial performance was deemed unclear as determined by magnitude based inferences. Supplementation with 6.4 g•d-1 of β-alanine for 4 weeks did not affect 20 km cycling time trial performance in well trained male cyclists.

Protecting Cryptographic Memory against Tampering Attack

DEFF Research Database (Denmark)

Mukherjee, Pratyay

In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks. In prac......In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks....... In practice such attacks can be executed easily, e.g. by heating the device, as substantiated by numerous works in the past decade. Tampering attacks are a class of such physical attacks where the attacker can change the memory/computation, gains additional (non-black-box) knowledge by interacting...... with the faulty device and then tries to break the security. Prior works show that generically approaching such problem is notoriously difficult. So, in this dissertation we attempt to solve an easier question, known as memory-tampering, where the attacker is allowed tamper only with the memory of the device...

Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

Directory of Open Access Journals (Sweden)

Apostolos P. Fournaris

2017-07-01

Full Text Available Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT and Operational Technology (OT systems that are meant to operate harmonically under a security critical framework. As security IT countermeasures are gradually been installed in many embedded system nodes, thus securing them from many well-know cyber attacks there is a lurking danger that is still overlooked. Apart from the software vulnerabilities that typical malicious programs use, there are some very interesting hardware vulnerabilities that can be exploited in order to mount devastating software or hardware attacks (typically undetected by software countermeasures capable of fully compromising any embedded system device. Real-time microarchitecture attacks such as the cache side-channel attacks are such case but also the newly discovered Rowhammer fault injection attack that can be mounted even remotely to gain full access to a device DRAM (Dynamic Random Access Memory. Under the light of the above dangers that are focused on the device hardware structure, in this paper, an overview of this attack field is provided including attacks, threat directives and countermeasures. The goal of this paper is not to exhaustively overview attacks and countermeasures but rather to survey the various, possible, existing attack directions and highlight the security risks that they can pose to security critical embedded systems as well as indicate their strength on compromising the Quality of Service (QoS such systems are designed to provide.

A Persistent Structured Hierarchical Overlay Network to Counter Intentional Churn Attack

Directory of Open Access Journals (Sweden)

Ramanpreet Kaur

2016-01-01

Full Text Available The increased use of structured overlay network for a variety of applications has attracted a lot of attention from both research community and attackers. However, the structural constraints, open nature (anybody can join and anybody may leave, and unreliability of its participant nodes significantly affect the performance of these applications and make it vulnerable to a variety of attacks such as eclipse, Sybil, and churn. One attack to compromise the service availability in overlay network is intentional churn (join/leave attack, where a large number of malicious users will join and leave the overlay network so frequently that the entire structure collapses and becomes unavailable. The focus of this paper is to provide a new robust, efficient, and scalable hierarchical overlay architecture that will counter these attacks by providing a structure that can accommodate the fleeting behaviour of nodes without causing much structural inconsistencies. The performance evaluation showed that the proposed architecture has more failure resilience and self-organization as compared to chord based architecture. Experimental results have demonstrated that the effect of failures on an overlay is proportional to the size of failure.

RApid Primary care Initiation of Drug treatment for Transient Ischaemic Attack (RAPID−TIA): study protocol for a pilot randomised controlled trial

Science.gov (United States)

2013-01-01

Background People who have a transient ischaemic attack (TIA) or minor stroke are at high risk of a recurrent stroke, particularly in the first week after the event. Early initiation of secondary prevention drugs is associated with an 80% reduction in risk of stroke recurrence. This raises the question as to whether these drugs should be given before being seen by a specialist – that is, in primary care or in the emergency department. The aims of the RAPID-TIA pilot trial are to determine the feasibility of a randomised controlled trial, to analyse cost effectiveness and to ask: Should general practitioners and emergency doctors (primary care physicians) initiate secondary preventative measures in addition to aspirin in people they see with suspected TIA or minor stroke at the time of referral to a specialist? Methods/Design This is a pilot randomised controlled trial with a sub-study of accuracy of primary care physician diagnosis of TIA. In the pilot trial, we aim to recruit 100 patients from 30 general practices (including out-of-hours general practice centres) and 1 emergency department whom the primary care physician diagnoses with TIA or minor stroke and randomly assign them to usual care (that is, initiation of aspirin and referral to a TIA clinic) or usual care plus additional early initiation of secondary prevention drugs (a blood-pressure lowering protocol, simvastatin 40 mg and dipyridamole 200 mg m/r bd). The primary outcome of the main study will be the number of strokes at 90 days. The diagnostic accuracy sub-study will include these 100 patients and an additional 70 patients in whom the primary care physician thinks the diagnosis of TIA is possible, rather than probable. For the pilot trial, we will report recruitment rate, follow-up rate, a preliminary estimate of the primary event rate and occurrence of any adverse events. For the diagnostic study, we will calculate sensitivity and specificity of primary care physician diagnosis using the final

Seven deadliest USB attacks

CERN Document Server

Anderson, Brian

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting USB technology? Then you need Seven Deadliest USB Attacks. This book pinpoints the most dangerous hacks and exploits specific to USB, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: USB Hacksaw USB Switchblade USB Based Virus/Malicous Code Launch USB Device Overflow RAMdum

Seven Deadliest Unified Communications Attacks

CERN Document Server

York, Dan

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting Unified Communications technology? Then you need Seven Deadliest Unified Communication Attacks. This book pinpoints the most dangerous hacks and exploits specific to Unified Communications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks featured in this book include: UC Ecosystem Attacks Insecure Endpo

Using the Domain Name System to Thwart Automated Client-Based Attacks

Energy Technology Data Exchange (ETDEWEB)

Taylor, Curtis R [ORNL; Shue, Craig A [ORNL

2011-09-01

On the Internet, attackers can compromise systems owned by other people and then use these systems to launch attacks automatically. When attacks such as phishing or SQL injections are successful, they can have negative consequences including server downtime and the loss of sensitive information. Current methods to prevent such attacks are limited in that they are application-specific, or fail to block attackers. Phishing attempts can be stopped with email filters, but if the attacker manages to successfully bypass these filters, then the user must determine if the email is legitimate or not. Unfortunately, they often are unable to do so. Since attackers have a low success rate, they attempt to compensate for it in volume. In order to have this high throughput, attackers take shortcuts and break protocols. We use this knowledge to address these issues by implementing a system that can detect malicious activity and use it to block attacks. If the client fails to follow proper procedure, they can be classified as an attacker. Once an attacker has been discovered, they will be isolated and monitored. This can be accomplished using existing software in Ubuntu Linux applications, along with our custom wrapper application. After running the system and seeing its performance on three popular Web browsers Chromium, Firefox and Internet Explorer as well as two popular email clients, Thunderbird and Evolution, we found that not only is this system conceivable, it is effective and has low overhead.

A comparison of low-dose risperidone to paroxetine in the treatment of panic attacks: a randomized, single-blind study

Directory of Open Access Journals (Sweden)

Galynker Igor I

2009-05-01

Full Text Available Abstract Background Because a large proportion of patients with panic attacks receiving approved pharmacotherapy do not respond or respond poorly to medication, it is important to identify additional therapeutic strategies for the management of panic symptoms. This article describes a randomized, rater-blind study comparing low-dose risperidone to standard-of-care paroxetine for the treatment of panic attacks. Methods Fifty six subjects with a history of panic attacks were randomized to receive either risperidone or paroxetine. The subjects were then followed for eight weeks. Outcome measures included the Panic Disorder Severity Scale (PDSS, the Hamilton Anxiety Scale (Ham-A, the Hamilton Depression Rating Scale (Ham-D, the Sheehan Panic Anxiety Scale-Patient (SPAS-P, and the Clinical Global Impression scale (CGI. Results All subjects demonstrated a reduction in both the frequency and severity of panic attacks regardless of treatment received. Statistically significant improvements in rating scale scores for both groups were identified for the PDSS, the Ham-A, the Ham-D, and the CGI. There was no difference between treatment groups in the improvement in scores on the measures PDSS, Ham-A, Ham-D, and CGI. Post hoc tests suggest that subjects receiving risperidone may have a quicker clinical response than subjects receiving paroxetine. Conclusion We can identify no difference in the efficacy of paroxetine and low-dose risperidone in the treatment of panic attacks. Low-dose risperidone appears to be tolerated equally well as paroxetine. Low-dose risperidone may be an effective treatment for anxiety disorders in which panic attacks are a significant component. Trial Registration ClinicalTrials.gov Identifier: NCT100457106

Developing advanced fingerprint attacks on challenge-based collaborative intrusion detection networks

DEFF Research Database (Denmark)

Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For

2017-01-01

Traditionally, an isolated intrusion detection system (IDS) is vulnerable to various types of attacks. In order to enhance IDS performance, collaborative intrusion detection networks (CIDNs) are developed through enabling a set of IDS nodes to communicate with each other. Due to the distributed...... network architecture, insider attacks are one of the major threats. In the literature, challenge-based trust mechanisms have been built to identify malicious nodes by evaluating the satisfaction levels between challenges and responses. However, such mechanisms rely on two major assumptions, which may...... result in a weak threat model. In this case, CIDNs may be still vulnerable to advanced insider attacks in real-world deployment. In this paper, we propose a novel collusion attack, called passive message fingerprint attack (PMFA), which can collect messages and identify normal requests in a passive way...

Aspects on testing methods for acid attacks on concrete - further experiments

International Nuclear Information System (INIS)

Romben, L.

1980-01-01

The report presents a number of control experiments which have been performed to verify test procedures of the resistance of concrete and concrete products. A more detailed study of the calcium dissolution and the layer dissolution process has been performed. The mechanisms which control the rate of attack in the long term are discussed. The proposed method is intended for use in studying the resistance to attacks by acid water solutions. (G.B.)

Low Complexity Signed Response Based Sybil Attack Detection Mechanism in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

M. Saud Khan

2016-01-01

Full Text Available Security is always a major concern in wireless sensor networks (WSNs. Identity based attacks such as spoofing and sybil not only compromise the network but also slow down its performance. This paper proposes a low complexity sybil attack detection scheme, that is, based on signed response (SRES authentication mechanism developed for Global System for Mobile (GSM communications. A probabilistic model is presented which analyzes the proposed authentication mechanism for its probability of sybil attack. The paper also presents a simulation based comparative analysis of the existing sybil attack schemes with respect to the proposed scheme. It is observed that the proposed sybil detection scheme exhibits lesser computational cost and power consumption as compared to the existing schemes for the same sybil detection performance.

Exposure‐Response Model of Subcutaneous C1‐Inhibitor Concentrate to Estimate the Risk of Attacks in Patients With Hereditary Angioedema

Science.gov (United States)

Tortorici, Michael A.; Pawaskar, Dipti; Pragst, Ingo; Machnig, Thomas; Hutmacher, Matthew; Zuraw, Bruce; Cicardi, Marco; Craig, Timothy; Longhurst, Hilary; Sidhu, Jagdev

2018-01-01

Subcutaneous C1‐inhibitor (HAEGARDA, CSL Behring), is a US Food and Drug Administration (FDA)‐approved, highly concentrated formulation of a plasma‐derived C1‐esterase inhibitor (C1‐INH), which, in the phase III Clinical Studies for Optimal Management in Preventing Angioedema with Low‐Volume Subcutaneous C1‐inhibitor Replacement Therapy (COMPACT) trial, reduced the incidence of hereditary angioedema (HAE) attacks when given prophylactically. Data from the COMPACT trial were used to develop a repeated time‐to‐event model to characterize the timing and frequency of HAE attacks as a function of C1‐INH activity, and then develop an exposure–response model to assess the relationship between C1‐INH functional activity levels (C1‐INH(f)) and the risk of an attack. The C1‐INH(f) values of 33.1%, 40.3%, and 63.1% were predicted to correspond with 50%, 70%, and 90% reductions in the HAE attack risk, respectively, relative to no therapy. Based on trough C1‐INH(f) values for the 40 IU/kg (40.2%) and 60 IU/kg (48.0%) C1‐INH (SC) doses, the model predicted that 50% and 67% of the population, respectively, would see at least a 70% decrease in the risk of an attack. PMID:29316335

Study of thallium scintigraphy for myocardial infarction performed within 72 hours of attack

Energy Technology Data Exchange (ETDEWEB)

Setsuda, Koichi; Tomita, Yoshifumi; Takayama, Morimasa (Nippon Medical School, Tokyo)

1983-11-01

In 40 cases undergoing /sup 201/Tl myocardial scanning within 72 hours of attack of myocardial infarction, a significant correlation was found between the infarct size determined by myocardial scanning and the size of the infarction estimated on the basis of ECG findings and serum enzymes. The group with high pulmonary capillary wedge pressure was the group with low Tl scores. The group showing dyskinesis and aneurysm in left ventriculography showed low Tl scores and a significant correlation between the ejection fraction calculated from left ventriculograms and the Tl score. The above date indicate that /sup 201/Tl myocardial scanning in the acute phase after attack of infarction reflects the infarction size and cardiac function.

Heart attack - discharge

Science.gov (United States)

... and lifestyle Cholesterol - drug treatment Controlling your high blood pressure Deep vein thrombosis - discharge Dietary fats explained Fast food tips Heart attack - discharge Heart attack - what to ask your doctor Heart bypass ... pacemaker - discharge High blood pressure - what to ask your doctor How to read ...

Studies on sulfate attack: Mechanisms, test methods, and modeling

Science.gov (United States)

Santhanam, Manu

The objective of this research study was to investigate various issues pertaining to the mechanism, testing methods, and modeling of sulfate attack in concrete. The study was divided into the following segments: (1) effect of gypsum formation on the expansion of mortars, (2) attack by the magnesium ion, (3) sulfate attack in the presence of chloride ions---differentiating seawater and groundwater attack, (4) use of admixtures to mitigate sulfate attack---entrained air, sodium citrate, silica fume, and metakaolin, (5) effects of temperature and concentration of the attack solution, (6) development of new test methods using concrete specimens, and (7) modeling of the sulfate attack phenomenon. Mortar specimens using portland cement (PC) and tricalcium silicate (C 3S), with or without mineral admixtures, were prepared and immersed in different sulfate solutions. In addition to this, portland cement concrete specimens were also prepared and subjected to complete and partial immersion in sulfate solutions. Physical measurements, chemical analyses and microstructural studies were performed periodically on the specimens. Gypsum formation was seen to cause expansion of the C3S mortar specimens. Statistical analyses of the data also indicated that the quantity of gypsum was the most significant factor controlling the expansion of mortar bars. The attack by magnesium ion was found to drive the reaction towards the formation of brucite. Decalcification of the C-S-H and its subsequent conversion to the non-cementitious M-S-H was identified as the mechanism of destruction in magnesium sulfate attack. Mineral admixtures were beneficial in combating sodium sulfate attack, while reducing the resistance to magnesium sulfate attack. Air entrainment did not change the measured physical properties, but reduced the visible distress of the mortars. Sodium citrate caused a substantial reduction in the rate of damage of the mortars due to its retarding effect. Temperature and

Attacks on IEEE 802.11 wireless networks

Directory of Open Access Journals (Sweden)

Dejan Milan Tepšić

2013-06-01

Full Text Available Security of wireless computer networks was initially secured with the WEP security protocol, which relies on the RC4 encryption algorithm and the CRC algorithm to check the integrity. The basic problems of the WEP are a short initialization vector, unsafe data integrity checking, using a common key, the lack of mechanisms for management and exchange of keys, the lack of protection from the endless insertion of the same package into the network, the lack of authentication of access points and the like. The consequences of these failures are easy attacks against the WEP network, namely their complete insecurity. Therefore, the work began on the IEEE 802.11i protocol, which should radically improve the security of wireless networks. Since the development of a protocol lasted, the WPA standard was released to offset the security gap caused by the WEP. The WPA also relies on RC4 and CRC algorithms, but brings temporary keys and the MIC algorithm for data integrity. The 802.1X authentication was introduced and common keys are no longer needed, since it is possible to use an authentication server. The length of the initialization vector was increased and the vector is obtained based on the packet serial number, in order to prevent the insertion of the same packet into the network. The weakness of the WPA security mechanism is the use of a common key. WPA2 (802.11i later appeared. Unlike the WPA mechanism that worked on old devices with the replacement of software, WPA2 requires new network devices that can perform AES encryption. AES replaces the RC4 algorithm and delivers much greater security. Data integrity is protected by encryption. Despite progress, there are still weaknesses in wireless networks. Attacks for denial of service are possible as well as spoofing package headers attacks. For now, it is not advisable to use wireless networks in environments where unreliability and unavailability are not tolerated. Introduction In the entire history of

Cross-site Scripting Attacks on Android WebView

OpenAIRE

Bhavani A B

2013-01-01

WebView is an essential component in Android and iOS. It enables applications to display content from on-line resources. It simplifies task of performing a network request, parsing the data and rendering it. WebView uses a number of APIs which can interact with the web contents inside WebView. In the current paper, Cross-site scripting attacks or XSS attacks specific to Android WebView are discussed. Cross site scripting (XSS) is a type of vulnerability commonly found in web applications. Thi...

A nitric oxide donor (nitroglycerin) triggers genuine migraine attacks

DEFF Research Database (Denmark)

Thomsen, L L; Kruuse, C; Iversen, Helle Klingenberg

1994-01-01

Supersensitivity to induction of headache and arterial dilatation by a donor of nitric oxide (nitroglycerin) has recently been demonstrated in migraine sufferers. The aims of the present study were to examine whether the nitric oxide donor nitroglycerin may induce a typical migraine attack......, to exclude placebo-related effects and to describe the relation between middle cerebral artery dilatation and provoked migraine. Nitroglycerin (0.5 μg/kg/min for 20 min) or placebo was infused into 12 migraine patients in a double-blind cross-over trial. Blood velocity in the middle cerebral artery...

Time-Efficient Cloning Attacks Identification in Large-Scale RFID Systems

Directory of Open Access Journals (Sweden)

Ju-min Zhao

2017-01-01

Full Text Available Radio Frequency Identification (RFID is an emerging technology for electronic labeling of objects for the purpose of automatically identifying, categorizing, locating, and tracking the objects. But in their current form RFID systems are susceptible to cloning attacks that seriously threaten RFID applications but are hard to prevent. Existing protocols aimed at detecting whether there are cloning attacks in single-reader RFID systems. In this paper, we investigate the cloning attacks identification in the multireader scenario and first propose a time-efficient protocol, called the time-efficient Cloning Attacks Identification Protocol (CAIP to identify all cloned tags in multireaders RFID systems. We evaluate the performance of CAIP through extensive simulations. The results show that CAIP can identify all the cloned tags in large-scale RFID systems fairly fast with required accuracy.

Research on the Fatigue Flexural Performance of RC Beams Attacked by Salt Spray

Science.gov (United States)

Mao, Jiang-hong; Xu, Fang-yuan; Jin, Wei-liang; Zhang, Jun; Wu, Xi-xi; Chen, Cai-sheng

2018-04-01

The fatigue flexural performance of RC beams attacked by salt spray was studied. A testing method involving electro osmosis, electrical accelerated corrosion and salt spray was proposed. This corrosion process method effectively simulates real-world salt spray and fatigue loading exerted by RC components on sea bridges. Four RC beams that have different stress amplitudes were tested. It is found that deterioration by corrosion and fatigue loading reduces the fatigue life of the RC and decreases the ability of deformation. The fatigue life and deflection ability could be reduced by increasing the stress amplitude and the corrosion duration time. The test result demonstrates that this experimental method can couple corrosion deterioration and fatigue loading reasonably. This procedure may be applied to evaluate the fatigue life and concrete durability of RC components located in a natural salt spray environment.

Attack Trees for Practical Security Assessment: Ranking of Attack Scenarios with ADTool 2.0

NARCIS (Netherlands)

Gadyatskaya, Olga; Jhawar, Ravi; Kordy, P.T.; Lounis, Karim; Mauw, Sjouke; Trujillo-Rasua, Rolando

2016-01-01

In this tool demonstration paper we present the ADTool2.0: an open-source software tool for design, manipulation and analysis of attack trees. The tool supports ranking of attack scenarios based on quantitative attributes entered by the user; it is scriptable; and it incorporates attack trees with

The work-averse cyber attacker model : theory and evidence from two million attack signatures

NARCIS (Netherlands)

Allodi, L.; Massacci, F.; Williams, J.

The typical cyber attacker is assumed to be all powerful and to exploit all possible vulnerabilities. In this paper we present, and empirically validate, a novel and more realistic attacker model. The intuition of our model is that an attacker will optimally choose whether to act and weaponize a new

Evaluation of a Multi-Agent System for Simulation and Analysis of Distributed Denial-of-Service Attacks

National Research Council Canada - National Science Library

Huu, Tee

2003-01-01

DDoS attack is evolving at a rapid and alarming rate; an effective solution must be formulated using an adaptive approach Most of the simulations are performed at the attack phase of the DDoS attack...

Classifier fusion for VoIP attacks classification

Science.gov (United States)

Safarik, Jakub; Rezac, Filip

2017-05-01

SIP is one of the most successful protocols in the field of IP telephony communication. It establishes and manages VoIP calls. As the number of SIP implementation rises, we can expect a higher number of attacks on the communication system in the near future. This work aims at malicious SIP traffic classification. A number of various machine learning algorithms have been developed for attack classification. The paper presents a comparison of current research and the use of classifier fusion method leading to a potential decrease in classification error rate. Use of classifier combination makes a more robust solution without difficulties that may affect single algorithms. Different voting schemes, combination rules, and classifiers are discussed to improve the overall performance. All classifiers have been trained on real malicious traffic. The concept of traffic monitoring depends on the network of honeypot nodes. These honeypots run in several networks spread in different locations. Separation of honeypots allows us to gain an independent and trustworthy attack information.

Anti-spoofing for display and print attacks on palmprint verification systems

Science.gov (United States)

Kanhangad, Vivek; Bhilare, Shruti; Garg, Pragalbh; Singh, Pranjalya; Chaudhari, Narendra

2015-05-01

A number of approaches for personal authentication using palmprint features have been proposed in the literature, majority of which focus on improving the matching performance. However, of late, preventing potential attacks on biometric systems has become a major concern as more and more biometric systems get deployed for wide range of applications. Among various types of attacks, sensor level attack, commonly known as spoof attack, has emerged as the most common attack due to simplicity in its execution. In this paper, we present an approach for detection of display and print based spoof attacks on palmprint verifcation systems. The approach is based on the analysis of acquired hand images for estimating surface re ectance. First and higher order statistical features computed from the distributions of pixel intensities and sub-band wavelet coeefficients form the feature set. A trained binary classifier utilizes the discriminating information to determine if the acquired image is of real hand or a fake one. Experiments are performed on a publicly available hand image dataset, containing 1300 images corresponding to 230 subjects. Experimental results show that the real hand biometrics samples can be substituted by the fake digital or print copies with an alarming spoof acceptance rate as high as 79.8%. Experimental results also show that the proposed spoof detection approach is very effective for discriminating between real and fake palmprint images. The proposed approach consistently achieves over 99% average 10-fold cross validation classification accuracy in our experiments.

Effectiveness of Trigger Point Manual Treatment on the Frequency, Intensity, and Duration of Attacks in Primary Headaches: A Systematic Review and Meta-Analysis of Randomized Controlled Trials

Directory of Open Access Journals (Sweden)

Luca Falsiroli Maistrello

2018-04-01

Full Text Available BackgroundA variety of interventions has been proposed for symptomatology relief in primary headaches. Among these, manual trigger points (TrPs treatment gains popularity, but its effects have not been investigated yet.ObjectiveThe aim was to establish the effectiveness of manual TrP compared to minimal active or no active interventions in terms of frequency, intensity, and duration of attacks in adult people with primary headaches.MethodsWe searched MEDLINE, COCHRANE, Web Of Science, and PEDro databases up to November 2017 for randomized controlled trials (RCTs. Two independent reviewers appraised the risk-of-bias (RoB and the grading of recommendations, assessment, development, and evaluation (GRADE to evaluate the overall quality of evidence.ResultsSeven RCTs that compared manual treatment vs minimal active intervention were included: 5 focused on tension-type headache (TTH and 2 on Migraine (MH; 3 out of 7 RCTs had high RoB. Combined TTH and MH results show statistically significant reduction for all outcomes after treatment compared to controls, but the level of evidence was very low. Subgroup analysis showed a statistically significant reduction in attack frequency (no. of attacks per month after treatment in TTH (MD −3.50; 95% CI from −4.91 to −2.09; 4 RCTs and in MH (MD −1.92; 95% CI from −3.03 to −0.80; 2 RCTs. Pain intensity (0–100 scale was reduced in TTH (MD −12.83; 95% CI from −19.49 to −6.17; 4 RCTs and in MH (MD −13.60; 95% CI from −19.54 to −7.66; 2RCTs. Duration of attacks (hours was reduced in TTH (MD −0.51; 95% CI from −0.97 to −0.04; 2 RCTs and in MH (MD −10.68; 95% CI from −14.41 to −6.95; 1 RCT.ConclusionManual TrPs treatment of head and neck muscles may reduce frequency, intensity, and duration of attacks in TTH and MH, but the quality of evidence according to GRADE approach was very low for the presence of few studies, high RoB, and imprecision of results.

Web server attack analyzer

OpenAIRE

Mižišin, Michal

2013-01-01

Web server attack analyzer - Abstract The goal of this work was to create prototype of analyzer of injection flaws attacks on web server. Proposed solution combines capabilities of web application firewall and web server log analyzer. Analysis is based on configurable signatures defined by regular expressions. This paper begins with summary of web attacks, followed by detection techniques analysis on web servers, description and justification of selected implementation. In the end are charact...

Network Protection Against DDoS Attacks

Directory of Open Access Journals (Sweden)

Petr Dzurenda

2015-03-01

Full Text Available The paper deals with possibilities of the network protection against Distributed Denial of Service attacks (DDoS. The basic types of DDoS attacks and their impact on the protected network are presented here. Furthermore, we present basic detection and defense techniques thanks to which it is possible to increase resistance of the protected network or device against DDoS attacks. Moreover, we tested the ability of current commercial Intrusion Prevention Systems (IPS, especially Radware DefensePro 6.10.00 product against the most common types of DDoS attacks. We create five scenarios that are varied in type and strength of the DDoS attacks. The attacks intensity was much greater than the normal intensity of the current DDoS attacks.

Attack Tree Generation by Policy Invalidation

DEFF Research Database (Denmark)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

2015-01-01

through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based......Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified...... on invalidating policies in the system model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps....

Social Engineering Attack Detection Model: SEADMv2

CSIR Research Space (South Africa)

Mouton, F

2015-10-01

Full Text Available link in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy as far as formal...

Secure Data Aggregation in Wireless Sensor Network-Fujisaki Okamoto(FO) Authentication Scheme against Sybil Attack.

Science.gov (United States)

Nirmal Raja, K; Maraline Beno, M

2017-07-01

In the wireless sensor network(WSN) security is a major issue. There are several network security schemes proposed in research. In the network, malicious nodes obstruct the performance of the network. The network can be vulnerable by Sybil attack. When a node illicitly assertions multiple identities or claims fake IDs, the WSN grieves from an attack named Sybil attack. This attack threatens wireless sensor network in data aggregation, synchronizing system, routing, fair resource allocation and misbehavior detection. Henceforth, the research is carried out to prevent the Sybil attack and increase the performance of the network. This paper presents the novel security mechanism and Fujisaki Okamoto algorithm and also application of the work. The Fujisaki-Okamoto (FO) algorithm is ID based cryptographic scheme and gives strong authentication against Sybil attack. By using Network simulator2 (NS2) the scheme is simulated. In this proposed scheme broadcasting key, time taken for different key sizes, energy consumption, Packet delivery ratio, Throughput were analyzed.

Patrol Detection for Replica Attacks on Wireless Sensor Networks

OpenAIRE

Wang, Liang-Min; Shi, Yang

2011-01-01

Replica attack is a critical concern in the security of wireless sensor networks. We employ mobile nodes as patrollers to detect replicas distributed in different zones in a network, in which a basic patrol detection protocol and two detection algorithms for stationary and mobile modes are presented. Then we perform security analysis to discuss the defense strategies against the possible attacks on the proposed detection protocol. Moreover, we show the advantages of the proposed protocol by d...

Terrorists and Suicide Attacks

National Research Council Canada - National Science Library

Cronin, Audrey K

2003-01-01

Suicide attacks by terrorist organizations have become more prevalent globally, and assessing the threat of suicide attacks against the United States and its interests at home and abroad has therefore...

Mental Toughness Moderates Social Loafing in Cycle Time-Trial Performance.

Science.gov (United States)

Haugen, Tommy; Reinboth, Michael; Hetlelid, Ken J; Peters, Derek M; Høigaard, Rune

2016-09-01

The purpose of this study was to determine if mental toughness moderated the occurrence of social loafing in cycle time-trial performance. Twenty-seven men (Mage = 17.7 years, SD = 0.6) completed the Sport Mental Toughness Questionnaire prior to completing a 1-min cycling trial under 2 conditions: once with individual performance identified, and once in a group with individual performance not identified. Using a median split of the mental toughness index, participants were divided into high and low mental toughness groups. Cycling distance was compared using a 2 (trial) × 2 (high-low mental toughness) analysis of variance. We hypothesized that mentally tough participants would perform equally well under both conditions (i.e., no indication of social loafing) compared with low mentally tough participants, who would perform less well when their individual performance was not identifiable (i.e., demonstrating the anticipated social loafing effect). The high mental toughness group demonstrated consistent performance across both conditions, while the low mental toughness group reduced their effort in the non-individually identifiable team condition. The results confirm that (a) clearly identifying individual effort/performance is an important situational variable that may impact team performance and (b) higher perceived mental toughness has the ability to negate the tendency to loaf.

RApid Primary care Initiation of Drug treatment for Transient Ischaemic Attack (RAPID-TIA): study protocol for a pilot randomised controlled trial.

Science.gov (United States)

Edwards, Duncan; Fletcher, Kate; Deller, Rachel; McManus, Richard; Lasserson, Daniel; Giles, Matthew; Sims, Don; Norrie, John; McGuire, Graham; Cohn, Simon; Whittle, Fiona; Hobbs, Vikki; Weir, Christopher; Mant, Jonathan

2013-07-02

People who have a transient ischaemic attack (TIA) or minor stroke are at high risk of a recurrent stroke, particularly in the first week after the event. Early initiation of secondary prevention drugs is associated with an 80% reduction in risk of stroke recurrence. This raises the question as to whether these drugs should be given before being seen by a specialist--that is, in primary care or in the emergency department. The aims of the RAPID-TIA pilot trial are to determine the feasibility of a randomised controlled trial, to analyse cost effectiveness and to ask: Should general practitioners and emergency doctors (primary care physicians) initiate secondary preventative measures in addition to aspirin in people they see with suspected TIA or minor stroke at the time of referral to a specialist? This is a pilot randomised controlled trial with a sub-study of accuracy of primary care physician diagnosis of TIA. In the pilot trial, we aim to recruit 100 patients from 30 general practices (including out-of-hours general practice centres) and 1 emergency department whom the primary care physician diagnoses with TIA or minor stroke and randomly assign them to usual care (that is, initiation of aspirin and referral to a TIA clinic) or usual care plus additional early initiation of secondary prevention drugs (a blood-pressure lowering protocol, simvastatin 40 mg and dipyridamole 200 mg m/r bd). The primary outcome of the main study will be the number of strokes at 90 days. The diagnostic accuracy sub-study will include these 100 patients and an additional 70 patients in whom the primary care physician thinks the diagnosis of TIA is possible, rather than probable. For the pilot trial, we will report recruitment rate, follow-up rate, a preliminary estimate of the primary event rate and occurrence of any adverse events. For the diagnostic study, we will calculate sensitivity and specificity of primary care physician diagnosis using the final TIA clinic diagnosis as the

Integrated approach for investigating the durability of self-consolidating concrete to sulfate attack

Science.gov (United States)

Bassuoni, Mohamed Tamer F.

The growing use of self-consolidating concrete (SCC) in various infrastructure applications exposed to sulfate-rich environments necessitates conducting comprehensive research to evaluate its durability to external sulfate attack. Since the reliability and adequacy of standard sulfate immersion tests have been questioned, the current thesis introduced an integrated testing approach for assessing the durability of a wide scope of SCC mixtures to external sulfate attack. This testing approach involved progressive levels of complexity from single to multiple damage processes. A new series of sulfate attack tests involving multiple field-like parameters and combined damage mechanisms (various cations, controlled pH, wetting-drying, partial immersion, freezing-thawing, and cyclic cold-hot conditions with or without sustained flexural loading) were designed to evaluate the performance (suitability) of the SCC mixtures under various sulfate attack exposure scenarios. The main mixture design variables of SCC included the type of binder (single, binary, ternary and quaternary), air-entrainment, sand-to-aggregate mass ratio and hybrid fibre reinforcement. The comprehensive database and knowledge obtained from this research were used to develop smart models (fuzzy and neuro-fuzzy inference systems) based on artificial-intelligence to evaluate and predict the performance of the SCC mixtures under various sulfate attack exposure regimes implemented in this study. In full immersion tests involving high concentration sodium and magnesium sulfate solutions with controlled pH, the low penetrability of SCC was responsible for the high durability of specimens. Ternary and quaternary cementitious systems with or without limestone materials provided a passivating layer, with or without acid neutralization capacity, which protected SCC from severe damage in the aggressive sulfuric acid and ammonium sulfate solutions. In contrast to conclusions drawn from the sodium sulfate immersion

Stochastic Model of TCP SYN Attacks

Directory of Open Access Journals (Sweden)

Simona Ramanauskaitė

2011-08-01

Full Text Available A great proportion of essential services are moving into internet space making the threat of DoS attacks even more actual. To estimate the real risk of some kind of denial of service (DoS attack in real world is difficult, but mathematical and software models make this task easier. In this paper we overview the ways of implementing DoS attack models and offer a stochastic model of SYN flooding attack. It allows evaluating the potential threat of SYN flooding attacks, taking into account both the legitimate system flow as well as the possible attack power. At the same time we can assess the effect of such parameters as buffer capacity, open connection storage in the buffer or filte­ring efficiency on the success of different SYN flooding attacks. This model can be used for other type of memory depletion denial of service attacks.Article in Lithuanian

Secure Fusion Estimation for Bandwidth Constrained Cyber-Physical Systems Under Replay Attacks.

Science.gov (United States)

Chen, Bo; Ho, Daniel W C; Hu, Guoqiang; Yu, Li; Bo Chen; Ho, Daniel W C; Guoqiang Hu; Li Yu; Chen, Bo; Ho, Daniel W C; Hu, Guoqiang; Yu, Li

2018-06-01

State estimation plays an essential role in the monitoring and supervision of cyber-physical systems (CPSs), and its importance has made the security and estimation performance a major concern. In this case, multisensor information fusion estimation (MIFE) provides an attractive alternative to study secure estimation problems because MIFE can potentially improve estimation accuracy and enhance reliability and robustness against attacks. From the perspective of the defender, the secure distributed Kalman fusion estimation problem is investigated in this paper for a class of CPSs under replay attacks, where each local estimate obtained by the sink node is transmitted to a remote fusion center through bandwidth constrained communication channels. A new mathematical model with compensation strategy is proposed to characterize the replay attacks and bandwidth constrains, and then a recursive distributed Kalman fusion estimator (DKFE) is designed in the linear minimum variance sense. According to different communication frameworks, two classes of data compression and compensation algorithms are developed such that the DKFEs can achieve the desired performance. Several attack-dependent and bandwidth-dependent conditions are derived such that the DKFEs are secure under replay attacks. An illustrative example is given to demonstrate the effectiveness of the proposed methods.

Management of acute attacks of hereditary angioedema: potential role of icatibant.

Science.gov (United States)

Longhurst, Hilary J

2010-09-07

Icatibant (Firazyr(®)) is a novel subcutaneous treatment recently licensed in the European Union for acute hereditary angioedema. Hereditary angioedema, resulting from inherited partial C1 inhibitor deficiency, is a disabling condition characterized by intermittent episodes of bradykinin-mediated angioedema. Icatibant blocks bradykinin B2 receptors, attenutating the episode. Randomized double-blind, placebo-controlled trials of icatibant, showed significant superiority over oral tranexamic acid in 74 European patients and a trend to improvement in a similar US trial comparing icatibant with placebo in 55 patients. Outcomes for several endpoints did not reach significance in the US trial, perhaps because of low participant numbers and confounding factors: a further trial is planned. Open label studies have shown benefit in multiple treatments for attacks at all sites. Approximately 10% of patients require a second dose for re-emergent symptoms, usually 10 to 27 hours after the initial treatment. Its subcutaneous route of administration, good tolerability and novel mode of action make icatibant a promising addition to the limited repertoire of treatments for hereditary angioedema.

Management of acute attacks of hereditary angioedema: potential role of icatibant

Science.gov (United States)

Longhurst, Hilary J

2010-01-01

Icatibant (Firazyr®) is a novel subcutaneous treatment recently licensed in the European Union for acute hereditary angioedema. Hereditary angioedema, resulting from inherited partial C1 inhibitor deficiency, is a disabling condition characterized by intermittent episodes of bradykinin-mediated angioedema. Icatibant blocks bradykinin B2 receptors, attenutating the episode. Randomized double-blind, placebo-controlled trials of icatibant, showed significant superiority over oral tranexamic acid in 74 European patients and a trend to improvement in a similar US trial comparing icatibant with placebo in 55 patients. Outcomes for several endpoints did not reach significance in the US trial, perhaps because of low participant numbers and confounding factors: a further trial is planned. Open label studies have shown benefit in multiple treatments for attacks at all sites. Approximately 10% of patients require a second dose for re-emergent symptoms, usually 10 to 27 hours after the initial treatment. Its subcutaneous route of administration, good tolerability and novel mode of action make icatibant a promising addition to the limited repertoire of treatments for hereditary angioedema. PMID:20859548

Attack Trees with Sequential Conjunction

NARCIS (Netherlands)

Jhawar, Ravi; Kordy, Barbara; Mauw, Sjouke; Radomirović, Sasa; Trujillo-Rasua, Rolando

2015-01-01

We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND at- tack tree formalism increases the expressivity of attack trees by intro- ducing the sequential conjunctive operator SAND. This operator enables the modeling of

Heart attack first aid

Science.gov (United States)

First aid - heart attack; First aid - cardiopulmonary arrest; First aid - cardiac arrest ... A heart attack occurs when the blood flow that carries oxygen to the heart is blocked. The heart muscle ...

Detection of Variations of Local Irregularity of Traffic under DDOS Flood Attack

Directory of Open Access Journals (Sweden)

Ming Li

2008-01-01

Full Text Available The aim of distributed denial-of-service (DDOS flood attacks is to overwhelm the attacked site or to make its service performance deterioration considerably by sending flood packets to the target from the machines distributed all over the world. This is a kind of local behavior of traffic at the protected site because the attacked site can be recovered to its normal service state sooner or later even though it is in reality overwhelmed during attack. From a view of mathematics, it can be taken as a kind of short-range phenomenon in computer networks. In this paper, we use the Hurst parameter (H to measure the local irregularity or self-similarity of traffic under DDOS flood attack provided that fractional Gaussian noise (fGn is used as the traffic model. As flood attack packets of DDOS make the H value of arrival traffic vary significantly away from that of traffic normally arriving at the protected site, we discuss a method to statistically detect signs of DDOS flood attacks with predetermined detection probability and false alarm probability.

Investigating the Possibility to Individualize Asthma Attack Therapy Based on Attack Severity and Patient Characteristics

Directory of Open Access Journals (Sweden)

Sárkány Zoltán

2016-03-01

Full Text Available Introduction: The objective of this study was to investigate with the help of a computerized simulation model whether the treatment of an acute asthma attack can be individualized based on the severity of the attack and the characteristics of the patient. Material and Method: A stochastic lung model was used to simulate the deposition of 1 nm - 10 μm particles during a mild and a moderate asthma attack. Breathing parameters were varied to maximize deposition, and simulation results were compared with those obtained in the case of a severe asthma attack. In order to investigate the effect of height on the deposition of inhaled particles, another series of simulations was carried out with identical breathing parameters, comparing patient heights of 155 cm, 175 cm and 195 cm. Results: The optimization process yielded an increase in the maximum deposition values of around 6-7% for each type of investigated asthma attack, and the difference between attacks of different degree of severity was around 5% for both the initial and the optimized values, a higher degree of obstruction increasing the amount of deposited particles. Conclusions: Our results suggest that the individualization of asthma attack treatment cannot be based on particles of different size, as the highest deposited fraction in all three types of attacks can be obtained using 0.01 μm particles. The use of a specific set of breathing parameters yields a difference between a mild and a moderate, as well as a moderate and a severe asthma attack of around 5%.

Analytical Characterization of Internet Security Attacks

Science.gov (United States)

Sellke, Sarah H.

2010-01-01

Internet security attacks have drawn significant attention due to their enormously adverse impact. These attacks includes Malware (Viruses, Worms, Trojan Horse), Denial of Service, Packet Sniffer, and Password Attacks. There is an increasing need to provide adequate defense mechanisms against these attacks. My thesis proposal deals with analytical…

Identifying and tracking attacks on networks: C3I displays and related technologies

Science.gov (United States)

Manes, Gavin W.; Dawkins, J.; Shenoi, Sujeet; Hale, John C.

2003-09-01

Converged network security is extremely challenging for several reasons; expanded system and technology perimeters, unexpected feature interaction, and complex interfaces all conspire to provide hackers with greater opportunities for compromising large networks. Preventive security services and architectures are essential, but in and of themselves do not eliminate all threat of compromise. Attack management systems mitigate this residual risk by facilitating incident detection, analysis and response. There are a wealth of attack detection and response tools for IP networks, but a dearth of such tools for wireless and public telephone networks. Moreover, methodologies and formalisms have yet to be identified that can yield a common model for vulnerabilities and attacks in converged networks. A comprehensive attack management system must coordinate detection tools for converged networks, derive fully-integrated attack and network models, perform vulnerability and multi-stage attack analysis, support large-scale attack visualization, and orchestrate strategic responses to cyber attacks that cross network boundaries. We present an architecture that embodies these principles for attack management. The attack management system described engages a suite of detection tools for various networking domains, feeding real-time attack data to a comprehensive modeling, analysis and visualization subsystem. The resulting early warning system not only provides network administrators with a heads-up cockpit display of their entire network, it also supports guided response and predictive capabilities for multi-stage attacks in converged networks.

A robust color image watermarking algorithm against rotation attacks

Science.gov (United States)

Han, Shao-cheng; Yang, Jin-feng; Wang, Rui; Jia, Gui-min

2018-01-01

A robust digital watermarking algorithm is proposed based on quaternion wavelet transform (QWT) and discrete cosine transform (DCT) for copyright protection of color images. The luminance component Y of a host color image in YIQ space is decomposed by QWT, and then the coefficients of four low-frequency subbands are transformed by DCT. An original binary watermark scrambled by Arnold map and iterated sine chaotic system is embedded into the mid-frequency DCT coefficients of the subbands. In order to improve the performance of the proposed algorithm against rotation attacks, a rotation detection scheme is implemented before watermark extracting. The experimental results demonstrate that the proposed watermarking scheme shows strong robustness not only against common image processing attacks but also against arbitrary rotation attacks.

Development and Validation of a Model to Predict Absolute Vascular Risk Reduction by Moderate-Intensity Statin Therapy in Individual Patients With Type 2 Diabetes Mellitus: The Anglo Scandinavian Cardiac Outcomes Trial, Antihypertensive and Lipid-Lowering Treatment to Prevent Heart Attack Trial, and Collaborative Atorvastatin Diabetes Study.

Science.gov (United States)

Kaasenbrood, Lotte; Poulter, Neil R; Sever, Peter S; Colhoun, Helen M; Livingstone, Shona J; Boekholdt, S Matthijs; Pressel, Sara L; Davis, Barry R; van der Graaf, Yolanda; Visseren, Frank L J

2016-05-01

In this study, we aimed to translate the average relative effect of statin therapy from trial data to the individual patient with type 2 diabetes mellitus by developing and validating a model to predict individualized absolute risk reductions (ARR) of cardiovascular events. Data of 2725 patients with type 2 diabetes mellitus from the Lipid Lowering Arm of the Anglo Scandinavian Cardiac Outcomes Trial (ASCOT-LLA) study (atorvastatin 10 mg versus placebo) were used for model derivation. The model was based on 8 clinical predictors including treatment allocation (statin/placebo). Ten-year individualized ARR on major cardiovascular events by statin therapy were calculated for each patient by subtracting the estimated on-treatment risk from the estimated off-treatment risk. Predicted 10-year ARR by statin therapy was 4% (median ARR, 3.2%; interquartile range, 2.5%-4.3%; 95% confidence interval for 3.2% ARR, -1.4% to 6.8%). Addition of treatment interactions did not improve model performance. Therefore, the wide distribution in ARR was a consequence of the underlying distribution in cardiovascular risk enrolled in these trials. External validation of the model was performed in data from the Antihypertensive and Lipid-Lowering Treatment to Prevent Heart Attack Trial (ALLHAT-LLT; pravastatin 40 mg versus usual care) and Collaborative Atorvastatin Diabetes Study (CARDS; atorvastatin 10 mg versus placebo) of 3878 and 2838 patients with type 2 diabetes mellitus, respectively. Model calibration was adequate in both external data sets, discrimination was moderate (ALLHAT-LLT: c-statistics, 0.64 [95% confidence interval, 0.61-0.67] and CARDS: 0.68 [95% confidence interval, 0.64-0.72]). ARRs of major cardiovascular events by statin therapy can be accurately estimated for individual patients with type 2 diabetes mellitus using a model based on routinely available patient characteristics. There is a wide distribution in ARR that may complement informed decision making. URL: http

Apixaban compared with warfarin in patients with atrial fibrillation and previous stroke or transient ischaemic attack

DEFF Research Database (Denmark)

Easton, J Donald; Lopes, Renato D; Bahit, M Cecilia

2012-01-01

In the ARISTOTLE trial, the rate of stroke or systemic embolism was reduced by apixaban compared with warfarin in patients with atrial fibrillation (AF). Patients with AF and previous stroke or transient ischaemic attack (TIA) have a high risk of stroke. We therefore aimed to assess the efficacy ...

Performance Analysis with Network-Enhanced Complexities: On Fading Measurements, Event-Triggered Mechanisms, and Cyber Attacks

Directory of Open Access Journals (Sweden)

Derui Ding

2014-01-01

Full Text Available Nowadays, the real-world systems are usually subject to various complexities such as parameter uncertainties, time-delays, and nonlinear disturbances. For networked systems, especially large-scale systems such as multiagent systems and systems over sensor networks, the complexities are inevitably enhanced in terms of their degrees or intensities because of the usage of the communication networks. Therefore, it would be interesting to (1 examine how this kind of network-enhanced complexities affects the control or filtering performance; and (2 develop some suitable approaches for controller/filter design problems. In this paper, we aim to survey some recent advances on the performance analysis and synthesis with three sorts of fashionable network-enhanced complexities, namely, fading measurements, event-triggered mechanisms, and attack behaviors of adversaries. First, these three kinds of complexities are introduced in detail according to their engineering backgrounds, dynamical characteristic, and modelling techniques. Then, the developments of the performance analysis and synthesis issues for various networked systems are systematically reviewed. Furthermore, some challenges are illustrated by using a thorough literature review and some possible future research directions are highlighted.

Anger attacks in obsessive compulsive disorder

Directory of Open Access Journals (Sweden)

Nitesh Prakash Painuly

2011-01-01

Full Text Available Background: Research on anger attacks has been mostly limited to depression, and only a few studies have focused on anger attacks in obsessive compulsive disorder. Materials and Methods: In a cross-sectional study all new obsessive compulsive disorder patients aged 20-60 years attending an outpatient clinic were assessed using the anger attack questionnaire, irritability, depression and anxiety scale (for the direction of the aggressive behavior and quality of life (QOL. Results: The sample consisted of 42 consecutive subjects with obsessive compulsive disorder, out of which 21 (50% had anger attacks. The obsessive compulsive disorder subjects with and without anger attacks did not show significant differences in terms of sociodemographic variables, duration of illness, treatment, and family history. However, subjects with anger attacks had significantly higher prevalence of panic attacks and comorbid depression. Significantly more subjects with anger attacks exhibited aggressive acts toward spouse, parents, children, and other relatives in the form of yelling and threatening to hurt, trying to hurt, and threatening to leave. However, the two groups did not differ significantly in terms of QOL, except for the psychological domain being worse in the subjects with anger attacks. Conclusion: Anger attacks are present in half of the patients with obsessive compulsive disorder, and they correlate with the presence of comorbid depression.

Real-time DDoS attack detection for Cisco IOS using NetFlow

NARCIS (Netherlands)

van der Steeg, Daniël; Hofstede, R.J.; Sperotto, Anna; Pras, Aiko

Flow-based DDoS attack detection is typically performed by analysis applications that are installed on or close to a flow collector. Although this approach allows for easy deployment, it makes detection far from real-time and susceptible to DDoS attacks for the following reasons. First, the fact

Effect of B vitamins and lowering homocysteine on cognitive impairment in patients with previous stroke or transient ischemic attack: a prespecified secondary analysis of a randomized, placebo-controlled trial and meta-analysis.

Science.gov (United States)

Hankey, Graeme J; Ford, Andrew H; Yi, Qilong; Eikelboom, John W; Lees, Kennedy R; Chen, Christopher; Xavier, Denis; Navarro, Jose C; Ranawaka, Udaya K; Uddin, Wasim; Ricci, Stefano; Gommans, John; Schmidt, Reinhold; Almeida, Osvaldo P; van Bockxmeer, Frank M

2013-08-01

High plasma total homocysteine (tHcy) has been associated with cognitive impairment but lowering tHcy with B-vitamins has produced equivocal results. We aimed to determine whether B-vitamin supplementation would reduce tHcy and the incidence of new cognitive impairment among individuals with stroke or transient ischemic attack≥6 months previously. A total of 8164 patients with stroke or transient ischemic attack were randomly allocated to double-blind treatment with one tablet daily of B-vitamins (folic acid, 2 mg; vitamin B6, 25 mg; vitamin B12, 500 μg) or placebo and followed up for 3.4 years (median) in the VITAmins TO Prevent Stroke (VITATOPS) trial. For this prespecified secondary analysis of VITATOPS, the primary outcome was a new diagnosis of cognitive impairment, defined as a Mini-Mental State Examination (MMSE) score6 months after the qualifying stroke; 2608 participants were cognitively unimpaired (MMSE≥24), of whom 2214 participants (1110 B-vitamins versus 1104 placebo) had follow-up MMSEs during 2.8 years (median). At final follow-up, allocation to B-vitamins, compared with placebo, was associated with a reduction in mean tHcy (10.2 μmol/L versus 14.2 μmol/L; Pvitamin B6, and vitamin B12 to a self-selected clinical trial cohort of cognitively unimpaired patients with previous stroke or transient ischemic attack lowered mean tHcy but had no effect on the incidence of cognitive impairment or cognitive decline, as measured by the MMSE, during a median of 2.8 years. URL: http://www.controlled-trials.com. Unique identifier: ISRCTN74743444; URL: http://www.clinicaltrials.gov. Unique identifier: NCT00097669.

Hereditary angioedema attacks resolve faster and are shorter after early icatibant treatment.

Directory of Open Access Journals (Sweden)

Marcus Maurer

Full Text Available BACKGROUND: Attacks of hereditary angioedema (HAE are unpredictable and, if affecting the upper airway, can be lethal. Icatibant is used for physician- or patient self-administered symptomatic treatment of HAE attacks in adults. Its mode of action includes disruption of the bradykinin pathway via blockade of the bradykinin B(2 receptor. Early treatment is believed to shorten attack duration and prevent severe outcomes; however, evidence to support these benefits is lacking. OBJECTIVE: To examine the impact of timing of icatibant administration on the duration and resolution of HAE type I and II attacks. METHODS: The Icatibant Outcome Survey is an international, prospective, observational study for patients treated with icatibant. Data on timings and outcomes of icatibant treatment for HAE attacks were collected between July 2009-February 2012. A mixed-model of repeated measures was performed for 426 attacks in 136 HAE type I and II patients. RESULTS: Attack duration was significantly shorter in patients treated <1 hour of attack onset compared with those treated ≥ 1 hour (6.1 hours versus 16.8 hours [p<0.001]. Similar significant effects were observed for <2 hours versus ≥ 2 hours (7.2 hours versus 20.2 hours [p<0.001] and <5 hours versus ≥ 5 hours (8.0 hours versus 23.5 hours [p<0.001]. Treatment within 1 hour of attack onset also significantly reduced time to attack resolution (5.8 hours versus 8.8 hours [p<0.05]. Self-administrators were more likely to treat early and experience shorter attacks than those treated by a healthcare professional. CONCLUSION: Early blockade of the bradykinin B(2 receptor with icatibant, particularly within the first hour of attack onset, significantly reduced attack duration and time to attack resolution.

Individual vs. overarching protection for minimizing the expected damage caused by an attack

International Nuclear Information System (INIS)

Levitin, Gregory; Hausken, Kjell; Dai, Yuanshun

2013-01-01

The article considers a system consisting of identical elements which can be protected and attacked individually and collectively. The system is aimed at supplying a demand. If, following the attack, the cumulative performance of the elements becomes less than the demand the damage proportional to the unsupplied demand is inflicted. Additional damage is associated with the destruction of the equipment. To destroy any system element the attacker always must penetrate/destroy the collective (overarching) protection. Both the attacker and the defender have limited resources and can distribute them freely between the two types of attack and protection. The attacker chooses the resource distribution and the number of attacked elements to maximize the expected damage associated with equipment losses and unsupplied demand. The defender chooses the resource distribution and the number of protected elements to minimize the system destruction probability. The bi-contest minmax game is formulated and its solutions are presented and analyzed. The influence of the game parameters on the optimal defense and attack strategies is discussed

Seven Deadliest Social Network Attacks

CERN Document Server

Timm, Carl

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting social networks? Then you need Seven Deadliest Social Network Attacks. This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: Social Networking Infrastruct

Pericarditis - after heart attack

Science.gov (United States)

... include: A previous heart attack Open heart surgery Chest trauma A heart attack that has affected the thickness of your heart muscle Symptoms Symptoms include: Anxiety Chest pain from the swollen pericardium rubbing on the ...

WILD PIG ATTACKS ON HUMANS

Energy Technology Data Exchange (ETDEWEB)

Mayer, J.

2013-04-12

Attacks on humans by wild pigs (Sus scrofa) have been documented since ancient times. However, studies characterizing these incidents are lacking. In an effort to better understand this phenomenon, information was collected from 412 wild pig attacks on humans. Similar to studies of large predator attacks on humans, data came from a variety of sources. The various attacks compiled occurred in seven zoogeographic realms. Most attacks occurred within the species native range, and specifically in rural areas. The occurrence was highest during the winter months and daylight hours. Most happened under non-hunting circumstances and appeared to be unprovoked. Wounded animals were the chief cause of these attacks in hunting situations. The animals involved were typically solitary, male and large in size. The fate of the wild pigs involved in these attacks varied depending upon the circumstances, however, most escaped uninjured. Most human victims were adult males traveling on foot and alone. The most frequent outcome for these victims was physical contact/mauling. The severity of resulting injuries ranged from minor to fatal. Most of the mauled victims had injuries to only one part of their bodies, with legs/feet being the most frequent body part injured. Injuries were primarily in the form of lacerations and punctures. Fatalities were typically due to blood loss. In some cases, serious infections or toxemia resulted from the injuries. Other species (i.e., pets and livestock) were also accompanying some of the humans during these attacks. The fates of these animals varied from escaping uninjured to being killed. Frequency data on both non-hunting and hunting incidents of wild pig attacks on humans at the Savannah River Site, South Carolina, showed quantitatively that such incidents are rare.

Cache timing attacks on recent microarchitectures

DEFF Research Database (Denmark)

Andreou, Alexandres; Bogdanov, Andrey; Tischhauser, Elmar Wolfgang

2017-01-01

Cache timing attacks have been known for a long time, however since the rise of cloud computing and shared hardware resources, such attacks found new potentially devastating applications. One prominent example is S$A (presented by Irazoqui et al at S&P 2015) which is a cache timing attack against...... AES or similar algorithms in virtualized environments. This paper applies variants of this cache timing attack to Intel's latest generation of microprocessors. It enables a spy-process to recover cryptographic keys, interacting with the victim processes only over TCP. The threat model is a logically...... separated but CPU co-located attacker with root privileges. We report successful and practically verified applications of this attack against a wide range of microarchitectures, from a two-core Nehalem processor (i5-650) to two-core Haswell (i7-4600M) and four-core Skylake processors (i7-6700). The attack...

Develop a solution for protecting and securing enterprise networks from malicious attacks

Science.gov (United States)

Kamuru, Harshitha; Nijim, Mais

2014-05-01

as they are configured on a per-zone basis. Depending on the type of screen being configured, there may be additional settings beyond simply blocking the traffic. Attack prevention is also a native function of any firewall. Juniper Firewall handles traffic on a per-flow basis. We can use flows or sessions as a way to determine whether traffic attempting to traverse the firewall is legitimate. We control the state-checking components resident in Juniper Firewall by configuring "flow" settings. These settings allow you to configure state checking for various conditions on the device. You can use flow settings to protect against TCP hijacking, and to generally ensure that the fire-wall is performing full state processing when desired. We take a case study of attack on a network and perform study of the detection of the malicious packets on a Net screen Firewall. A new solution for securing enterprise networks will be developed here.

Incidence and impact of dog attacks on guide dogs in the UK.

Science.gov (United States)

Brooks, A; Moxon, R; England, G C W

2010-06-19

In a retrospective survey, researchers identified 100 incidents of attacks on guide dogs by other dogs. These were reviewed in order to determine the number, severity and impact on the handler and dog, and the characteristics of the aggressors and victims. During the study period there were more than three attacks reported each month, with 61 per cent of the attacks being upon dogs that were in harness and working with an owner or trainer. The majority of the dogs that were attacked were male (62 per cent), and the breeds that were over-represented (relative to their prevalence in the general guide dog population) were the labrador and the golden retriever x flat-coated retriever crossbreed. Most of the attacks occurred in public places between 09.00 and 15.00 and the majority (61 per cent) of the attacking dogs were off the lead at the time of the attack. Thirty-eight per cent of the attacking dogs were of bull breeds, which were over-represented among attackers compared with the proportion of this breed type in the general dog population. Veterinary attention was sought after 41 per cent of the attacks, and in 19 per cent of instances there was injury to the handler or to a member of the public. The attacks were reported to have affected the working performance and behaviour of the victim dog in 45 per cent of the instances, and two dogs had to be subsequently withdrawn from working as guide dogs.

Hypergraph Representations: A Study of Carib Attacks on Colonial Forces, 1509-1700

Directory of Open Access Journals (Sweden)

Termeh Shafie

2017-10-01

Full Text Available Network data consisting of recorded historical events can be represented as hyper-graphs where the ties or events can connect any number of nodes or event related attributes. In this paper, we perform a centrality analysis of a directed hypergraph representing attacks by indigenous peoples from the Lesser Antilles on European colonial settlements, 1509–1700. The results of central attacks with respect to at- tacked colonial force, member of attack alliances, and year and location of attack are discussed and compared to a non-relational exploratory analysis of the data. This comparison points to the importance of a mixed methods approach to enhance the analysis and to obtain a complementary understanding of a network study.

TAWS: TABLE ASSISTED WALK STRATEGY IN CLONE ATTACK DETECTION

Directory of Open Access Journals (Sweden)

J Sybi Cynthia

2016-12-01

Full Text Available Wireless Sensor Networks (WSNs deployed in the destructive atmosphere are susceptible to clone attacks. Clone attack in wireless sensor network is a complicated problem because it deployed in hostile environments, and also the nodes could be physically compromised by an adversary. For valuable clone attack detection, the selection criteria play an important role in the proposed work. In this paper, it has been classified the existing detection schemes regarding device type, detection methodologies, deployment strategies and detection ranges and far explore various proposals in deployment based selection criteria category. And also this paper provides a review of detection methodology based on various clone attack detection techniques. It is also widely agreed that clones should be detected quickly as possible with the best optional. Our work is exploratory in that the proposed algorithm concern with table assisted random walk with horizontal and vertical line, frequent level key change and revokes the duplicate node. Our simulation results show that it is more efficient than the detection criteria in terms of security feature, and in detection rate with high resiliency. Specifically, it concentrates on deployment strategy which includes grid based deployment technique. These all come under the selection criteria for better security performance. Our protocol analytically provides effective and clone attack detection capability of robustness.

A Strategic Analysis of Information Sharing Among Cyber Attackers

Directory of Open Access Journals (Sweden)

Kjell Hausken

2015-10-01

Full Text Available We build a game theory model where the market design is such that one firm invests in security to defend against cyber attacks by two hackers. The firm has an asset, which is allocated between the three market participants dependent on their contest success. Each hacker chooses an optimal attack, and they share information with each other about the firm’s vulnerabilities. Each hacker prefers to receive information, but delivering information gives competitive advantage to the other hacker. We find that each hacker’s attack and information sharing are strategic complements while one hacker’s attack and the other hacker’s information sharing are strategic substitutes. As the firm’s unit defense cost increases, the attack is inverse U-shaped and reaches zero, while the firm’s defense and profit decrease, and the hackers’ information sharing and profit increase. The firm’s profit increases in the hackers’ unit cost of attack, while the hackers’ information sharing and profit decrease. Our analysis also reveals the interesting result that the cumulative attack level of the hackers is not affected by the effectiveness of information sharing between them and moreover, is also unaffected by the intensity of joint information sharing. We also find that as the effectiveness of information sharing between hackers increases relative to the investment in attack, the firm’s investment in cyber security defense and profit are constant, the hackers’ investments in attacks decrease, and information sharing levels and hacker profits increase. In contrast, as the intensity of joint information sharing increases, while the firm’s investment in cyber security defense and profit remain constant, the hackers’ investments in attacks increase, and the hackers’ information sharing levels and profits decrease. Increasing the firm’s asset causes all the variables to increase linearly, except information sharing which is constant. We extend

Quantifying and visualizing site performance in clinical trials

OpenAIRE

Eric Yang; Christopher O'Donovan; JodiLyn Phillips; Leone Atkinson; Krishnendu Ghosh; Dimitris K. Agrafiotis

2018-01-01

Background: One of the keys to running a successful clinical trial is the selection of high quality clinical sites, i.e., sites that are able to enroll patients quickly, engage them on an ongoing basis to prevent drop-out, and execute the trial in strict accordance to the clinical protocol. Intuitively, the historical track record of a site is one of the strongest predictors of its future performance; however, issues such as data availability and wide differences in protocol complexity can co...

The Cyber-Physical Attacker

DEFF Research Database (Denmark)

Vigo, Roberto

2012-01-01

The world of Cyber-Physical Systems ranges from industrial to national interest applications. Even though these systems are pervading our everyday life, we are still far from fully understanding their security properties. Devising a suitable attacker model is a crucial element when studying...... the security properties of CPSs, as a system cannot be secured without defining the threats it is subject to. In this work an attacker scenario is presented which addresses the peculiarities of a cyber-physical adversary, and we discuss how this scenario relates to other attacker models popular in the security...

Device independent quantum key distribution secure against coherent attacks with memoryless measurement devices

International Nuclear Information System (INIS)

McKague, Matthew

2009-01-01

Device independent quantum key distribution (QKD) aims to provide a higher degree of security than traditional QKD schemes by reducing the number of assumptions that need to be made about the physical devices used. The previous proof of security by Pironio et al (2009 New J. Phys. 11 045021) applies only to collective attacks where the state is identical and independent and the measurement devices operate identically for each trial in the protocol. We extend this result to a more general class of attacks where the state is arbitrary and the measurement devices have no memory. We accomplish this by a reduction of arbitrary adversary strategies to qubit strategies and a proof of security for qubit strategies based on the previous proof by Pironio et al and techniques adapted from Renner.

Forensics Investigation of Web Application Security Attacks

OpenAIRE

Amor Lazzez; Thabet Slimani

2015-01-01

Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the sec...

Mitigating Drive-By Download Attacks: Challenges and Open Problems

Science.gov (United States)

Egele, Manuel; Kirda, Engin; Kruegel, Christopher

Malicious web sites perform drive-by download attacks to infect their visitors with malware. Current protection approaches rely on black- or white-listing techniques that are difficult to keep up-to-date. As todays drive-by attacks already employ encryption to evade network level detection we propose a series of techniques that can be implemented in web browsers to protect the user from such threats. In addition, we discuss challenges and open problems that these mechanisms face in order to be effective and efficient.

Vulnerabilities in GSM technology and feasibility of selected attacks

Science.gov (United States)

Voznak, M.; Prokes, M.; Sevcik, L.; Frnda, J.; Toral-Cruz, Homer; Jakovlev, Sergej; Fazio, Peppino; Mehic, M.; Mikulec, M.

2015-05-01

Global System for Mobile communication (GSM) is the most widespread technology for mobile communications in the world and serving over 7 billion users. Since first publication of system documentation there has been notified a potential safety problem's occurrence. Selected types of attacks, based on the analysis of the technical feasibility and the degree of risk of these weaknesses, were implemented and demonstrated in laboratory of the VSB-Technical University of Ostrava, Czech Republic. These vulnerabilities were analyzed and afterwards possible attacks were described. These attacks were implemented using open-source tools, software programmable radio USRP (Universal Software RadioPeripheral) and DVB-T (Digital Video Broadcasting - Terrestrial) receiver. GSM security architecture is being scrutinized since first public releases of its specification mainly pointing out weaknesses in authentication and ciphering mechanisms. This contribution also summarizes practically proofed and used scenarios that are performed using opensource software tools and variety of scripts mostly written in Python. Main goal of this paper is in analyzing security issues in GSM network and practical demonstration of selected attacks.

Asynchronous Channel-Hopping Scheme under Jamming Attacks

Directory of Open Access Journals (Sweden)

Yongchul Kim

2018-01-01

Full Text Available Cognitive radio networks (CRNs are considered an attractive technology to mitigate inefficiency in the usage of licensed spectrum. CRNs allow the secondary users (SUs to access the unused licensed spectrum and use a blind rendezvous process to establish communication links between SUs. In particular, quorum-based channel-hopping (CH schemes have been studied recently to provide guaranteed blind rendezvous in decentralized CRNs without using global time synchronization. However, these schemes remain vulnerable to jamming attacks. In this paper, we first analyze the limitations of quorum-based rendezvous schemes called asynchronous channel hopping (ACH. Then, we introduce a novel sequence sensing jamming attack (SSJA model in which a sophisticated jammer can dramatically reduce the rendezvous success rates of ACH schemes. In addition, we propose a fast and robust asynchronous rendezvous scheme (FRARS that can significantly enhance robustness under jamming attacks. Our numerical results demonstrate that the performance of the proposed scheme vastly outperforms the ACH scheme when there are security concerns about a sequence sensing jammer.

A Bernoulli Gaussian Watermark for Detecting Integrity Attacks in Control Systems

Energy Technology Data Exchange (ETDEWEB)

Weerakkody, Sean [Carnegie Mellon Univ., Pittsburgh, PA (United States); Ozel, Omur [Carnegie Mellon Univ., Pittsburgh, PA (United States); Sinopoli, Bruno [Carnegie Mellon Univ., Pittsburgh, PA (United States)

2017-11-02

We examine the merit of Bernoulli packet drops in actively detecting integrity attacks on control systems. The aim is to detect an adversary who delivers fake sensor measurements to a system operator in order to conceal their effect on the plant. Physical watermarks, or noisy additive Gaussian inputs, have been previously used to detect several classes of integrity attacks in control systems. In this paper, we consider the analysis and design of Gaussian physical watermarks in the presence of packet drops at the control input. On one hand, this enables analysis in a more general network setting. On the other hand, we observe that in certain cases, Bernoulli packet drops can improve detection performance relative to a purely Gaussian watermark. This motivates the joint design of a Bernoulli-Gaussian watermark which incorporates both an additive Gaussian input and a Bernoulli drop process. We characterize the effect of such a watermark on system performance as well as attack detectability in two separate design scenarios. Here, we consider a correlation detector for attack recognition. We then propose efficiently solvable optimization problems to intelligently select parameters of the Gaussian input and the Bernoulli drop process while addressing security and performance trade-offs. Finally, we provide numerical results which illustrate that a watermark with packet drops can indeed outperform a Gaussian watermark.

Detection of attack-targeted scans from the Apache HTTP Server access logs

Directory of Open Access Journals (Sweden)

Merve Baş Seyyar

2018-01-01

Full Text Available A web application could be visited for different purposes. It is possible for a web site to be visited by a regular user as a normal (natural visit, to be viewed by crawlers, bots, spiders, etc. for indexing purposes, lastly to be exploratory scanned by malicious users prior to an attack. An attack targeted web scan can be viewed as a phase of a potential attack and can lead to more attack detection as compared to traditional detection methods. In this work, we propose a method to detect attack-oriented scans and to distinguish them from other types of visits. In this context, we use access log files of Apache (or ISS web servers and try to determine attack situations through examination of the past data. In addition to web scan detections, we insert a rule set to detect SQL Injection and XSS attacks. Our approach has been applied on sample data sets and results have been analyzed in terms of performance measures to compare our method and other commonly used detection techniques. Furthermore, various tests have been made on log samples from real systems. Lastly, several suggestions about further development have been also discussed.

Predicting Factors of Zone 4 Attack in Volleyball.

Science.gov (United States)

Costa, Gustavo C; Castro, Henrique O; Evangelista, Breno F; Malheiros, Laura M; Greco, Pablo J; Ugrinowitsch, Herbert

2017-06-01

This study examined 142 volleyball games of the Men's Super League 2014/2015 seasons in Brazil from which we analyzed 24-26 games of each participating team, identifying 5,267 Zone 4 attacks for further analysis. Within these Zone 4 attacks, we analyzed the association between the effect of the attack carried out and the separate effects of serve reception, tempo and type of attack. We found that the reception, tempo of attack, second tempo of attack, and power of diagonal attack were predictors of the attack effect in Zone 4. Moreover, placed attacks showed a tendency to not yield a score. In conclusion, winning points in high-level men's volleyball requires excellent receptions, a fast attack tempo and powerfully executed of attacks.

Practical security and privacy attacks against biometric hashing using sparse recovery

Science.gov (United States)

Topcu, Berkay; Karabat, Cagatay; Azadmanesh, Matin; Erdogan, Hakan

2016-12-01

Biometric hashing is a cancelable biometric verification method that has received research interest recently. This method can be considered as a two-factor authentication method which combines a personal password (or secret key) with a biometric to obtain a secure binary template which is used for authentication. We present novel practical security and privacy attacks against biometric hashing when the attacker is assumed to know the user's password in order to quantify the additional protection due to biometrics when the password is compromised. We present four methods that can reconstruct a biometric feature and/or the image from a hash and one method which can find the closest biometric data (i.e., face image) from a database. Two of the reconstruction methods are based on 1-bit compressed sensing signal reconstruction for which the data acquisition scenario is very similar to biometric hashing. Previous literature introduced simple attack methods, but we show that we can achieve higher level of security threats using compressed sensing recovery techniques. In addition, we present privacy attacks which reconstruct a biometric image which resembles the original image. We quantify the performance of the attacks using detection error tradeoff curves and equal error rates under advanced attack scenarios. We show that conventional biometric hashing methods suffer from high security and privacy leaks under practical attacks, and we believe more advanced hash generation methods are necessary to avoid these attacks.

Smoking Cessation Intervention After Ischemic Stroke or Transient Ischemic Attack. A Randomized Controlled Pilot Trial

DEFF Research Database (Denmark)

Brunner Frandsen, Nicole; Sørensen, Margit; Hyldahl, Tanja Kirstine

2012-01-01

BACKGROUND: Smoking cessation is widely recommended for secondary stroke prevention. However, little is known about the efficacy of smoking cessation intervention after stroke or transient ischemic attack (TIA). METHODS: Ninety-four smokers under age 76, admitted with ischemic stroke or TIA were ...

Managing burn victims of suicide bombing attacks: outcomes, lessons learnt, and changes made from three attacks in Indonesia.

Science.gov (United States)

Chim, Harvey; Yew, Woon Si; Song, Colin

2007-01-01

Terror attacks in Southeast Asia were almost nonexistent until the 2002 Bali bomb blast, considered the deadliest attack in Indonesian history. Further attacks in 2003 (Jakarta), 2004 (Jakarta), and 2005 (Bali) have turned terrorist attacks into an ever-present reality. The authors reviewed medical charts of victims evacuated to the Singapore General Hospital (SGH) Burns Centre during three suicide attacks involving Bali (2002 and 2005) and the Jakarta Marriott hotel (2003). Problems faced, lessons learnt, and costs incurred are discussed. A burns disaster plan drawing on lessons learnt from these attacks is presented. Thirty-one patients were treated at the SGH Burns Centre in three attacks (2002 Bali attack [n = 15], 2003 Jakarta attack [n = 14], and 2005 Bali attack [n = 2]). For the 2002 Bali attack, median age was 29 years (range 20 to 50 years), median percentage of total burn surface area (TBSA) was 29% (range 5% to 55%), and median abbreviated burn severity index (ABSI) was 6 (range 3 to 10). Eight of 15 patients were admitted to the intensive care unit. For the 2003 Jakarta attack, median age was 35 years (range 24 to 56 years), median percentage of TBSA was 10% (range 2% to 46%), and median ABSI was 4 (range 3 to 9). A large number of patients had other injuries. Problems faced included manpower issues, lack of bed space, shortage of blood products, and lack of cadaver skin. The changing nature of terror attacks mandates continued vigilance and disaster preparedness. The multidimensional burns patient, complicated by other injuries, is likely to become increasingly common. A burns disaster plan with emphasis on effective command, control, and communication as well as organisation of health care personnel following a 'team concept' will do much to ensure that the sudden onset of a crisis situation at an unexpected time does not overwhelm hospital manpower and resources.

Overview of DOS attacks on wireless sensor networks and experimental results for simulation of interference attacks

Directory of Open Access Journals (Sweden)

Željko Gavrić

2018-01-01

Full Text Available Wireless sensor networks are now used in various fields. The information transmitted in the wireless sensor networks is very sensitive, so the security issue is very important. DOS (denial of service attacks are a fundamental threat to the functioning of wireless sensor networks. This paper describes some of the most common DOS attacks and potential methods of protection against them. The case study shows one of the most frequent attacks on wireless sensor networks – the interference attack. In the introduction of this paper authors assume that the attack interference can cause significant obstruction of wireless sensor networks. This assumption has been proved in the case study through simulation scenario and simulation results.

Nitrates for stable angina: a systematic review and meta-analysis of randomized clinical trials.

Science.gov (United States)

Wei, Jiafu; Wu, Taixiang; Yang, Qing; Chen, Mao; Ni, Juan; Huang, Dejia

2011-01-07

To assess the effect (harms and benefits) of nitrates for stable angina. We searched the Cochrane Central Register of Controlled Trials (CENTRAL), MEDLINE and EMBASE. Randomized controlled trials with both parallel and crossover design were included. The following outcome measures were evaluated: number of angina attacks weekly and nitroglycerin consumption, quality of life, total exercise duration, time to onset of angina and time to 1 mm ST depression. Fifty-one trials with 3595 patients meeting inclusion criteria were analyzed. Both intermittent and continuous regimens of nitrates lengthened exercise duration significantly by 31 and 53 s respectively. The number of angina attacks was significantly reduced by 2.89 episodes weekly for continuous administration and 1.5 episodes weekly for intermittent administration. With intermittent administration, increased dose provided with 21 s more length of exercise duration. With continuous administration, exercise duration was pronged more in low-dose group. Quality of life was not improved by continuous application of GTN patches and was similar between continuous and intermittent groups. In addition, 51.6% patients receiving nitrates complained with headache. Long-term administration of nitrates was beneficial for angina prophylaxis and improved exercise performance but might be ineffective for improving quality of life. With continuous regimen, low-dose nitrates were more effective than high-dose ones for improving exercise performance. By contrast, with intermittent regimen, high-dose nitrates were more effective. In addition, intermittent administration could bring zero-hour effect. Copyright © 2010 Elsevier Ireland Ltd. All rights reserved.

Securing internet by eliminating DDOS attacks

Science.gov (United States)

Niranchana, R.; Gayathri Devi, N.; Santhi, H.; Gayathri, P.

2017-11-01

The major threat caused to the authorised usage of Internet is Distributed Denial of Service attack. The mechanisms used to prevent the DDoS attacks are said to overcome the attack’s ability in spoofing the IP packets source addresses. By utilising Internet Protocol spoofing, the attackers cause a consequential load over the networks destination for policing attack packets. To overcome the IP Spoofing level on the Internet, We propose an Inter domain Packet Filter (IPF) architecture. The proposed scheme is not based on global routing information. The packets with reliable source addresses are not rejected, the IPF frame work works in such a manner. The spoofing capability of attackers is confined by IPF, and also the filter identifies the source of an attack packet by minimal number of candidate network.

Plants under dual attack

NARCIS (Netherlands)

Ponzio, C.A.M.

2016-01-01

Though immobile, plants are members of complex environments, and are under constant threat from a wide range of attackers, which includes organisms such as insect herbivores or plant pathogens. Plants have developed sophisticated defenses against these attackers, and include chemical responses

On resilience studies of system detection and recovery techniques against stealthy insider attacks

Science.gov (United States)

Wei, Sixiao; Zhang, Hanlin; Chen, Genshe; Shen, Dan; Yu, Wei; Pham, Khanh D.; Blasch, Erik P.; Cruz, Jose B.

2016-05-01

With the explosive growth of network technologies, insider attacks have become a major concern to business operations that largely rely on computer networks. To better detect insider attacks that marginally manipulate network traffic over time, and to recover the system from attacks, in this paper we implement a temporal-based detection scheme using the sequential hypothesis testing technique. Two hypothetical states are considered: the null hypothesis that the collected information is from benign historical traffic and the alternative hypothesis that the network is under attack. The objective of such a detection scheme is to recognize the change within the shortest time by comparing the two defined hypotheses. In addition, once the attack is detected, a server migration-based system recovery scheme can be triggered to recover the system to the state prior to the attack. To understand mitigation of insider attacks, a multi-functional web display of the detection analysis was developed for real-time analytic. Experiments using real-world traffic traces evaluate the effectiveness of Detection System and Recovery (DeSyAR) scheme. The evaluation data validates the detection scheme based on sequential hypothesis testing and the server migration-based system recovery scheme can perform well in effectively detecting insider attacks and recovering the system under attack.

New attacks on Wi-Fi Protected Setup

OpenAIRE

Hamed Mohtadi; Alireza Rahimi

2015-01-01

Wi-Fi Protected Setup (WPS) is a network security standard that is used to secure networks in home and office, introduced in 2006 by the Wi-Fi Alliance. It provides easier configuration setup and is used in almost all recent Wi-Fi devices. In this paper we propose two attacks on this standard. The first attack is an offline brute force attack that uses imbalance on registration protocol. This attack needs user action, but it is more efficient than previous attacks. The second attack uses weak...

A Game Theoretic Approach to Cyber Attack Prediction

Energy Technology Data Exchange (ETDEWEB)

Peng Liu

2005-11-28

The area investigated by this project is cyber attack prediction. With a focus on correlation-based prediction, current attack prediction methodologies overlook the strategic nature of cyber attack-defense scenarios. As a result, current cyber attack prediction methodologies are very limited in predicting strategic behaviors of attackers in enforcing nontrivial cyber attacks such as DDoS attacks, and may result in low accuracy in correlation-based predictions. This project develops a game theoretic framework for cyber attack prediction, where an automatic game-theory-based attack prediction method is proposed. Being able to quantitatively predict the likelihood of (sequences of) attack actions, our attack prediction methodology can predict fine-grained strategic behaviors of attackers and may greatly improve the accuracy of correlation-based prediction. To our best knowledge, this project develops the first comprehensive framework for incentive-based modeling and inference of attack intent, objectives, and strategies; and this project develops the first method that can predict fine-grained strategic behaviors of attackers. The significance of this research and the benefit to the public can be demonstrated to certain extent by (a) the severe threat of cyber attacks to the critical infrastructures of the nation, including many infrastructures overseen by the Department of Energy, (b) the importance of cyber security to critical infrastructure protection, and (c) the importance of cyber attack prediction to achieving cyber security.

Protecting Mobile Crowd Sensing against Sybil Attacks Using Cloud Based Trust Management System

Directory of Open Access Journals (Sweden)

Shih-Hao Chang

2016-01-01

Full Text Available Mobile crowd sensing (MCS arises as a new sensing paradigm, which leverages citizens for large-scale sensing by various mobile devices to efficiently collect and share local information. Unlike other MCS application challenges that consider user privacy and data trustworthiness, this study focuses on the network trustworthiness problem, namely, Sybil attacks in MCS network. The Sybil attack in computer security is a type of security attack, which illegally forges multiple identities in peer-to-peer networks, namely, Sybil identities. These Sybil identities will falsify multiple identities that negatively influence the effectiveness of sensing data in this MCS network or degrading entire network performance. To cope with this problem, a cloud based trust management scheme (CbTMS was proposed to detect Sybil attacks in the MCS network. The CbTMS was proffered for performing active and passive checking scheme, in addition to the mobile PCS trustworthiness management, and includes a decision tree algorithm, to verify the covered nodes in the MCS network. Simulation studies show that our CbTMS can efficiently detect the malicious Sybil nodes in the network and cause 6.87 Wh power reduction compared with other malicious Sybil node attack mode.

Finding Multi-step Attacks in Computer Networks using Heuristic Search and Mobile Ambients

NARCIS (Netherlands)

Nunes Leal Franqueira, V.

2009-01-01

An important aspect of IT security governance is the proactive and continuous identification of possible attacks in computer networks. This is complicated due to the complexity and size of networks, and due to the fact that usually network attacks are performed in several steps. This thesis proposes

A DDoS Attack Detection Method Based on Hybrid Heterogeneous Multiclassifier Ensemble Learning

Directory of Open Access Journals (Sweden)

Bin Jia

2017-01-01

Full Text Available The explosive growth of network traffic and its multitype on Internet have brought new and severe challenges to DDoS attack detection. To get the higher True Negative Rate (TNR, accuracy, and precision and to guarantee the robustness, stability, and universality of detection system, in this paper, we propose a DDoS attack detection method based on hybrid heterogeneous multiclassifier ensemble learning and design a heuristic detection algorithm based on Singular Value Decomposition (SVD to construct our detection system. Experimental results show that our detection method is excellent in TNR, accuracy, and precision. Therefore, our algorithm has good detective performance for DDoS attack. Through the comparisons with Random Forest, k-Nearest Neighbor (k-NN, and Bagging comprising the component classifiers when the three algorithms are used alone by SVD and by un-SVD, it is shown that our model is superior to the state-of-the-art attack detection techniques in system generalization ability, detection stability, and overall detection performance.

Real-Time Detection of Application-Layer DDoS Attack Using Time Series Analysis

Directory of Open Access Journals (Sweden)

Tongguang Ni

2013-01-01

Full Text Available Distributed denial of service (DDoS attacks are one of the major threats to the current Internet, and application-layer DDoS attacks utilizing legitimate HTTP requests to overwhelm victim resources are more undetectable. Consequently, neither intrusion detection systems (IDS nor victim server can detect malicious packets. In this paper, a novel approach to detect application-layer DDoS attack is proposed based on entropy of HTTP GET requests per source IP address (HRPI. By approximating the adaptive autoregressive (AAR model, the HRPI time series is transformed into a multidimensional vector series. Then, a trained support vector machine (SVM classifier is applied to identify the attacks. The experiments with several databases are performed and results show that this approach can detect application-layer DDoS attacks effectively.

Intrusion detection in cloud computing based attack patterns and risk assessment

Directory of Open Access Journals (Sweden)

Ben Charhi Youssef

2017-05-01

Full Text Available This paper is an extension of work originally presented in SYSCO CONF.We extend our previous work by presenting the initial results of the implementation of intrusion detection based on risk assessment on cloud computing. The idea focuses on a novel approach for detecting cyber-attacks on the cloud environment by analyzing attacks pattern using risk assessment methodologies. The aim of our solution is to combine evidences obtained from Intrusion Detection Systems (IDS deployed in a cloud with risk assessment related to each attack pattern. Our approach presents a new qualitative solution for analyzing each symptom, indicator and vulnerability analyzing impact and likelihood of distributed and multi-steps attacks directed to cloud environments. The implementation of this approach will reduce the number of false alerts and will improve the performance of the IDS.

Dysfunction of Right Heart in Attack Period of Bronchial Asthma in Children

Directory of Open Access Journals (Sweden)

V.А. Kondratiev

2015-11-01

Full Text Available There were performed Doppler echocardiography investigations of functional state of the right heart in 42 children aged 5–17 years old in attack period of bronchial asthma of moderate to severe degree. Changes of intra-cardiac hemodynamics of the right heart in children in attack period of bronchial asthma were characterized by disturbance of systolic and diastolic function of the right ventricle and right atrium. Combined systolic-diastolic variant of the right ventricle dysfunction was typical for attack period of bronchial asthma in children and developed in 95.5 % of cases. Elevation of pressure in pulmonary artery was typical and significantly more often occurred in severe asthma attack, herewith pulmonary hypertension of the second degree predominated.

Patrol Detection for Replica Attacks on Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Yang Shi

2011-02-01

Full Text Available Replica attack is a critical concern in the security of wireless sensor networks. We employ mobile nodes as patrollers to detect replicas distributed in different zones in a network, in which a basic patrol detection protocol and two detection algorithms for stationary and mobile modes are presented. Then we perform security analysis to discuss the defense strategies against the possible attacks on the proposed detection protocol. Moreover, we show the advantages of the proposed protocol by discussing and comparing the communication cost and detection probability with some existing methods.

Radiological attacks and accidents. Medical consequences

International Nuclear Information System (INIS)

Sakuta, Hidenari

2007-01-01

Probability of the occurrence of radiological attacks appears to be elevated after the terrorist attacks against the United States on September 11 in 2001. There are a lot of scenarios of radiological attack: simple radiological device, radiological disperse device (RDD or dirty bomb), attacks against nuclear reactor, improvised nuclear device, and nuclear weapons. Of these, RDD attack is the most probable scenario, because it can be easily made and can generate enormous psychological and economic damages. Radiological incidents are occurring to and fro in the world, including several cases of theft to nuclear facilities and unsuccessful terrorist attacks against them. Recently, a former Russian spy has allegedly been killed using polonium-210. In addition, serious radiological accidents have occurred in Chernobyl, Goiania, and Tokai-mura. Planning, preparation, education, and training exercise appear to be essential factors to cope with radiological attacks and accidents effectively without feeling much anxiety. Triage and psychological first aid are prerequisite to manage and provide effective medial care for mass casualties without inducing panic. (author)

Script-viruses Attacks on UNIX OS

Directory of Open Access Journals (Sweden)

D. M. Mikhaylov

2010-06-01

Full Text Available In this article attacks on UNIX OS are considered. Currently antivirus developers are concentrated on protecting systems from viruses that are most common and attack popular operating systems. If the system or its components are not often attacked then the antivirus products are not protecting these components as it is not profitable. The same situation is with script-viruses for UNIX OS as most experts consider that it is impossible for such viruses to get enough rights to attack. Nevertheless the main conclusion of this article is the fact that such viruses can be very powerful and can attack systems and get enough rights.

Management of acute attacks of hereditary angioedema: potential role of icatibant

Directory of Open Access Journals (Sweden)

Hilary J Longhurst

2010-09-01

Full Text Available Hilary J LonghurstDepartment of Immunology, Barts and The London NHS Trust, London, UKAbstract: Icatibant (Firazyr® is a novel subcutaneous treatment recently licensed in the European Union for acute hereditary angioedema. Hereditary angioedema, resulting from inherited partial C1 inhibitor deficiency, is a disabling condition characterized by intermittent episodes of bradykinin-mediated angioedema. Icatibant blocks bradykinin B2 receptors, attenutating the episode. Randomized double-blind, placebo-controlled trials of icatibant, showed significant superiority over oral tranexamic acid in 74 European patients and a trend to improvement in a similar US trial comparing icatibant with placebo in 55 patients. Outcomes for several endpoints did not reach significance in the US trial, perhaps because of low participant numbers and confounding factors: a further trial is planned. Open label studies have shown benefit in multiple treatments for attacks at all sites. Approximately 10% of patients require a second dose for re-emergent symptoms, usually 10 to 27 hours after the initial treatment. Its subcutaneous route of administration, good tolerability and novel mode of action make icatibant a promising addition to the limited repertoire of treatments for hereditary angioedema.Keywords: hereditary angioedema, bradykinin, icatibant, C1 inhibitor deficiency

A Novel Multiple-Bits Collision Attack Based on Double Detection with Error-Tolerant Mechanism

Directory of Open Access Journals (Sweden)

Ye Yuan

2018-01-01

Full Text Available Side-channel collision attacks are more powerful than traditional side-channel attack without knowing the leakage model or establishing the model. Most attack strategies proposed previously need quantities of power traces with high computational complexity and are sensitive to mistakes, which restricts the attack efficiency seriously. In this paper, we propose a multiple-bits side-channel collision attack based on double distance voting detection (DDVD and also an improved version, involving the error-tolerant mechanism, which can find all 120 relations among 16 key bytes when applied to AES (Advanced Encryption Standard algorithm. In addition, we compare our collision detection method called DDVD with the Euclidean distance and the correlation-enhanced collision method under different intensity of noise, which indicates that our detection technique performs better in the circumstances of noise. Furthermore, 4-bit model of our collision detection method is proven to be optimal in theory and in practice. Meanwhile the corresponding practical attack experiments are also performed on a hardware implementation of AES-128 on FPGA board successfully. Results show that our strategy needs less computation time but more traces than LDPC method and the online time for our strategy is about 90% less than CECA and 96% less than BCA with 90% success rate.

Experimental investigation of effect of flow attack angle on thermohydraulic performance of air flow in a rectangular channel with discrete V-pattern baffle on the heated plate

Directory of Open Access Journals (Sweden)

Raj Kumar

2016-05-01

Full Text Available In this work, the effect of angle of attack ( α a of the discrete V-pattern baffle on thermohydraulic performance of rectangular channel has been studied experimentally. The baffle wall was constantly heated and the other three walls of the channel were kept insulated. The experimentations were conducted to collect the data on Nusselt number ( N u b and friction factor ( f b by varying the Reynolds number (Re = 3000–21,000 and angle of attack ( α a from 30° to 70°, for the kept values of relative baffle height ( H b / H = 0 . 50 , relative pitch ratio ( P b / H = 1 . 0 , relative discrete width ( g w / H b = 1 . 5 and relative discrete distance ( D d / L v = 0 . 67 . As compared to the smooth wall, the V-pattern baffle roughened channel enhances the Nusselt number ( N u b and friction factor ( f b by 4.2 and 5.9 times, respectively. The present discrete V-pattern baffle shapes with angle of attack ( α a of 60° equivalent to flow Reynolds number of 3000 yields the greatest thermohydraulic performance. Discrete V-pattern baffle has improved thermal performance as compared to other baffle shapes’ rectangular channel.

Hybrid attacks on model-based social recommender systems

Science.gov (United States)

Yu, Junliang; Gao, Min; Rong, Wenge; Li, Wentao; Xiong, Qingyu; Wen, Junhao

2017-10-01

With the growing popularity of the online social platform, the social network based approaches to recommendation emerged. However, because of the open nature of rating systems and social networks, the social recommender systems are susceptible to malicious attacks. In this paper, we present a certain novel attack, which inherits characteristics of the rating attack and the relation attack, and term it hybrid attack. Furtherly, we explore the impact of the hybrid attack on model-based social recommender systems in multiple aspects. The experimental results show that, the hybrid attack is more destructive than the rating attack in most cases. In addition, users and items with fewer ratings will be influenced more when attacked. Last but not the least, the findings suggest that spammers do not depend on the feedback links from normal users to become more powerful, the unilateral links can make the hybrid attack effective enough. Since unilateral links are much cheaper, the hybrid attack will be a great threat to model-based social recommender systems.

Caffeinated nitric oxide-releasing lozenge improves cycling time trial performance.

Science.gov (United States)

Lee, J; Kim, H T; Solares, G J; Kim, K; Ding, Z; Ivy, J L

2015-02-01

Boosting nitric oxide production during exercise by various means has been found to improve exercise performance. We investigated the effects of a nitric oxide releasing lozenge with added caffeine (70 mg) on oxygen consumption during steady-state exercise and cycling time trial performance using a double-blinded randomized, crossover experimental design. 15 moderately trained cyclists (7 females and 8 males) were randomly assigned to ingest the caffeinated nitric oxide lozenge or placebo 5 min before exercise. Oxygen consumption and blood lactate were assessed at rest and at 50%, 65% and 75% maximal oxygen consumption. Exercise performance was assessed by time to complete a simulated 20.15 km cycling time-trial course. No significant treatment effects for oxygen consumption or blood lactate at rest or during steady-state exercise were observed. However, time-trial performance was improved by 2.1% (p<0.01) when participants consumed the nitric oxide lozenge (2,424±69 s) compared to placebo (2,476±78 s) and without a significant difference in rating of perceived exertion. These results suggest that acute supplementation with a caffeinated nitric oxide releasing lozenge may be a practical and effective means of improving aerobic exercise performance. © Georg Thieme Verlag KG Stuttgart · New York.

Field-measured drag area is a key correlate of level cycling time trial performance

Directory of Open Access Journals (Sweden)

James E. Peterman

2015-08-01

Full Text Available Drag area (Ad is a primary factor determining aerodynamic resistance during level cycling and is therefore a key determinant of level time trial performance. However, Ad has traditionally been difficult to measure. Our purpose was to determine the value of adding field-measured Ad as a correlate of level cycling time trial performance. In the field, 19 male cyclists performed a level (22.1 km time trial. Separately, field-determined Ad and rolling resistance were calculated for subjects along with projected frontal area assessed directly (AP and indirectly (Est AP. Also, a graded exercise test was performed to determine $\\dot {V}{O}_{2}$V̇O2 peak, lactate threshold (LT, and economy. $\\dot {V}{O}_{2}$V̇O2 peak ($\\mathrm{l}~\\min ^{-1}$lmin−1 and power at LT were significantly correlated to power measured during the time trial (r = 0.83 and 0.69, respectively but were not significantly correlated to performance time (r = − 0.42 and −0.45. The correlation with performance time improved significantly (p < 0.05 when these variables were normalized to Ad. Of note, Ad alone was better correlated to performance time (r = 0.85, p < 0.001 than any combination of non-normalized physiological measure. The best correlate with performance time was field-measured power output during the time trial normalized to Ad (r = − 0.92. AP only accounted for 54% of the variability in Ad. Accordingly, the correlation to performance time was significantly lower using power normalized to AP (r = − 0.75 or Est AP (r = − 0.71. In conclusion, unless normalized to Ad, level time trial performance in the field was not highly correlated to common laboratory measures. Furthermore, our field-measured Ad is easy to determine and was the single best predictor of level time trial performance.

Preempting Performance Challenges: The Effects of Inoculation Messaging on Attacks to Task Self-Efficacy

Science.gov (United States)

Jackson, Ben; Compton, Josh; Whiddett, Ryan; Anthony, David R.; Dimmock, James A.

2015-01-01

Although inoculation messages have been shown to be effective for inducing resistance to counter-attitudinal attacks, researchers have devoted relatively little attention toward studying the way in which inoculation theory principles might support challenges to psychological phenomena other than attitudes (e.g., self-efficacy). Prior to completing a physical (i.e., balance) task, undergraduates (N = 127, Mage = 19.20, SD = 2.16) were randomly assigned to receive either a control or inoculation message, and reported their confidence in their ability regarding the upcoming task. During the task, a confederate provided standardized negative feedback to all participants regarding their performance, and following the completion of the task, participants again reported their self-efficacy along with measures assessing in-task processes. Findings supported the viability of efficacy inoculation; controlling for pre-task self-efficacy, task performance, and relevant psycho-social variables (e.g., resilience, self-confidence robustness), participants in the inoculation condition reported greater confidence in their ability (i.e., task self-efficacy) than those in the control condition at post-task. Relative to those in the inoculation condition, participants in the control condition also experienced greater concentration disruption and self-presentation concerns during the task. PMID:25898287

Known-plaintext attack on the double phase encoding and its implementation with parallel hardware

Science.gov (United States)

Wei, Hengzheng; Peng, Xiang; Liu, Haitao; Feng, Songlin; Gao, Bruce Z.

2008-03-01

A known-plaintext attack on the double phase encryption scheme implemented with parallel hardware is presented. The double random phase encoding (DRPE) is one of the most representative optical cryptosystems developed in mid of 90's and derives quite a few variants since then. Although the DRPE encryption system has a strong power resisting to a brute-force attack, the inherent architecture of DRPE leaves a hidden trouble due to its linearity nature. Recently the real security strength of this opto-cryptosystem has been doubted and analyzed from the cryptanalysis point of view. In this presentation, we demonstrate that the optical cryptosystems based on DRPE architecture are vulnerable to known-plain text attack. With this attack the two encryption keys in the DRPE can be accessed with the help of the phase retrieval technique. In our approach, we adopt hybrid input-output algorithm (HIO) to recover the random phase key in the object domain and then infer the key in frequency domain. Only a plaintext-ciphertext pair is sufficient to create vulnerability. Moreover this attack does not need to select particular plaintext. The phase retrieval technique based on HIO is an iterative process performing Fourier transforms, so it fits very much into the hardware implementation of the digital signal processor (DSP). We make use of the high performance DSP to accomplish the known-plaintext attack. Compared with the software implementation, the speed of the hardware implementation is much fast. The performance of this DSP-based cryptanalysis system is also evaluated.

An Analysis of Attacks on Blockchain Consensus

OpenAIRE

Bissias, George; Levine, Brian Neil; Ozisik, A. Pinar; Andresen, Gavin

2016-01-01

We present and validate a novel mathematical model of the blockchain mining process and use it to conduct an economic evaluation of the double-spend attack, which is fundamental to all blockchain systems. Our analysis focuses on the value of transactions that can be secured under a conventional double-spend attack, both with and without a concurrent eclipse attack. Our model quantifies the importance of several factors that determine the attack's success, including confirmation depth, attacke...

Automated classification of computer network attacks

CSIR Research Space (South Africa)

Van Heerden, R

2013-11-01

Full Text Available according to the relevant types of attack scenarios depicted in the ontology. The two network attack instances are the Distributed Denial of Service attack on SpamHaus in 2013 and the theft of 42 million Rand ($6.7 million) from South African Postbank...

Mental Toughness Moderates Social Loafing in Cycle Time-Trial Performance

Science.gov (United States)

Haugen, Tommy; Reinboth, Michael; Hetlelid, Ken J.; Peters, Derek M.; Høigaard, Rune

2016-01-01

Purpose: The purpose of this study was to determine if mental toughness moderated the occurrence of social loafing in cycle time-trial performance. Method: Twenty-seven men (M[subscript age] = 17.7 years, SD = 0.6) completed the Sport Mental Toughness Questionnaire prior to completing a 1-min cycling trial under 2 conditions: once with individual…

Cyber Attacks and Combat Behavior

Directory of Open Access Journals (Sweden)

Carataș Maria Alina

2017-01-01

Full Text Available Cyber terrorism is an intangible danger, a real over the corner threat in the life of individuals,organizations, and governments and is getting harder to deal with its damages. The motivations forthe cyber-attacks are different, depending on the terrorist group, from cybercrime to hacktivism,attacks over the authorities’ servers. Organizations constantly need to find new ways ofstrengthening protection against cyber-attacks, assess their cyber readiness, expand the resiliencecapacity and adopts international security regulations.

Attacks on public telephone networks: technologies and challenges

Science.gov (United States)

Kosloff, T.; Moore, Tyler; Keller, J.; Manes, Gavin W.; Shenoi, Sujeet

2003-09-01

Signaling System 7 (SS7) is vital to signaling and control in America's public telephone networks. This paper describes a class of attacks on SS7 networks involving the insertion of malicious signaling messages via compromised SS7 network components. Three attacks are discussed in detail: IAM flood attacks, redirection attacks and point code spoofing attacks. Depending on their scale of execution, these attacks can produce effects ranging from network congestion to service disruption. Methods for detecting these denial-of-service attacks and mitigating their effects are also presented.

Defense and attack of complex and dependent systems

International Nuclear Information System (INIS)

Hausken, Kjell

2010-01-01

A framework is constructed for how to analyze the strategic defense of an infrastructure subject to attack by a strategic attacker. Merging operations research, reliability theory, and game theory for optimal analytical impact, the optimization program for the defender and attacker is specified. Targets can be in parallel, series, combined series-parallel, complex, k-out-of-n redundancy, independent, interdependent, and dependent. The defender and attacker determine how much to invest in defending versus attacking each of multiple targets. A target can have economic, human, and symbolic values, subjectively assessed by the defender and attacker. A contest success function determines the probability of a successful attack on each target, dependent on the investments by the defender and attacker into each target, and on characteristics of the contest. The defender minimizes the expected damage plus the defense costs. The attacker maximizes the expected damage minus the attack costs. Each agent is concerned about how his investments vary across the targets, and the impact on his utilities. Interdependent systems are analyzed where the defense and attack on one target impacts all targets. Dependent systems are analyzed applying Markov analysis and repeated games where a successful attack on one target in the first period impacts the unit costs of defense and attack, and the contest intensity, for the other target in the second period.

Defense and attack of complex and dependent systems

Energy Technology Data Exchange (ETDEWEB)

Hausken, Kjell, E-mail: kjell.hausken@uis.n [Faculty of Social Sciences, University of Stavanger, N-4036 Stavanger (Norway)

2010-01-15

A framework is constructed for how to analyze the strategic defense of an infrastructure subject to attack by a strategic attacker. Merging operations research, reliability theory, and game theory for optimal analytical impact, the optimization program for the defender and attacker is specified. Targets can be in parallel, series, combined series-parallel, complex, k-out-of-n redundancy, independent, interdependent, and dependent. The defender and attacker determine how much to invest in defending versus attacking each of multiple targets. A target can have economic, human, and symbolic values, subjectively assessed by the defender and attacker. A contest success function determines the probability of a successful attack on each target, dependent on the investments by the defender and attacker into each target, and on characteristics of the contest. The defender minimizes the expected damage plus the defense costs. The attacker maximizes the expected damage minus the attack costs. Each agent is concerned about how his investments vary across the targets, and the impact on his utilities. Interdependent systems are analyzed where the defense and attack on one target impacts all targets. Dependent systems are analyzed applying Markov analysis and repeated games where a successful attack on one target in the first period impacts the unit costs of defense and attack, and the contest intensity, for the other target in the second period.

Automated Generation of Attack Trees

DEFF Research Database (Denmark)

Vigo, Roberto; Nielson, Flemming; Nielson, Hanne Riis

2014-01-01

Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impractica......Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error......-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees...... are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase...

Pareto Efficient Solutions of Attack-Defence Trees

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming

2015-01-01

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as proba......Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes......, such as probability or cost of attacks and defences. In case of multiple parameters most analytical methods optimise one parameter at a time, e.g., minimise cost or maximise probability of an attack. Such methods may lead to sub-optimal solutions when optimising conflicting parameters, e.g., minimising cost while...... maximising probability. In order to tackle this challenge, we devise automated techniques that optimise all parameters at once. Moreover, in the case of conflicting parameters our techniques compute the set of all optimal solutions, defined in terms of Pareto efficiency. The developments are carried out...

Challenges and opportunities in designing clinical trials for neuromyelitis optica

Science.gov (United States)

Barron, Gerard; Behne, Jacinta M.; Bennett, Jeffery L.; Chin, Peter S.; Cree, Bruce A.C.; de Seze, Jerome; Flor, Armando; Fujihara, Kazuo; Greenberg, Benjamin; Higashi, Sayumi; Holt, William; Khan, Omar; Knappertz, Volker; Levy, Michael; Melia, Angela T.; Palace, Jacqueline; Smith, Terry J.; Sormani, Maria Pia; Van Herle, Katja; VanMeter, Susan; Villoslada, Pablo; Walton, Marc K.; Wasiewski, Warren; Wingerchuk, Dean M.; Yeaman, Michael R.

2015-01-01

Current management of neuromyelitis optica (NMO) is noncurative and only partially effective. Immunosuppressive or immunomodulatory agents are the mainstays of maintenance treatment. Safer, better-tolerated, and proven effective treatments are needed. The perceived rarity of NMO has impeded clinical trials for this disease. However, a diagnostic biomarker and recognition of a wider spectrum of NMO presentations has expanded the patient population from which study candidates might be recruited. Emerging insights into the pathogenesis of NMO have provided rationale for exploring new therapeutic targets. Academic, pharmaceutical, and regulatory communities are increasingly interested in meeting the unmet needs of patients with NMO. Clinical trials powered to yield unambiguous outcomes and designed to facilitate rapid evaluation of an expanding pipeline of experimental agents are needed. NMO-related disability occurs incrementally as a result of attacks; thus, limiting attack frequency and severity are critical treatment goals. Yet, the severity of NMO and perception that currently available agents are effective pose challenges to study design. We propose strategies for NMO clinical trials to evaluate agents targeting recovery from acute attacks and prevention of relapses, the 2 primary goals of NMO treatment. Aligning the interests of all stakeholders is an essential step to this end. PMID:25841026

Cross-site scripting attacks procedure and Prevention Strategies

Directory of Open Access Journals (Sweden)

Wang Xijun

2016-01-01

Full Text Available Cross-site scripting attacks and defense has been the site of attack and defense is an important issue, this paper, the definition of cross-site scripting attacks, according to the current understanding of the chaos on the cross-site scripting, analyzes the causes and harm cross-site scripting attacks formation of attacks XXS complete process XSS attacks made a comprehensive analysis, and then for the web program includes Mobility there are cross-site scripting filter laxity given from ordinary users browse the web and web application developers two the defense cross-site scripting attacks effective strategy.

Heart Attack Symptoms in Women

Science.gov (United States)

... fat, cholesterol and other substances (plaque). Watch an animation of a heart attack . Many women think the ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

On the anatomy of social engineering attacks : A literature-based dissection of successful attacks

NARCIS (Netherlands)

Bullee, Jan-Willem; Montoya, L.; Pieters, Wolter; Junger, Marianne; Hartel, Pieter H.

The aim of this studywas to explore the extent towhich persuasion principles are used in successful social engineering attacks. Seventy-four scenarioswere extracted from 4 books on social engineering (written by social engineers) and analysed. Each scenariowas split into attack steps, containing

31-Year-Old Female Shows Marked Improvement in Depression, Agitation, and Panic Attacks after Genetic Testing Was Used to Inform Treatment

Directory of Open Access Journals (Sweden)

Scott Lawrence

2014-01-01

Full Text Available This case describes a 31-year-old female Caucasian patient with complaints of ongoing depression, agitation, and severe panic attacks. The patient was untreated until a recent unsuccessful trial of citalopram followed by venlafaxine which produced a partial response. Genetic testing was performed to assist in treatment decisions and revealed the patient to be heterozygous for polymorphisms in 5HT2C, ANK3, and MTHFR and homozygous for a polymorphism in SLC6A4 and the low activity (Met/Met COMT allele. In response to genetic results and clinical presentation, venlafaxine was maintained and lamotrigine was added leading to remission of agitation and depression.

Protecting water and wastewater infrastructure from cyber attacks

Science.gov (United States)

Panguluri, Srinivas; Phillips, William; Cusimano, John

2011-12-01

Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion: cyber attacks are real and can cause significant damages. This paper presents some recent statistics on cyber attacks and resulting damages. Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks. Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are: 1) the increasing interconnection of their business and control system networks, 2) large variation of proprietary industrial control equipment utilized, 3) multitude of cross-sector cyber-security standards, and 4) the differences in the equipment vendor's approaches to meet these security standards. The utilities can meet these challenges by voluntarily selecting and adopting security standards, conducting a gap analysis, performing vulnerability/risk analysis, and undertaking countermeasures that best meets their security and organizational requirements. Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years. Implementing cyber security does not necessarily have to be expensive, substantial improvements can be accomplished through policy, procedure, training and awareness. Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

Protecting water and wastewater infrastructure from cyber attacks

Institute of Scientific and Technical Information of China (English)

Srinivas Panguluri; William Phillips; John Cusimano

2011-01-01

Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion:cyber attacks are real and can cause significant damages.This paper presents some recent statistics on cyber attacks and resulting damages.Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks.Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are:1) the increasing interconnection of their business and control system networks,2) large variation of proprietary industrial control equipment utilized,3) multitude of cross-sector cyber-security standards,and 4) the differences in the equipment vendor's approaches to meet these security standards.The utilities can meet these challenges by voluntarily selecting and adopting security standards,conducting a gap analysis,performing vulnerability/risk analysis,and undertaking countermeasures that best meets their security and organizational requirements.Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years.Implementing cyber security does not necessarily have to be expensive,substantial improvements can be accomplished through policy,procedure,training and awareness.Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

Efficient Hybrid Detection of Node Replication Attacks in Mobile Sensor Networks

Directory of Open Access Journals (Sweden)

Ze Wang

2017-01-01

Full Text Available The node replication attack is one of the notorious attacks that can be easily launched by adversaries in wireless sensor networks. A lot of literatures have studied mitigating the node replication attack in static wireless sensor networks. However, it is more difficult to detect the replicas in mobile sensor networks because of their node mobility. Considering the limitations of centralized detection schemes for static wireless sensor networks, a few distributed solutions have been recently proposed. Some existing schemes identified replicated attacks by sensing mobile nodes with identical ID but different locations. To facilitate the discovery of contradictory conflicts, we propose a hybrid local and global detection method. The local detection is performed in a local area smaller than the whole deployed area to improve the meeting probability of contradictory nodes, while the distant replicated nodes in larger area can also be efficiently detected by the global detection. The complementary two levels of detection achieve quick discovery by searching of the replicas with reasonable overhead.

Robust Structural Analysis and Design of Distributed Control Systems to Prevent Zero Dynamics Attacks

Energy Technology Data Exchange (ETDEWEB)

Weerakkody, Sean [Carnegie Mellon Univ., Pittsburgh, PA (United States); Liu, Xiaofei [Carnegie Mellon Univ., Pittsburgh, PA (United States); Sinopoli, Bruno [Carnegie Mellon Univ., Pittsburgh, PA (United States)

2017-12-12

We consider the design and analysis of robust distributed control systems (DCSs) to ensure the detection of integrity attacks. DCSs are often managed by independent agents and are implemented using a diverse set of sensors and controllers. However, the heterogeneous nature of DCSs along with their scale leave such systems vulnerable to adversarial behavior. To mitigate this reality, we provide tools that allow operators to prevent zero dynamics attacks when as many as p agents and sensors are corrupted. Such a design ensures attack detectability in deterministic systems while removing the threat of a class of stealthy attacks in stochastic systems. To achieve this goal, we use graph theory to obtain necessary and sufficient conditions for the presence of zero dynamics attacks in terms of the structural interactions between agents and sensors. We then formulate and solve optimization problems which minimize communication networks while also ensuring a resource limited adversary cannot perform a zero dynamics attacks. Polynomial time algorithms for design and analysis are provided.

Model checking exact cost for attack scenarios

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming

2017-01-01

Attack trees constitute a powerful tool for modelling security threats. Many security analyses of attack trees can be seamlessly expressed as model checking of Markov Decision Processes obtained from the attack trees, thus reaping the benefits of a coherent framework and a mature tool support....... However, current model checking does not encompass the exact cost analysis of an attack, which is standard for attack trees. Our first contribution is the logic erPCTL with cost-related operators. The extended logic allows to analyse the probability of an event satisfying given cost bounds and to compute...... the exact cost of an event. Our second contribution is the model checking algorithm for erPCTL. Finally, we apply our framework to the analysis of attack trees....

The effect of extrinsic motivation on cycle time trial performance

NARCIS (Netherlands)

Hulleman, M.; de Koning, J.J.; Hettinga, F.J.; Foster, C.

2007-01-01

PURPOSE: Athletes occasionally follow pacing patterns that seem unreasonably aggressive compared with those of prerace performances, potentially because of the motivation provided by competition. This study evaluated the effect of extrinsic motivation on cyclists' time trial performance. METHODS:

NETWORK SECURITY ATTACKS. ARP POISONING CASE STUDY

Directory of Open Access Journals (Sweden)

Luminiţa DEFTA

2010-12-01

Full Text Available Arp poisoning is one of the most common attacks in a switched network. A switch is a network device that limits the ability of attackers that use a packet sniffer to gain access to information from internal network traffic. However, using ARP poisoning the traffic between two computers can be intercepted even in a network that uses switches. This method is known as man in the middle attack. With this type of attack the affected stations from a network will have invalid entries in the ARP table. Thus, it will contain only the correspondence between the IP addresses of the stations from the same network and a single MAC address (the station that initiated the attack. In this paper we present step by step the initiation of such an attack in a network with three computers. We will intercept the traffic between two stations using the third one (the attacker.

Detecting unknown attacks in wireless sensor networks that contain mobile nodes.

Science.gov (United States)

Banković, Zorana; Fraga, David; Moya, José M; Vallejo, Juan Carlos

2012-01-01

As wireless sensor networks are usually deployed in unattended areas, security policies cannot be updated in a timely fashion upon identification of new attacks. This gives enough time for attackers to cause significant damage. Thus, it is of great importance to provide protection from unknown attacks. However, existing solutions are mostly concentrated on known attacks. On the other hand, mobility can make the sensor network more resilient to failures, reactive to events, and able to support disparate missions with a common set of sensors, yet the problem of security becomes more complicated. In order to address the issue of security in networks with mobile nodes, we propose a machine learning solution for anomaly detection along with the feature extraction process that tries to detect temporal and spatial inconsistencies in the sequences of sensed values and the routing paths used to forward these values to the base station. We also propose a special way to treat mobile nodes, which is the main novelty of this work. The data produced in the presence of an attacker are treated as outliers, and detected using clustering techniques. These techniques are further coupled with a reputation system, in this way isolating compromised nodes in timely fashion. The proposal exhibits good performances at detecting and confining previously unseen attacks, including the cases when mobile nodes are compromised.

Eurados trial performance test for neutron personal dosimetry

DEFF Research Database (Denmark)

Bordy, J.M.; Stadtmann, H.; Ambrosi, P.

2001-01-01

This paper reports on the results of a neutron trial performance test sponsored by the European Commission and organised by EURADOS. As anticipated, neutron dosimetry results were very dependent on the dosemeter type and the dose calculation algorithm. Fast neutron fields were generally well...

Attack Graph Construction for Security Events Analysis

Directory of Open Access Journals (Sweden)

Andrey Alexeevich Chechulin

2014-09-01

Full Text Available The paper is devoted to investigation of the attack graphs construction and analysis task for a network security evaluation and real-time security event processing. Main object of this research is the attack modeling process. The paper contains the description of attack graphs building, modifying and analysis technique as well as overview of implemented prototype for network security analysis based on attack graph approach.

Effect of caffeine on cycling time-trial performance in the heat.

Science.gov (United States)

Pitchford, Nathan W; Fell, James W; Leveritt, Michael D; Desbrow, Ben; Shing, Cecilia M

2014-07-01

The purpose of this investigation was to determine whether a moderate dose of caffeine would improve a laboratory simulated cycling time-trial in the heat. Nine well-trained male subjects (VO2max 64.4±6.8mLmin(-1)kg(-1), peak power output 378±40W) completed one familiarisation and two experimental laboratory simulated cycling time-trials in environmental conditions of 35°C and 25% RH 90min after consuming either caffeine (3mgkg(-1) BW) or placebo, in a double blind, cross-over study. Time-trial performance was faster in the caffeine trial compared with the placebo trial (mean±SD, 3806±359s versus 4079±333s, p=0.06, 90%CI 42-500s, 86% likelihood of benefit, d=-0.79). Caffeine ingestion was associated with small to moderate increases in average heart rate (p=0.178, d=0.39), VO2 (p=0.154, d=0.45), respiratory exchange ratio (p=0.292, d=0.35) and core temperature (p=0.616, d=0.22) when compared to placebo, however, these were not statistically significant. Average RPE during the caffeine supplemented time-trial was not significantly different from placebo (p=0.41, d=-0.13). Caffeine supplementation at 3mgkg(-1) BW resulted in a worthwhile improvement in cycling time-trial performance in the heat. Double-blind cross-over study. Copyright © 2013 Sports Medicine Australia. Published by Elsevier Ltd. All rights reserved.

Automated Discovery of Mimicry Attacks

National Research Council Canada - National Science Library

Giffin, Jonathon T; Jha, Somesh; Miller, Barton P

2006-01-01

.... These systems are useful only if they detect actual attacks. Previous research developed manually-constructed mimicry and evasion attacks that avoided detection by hiding a malicious series of system calls within a valid sequence allowed by the model...

Effective traffic features selection algorithm for cyber-attacks samples

Science.gov (United States)

Li, Yihong; Liu, Fangzheng; Du, Zhenyu

2018-05-01

By studying the defense scheme of Network attacks, this paper propose an effective traffic features selection algorithm based on k-means++ clustering to deal with the problem of high dimensionality of traffic features which extracted from cyber-attacks samples. Firstly, this algorithm divide the original feature set into attack traffic feature set and background traffic feature set by the clustering. Then, we calculates the variation of clustering performance after removing a certain feature. Finally, evaluating the degree of distinctiveness of the feature vector according to the result. Among them, the effective feature vector is whose degree of distinctiveness exceeds the set threshold. The purpose of this paper is to select out the effective features from the extracted original feature set. In this way, it can reduce the dimensionality of the features so as to reduce the space-time overhead of subsequent detection. The experimental results show that the proposed algorithm is feasible and it has some advantages over other selection algorithms.

Impulse attack-free four random phase mask encryption based on a 4-f optical system.

Science.gov (United States)

Kumar, Pramod; Joseph, Joby; Singh, Kehar

2009-04-20

Optical encryption methods based on double random phase encryption (DRPE) have been shown to be vulnerable to different types of attacks. The Fourier plane random phase mask (RPM), which is the most important key, can be cracked with a single impulse function attack. Such an attack is viable because the Fourier transform of a delta function is a unity function. Formation of a unity function can be avoided if RPMs are placed in front of both lenses in a 4-f optical setup, thereby protecting the DRPE from an impulse attack. We have performed numerical simulations to verify the proposed scheme. Resistance of this scheme is checked against the brute force and the impulse function attacks. The experimental results validate the feasibility of the scheme.

Augmenting performance feedback does not affect 4 km cycling time-trials in the heat.

Science.gov (United States)

Waldron, Mark; Villerius, Vincent; Murphy, Aron

2015-01-01

We compared the effects of (1) accurate and (2) surreptitiously augmented performance feedback on power output and physiological responses to a 4000 m time-trial in the heat. Nine cyclists completed a baseline (BaseL) 4000 m time-trial in ambient temperatures of 30°C, followed by two further 4000 m time-trials at the same temperature, randomly assigning the participants to an accurate (ACC; accurate feedback of baseline) or deceived (DEC; 2% increase above baseline) feedback group. The total power output (PO) and aerobic (Paer) and anaerobic (Pan) contributions were determined at 0.4 km stages during the time-trials, alongside measurements of rectal (Trec) and skin (Tskin) temperatures. There were no differences (P > 0.05) in any of the variables between BaseL, ACC and DEC, despite increases (P 0.05) between feedback condition and time-trial stage. Providing surreptitiously augmented performance feedback to well-trained cyclists did not alter their performance or physiological responses to a 4000 m time-trial in a hot environment. The assumed influence of augmented performance feedback was nullified in the heat, perhaps reflecting a central down-regulation of exercise intensity in response to an increased body temperature.

Extended analysis of the Trojan-horse attack in quantum key distribution

Science.gov (United States)

Vinay, Scott E.; Kok, Pieter

2018-04-01

The discrete-variable quantum key distribution protocols based on the 1984 protocol of Bennett and Brassard (BB84) are known to be secure against an eavesdropper, Eve, intercepting the flying qubits and performing any quantum operation on them. However, these protocols may still be vulnerable to side-channel attacks. We investigate the Trojan-horse side-channel attack where Eve sends her own state into Alice's apparatus and measures the reflected state to estimate the key. We prove that the separable coherent state is optimal for Eve among the class of multimode Gaussian attack states, even in the presence of thermal noise. We then provide a bound on the secret key rate in the case where Eve may use any separable state.

A systematic review of re-identification attacks on health data.

Science.gov (United States)

El Emam, Khaled; Jonker, Elizabeth; Arbuckle, Luk; Malin, Bradley

2011-01-01

Privacy legislation in most jurisdictions allows the disclosure of health data for secondary purposes without patient consent if it is de-identified. Some recent articles in the medical, legal, and computer science literature have argued that de-identification methods do not provide sufficient protection because they are easy to reverse. Should this be the case, it would have significant and important implications on how health information is disclosed, including: (a) potentially limiting its availability for secondary purposes such as research, and (b) resulting in more identifiable health information being disclosed. Our objectives in this systematic review were to: (a) characterize known re-identification attacks on health data and contrast that to re-identification attacks on other kinds of data, (b) compute the overall proportion of records that have been correctly re-identified in these attacks, and (c) assess whether these demonstrate weaknesses in current de-identification methods. Searches were conducted in IEEE Xplore, ACM Digital Library, and PubMed. After screening, fourteen eligible articles representing distinct attacks were identified. On average, approximately a quarter of the records were re-identified across all studies (0.26 with 95% CI 0.046-0.478) and 0.34 for attacks on health data (95% CI 0-0.744). There was considerable uncertainty around the proportions as evidenced by the wide confidence intervals, and the mean proportion of records re-identified was sensitive to unpublished studies. Two of fourteen attacks were performed with data that was de-identified using existing standards. Only one of these attacks was on health data, which resulted in a success rate of 0.00013. The current evidence shows a high re-identification rate but is dominated by small-scale studies on data that was not de-identified according to existing standards. This evidence is insufficient to draw conclusions about the efficacy of de-identification methods.

A systematic review of re-identification attacks on health data.

Directory of Open Access Journals (Sweden)

Khaled El Emam

Full Text Available Privacy legislation in most jurisdictions allows the disclosure of health data for secondary purposes without patient consent if it is de-identified. Some recent articles in the medical, legal, and computer science literature have argued that de-identification methods do not provide sufficient protection because they are easy to reverse. Should this be the case, it would have significant and important implications on how health information is disclosed, including: (a potentially limiting its availability for secondary purposes such as research, and (b resulting in more identifiable health information being disclosed. Our objectives in this systematic review were to: (a characterize known re-identification attacks on health data and contrast that to re-identification attacks on other kinds of data, (b compute the overall proportion of records that have been correctly re-identified in these attacks, and (c assess whether these demonstrate weaknesses in current de-identification methods.Searches were conducted in IEEE Xplore, ACM Digital Library, and PubMed. After screening, fourteen eligible articles representing distinct attacks were identified. On average, approximately a quarter of the records were re-identified across all studies (0.26 with 95% CI 0.046-0.478 and 0.34 for attacks on health data (95% CI 0-0.744. There was considerable uncertainty around the proportions as evidenced by the wide confidence intervals, and the mean proportion of records re-identified was sensitive to unpublished studies. Two of fourteen attacks were performed with data that was de-identified using existing standards. Only one of these attacks was on health data, which resulted in a success rate of 0.00013.The current evidence shows a high re-identification rate but is dominated by small-scale studies on data that was not de-identified according to existing standards. This evidence is insufficient to draw conclusions about the efficacy of de-identification methods.

GA-DoSLD: Genetic Algorithm Based Denial-of-Sleep Attack Detection in WSN

Directory of Open Access Journals (Sweden)

Mahalakshmi Gunasekaran

2017-01-01

Full Text Available Denial-of-sleep (DoSL attack is a special category of denial-of-service attack that prevents the battery powered sensor nodes from going into the sleep mode, thus affecting the network performance. The existing schemes used for the DoSL attack detection do not provide an optimal energy conservation and key pairing operation. Hence, in this paper, an efficient Genetic Algorithm (GA based denial-of-sleep attack detection (GA-DoSLD algorithm is suggested for analyzing the misbehaviors of the nodes. The suggested algorithm implements a Modified-RSA (MRSA algorithm in the base station (BS for generating and distributing the key pair among the sensor nodes. Before sending/receiving the packets, the sensor nodes determine the optimal route using Ad Hoc On-Demand Distance Vector Routing (AODV protocol and then ensure the trustworthiness of the relay node using the fitness calculation. The crossover and mutation operations detect and analyze the methods that the attackers use for implementing the attack. On determining an attacker node, the BS broadcasts the blocked information to all the other sensor nodes in the network. Simulation results prove that the suggested algorithm is optimal compared to the existing algorithms such as X-MAC, ZKP, and TE2P schemes.

Transforming Graphical System Models to Graphical Attack Models

DEFF Research Database (Denmark)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

2016-01-01

Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations...... approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset....

F-DDIA: A Framework for Detecting Data Injection Attacks in Nonlinear Cyber-Physical Systems

Directory of Open Access Journals (Sweden)

Jingxuan Wang

2017-01-01

Full Text Available Data injection attacks in a cyber-physical system aim at manipulating a number of measurements to alter the estimated real-time system states. Many researchers recently focus on how to detect such attacks. However, most of the detection methods do not work well for the nonlinear systems. In this paper, we present a compressive sampling methodology to identify the attack, which allows determining how many and which measurement signals are launched. The sparsity feature is used. Generally, our methodology can be applied to both linear and nonlinear systems. The experimental testing, which includes realistic load patterns from NYISO with various attack scenarios in the IEEE 14-bus system, confirms that our detector performs remarkably well.

When Sinuses Attack! (For Kids)

Science.gov (United States)

... First Aid & Safety Doctors & Hospitals Videos Recipes for Kids Kids site Sitio para niños How the Body Works ... Search English Español When Sinuses Attack! KidsHealth / For Kids / When Sinuses Attack! What's in this article? What ...

Heart Attack

Science.gov (United States)

... properly causes your body's blood sugar levels to rise, increasing your risk of heart attack. Metabolic syndrome. This occurs when you have obesity, high blood pressure and high blood sugar. Having metabolic ...

Discriminant effect of morphology and range of attack on the performance level of volleyball players. DOI: 10.5007/1980-0037.2011v13n3p223

Directory of Open Access Journals (Sweden)

Victor Machado Reis

2011-04-01

Full Text Available The aim of this study was to identify the discriminant effect of morphology and range of attack-related variables on the performance level of under-17 female volleyball players. The sample consisted of young volleyball players (n=40 divided into two groups: players of the Brazilian national team (n=21 aged 15.86 ± 0.36 years, body weight of 68.11 ± 8.73 kg, and height of 181.61 ± 6.11 cm, and players of the state team of Rio Grande do Norte (n=19 aged 15.16 ± 0.88 years, body weight of 60.54 ± 7.60 kg, and height of 170.52 ± 7.97 cm. The somatotype was assessed using the Heath & Carter method. A modified Sargent test was used to assess vertical jump height and maximum attack height. The measures were compared between the two groups using the Student t-test for independent samples. Discriminant function analysis was applied to predict group allocation using the measures obtained as independent variables. The two groups differed significantly in terms of body weight, fat mass, height, maximum attack height, range of attack, and somatotype. Discriminant function analysis identified the somato-type measures (endomorphy, ectomorphy, and mesomorphy with correlation coefficients below 0.30. The canonical correlation coefficient obtained with this function was 0.856. In conclusion, somatotype or vertical jump ability does not seem to distinguish elite athletes from non-elite athletes in under-17 female volleyball players, and height is the main morphological determinant to achieve elite level performance.

High-speed web attack detection through extracting exemplars from HTTP traffic

KAUST Repository

Wang, Wei

2011-01-01

In this work, we propose an effective method for high-speed web attack detection by extracting exemplars from HTTP traffic before the detection model is built. The smaller set of exemplars keeps valuable information of the original traffic while it significantly reduces the size of the traffic so that the detection remains effective and improves the detection efficiency. The Affinity Propagation (AP) is employed to extract the exemplars from the HTTP traffic. K-Nearest Neighbor(K-NN) and one class Support Vector Machine (SVM) are used for anomaly detection. To facilitate comparison, we also employ information gain to select key attributes (a.k.a. features) from the HTTP traffic for web attack detection. Two large real HTTP traffic are used to validate our methods. The extensive test results show that the AP based exemplar extraction significantly improves the real-time performance of the detection compared to using all the HTTP traffic and achieves a more robust detection performance than information gain based attribute selection for web attack detection. © 2011 ACM.

Software-based Microarchitectural Attacks

OpenAIRE

Gruss, Daniel

2017-01-01

Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Software-based microarchitectural attacks exploit effects of these optimizations. Microarchitectural side-channel attacks leak secrets from cryptographic computations, from general purpose computations, or from the kernel. This leakage even persists across all common isolation boundaries, such as processes, containers, and virtual ...

Integrating cyber attacks within fault trees

International Nuclear Information System (INIS)

Nai Fovino, Igor; Masera, Marcelo; De Cian, Alessio

2009-01-01

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Integrating cyber attacks within fault trees

Energy Technology Data Exchange (ETDEWEB)

Nai Fovino, Igor [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy)], E-mail: igor.nai@jrc.it; Masera, Marcelo [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy); De Cian, Alessio [Department of Electrical Engineering, University di Genova, Genoa (Italy)

2009-09-15

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Attack and Vulnerability Penetration Testing: FreeBSD

Directory of Open Access Journals (Sweden)

Abdul Hanan Abdullah

2013-07-01

Full Text Available Computer system security has become a major concern over the past few years. Attacks, threasts or intrusions, against computer system and network have become commonplace events. However, there are some system devices and other tools that are available to overcome the threat of these attacks. Currently, cyber attack is a major research and inevitable. This paper presents some steps of penetration in FreeBSD operating system, some tools and new steps to attack used in this experiment, probes for reconnaissance, guessing password via brute force, gaining privilege access and flooding victim machine to decrease availability. All these attacks were executed and infiltrate within the environment of Intrusion Threat Detection Universiti Teknologi Malaysia (ITD UTM data set. This work is expected to be a reference for practitioners to prepare their systems from Internet attacks.

High level of Brazilian men´s volleyball: characterization and difference of predictive factors of back row attack

Directory of Open Access Journals (Sweden)

Gustavo de Conti Teixeira Costa Conti

2018-05-01

Full Text Available This study aimed to identify the predictive factors of attacks, performed from positions 1 and 6 according to the effect of reception in high level Brazilian male volleyball and to find the predictive factors that differentiate the game practiced from these positions. The sample consisted in the observation of 142 games of the Brazilian Men's Super League, totalling 2969 actions of reception, setting and attack from positions 1 and 6. The significance value adopted was 5% (p ≤ 0.05. The analysis of the predictive factors of the game performed by the attacker of position 1 showed greater chances to score after an excellent (odds ratio adjusted – ORA = 1.48 and moderate effect of reception (ORA = 1.31, the second attack tempo (ORA = 1.32, the powerful attack in parallel (ORA = 1.91 and in diagonal (ORA =3.44. The attacker of position 6 showed higher chances of scoring after a high effect of reception (ORA = 3.39 and powerful attack in the parallel (ORA = 1.53. In conclusion, regardless the effect of reception, the use of the back-row attackers is recommended to increase the uncertainty on the opposing team and the chances to score.

Superposition Attacks on Cryptographic Protocols

DEFF Research Database (Denmark)

Damgård, Ivan Bjerre; Funder, Jakob Løvstad; Nielsen, Jesper Buus

2011-01-01

of information. In this paper, we introduce a fundamentally new model of quantum attacks on classical cryptographic protocols, where the adversary is allowed to ask several classical queries in quantum superposition. This is a strictly stronger attack than the standard one, and we consider the security......Attacks on classical cryptographic protocols are usually modeled by allowing an adversary to ask queries from an oracle. Security is then defined by requiring that as long as the queries satisfy some constraint, there is some problem the adversary cannot solve, such as compute a certain piece...... of several primitives in this model. We show that a secret-sharing scheme that is secure with threshold $t$ in the standard model is secure against superposition attacks if and only if the threshold is lowered to $t/2$. We use this result to give zero-knowledge proofs for all of NP in the common reference...

RESILIENT SCHEME AGAINST REDUCTION OF QUALITY (ROQ DISTRIBUTED DENIAL OF SERVICE ATTACK IN MANET

Directory of Open Access Journals (Sweden)

S.A. Arunmozhi

2011-09-01

Full Text Available Defending against denial-of-service attacks (DoS in a mobile ad hoc network (MANET is challenging because of the dynamic network topology. Security primitives must be dynamically adjusted to cope with the network. The Reduction-of-Quality (RoQ Distributed Denial of Service (DDoS attack is one which throttles the tcp throughput heavily and reduces the quality-of-service (QoS to end systems gradually rather than refusing the clients from the services completely. Supporting QoS in MANET is a challenging task, particularly in the presence of malicious users. In this paper, we propose a DoS resilient technique that uses a flow table to detect the attackers. The proposed defense mechanism identifies the attackers based on the congestion bit notification and asks the sending node to reduce the sending rate. Once the attackers are identified, all the packets from those nodes will be blocked. The throughput and delay performance of TCP or UDP flows are very sensitive to such RoQ attacks. Through extensive ns2 network simulations, we demonstrate the achievement of high throughput and low delay for a network under the RoQ attack.

A video-polygraphic analysis of the cataplectic attack

DEFF Research Database (Denmark)

Rubboli, G; d'Orsi, G; Zaniboni, A

2000-01-01

OBJECTIVES AND METHODS: To perform a video-polygraphic analysis of 11 cataplectic attacks in a 39-year-old narcoleptic patient, correlating clinical manifestations with polygraphic findings. Polygraphic recordings monitored EEG, EMG activity from several cranial, trunk, upper and lower limbs musc...... of REM sleep and neural structures subserving postural control....

Recurrent spontaneous attacks of dizziness.

Science.gov (United States)

Lempert, Thomas

2012-10-01

This article describes the common causes of recurrent vertigo and dizziness that can be diagnosed largely on the basis of history. Ninety percent of spontaneous recurrent vertigo and dizziness can be explained by six disorders: (1) Ménière disease is characterized by vertigo attacks, lasting 20 minutes to several hours, with concomitant hearing loss, tinnitus, and aural fullness. Aural symptoms become permanent during the course of the disease. (2) Attacks of vestibular migraine may last anywhere from minutes to days. Most patients have a previous history of migraine headaches, and many experience migraine symptoms during the attack. (3) Vertebrobasilar TIAs affect older adults with vascular risk factors. Most attacks last less than 1 hour and are accompanied by other symptoms from the posterior circulation territory. (4) Vestibular paroxysmia is caused by vascular compression of the eighth cranial nerve. It manifests itself with brief attacks of vertigo that recur many times per day, sometimes with concomitant cochlear symptoms. (5) Orthostatic hypotension causes brief episodes of dizziness lasting seconds to a few minutes after standing up and is relieved by sitting or lying down. In older adults, it may be accompanied by supine hypertension. (6) Panic attacks usually last minutes, occur in specific situations, and are accompanied by choking, palpitations, tremor, heat, and anxiety. Less common causes of spontaneous recurrent vertigo and dizziness include perilymph fistula, superior canal dehiscence, autoimmune inner ear disease, otosclerosis, cardiac arrhythmia, and medication side effects. Neurologists need to venture into otolaryngology, internal medicine, and psychiatry to master the differential diagnosis of recurrent dizziness.

Hybrid Intrusion Detection System for DDoS Attacks

Directory of Open Access Journals (Sweden)

Özge Cepheli

2016-01-01

Full Text Available Distributed denial-of-service (DDoS attacks are one of the major threats and possibly the hardest security problem for today’s Internet. In this paper we propose a hybrid detection system, referred to as hybrid intrusion detection system (H-IDS, for detection of DDoS attacks. Our proposed detection system makes use of both anomaly-based and signature-based detection methods separately but in an integrated fashion and combines the outcomes of both detectors to enhance the overall detection accuracy. We apply two distinct datasets to our proposed system in order to test the detection performance of H-IDS and conclude that the proposed hybrid system gives better results than the systems based on nonhybrid detection.

Improved Deep Belief Networks (IDBN Dynamic Model-Based Detection and Mitigation for Targeted Attacks on Heavy-Duty Robots

Directory of Open Access Journals (Sweden)

Lianpeng Li

2018-04-01

Full Text Available In recent years, the robots, especially heavy-duty robots, have become the hardest-hit areas for targeted attacks. These attacks come from both the cyber-domain and the physical-domain. In order to improve the security of heavy-duty robots, this paper proposes a detection and mitigation mechanism which based on improved deep belief networks (IDBN and dynamic model. The detection mechanism consists of two parts: (1 IDBN security checks, which can detect targeted attacks from the cyber-domain; (2 Dynamic model and security detection, used to detect the targeted attacks which can possibly lead to a physical-domain damage. The mitigation mechanism was established on the base of the detection mechanism and could mitigate transient and discontinuous attacks. Moreover, a test platform was established to carry out the performance evaluation test for the proposed mechanism. The results show that, the detection accuracy for the attack of the cyber-domain of IDBN reaches 96.2%, and the detection accuracy for the attack of physical-domain control commands reaches 94%. The performance evaluation test has verified the reliability and high efficiency of the proposed detection and mitigation mechanism for heavy-duty robots.

Robust multiple frequency multiple power localization schemes in the presence of multiple jamming attacks.

Directory of Open Access Journals (Sweden)

Ahmed Abdulqader Hussein

Full Text Available Localization of the wireless sensor network is a vital area acquiring an impressive research concern and called upon to expand more with the rising of its applications. As localization is gaining prominence in wireless sensor network, it is vulnerable to jamming attacks. Jamming attacks disrupt communication opportunity among the sender and receiver and deeply impact the localization process, leading to a huge error of the estimated sensor node position. Therefore, detection and elimination of jamming influence are absolutely indispensable. Range-based techniques especially Received Signal Strength (RSS is facing severe impact of these attacks. This paper proposes algorithms based on Combination Multiple Frequency Multiple Power Localization (C-MFMPL and Step Function Multiple Frequency Multiple Power Localization (SF-MFMPL. The algorithms have been tested in the presence of multiple types of jamming attacks including capture and replay, random and constant jammers over a log normal shadow fading propagation model. In order to overcome the impact of random and constant jammers, the proposed method uses two sets of frequencies shared by the implemented anchor nodes to obtain the averaged RSS readings all over the transmitted frequencies successfully. In addition, three stages of filters have been used to cope with the replayed beacons caused by the capture and replay jammers. In this paper the localization performance of the proposed algorithms for the ideal case which is defined by without the existence of the jamming attack are compared with the case of jamming attacks. The main contribution of this paper is to achieve robust localization performance in the presence of multiple jamming attacks under log normal shadow fading environment with a different simulation conditions and scenarios.

Tactic determinants of game practiced by middle attacker in men’s volleyball

Directory of Open Access Journals (Sweden)

Gustavo De Conti Teixeira Costa

2016-07-01

Full Text Available DOI: http://dx.doi.org/10.5007/1980-0037.2016v18n3p371   Among volleyball skills, spike is responsible for the highest number of scores, and the first tempo of attack is related to the higher incidence of score a point, by hindering the defensive opponent’s action. However, most of the studies show general results and do not specify the conditions and constraints of each attack zone. Thus, the aim of this study was analyzing the offensive game (complex I performed by the middle attacker at the 2014/2015 National men’s Brazilian Championship (Superliga. The sample wascomposed by 142 games of 12 teams, totaling 5350 receptions, setting and spikes actions. The results showed that the middle spikes occurred mostly after receptions A and B, being the most frequent attack scoring point as well as the most powerful one. Moreover, the relationship between the reception effect and setting effect was observed, showing that the best receptions influenced the setting type and the attack effect. Therefore, the middle attack had effective effect in the winning score, since it decreased the chances of opponent’s defense, due to the reduced time to defensive organization. Finally, the situational constraints delimited the middle attacker actions. Based on the above, we suggest that future studies should restrict the analysis conditions and situational constraints of each specific game situation.

Shark Attack Project - Marine Attack at Towed Hydrophone Arrays

National Research Council Canada - National Science Library

Kalmijn, Adrianus J

2005-01-01

The original objective of the SIO Marine Attack project was to identify the electric and magnetic fields causing sharks to inflict serious damage upon the towed hydrophone arrays of US Navy submarines...

Sodium Phosphate Supplementation and Time Trial Performance in Female Cyclists

Directory of Open Access Journals (Sweden)

Christopher L. Buck

2014-09-01

Full Text Available This study investigated the effects of three doses of sodium phosphate (SP supplementation on cycling 500 kJ (119.5 Kcal time trial (TT performance in female cyclists. Thirteen cyclists participated in a randomised, Latin-square design study where they completed four separate trials after ingesting either a placebo, or one of three different doses (25, 50 or 75 mg·kg-1 fat free mass: FFM of trisodium phosphate dodecahydrate which was split into four equal doses a day for six days. On the day after the loading phase, the TT was performed on a cycle ergometer. Serum phosphate blood samples were taken at rest both before and after each loading protocol, while a ~21 day washout period separated each loading phase. No significant differences in TT performance were observed between any of the supplementation protocols (p = 0.73 with average completion times for the 25, 50 or 75 mg·kg-1 FFM being, 42:21 ± 07:53, 40:55 ± 07:33 and 40:38 ± 07:20 min respectively, and 40:39 ± 07:51 min for the placebo. Likewise, average and peak power output did not significantly differ between trials (p = 0.06 and p = 0.46, respectively. Consequently, 500 kJ cycling TT performance was not different in any of the supplementation protocols in female cyclists.

Novel Method For Low-Rate Ddos Attack Detection

Science.gov (United States)

Chistokhodova, A. A.; Sidorov, I. D.

2018-05-01

The relevance of the work is associated with an increasing number of advanced types of DDoS attacks, in particular, low-rate HTTP-flood. Last year, the power and complexity of such attacks increased significantly. The article is devoted to the analysis of DDoS attacks detecting methods and their modifications with the purpose of increasing the accuracy of DDoS attack detection. The article details low-rate attacks features in comparison with conventional DDoS attacks. During the analysis, significant shortcomings of the available method for detecting low-rate DDoS attacks were found. Thus, the result of the study is an informal description of a new method for detecting low-rate denial-of-service attacks. The architecture of the stand for approbation of the method is developed. At the current stage of the study, it is possible to improve the efficiency of an already existing method by using a classifier with memory, as well as additional information.

DEFENSE-ATTACK INTERACTION OVER OPTIMALLY DESIGNED DEFENSE SYSTEMS VIA GAMES AND RELIABILITY

Directory of Open Access Journals (Sweden)

Isis Didier Lins

2014-05-01

Full Text Available This paper analyzes defense systems taking into account the strategic interactions between two rational agents; one of them is interested in designing a defense system against purposeful attacks of the other. The interaction is characterized by a sequential game with perfect and complete information. Reliability plays a fundamental role in both defining agents' actions and in measuring performance of the defense system for which a series-parallel configuration is set up by the defender. The attacker, in turn, focuses on only one defense subsystem in order to maximize her efficiency in attacking. An algorithm involving backward induction is developed to determine the equilibrium paths of the game. Application examples are also provided.

Heart Attack

Science.gov (United States)

... family history of heart attack race – African Americans, Mexican Americans, Native Americans, and native Hawaiians are at ... Your doctor will prescribe the medicines that are right for you. If you have had a heart ...

Dealing with Wormhole Attacks in Wireless Sensor Networks Through Discovering Separate Routes Between Nodes

Directory of Open Access Journals (Sweden)

F. Rezaei

2017-08-01

Full Text Available One of the most common attacks against Wireless Sensor Networks is the wormhole attack. In this attack, the enemy deploys two malicious nodes in two different areas of the network and establishes a high-speed dedicated channel between these two. This will cause the normal nodes in two different areas wrongly think that they are two-hop neighbors. Therefore, this attack will greatly affect the routing algorithms. In this paper, a new distributed algorithm is provided to deal with the wormhole attack. The main idea of the proposed algorithm is to discover separate routes between pairs of two-hop neighboring nodes. The proposed algorithm was implemented and evaluated in terms of true and false detection rate by performing a series of experiments and the results were compared with the base algorithm. The test results showed that the proposed algorithm has desirable efficacy.

Automatic Classification of Attacks on IP Telephony

Directory of Open Access Journals (Sweden)

Jakub Safarik

2013-01-01

Full Text Available This article proposes an algorithm for automatic analysis of attack data in IP telephony network with a neural network. Data for the analysis is gathered from variable monitoring application running in the network. These monitoring systems are a typical part of nowadays network. Information from them is usually used after attack. It is possible to use an automatic classification of IP telephony attacks for nearly real-time classification and counter attack or mitigation of potential attacks. The classification use proposed neural network, and the article covers design of a neural network and its practical implementation. It contains also methods for neural network learning and data gathering functions from honeypot application.

[A survey of perioperative asthmatic attack among patients with bronchial asthma underwent general anesthesia].

Science.gov (United States)

Ie, Kenya; Yoshizawa, Atsuto; Hirano, Satoru; Izumi, Sinyuu; Hojo, Masaaki; Sugiyama, Haruhito; Kobayasi, Nobuyuki; Kudou, Kouichirou; Maehara, Yasuhiro; Kawachi, Masaharu; Miyakoshi, Kouichi

2010-07-01

We investigated the risk factor of perioperative asthmatic attack and effectiveness of preventing treatment for asthmatic attack before operation. We performed retrospective chart review of one hundred eleven patients with asthma underwent general anesthesia and surgical intervention from January 2006 to October 2007 in our hospital. The rate of perioperative asthmatic attack were as follows; 10.2% (5 in 49 cases) in no pretreatment group, 7.5% (3 in 40 cases) in any pretreatments except for systemic steroid, and 4.5% (1 in 22 cases) in systemic steroid pretreatment group. Neither preoperative asthma severity nor duration from the last attack had significant relevancy to perioperative attack rate. The otolaryngological surgery, especially those have nasal polyp and oral surgery had high perioperative asthma attack rate, although there was no significant difference. We recommend the systemic steroid pretreatment for asthmatic patients, especially when they have known risk factor such as administration of the systemic steroid within 6 months, or possibly new risk factor such as nasal polyp, otolaryngological and oral surgery.

Further attacks on Yeung-Mintzer fragile watermarking scheme

Science.gov (United States)

Fridrich, Jessica; Goljan, Miroslav; Memon, Nasir D.

2000-05-01

In this paper, we describe new and improved attacks on the authentication scheme previously proposed by Yeung and Mintzer. Previous attacks assumed that the binary watermark logo inserted in an image for the purposes of authentication was known. Here we remove that assumption and show how the scheme is still vulnerable, even if the binary logo is not known but the attacker has access to multiple images that have been watermarked with the same secret key and contain the same (but unknown) logo. We present two attacks. The first attack infers the secret watermark insertion function and the binary logo, given multiple images authenticated with the same key and containing the same logo. We show that a very good approximation to the logo and watermark insertion function can be constructed using as few as two images. With color images, one needs many more images, nevertheless the attack is still feasible. The second attack we present, which we call the 'collage-attack' is a variation of the Holliman-Memon counterfeiting attack. The proposed variation does not require knowledge of the watermark logo and produces counterfeits of superior quality by means of a suitable dithering process that we develop.

Pareto Efficient Solution of Attack-Defence Trees

NARCIS (Netherlands)

Aslanyan, Zaruhi; Nielson, Flemming

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as

Genetic attack on neural cryptography.

Science.gov (United States)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-03-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

Genetic attack on neural cryptography

International Nuclear Information System (INIS)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-01-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size

Genetic attack on neural cryptography

Science.gov (United States)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-03-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

Ketone Diester Ingestion Impairs Time-Trial Performance in Professional Cyclists

Directory of Open Access Journals (Sweden)

Jill J. Leckey

2017-10-01

Full Text Available We investigated the effect of pre- “race” ingestion of a 1,3-butanediol acetoacetate diester on blood ketone concentration, substrate metabolism and performance of a cycling time trial (TT in professional cyclists. In a randomized cross-over design, 10 elite male cyclists completed a ~31 km laboratory-based TT on a cycling ergometer programmed to simulate the 2017 World Road Cycling Championships course. Cyclists consumed a standardized meal [2 g/kg body mass (BM carbohydrate (CHO] the evening prior to a trial day and a CHO breakfast (2 g/kg BM CHO with 200 mg caffeine on the morning of a trial day. Cyclists were randomized to consume either the ketone diester (2 × 250 mg/kg or a placebo drink, followed immediately by 200 mL diet cola, given ~ 30 min before and immediately prior to commencing a 20 min incremental warm-up. Blood samples were collected prior to and during the warm-up, pre- and post- TT and at regular intervals after the TT. Urine samples were collected pre- and post- warm-up, immediately post TT and 60 min post TT. Pre-exercise ingestion of the diester resulted in a 2 ± 1% impairment in TT performance that was associated with gut discomfort and higher perception of effort. Serum β-hydroxybutyrate, serum acetoacetate, and urine ketone concentrations increased from rest following ketone ingestion and were higher than placebo throughout the trial. Ketone ingestion induces hyperketonemia in elite professional cyclists when in a carbohydrate fed state, and impairs performance of a cycling TT lasting ~50 min.

Attacks on the AJPS Mersenne-based cryptosystem

NARCIS (Netherlands)

K. de Boer (Koen); L. Ducas (Léo); S. Jeffery (Stacey); R. M. de Wolf (Ronald)

2018-01-01

textabstractAggarwal, Joux, Prakash and Santha recently introduced a new potentially quantum-safe public-key cryptosystem, and suggested that a brute-force attack is essentially optimal against it. They consider but then dismiss both Meet-in-the-Middle attacks and LLL-based attacks. Very soon after

The political attack ad

Directory of Open Access Journals (Sweden)

Palma Peña-Jiménez, Ph.D.

2011-01-01

Full Text Available During election campaigns the political spot has a clear objective: to win votes. This message is communicated to the electorate through television and Internet, and usually presents a negative approach, which includes a direct critical message against the opponent, rather than an exposition of proposals. This article is focused on the analysis of the campaign attack video ad purposely created to encourage the disapproval of the political opponent among voters. These ads focus on discrediting the opponent, many times, through the transmission of ad hominem messages, instead of disseminating the potential of the political party and the virtues and manifesto of its candidate. The article reviews the development of the attack ad since its first appearance, which in Spain dates back to 1996, when the famous Doberman ad was broadcast, and examines the most memorable campaign attack ads.

Robust Detection of Stepping-Stone Attacks

National Research Council Canada - National Science Library

He, Ting; Tong, Lang

2006-01-01

The detection of encrypted stepping-stone attack is considered. Besides encryption and padding, the attacker is capable of inserting chaff packets and perturbing packet timing and transmission order...

A Framework for Attack-Resilient Industrial Control Systems : Attack Detection and Controller Reconfiguration

OpenAIRE

Paridari, Kaveh; O'Mahony, Niamh; Mady, Alie El-Din; Chabukswar, Rohan; Boubekeur, Menouer; Sandberg, Henrik

2017-01-01

Most existing industrial control systems (ICSs), such as building energy management systems (EMSs), were installed when potential security threats were only physical. With advances in connectivity, ICSs are now, typically, connected to communications networks and, as a result, can be accessed remotely. This extends the attack surface to include the potential for sophisticated cyber attacks, which can adversely impact ICS operation, resulting in service interruption, equipment damage, safety c...

Social Sentiment Sensor in Twitter for Predicting Cyber-Attacks Using ℓ₁ Regularization.

Science.gov (United States)

Hernandez-Suarez, Aldo; Sanchez-Perez, Gabriel; Toscano-Medina, Karina; Martinez-Hernandez, Victor; Perez-Meana, Hector; Olivares-Mercado, Jesus; Sanchez, Victor

2018-04-29

In recent years, online social media information has been the subject of study in several data science fields due to its impact on users as a communication and expression channel. Data gathered from online platforms such as Twitter has the potential to facilitate research over social phenomena based on sentiment analysis, which usually employs Natural Language Processing and Machine Learning techniques to interpret sentimental tendencies related to users’ opinions and make predictions about real events. Cyber-attacks are not isolated from opinion subjectivity on online social networks. Various security attacks are performed by hacker activists motivated by reactions from polemic social events. In this paper, a methodology for tracking social data that can trigger cyber-attacks is developed. Our main contribution lies in the monthly prediction of tweets with content related to security attacks and the incidents detected based on ℓ 1 regularization.

An Adaptive Approach for Defending against DDoS Attacks

Directory of Open Access Journals (Sweden)

Muhai Li

2010-01-01

Full Text Available In various network attacks, the Distributed Denial-of-Service (DDoS attack is a severe threat. In order to deal with this kind of attack in time, it is necessary to establish a special type of defense system to change strategy dynamically against attacks. In this paper, we introduce an adaptive approach, which is used for defending against DDoS attacks, based on normal traffic analysis. The approach can check DDoS attacks and adaptively adjust its configurations according to the network condition and attack severity. In order to insure the common users to visit the victim server that is being attacked, we provide a nonlinear traffic control formula for the system. Our simulation test indicates that the nonlinear control approach can prevent the malicious attack packets effectively while making legitimate traffic flows arrive at the victim.

Countermeasures for unintentional and intentional video watermarking attacks

Science.gov (United States)

Deguillaume, Frederic; Csurka, Gabriela; Pun, Thierry

2000-05-01

These last years, the rapidly growing digital multimedia market has revealed an urgent need for effective copyright protection mechanisms. Therefore, digital audio, image and video watermarking has recently become a very active area of research, as a solution to this problem. Many important issues have been pointed out, one of them being the robustness to non-intentional and intentional attacks. This paper studies some attacks and proposes countermeasures applied to videos. General attacks are lossy copying/transcoding such as MPEG compression and digital/analog (D/A) conversion, changes of frame-rate, changes of display format, and geometrical distortions. More specific attacks are sequence edition, and statistical attacks such as averaging or collusion. Averaging attack consists of averaging locally consecutive frames to cancel the watermark. This attack works well for schemes which embed random independent marks into frames. In the collusion attack the watermark is estimated from single frames (based on image denoising), and averaged over different scenes for better accuracy. The estimated watermark is then subtracted from each frame. Collusion requires that the same mark is embedded into all frames. The proposed countermeasures first ensures robustness to general attacks by spread spectrum encoding in the frequency domain and by the use of an additional template. Secondly, a Bayesian criterion, evaluating the probability of a correctly decoded watermark, is used for rejection of outliers, and to implement an algorithm against statistical attacks. The idea is to embed randomly chosen marks among a finite set of marks, into subsequences of videos which are long enough to resist averaging attacks, but short enough to avoid collusion attacks. The Bayesian criterion is needed to select the correct mark at the decoding step. Finally, the paper presents experimental results showing the robustness of the proposed method.

Link-layer Jamming Attacks on S-MAC

NARCIS (Netherlands)

Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

2004-01-01

We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

Link-layer jamming attacks on S-MAC

NARCIS (Netherlands)

Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

A computer network attack taxonomy and ontology

CSIR Research Space (South Africa)

Van Heerden, RP

2012-01-01

Full Text Available of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example, after the launch of a DDOS (Distributed Denial of Service) attack, zombie computers may still connect to the target...-scrap- value-of-a-hacked-pc-revisited/ . Lancor, L., & Workman, R. (2007). Using Google Hacking to Enhance Defense Strategies. ACM SIGCSE Bulletin, 39 (1), 491-495. Lau, F., Rubin, S. H., Smith, M. H., & Trajkovic, L. (2000). Distributed Denial of Service...

Classification of HTTP Attacks: A Study on the ECML/PKDD 2007 Discovery Challenge

Energy Technology Data Exchange (ETDEWEB)

Gallagher, Brian [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States); Eliassi-Rad, Tina [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

2009-07-08

As the world becomes more reliant on Web applications for commercial, financial, and medical transactions, cyber attacks on the World Wide Web are increasing in frequency and severity. Web applications provide an attractive alternative to traditional desktop applications due to their accessibility and ease of deployment. However, the accessibility of Web applications also makes them extremely vulnerable to attack. This inherent vulnerability is intensified by the distributed nature ofWeb applications and the complexity of configuring application servers. These factors have led to a proliferation of Web-based attacks, in which attackers surreptitiously inject code into HTTP requests, allowing them to execute arbitrary commands on remote systems and perform malicious activities such as reading, altering, or destroying sensitive data. One approach for dealing with HTTP-based attacks is to identify malicious code in incoming HTTP requests and eliminate bad requests before they are processed. Using machine learning techniques, we can build a classifier to automatically label requests as “Valid” or “Attack.” For this study, we develop a simple, but effective HTTP attack classifier, based on the vector space model used commonly for Information Retrieval. Our classifier not only separates attacks from valid requests, but can also identify specific attack types (e.g., “SQL Injection” or “Path Traversal”). We demonstrate the effectiveness of our approach through experiments on the ECML/PKDD 2007 Discovery Challenge data set. Specifically, we show that our approach achieves higher precision and recall than previous methods. In addition, our approach has a number of desirable characteristics, including robustness to missing contextual information, interpretability of models, and scalability.

Adaptive EWMA Method Based on Abnormal Network Traffic for LDoS Attacks

Directory of Open Access Journals (Sweden)

Dan Tang

2014-01-01

Full Text Available The low-rate denial of service (LDoS attacks reduce network services capabilities by periodically sending high intensity pulse data flows. For their concealed performance, it is more difficult for traditional DoS detection methods to detect LDoS attacks; at the same time the accuracy of the current detection methods for LDoS attacks is relatively low. As the fact that LDoS attacks led to abnormal distribution of the ACK traffic, LDoS attacks can be detected by analyzing the distribution characteristics of ACK traffic. Then traditional EWMA algorithm which can smooth the accidental error while being the same as the exceptional mutation may cause some misjudgment; therefore a new LDoS detection method based on adaptive EWMA (AEWMA algorithm is proposed. The AEWMA algorithm which uses an adaptive weighting function instead of the constant weighting of EWMA algorithm can smooth the accidental error and retain the exceptional mutation. So AEWMA method is more beneficial than EWMA method for analyzing and measuring the abnormal distribution of ACK traffic. The NS2 simulations show that AEWMA method can detect LDoS attacks effectively and has a low false negative rate and a false positive rate. Based on DARPA99 datasets, experiment results show that AEWMA method is more efficient than EWMA method.

Unified communications forensics anatomy of common UC attacks

CERN Document Server

Grant, Nicholas Mr

2013-01-01

Unified Communications Forensics: Anatomy of Common UC Attacks is the first book to explain the issues and vulnerabilities and demonstrate the attacks, forensic artifacts, and countermeasures required to establish a secure (UC) environment. This book is written by leading UC experts Nicholas Grant and Joseph W. Shaw II and provides material never before found on the market, including: analysis of forensic artifacts in common UC attacks an in-depth look at established UC technologies and attack exploits hands-on understanding of UC attack vectors and associated countermeasures

Algorithm To Ensure And Enforce Brute-Force Attack-Resilient Password In Routers

OpenAIRE

Mohammed Farik; ABM Shawkat Ali

2015-01-01

Abstract Issues of weak login passwords arising from default passwords in wired and wireless routers has been a concern for more than a decade. In this research we develop and test an algorithm to ensure and enforce passwords in routers that are resistant to brute-force attack. A comparative analysis is performed to show the improved strengths of passwords derived via this algorithm. Implementation of this algorithm in routers will ensure setup of brute-force attack resistant passwords.

Attacks and countermeasures on AES and ECC

DEFF Research Database (Denmark)

Tange, Henrik; Andersen, Birger

2013-01-01

AES (Advanced Encryption Standard) is widely used in LTE and Wi-Fi communication systems. AES has recently been exposed to new attacks which have questioned the overall security of AES. The newest attack is a so called biclique attack, which is using the fact that the content of the state array...

Different systolic blood pressure targets for people with history of stroke or transient ischaemic attack: PAST-BP (Prevention After Stroke—Blood Pressure) randomised controlled trial

Science.gov (United States)

McManus, Richard J; Roalfe, Andrea; Fletcher, Kate; Taylor, Clare J; Martin, Una; Virdee, Satnam; Greenfield, Sheila; Hobbs, F D Richard

2016-01-01

Objective To assess whether using intensive blood pressure targets leads to lower blood pressure in a community population of people with prevalent cerebrovascular disease. Design Open label randomised controlled trial. Setting 99 general practices in England, with participants recruited in 2009-11. Participants People with a history of stroke or transient ischaemic attack whose systolic blood pressure was 125 mm Hg or above. Interventions Intensive systolic blood pressure target (different target, patients in both arms were actively managed in the same way with regular reviews by the primary care team. Main outcome measure Change in systolic blood pressure between baseline and 12 months. Results 529 patients (mean age 72) were enrolled, 266 to the intensive target arm and 263 to the standard target arm, of whom 379 were included in the primary analysis (182 (68%) intensive arm; 197 (75%) standard arm). 84 patients withdrew from the study during the follow-up period (52 intensive arm; 32 standard arm). Mean systolic blood pressure dropped by 16.1 mm Hg to 127.4 mm Hg in the intensive target arm and by 12.8 mm Hg to 129.4 mm Hg in the standard arm (difference between groups 2.9 (95% confidence interval 0.2 to 5.7) mm Hg; P=0.03). Conclusions Aiming for target below 130 mm Hg rather than 140 mm Hg for systolic blood pressure in people with cerebrovascular disease in primary care led to a small additional reduction in blood pressure. Active management of systolic blood pressure in this population using a blood pressure. Trial registration Current Controlled Trials ISRCTN29062286. PMID:26919870

Classifying network attack scenarios using an ontology

CSIR Research Space (South Africa)

Van Heerden, RP

2012-03-01

Full Text Available ) or to the target?s reputation. The Residue sub-phase refers to damage or artefacts of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example after the launch of a DDOS..., A. (1995). Hacking theft of $10 million from citibank revealed. Retrieved 10/10, 2011, from http://articles.latimes.com/1995-08-19/business/fi-36656_1_citibank-system Hurley, E. (2004). SCO site succumbs to DDoS attack. Retrieved 10/10, 2011, from...

Quantitative Verification and Synthesis of Attack-Defence Scenarios

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming; Parker, David

2016-01-01

analysis of quantitative properties of complex attack-defence scenarios, using an extension of attack-defence trees which models temporal ordering of actions and allows explicit dependencies in the strategies adopted by attackers and defenders. We adopt a game-theoretic approach, translating attack...... which guarantee or optimise some quantitative property, such as the probability of a successful attack, the expected cost incurred, or some multi-objective trade-off between the two. We implement our approach, building upon the PRISM-games model checker, and apply it to a case study of an RFID goods...

Anti-discrimination Analysis Using Privacy Attack Strategies

KAUST Repository

Ruggieri, Salvatore

2014-09-15

Social discrimination discovery from data is an important task to identify illegal and unethical discriminatory patterns towards protected-by-law groups, e.g., ethnic minorities. We deploy privacy attack strategies as tools for discrimination discovery under hard assumptions which have rarely tackled in the literature: indirect discrimination discovery, privacy-aware discrimination discovery, and discrimination data recovery. The intuition comes from the intriguing parallel between the role of the anti-discrimination authority in the three scenarios above and the role of an attacker in private data publishing. We design strategies and algorithms inspired/based on Frèchet bounds attacks, attribute inference attacks, and minimality attacks to the purpose of unveiling hidden discriminatory practices. Experimental results show that they can be effective tools in the hands of anti-discrimination authorities.

Attacks, applications, and evaluation of known watermarking algorithms with Checkmark

Science.gov (United States)

Meerwald, Peter; Pereira, Shelby

2002-04-01

The Checkmark benchmarking tool was introduced to provide a framework for application-oriented evaluation of watermarking schemes. In this article we introduce new attacks and applications into the existing Checkmark framework. In addition to describing new attacks and applications, we also compare the performance of some well-known watermarking algorithms (proposed by Bruyndonckx,Cox, Fridrich, Dugad, Kim, Wang, Xia, Xie, Zhu and Pereira) with respect to the Checkmark benchmark. In particular, we consider the non-geometric application which contains tests that do not change the geometry of image. This attack constraint is artificial, but yet important for research purposes since a number of algorithms may be interesting, but would score poorly with respect to specific applications simply because geometric compensation has not been incorporated. We note, however, that with the help of image registration, even research algorithms that do not have counter-measures against geometric distortion -- such as a template or reference watermark -- can be evaluated. In the first version of the Checkmark benchmarking program, application-oriented evaluation was introduced, along with many new attacks not already considered in the literature. A second goal of this paper is to introduce new attacks and new applications into the Checkmark framework. In particular, we introduce the following new applications: video frame watermarking, medical imaging and watermarking of logos. Video frame watermarking includes low compression attacks and distortions which warp the edges of the video as well as general projective transformations which may result from someone filming the screen at a cinema. With respect to medical imaging, only small distortions are considered and furthermore it is essential that no distortions are present at embedding. Finally for logos, we consider images of small sizes and particularly compression, scaling, aspect ratio and other small distortions. The challenge

A Systematic Review of Re-Identification Attacks on Health Data

Science.gov (United States)

El Emam, Khaled; Jonker, Elizabeth; Arbuckle, Luk; Malin, Bradley

2011-01-01

Background Privacy legislation in most jurisdictions allows the disclosure of health data for secondary purposes without patient consent if it is de-identified. Some recent articles in the medical, legal, and computer science literature have argued that de-identification methods do not provide sufficient protection because they are easy to reverse. Should this be the case, it would have significant and important implications on how health information is disclosed, including: (a) potentially limiting its availability for secondary purposes such as research, and (b) resulting in more identifiable health information being disclosed. Our objectives in this systematic review were to: (a) characterize known re-identification attacks on health data and contrast that to re-identification attacks on other kinds of data, (b) compute the overall proportion of records that have been correctly re-identified in these attacks, and (c) assess whether these demonstrate weaknesses in current de-identification methods. Methods and Findings Searches were conducted in IEEE Xplore, ACM Digital Library, and PubMed. After screening, fourteen eligible articles representing distinct attacks were identified. On average, approximately a quarter of the records were re-identified across all studies (0.26 with 95% CI 0.046–0.478) and 0.34 for attacks on health data (95% CI 0–0.744). There was considerable uncertainty around the proportions as evidenced by the wide confidence intervals, and the mean proportion of records re-identified was sensitive to unpublished studies. Two of fourteen attacks were performed with data that was de-identified using existing standards. Only one of these attacks was on health data, which resulted in a success rate of 0.00013. Conclusions The current evidence shows a high re-identification rate but is dominated by small-scale studies on data that was not de-identified according to existing standards. This evidence is insufficient to draw conclusions about the

Mobility and Cooperation to Thwart Node Capture Attacks in MANETs

Directory of Open Access Journals (Sweden)

Mauro Conti

2009-01-01

Full Text Available The nature of mobile ad hoc networks (MANETs, often unattended, makes this type of networks subject to some unique security issues. In particular, one of the most vexing problem for MANETs security is the node capture attack: an adversary can capture a node from the network eventually acquiring all the cryptographic material stored in it. Further, the captured node can be reprogrammed by the adversary and redeployed in the network in order to perform malicious activities. In this paper, we address the node capture attack in MANETs. We start from the intuition that mobility, in conjunction with a reduced amount of local cooperation, helps computing effectively and with a limited resource usage network global security properties. Then, we develop this intuition and use it to design a mechanism to detect the node capture attack. We support our proposal with a wide set of experiments showing that mobile networks can leverage mobility to compute global security properties, like node capture detection, with a small overhead.

High angle of attack aerodynamics subsonic, transonic, and supersonic flows

CERN Document Server

Rom, Josef

1992-01-01

The aerodynamics of aircraft at high angles of attack is a subject which is being pursued diligently, because the modern agile fighter aircraft and many of the current generation of missiles must perform well at very high incidence, near and beyond stall. However, a comprehensive presentation of the methods and results applicable to the studies of the complex aerodynamics at high angle of attack has not been covered in monographs or textbooks. This book is not the usual textbook in that it goes beyond just presenting the basic theoretical and experimental know-how, since it contains reference material to practical calculation methods and technical and experimental results which can be useful to the practicing aerospace engineers and scientists. It can certainly be used as a text and reference book for graduate courses on subjects related to high angles of attack aerodynamics and for topics related to three-dimensional separation in viscous flow courses. In addition, the book is addressed to the aerodynamicist...

Cyberprints: Identifying Cyber Attackers by Feature Analysis

Science.gov (United States)

Blakely, Benjamin A.

2012-01-01

The problem of attributing cyber attacks is one of increasing importance. Without a solid method of demonstrating the origin of a cyber attack, any attempts to deter would-be cyber attackers are wasted. Existing methods of attribution make unfounded assumptions about the environment in which they will operate: omniscience (the ability to gather,…

Quantifying and visualizing site performance in clinical trials

Directory of Open Access Journals (Sweden)

Eric Yang

2018-03-01

Conclusions: The use of operational data from Covance Central Laboratories provides a unique perspective into the performance of clinical sites with respect to many important metrics such as patient enrollment and retention. These metrics can, in turn, be used to guide operational planning and site selection for new clinical trials, thereby accelerating recruitment, improving quality, and reducing cost.

A Game-Theoretic Response Strategy for Coordinator Attack in Wireless Sensor Networks

Science.gov (United States)

Liu, Jianhua; Yue, Guangxue; Shang, Huiliang; Li, Hongjie

2014-01-01

The coordinator is a specific node that controls the whole network and has a significant impact on the performance in cooperative multihop ZigBee wireless sensor networks (ZWSNs). However, the malicious node attacks coordinator nodes in an effort to waste the resources and disrupt the operation of the network. Attacking leads to a failure of one round of communication between the source nodes and destination nodes. Coordinator selection is a technique that can considerably defend against attack and reduce the data delivery delay, and increase network performance of cooperative communications. In this paper, we propose an adaptive coordinator selection algorithm using game and fuzzy logic aiming at both minimizing the average number of hops and maximizing network lifetime. The proposed game model consists of two interrelated formulations: a stochastic game for dynamic defense and a best response policy using evolutionary game formulation for coordinator selection. The stable equilibrium best policy to response defense is obtained from this game model. It is shown that the proposed scheme can improve reliability and save energy during the network lifetime with respect to security. PMID:25105171

Using agility to combat cyber attacks.

Science.gov (United States)

Anderson, Kerry

2017-06-01

Some incident response practitioners feel that they have been locked in a battle with cyber criminals since the popular adoption of the internet. Initially, organisations made great inroads in preventing and containing cyber attacks. In the last few years, however, cyber criminals have become adept at eluding defence security technologies and rapidly modifying their exploit strategies for financial or political gains. Similar to changes in military combat tactics, cyber criminals utilise distributed attack cells, real-time communications, and rapidly mutating exploits to minimise the potential for detection. Cyber criminals have changed their attack paradigm. This paper describes a new incident response paradigm aimed at combating the new model of cyber attacks with an emphasis on agility to increase the organisation's ability to respond rapidly to these new challenges.

Social Sentiment Sensor in Twitter for Predicting Cyber-Attacks Using ℓ1 Regularization

Science.gov (United States)

Sanchez-Perez, Gabriel; Toscano-Medina, Karina; Martinez-Hernandez, Victor; Olivares-Mercado, Jesus; Sanchez, Victor

2018-01-01

In recent years, online social media information has been the subject of study in several data science fields due to its impact on users as a communication and expression channel. Data gathered from online platforms such as Twitter has the potential to facilitate research over social phenomena based on sentiment analysis, which usually employs Natural Language Processing and Machine Learning techniques to interpret sentimental tendencies related to users’ opinions and make predictions about real events. Cyber-attacks are not isolated from opinion subjectivity on online social networks. Various security attacks are performed by hacker activists motivated by reactions from polemic social events. In this paper, a methodology for tracking social data that can trigger cyber-attacks is developed. Our main contribution lies in the monthly prediction of tweets with content related to security attacks and the incidents detected based on ℓ1 regularization. PMID:29710833

Social Sentiment Sensor in Twitter for Predicting Cyber-Attacks Using ℓ1 Regularization

Directory of Open Access Journals (Sweden)

Aldo Hernandez-Suarez

2018-04-01

Full Text Available In recent years, online social media information has been the subject of study in several data science fields due to its impact on users as a communication and expression channel. Data gathered from online platforms such as Twitter has the potential to facilitate research over social phenomena based on sentiment analysis, which usually employs Natural Language Processing and Machine Learning techniques to interpret sentimental tendencies related to users’ opinions and make predictions about real events. Cyber-attacks are not isolated from opinion subjectivity on online social networks. Various security attacks are performed by hacker activists motivated by reactions from polemic social events. In this paper, a methodology for tracking social data that can trigger cyber-attacks is developed. Our main contribution lies in the monthly prediction of tweets with content related to security attacks and the incidents detected based on ℓ 1 regularization.

Women's Heart Disease: Heart Attack Symptoms

Science.gov (United States)

... of this page please turn JavaScript on. Feature: Women's Heart Disease Heart Attack Symptoms Past Issues / Winter ... most common heart attack symptom in men and women is chest pain or discomfort. However, women also ...

Algorithm To Ensure And Enforce Brute-Force Attack-Resilient Password In Routers

Directory of Open Access Journals (Sweden)

Mohammed Farik

2015-08-01

Full Text Available Abstract Issues of weak login passwords arising from default passwords in wired and wireless routers has been a concern for more than a decade. In this research we develop and test an algorithm to ensure and enforce passwords in routers that are resistant to brute-force attack. A comparative analysis is performed to show the improved strengths of passwords derived via this algorithm. Implementation of this algorithm in routers will ensure setup of brute-force attack resistant passwords.

Cyber-physical attacks a growing invisible threat

CERN Document Server

Loukas, George

2015-01-01

Cyber-Physical Attacks: A Growing Invisible Threat presents the growing list of harmful uses of computers and their ability to disable cameras, turn off a building's lights, make a car veer off the road,  or a drone land in enemy hands. In essence, it details the ways cyber-physical attacks are replacing physical attacks in crime, warfare, and terrorism. The book explores how attacks using computers affect the physical world in ways that were previously only possible through physical means. Perpetrators can now cause damage without the same risk, and without the political, social, or moral

Patent Foramen Ovale Closure for Secondary Prevention of Cryptogenic Stroke: Updated Meta-Analysis of Randomized Clinical Trials.

Science.gov (United States)

Vaduganathan, Muthiah; Qamar, Arman; Gupta, Ankur; Bajaj, Navkaranbir; Golwala, Harsh B; Pandey, Ambarish; Bhatt, Deepak L

2018-05-01

Patent foramen ovale closure represents a potential secondary prevention strategy for cryptogenic stroke, but available trials have varied by size, device studied, and follow-up. We conducted a systematic search of published randomized clinical trials evaluating patent foramen ovale closure versus medical therapy in patients with recent stroke or transient ischemic attack using PubMED, EMBASE, and Cochrane through September 2017. Weighting was by random effects models. Of 480 studies screened, we included 5 randomized clinical trials in the meta-analysis in which 3440 patients were randomized to patent foramen ovale closure (n = 1829) or medical therapy (n = 1611) and followed for an average of 2.0 to 5.9 years. Index stroke/transient ischemic attack occurred within 6 to 9 months of randomization. The primary end point was composite stroke/transient ischemic attack and death (in 3 trials) or stroke alone (in 2 trials). Patent foramen ovale closure reduced the primary end point (0.70 vs 1.48 events per 100 patient-years; risk ratio [RR], 0.52 [0.29-0.91]; I 2  = 55.0%) and stroke/transient ischemic attack (1.04 vs 2.00 events per 100 patient-years; RR, 0.55 [0.37-0.82]; I 2  = 42.2%) with modest heterogeneity compared with medical therapy. Procedural bleeding was not different between study arms (1.8% vs 1.8%; RR, 0.94 [0.49-1.83]; I 2  = 29.2%), but new-onset atrial fibrillation/flutter was increased with patent foramen ovale closure (6.6% vs 0.7%; RR, 4.69 [2.17-10.12]; I 2  = 29.3%). In patients with recent cryptogenic stroke, patent foramen ovale closure reduces recurrent stroke/transient ischemic attack compared with medical therapy, but is associated with a higher risk of new-onset atrial fibrillation/flutter. Copyright © 2018 Elsevier Inc. All rights reserved.

Use of Attack Graphs in Security Systems

Directory of Open Access Journals (Sweden)

Vivek Shandilya

2014-01-01

Full Text Available Attack graphs have been used to model the vulnerabilities of the systems and their potential exploits. The successful exploits leading to the partial/total failure of the systems are subject of keen security interest. Considerable effort has been expended in exhaustive modeling, analyses, detection, and mitigation of attacks. One prominent methodology involves constructing attack graphs of the pertinent system for analysis and response strategies. This not only gives the simplified representation of the system, but also allows prioritizing the security properties whose violations are of greater concern, for both detection and repair. We present a survey and critical study of state-of-the-art technologies in attack graph generation and use in security system. Based on our research, we identify the potential, challenges, and direction of the current research in using attack graphs.

A fatal elephant attack.

Science.gov (United States)

Hejna, Petr; Zátopková, Lenka; Safr, Miroslav

2012-01-01

A rare case of an elephant attack is presented. A 44-year-old man working as an elephant keeper was attacked by a cow elephant when he tripped over a foot chain while the animal was being medically treated. The man fell down and was consequently repeatedly attacked with elephant tusks. The man sustained multiple stab injuries to both groin regions, a penetrating injury to the abdominal wall with traumatic prolapse of the loops of the small bowel, multiple defects of the mesentery, and incomplete laceration of the abdominal aorta with massive bleeding into the abdominal cavity. In addition to the penetrating injuries, the man sustained multiple rib fractures with contusion of both lungs and laceration of the right lobe of the liver, and comminuted fractures of the pelvic arch and left femoral body. The man died shortly after he had been received at the hospital. The cause of death was attributed to traumatic shock. © 2011 American Academy of Forensic Sciences.

False Positive and False Negative Effects on Network Attacks

Science.gov (United States)

Shang, Yilun

2018-01-01

Robustness against attacks serves as evidence for complex network structures and failure mechanisms that lie behind them. Most often, due to detection capability limitation or good disguises, attacks on networks are subject to false positives and false negatives, meaning that functional nodes may be falsely regarded as compromised by the attacker and vice versa. In this work, we initiate a study of false positive/negative effects on network robustness against three fundamental types of attack strategies, namely, random attacks (RA), localized attacks (LA), and targeted attack (TA). By developing a general mathematical framework based upon the percolation model, we investigate analytically and by numerical simulations of attack robustness with false positive/negative rate (FPR/FNR) on three benchmark models including Erdős-Rényi (ER) networks, random regular (RR) networks, and scale-free (SF) networks. We show that ER networks are equivalently robust against RA and LA only when FPR equals zero or the initial network is intact. We find several interesting crossovers in RR and SF networks when FPR is taken into consideration. By defining the cost of attack, we observe diminishing marginal attack efficiency for RA, LA, and TA. Our finding highlights the potential risk of underestimating or ignoring FPR in understanding attack robustness. The results may provide insights into ways of enhancing robustness of network architecture and improve the level of protection of critical infrastructures.

Transient Ischemic Attack

Medline Plus

Full Text Available ... stroke symptoms. Popular Topics TIA Cardiac Catheter Cholesterol Heart Attack Stent © 2018, American Heart Association, Inc. All rights reserved. Unauthorized use prohibited. ...

Application distribution model and related security attacks in VANET

Science.gov (United States)

Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

2013-03-01

In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

Nonepileptic attack disorder among married women.

Science.gov (United States)

Dhanaraj, M; Rangaraj, R; Arulmozhi, T; Vengatesan, A

2005-06-01

To study the clinical features, precipitating stressful life events and prognosis of nonepileptic attack disorder (NEAD) among married women. Prospective cohort study with 1-year follow-up. A tertiary care teaching hospital. Of the 1020 patients with epilepsy referred to the epilepsy clinic during 2002-2003, 30 were married women with NEAD. The diagnostic criteria for NEAD included normal EEG during ictal and post-ictal phase of the generalized 'attack.' The data collected included clinical characteristics, semiology of the attacks, precipitating stressful events, and co-morbid psychiatric disorders. The control group included 30 age-matched married women with generalized tonic-clonic seizures. The long-term outcome and factors influencing the outcomes were analyzed. The mean duration of illness was 18 months, and the pattern of the attack was 'fall and lying still' in 53% and 'fall with generalized motor movements' in 47%. The frequency was one or more per week in 57% and occasionally in 43%. The important stressful events were matrimonial discord following illegal relationship of the husband with another woman (chi2 = 9.02, P = 0.003) and constant quarrel with other family members (chi2 = 5.19, P = 0.02). The prevalence of sexual abuse was low (7%). Co-morbid psychiatric disorder was observed in 70%. At the end of 1 year, 39% were free from the attack. Resolution of the stressful life events (chi2 = 4.52, P = 0.03) and lower frequency of attack at the time of reporting (chi2 = 3.88, P = 0.05) correlated with good outcomes. Among patients with NEAD in India, the major precipitating factors were matrimonial discord following illegal relationship of the husband with another woman and constant quarrel with other family members and not sexual abuse. Women with low frequency of attack at the time of reporting and the remission of the stressful events had better outcomes.

Your choice MATor(s) : large-scale quantitative anonymity assessment of Tor path selection algorithms against structural attacks

OpenAIRE

Backes, Michael; Meiser, Sebastian; Slowik, Marcin

2015-01-01

In this paper, we present a rigorous methodology for quantifying the anonymity provided by Tor against a variety of structural attacks, i.e., adversaries that compromise Tor nodes and thereby perform eavesdropping attacks to deanonymize Tor users. First, we provide an algorithmic approach for computing the anonymity impact of such structural attacks against Tor. The algorithm is parametric in the considered path selection algorithm and is, hence, capable of reasoning about variants of Tor and...

Impact of General Practitioner Transient Ischemic Attack Training on 90-Day Stroke Outcomes: Secondary Analysis of a Cluster Randomized Controlled Trial.

Science.gov (United States)

Ranta, Annemarei; Dovey, Susan; Gommans, John; Tilyard, Murray; Weatherall, Mark

2018-07-01

Many patients with transient ischemic attack (TIA) receive initial assessments by general practitioners (GPs) who may lack TIA management experience. In a randomized controlled trial (RCT), we showed that electronic decision support for GPs improves patient outcomes and guideline adherence. Some stroke services prefer to improve referrer expertise through TIA/stroke education sessions instead of promoting TIA decision aids or triaging tools. This is a secondary analysis of whether a GP education session influenced TIA management and outcomes. Post hoc analysis of a multicenter, single blind, parallel group, cluster RCT comparing TIA/stroke electronic decision support guided GP management with usual care to assess whether a pretrial TIA/stroke education session also affected RCT outcomes. Of 181 participating GPs, 79 (43.7%) attended an education session and 140 of 291 (48.1%) trial patients were managed by these GPs. There were fewer 90-day stroke events and 90-day vascular events or deaths in patients treated by GPs who attended education; 2 of 140 (1.4%) and 10 of 140 (7.1%) respectively, compared with those who did not; 5 of 151 (3.3%), and 14 of 151 (9.3%), respectively. Logistic regression for association between 90-day stroke and 90-day vascular events or death and education, however, was nonsignificant (odds ratio [OR] .42 (.08 to 2.22), P = .29 and .59 (95% confidence interval [CI] .27 to 1.29), P = .18 respectively. Guideline adherence was not improved by the education session: OR .84 (95% CI .49 to 1.45), P = .54. In the described setting, a GP TIA/stroke education session did not significantly enhance guideline adherence or reduce 90-day stroke or vascular events following TIA. Copyright © 2018 National Stroke Association. Published by Elsevier Inc. All rights reserved.

Robustness analysis of interdependent networks under multiple-attacking strategies

Science.gov (United States)

Gao, Yan-Li; Chen, Shi-Ming; Nie, Sen; Ma, Fei; Guan, Jun-Jie

2018-04-01

The robustness of complex networks under attacks largely depends on the structure of a network and the nature of the attacks. Previous research on interdependent networks has focused on two types of initial attack: random attack and degree-based targeted attack. In this paper, a deliberate attack function is proposed, where six kinds of deliberate attacking strategies can be derived by adjusting the tunable parameters. Moreover, the robustness of four types of interdependent networks (BA-BA, ER-ER, BA-ER and ER-BA) with different coupling modes (random, positive and negative correlation) is evaluated under different attacking strategies. Interesting conclusions could be obtained. It can be found that the positive coupling mode can make the vulnerability of the interdependent network to be absolutely dependent on the most vulnerable sub-network under deliberate attacks, whereas random and negative coupling modes make the vulnerability of interdependent network to be mainly dependent on the being attacked sub-network. The robustness of interdependent network will be enhanced with the degree-degree correlation coefficient varying from positive to negative. Therefore, The negative coupling mode is relatively more optimal than others, which can substantially improve the robustness of the ER-ER network and ER-BA network. In terms of the attacking strategies on interdependent networks, the degree information of node is more valuable than the betweenness. In addition, we found a more efficient attacking strategy for each coupled interdependent network and proposed the corresponding protection strategy for suppressing cascading failure. Our results can be very useful for safety design and protection of interdependent networks.

Attacker Modelling in Ubiquitous Computing Systems

DEFF Research Database (Denmark)

Papini, Davide

in with our everyday life. This future is visible to everyone nowadays: terms like smartphone, cloud, sensor, network etc. are widely known and used in our everyday life. But what about the security of such systems. Ubiquitous computing devices can be limited in terms of energy, computing power and memory...... attacker remain somehow undened and still under extensive investigation. This Thesis explores the nature of the ubiquitous attacker with a focus on how she interacts with the physical world and it denes a model that captures the abilities of the attacker. Furthermore a quantitative implementation...

Peacetime Use of Computer Network Attack

National Research Council Canada - National Science Library

Busby, Daniel

2000-01-01

.... PDD-63 alerts the nation to prepare for impending cyber attacks. This paper examines the nature, scale, and likelihood of cyber attacks posited in PDD-63 and finds that the country does not face an imminent "electronic Pearl Harbor...

Denial of Service Attack Techniques: Analysis, Implementation and Comparison

Directory of Open Access Journals (Sweden)

Khaled Elleithy

2005-02-01

Full Text Available A denial of service attack (DOS is any type of attack on a networking structure to disable a server from servicing its clients. Attacks range from sending millions of requests to a server in an attempt to slow it down, flooding a server with large packets of invalid data, to sending requests with an invalid or spoofed IP address. In this paper we show the implementation and analysis of three main types of attack: Ping of Death, TCP SYN Flood, and Distributed DOS. The Ping of Death attack will be simulated against a Microsoft Windows 95 computer. The TCP SYN Flood attack will be simulated against a Microsoft Windows 2000 IIS FTP Server. Distributed DOS will be demonstrated by simulating a distribution zombie program that will carry the Ping of Death attack. This paper will demonstrate the potential damage from DOS attacks and analyze the ramifications of the damage.

Vulnerability analysis and critical areas identification of the power systems under terrorist attacks

Science.gov (United States)

Wang, Shuliang; Zhang, Jianhua; Zhao, Mingwei; Min, Xu

2017-05-01

This paper takes central China power grid (CCPG) as an example, and analyzes the vulnerability of the power systems under terrorist attacks. To simulate the intelligence of terrorist attacks, a method of critical attack area identification according to community structures is introduced. Meanwhile, three types of vulnerability models and the corresponding vulnerability metrics are given for comparative analysis. On this basis, influence of terrorist attacks on different critical areas is studied. Identifying the vulnerability of different critical areas will be conducted. At the same time, vulnerabilities of critical areas under different tolerance parameters and different vulnerability models are acquired and compared. Results show that only a few number of vertex disruptions may cause some critical areas collapse completely, they can generate great performance losses the whole systems. Further more, the variation of vulnerability values under different scenarios is very large. Critical areas which can cause greater damage under terrorist attacks should be given priority of protection to reduce vulnerability. The proposed method can be applied to analyze the vulnerability of other infrastructure systems, they can help decision makers search mitigation action and optimum protection strategy.

Effect of inhaled terbutaline on substrate utilization and 300-kcal time trial performance

DEFF Research Database (Denmark)

Kalsen, Anders; Hostrup, Morten; Karlsson, Sebastian

2014-01-01

. There was no difference between PLA and TER in net muscle glycogen utilization and lactate accumulation during the time trial. IMTG did not change with treatment or exercise. PDH-E1α Ser(293) and Ser(300) phosphorylation were lower (P...In a randomized double-blind crossover design, we investigated the effect of the beta2-agonist terbutaline on endurance performance and substrate utilization in nine moderately trained males (maximum oxygen uptake (VO2max): 58.9±3.1 mL min(-1) kg(-1)). Subjects performed 60 min of submaximal...... exercise (65-70% of VO2max) immediately followed by a 300-kcal time trial with inhalation of either terbutaline (TER) or placebo (PLA). Pulmonary gas exchange was measured during the submaximal exercise and muscle biopsies were collected before and after the exercise bouts. Time trial performance...

12 CFR 263.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 3 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in... shall be excused based on the pendency before any court of any interlocutory appeal or collateral attack. ...

12 CFR 509.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding....17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is... shall be excused based on the pendency before any court of any interlocutory appeal or collateral attack. ...

Detection of complex cyber attacks

Science.gov (United States)

Gregorio-de Souza, Ian; Berk, Vincent H.; Giani, Annarita; Bakos, George; Bates, Marion; Cybenko, George; Madory, Doug

2006-05-01

One significant drawback to currently available security products is their inabilty to correlate diverse sensor input. For instance, by only using network intrusion detection data, a root kit installed through a weak username-password combination may go unnoticed. Similarly, an administrator may never make the link between deteriorating response times from the database server and an attacker exfiltrating trusted data, if these facts aren't presented together. Current Security Information Management Systems (SIMS) can collect and represent diverse data but lack sufficient correlation algorithms. By using a Process Query System, we were able to quickly bring together data flowing from many sources, including NIDS, HIDS, server logs, CPU load and memory usage, etc. We constructed PQS models that describe dynamic behavior of complicated attacks and failures, allowing us to detect and differentiate simultaneous sophisticated attacks on a target network. In this paper, we discuss the benefits of implementing such a multistage cyber attack detection system using PQS. We focus on how data from multiple sources can be combined and used to detect and track comprehensive network security events that go unnoticed using conventional tools.

Vulnerability Assessment by Learning Attack Specifications in Graphs

NARCIS (Netherlands)

Nunes Leal Franqueira, V.; Lopes, Raul H.C.

This paper presents an evolutionary approach for learning attack specifications that describe attack scenarios. The objective is to find vulnerabilities in computer networks which minimise the cost of an attack with maximum impact. Although we focus on Insider Threat, the proposed approach applies

Attack Tree Generation by Policy Invalidation

NARCIS (Netherlands)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, René Rydhof; Kammüller, Florian; Naeem Akram, R.; Jajodia, S.

2015-01-01

Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identi﬿cation. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identi﬿ed

Neural network classifier of attacks in IP telephony

Science.gov (United States)

Safarik, Jakub; Voznak, Miroslav; Mehic, Miralem; Partila, Pavol; Mikulec, Martin

2014-05-01

Various types of monitoring mechanism allow us to detect and monitor behavior of attackers in VoIP networks. Analysis of detected malicious traffic is crucial for further investigation and hardening the network. This analysis is typically based on statistical methods and the article brings a solution based on neural network. The proposed algorithm is used as a classifier of attacks in a distributed monitoring network of independent honeypot probes. Information about attacks on these honeypots is collected on a centralized server and then classified. This classification is based on different mechanisms. One of them is based on the multilayer perceptron neural network. The article describes inner structure of used neural network and also information about implementation of this network. The learning set for this neural network is based on real attack data collected from IP telephony honeypot called Dionaea. We prepare the learning set from real attack data after collecting, cleaning and aggregation of this information. After proper learning is the neural network capable to classify 6 types of most commonly used VoIP attacks. Using neural network classifier brings more accurate attack classification in a distributed system of honeypots. With this approach is possible to detect malicious behavior in a different part of networks, which are logically or geographically divided and use the information from one network to harden security in other networks. Centralized server for distributed set of nodes serves not only as a collector and classifier of attack data, but also as a mechanism for generating a precaution steps against attacks.

SCADA system vulnerabilities to cyber attack

Energy Technology Data Exchange (ETDEWEB)

Shaw, W. T. [Cyber Security Consulting (Canada)

2004-10-01

The susceptibility to terrorist attacks of computer-based supervisory control (SCADA) systems that are used to monitor and control water distribution systems, oil and gas pipelines and the electrical grid, is discussed. The discussion includes ways in which SCADA systems may be attacked and remedial actions that may be taken to reduce or eliminate the possibility of such attacks. Attacks may take the form of causing the system to generate false data to divert attention from impending system disasters, or commandeer the system to seriously disable it, or cause damage to the process or equipment being controlled by sending improper control commands. SCADA systems are also vulnerable to internal threats, either from an accidental action that results in damage, or an intentional action, as for example by a disgruntled employee, or ex-employee, usually by way of reprogramming an RTU or PLC by accessing the polling/communications circuit. Recent SCADA systems are much more susceptible to concerted cyber attacks because of the adoption of IT technologies and standards into the design of such systems. (Older systems are more likely to be unique designs, hence less susceptible to attack). As far as protection of SCADA systems is concerned, there are no technologies that would prevent a technologically sophisticated terrorist or disgruntled employee from doing major damage to the system, however, the IT world has developed a range of technologies for the protection of IT assets, and many of these same technologies can also be used to safeguard modern SCADA systems.

Combating Memory Corruption Attacks On Scada Devices

Science.gov (United States)

Bellettini, Carlo; Rrushi, Julian

Memory corruption attacks on SCADA devices can cause significant disruptions to control systems and the industrial processes they operate. However, despite the presence of numerous memory corruption vulnerabilities, few, if any, techniques have been proposed for addressing the vulnerabilities or for combating memory corruption attacks. This paper describes a technique for defending against memory corruption attacks by enforcing logical boundaries between potentially hostile data and safe data in protected processes. The technique encrypts all input data using random keys; the encrypted data is stored in main memory and is decrypted according to the principle of least privilege just before it is processed by the CPU. The defensive technique affects the precision with which attackers can corrupt control data and pure data, protecting against code injection and arc injection attacks, and alleviating problems posed by the incomparability of mitigation techniques. An experimental evaluation involving the popular Modbus protocol demonstrates the feasibility and efficiency of the defensive technique.

Effectiveness of behavioural management on migraine in adult patients visiting family practice clinics: a randomized controlled trial

International Nuclear Information System (INIS)

Bhombal, S. T.; Usman, A.; Ghufran, M.

2014-01-01

Objectives: To assess the effectiveness of behavioural management in the treatment of migraine among adult patients. Methods: The randomised control trial was conducted from August 2011 to August 2012 at the Aga Khan University Hospital, Karachi, in which adult patients aged 18-65 years were recruited with diagnosis of migraine from five outpatient sites. The patients were randomised into 2 equal groups. The controls were given pharmacological treatment, while the cases were given a structured behavioural management and pharmacological treatment. Primary outcome was the change in frequency of migraine attacks. Secondary outcome included change in severity of migraine and effect on the quality of life. SPSS 19 was used for statistical analysis. Results: Of the 90 subjects in the study, 72(80%) were female. A significant reduction in the average frequency of migraine attacks was observed from baseline up to 4 weeks (p<0.001) but no difference in the mean migraine attacks was observed in the two groups (p<0.945). In the average score of severity of pain, significant reduction was observed for time (p <0.001) as well as for the intervention status (p<0.034). There was no significant difference (p<0.450) between treatment type and duration of migraine, but a significantly better quality of life (p<0.001) was observed in the trial group compared to the controls. Conclusion: There was significant decrease in frequency, severity and duration of migraine attacks in the trial group compared to the control group. The quality of life also showed improvement in the trial group. (author)

Sumatriptan (oral route of administration) for acute migraine attacks in adults

Science.gov (United States)

Derry, Christopher J; Derry, Sheena; Moore, R Andrew

2014-01-01

Background Migraine is a highly disabling condition for the individual and also has wide-reaching implications for society, healthcare services, and the economy. Sumatriptan is an abortive medication for migraine attacks, belonging to the triptan family. Objectives To determine the efficacy and tolerability of oral sumatriptan compared to placebo and other active interventions in the treatment of acute migraine attacks in adults. Search methods We searched the Cochrane Central Register of Controlled Trials (CENTRAL), MEDLINE, EMBASE, online databases, and reference lists for studies through 13 October 2011. Selection criteria We included randomised, double-blind, placebo- and/or active-controlled studies using oral sumatriptan to treat a migraine headache episode, with at least 10 participants per treatment arm. Data collection and analysis Two review authors independently assessed trial quality and extracted data. We used numbers of participants achieving each outcome to calculate relative risk (or ‘risk ratio’) and numbers needed to treat to benefit (NNT) or harm (NNH) compared to placebo or a different active treatment. Main results Sixty-one studies (37,250 participants) compared oral sumatriptan with placebo or an active comparator. Most of the data were for the 50 mg and 100 mg doses. Sumatriptan surpassed placebo for all efficacy outcomes. For sumatriptan 50 mg versus placebo the NNTs were 6.1, 7.5, and 4.0 for pain-free at two hours and headache relief at one and two hours, respectively. NNTs for sustained pain-free and sustained headache relief during the 24 hours postdose were 9.5 and 6.0, respectively. For sumatriptan 100 mg versus placebo the NNTs were 4.7, 6.8, 3.5, 6.5, and 5.2, respectively, for the same outcomes. Results for the 25 mg dose were similar to the 50 mg dose, while sumatriptan 100 mg was significantly better than 50 mg for pain-free and headache relief at two hours, and for sustained pain-free during 24 hours. Treating early, during

Performance of short ECG recordings twice daily to detect paroxysmal atrial fibrillation in stroke and transient ischemic attack patients

DEFF Research Database (Denmark)

Poulsen, Mai Bang; Binici, Zeynep; Domínguez, Helena

2017-01-01

Aims Prolonged cardiac monitoring after stroke is recommended though there is no consensus on optimal methods. Short-term ECG recordings with a "thumb-ECG" device have shown promising preliminary results regarding effectiveness and cost benefit. We aimed to examine the performance of thumb...... methods was poor and the trial was not powered to detect a minor difference between the devices. The inter-observer agreement for the thumb-ECG was substantial. www.clinicalTrials.gov UI: NCT02261766....

Physiological Correlations with Short, Medium, and Long Cycling Time-Trial Performance

Science.gov (United States)

Borszcz, Fernando K.; Tramontin, Artur F.; de Souza, Kristopher M.; Carminatti, Lorival J.; Costa, Vitor P.

2018-01-01

Purpose: Several studies have demonstrated that physiological variables predict cycling endurance performance. However, it is still unclear whether the predictors will change over different performance durations. The aim of this study was to assess the correlations between physiological variables and cycling time trials with different durations.…

Using DNS amplification DDoS attack for hiding data

Science.gov (United States)

Mehić, M.; Voznak, M.; Safarik, J.; Partila, P.; Mikulec, M.

2014-05-01

This paper concerns available steganographic techniques that can be used for sending hidden data through public network. Typically, in steganographic communication it is advised to use popular/often used method for sending hidden data and amount of that data need to be high as much as possible. We confirmed this by choosing a Domain Name System (DNS) as a vital protocol of each network and choosing Distributed denial of service (DDoS) attacks that are most popular network attacks currently represented in the world. Apart from characterizing existing steganographic methods we provide new insights by presenting two new techniques. The first one is network steganography solution which exploits free/unused protocols fields and is known for IP, UDP or TCP protocols, but has never been applied to DNS (Domain Name Server) which are the fundamental part of network communications. The second explains the usage of DNS Amplification DDoS Attack to send seamlessly data through public network. The calculation that was performed to estimate the total amount of data that can be covertly transferred by using these technique, regardless of steganalysis, is included in this paper.

Moth tails divert bat attack: evolution of acoustic deflection.

Science.gov (United States)

Barber, Jesse R; Leavell, Brian C; Keener, Adam L; Breinholt, Jesse W; Chadwell, Brad A; McClure, Christopher J W; Hill, Geena M; Kawahara, Akito Y

2015-03-03

Adaptations to divert the attacks of visually guided predators have evolved repeatedly in animals. Using high-speed infrared videography, we show that luna moths (Actias luna) generate an acoustic diversion with spinning hindwing tails to deflect echolocating bat attacks away from their body and toward these nonessential appendages. We pit luna moths against big brown bats (Eptesicus fuscus) and demonstrate a survival advantage of ∼ 47% for moths with tails versus those that had their tails removed. The benefit of hindwing tails is equivalent to the advantage conferred to moths by bat-detecting ears. Moth tails lured bat attacks to these wing regions during 55% of interactions between bats and intact luna moths. We analyzed flight kinematics of moths with and without hindwing tails and suggest that tails have a minimal role in flight performance. Using a robust phylogeny, we find that long spatulate tails have independently evolved four times in saturniid moths, further supporting the selective advantage of this anti-bat strategy. Diversionary tactics are perhaps more common than appreciated in predator-prey interactions. Our finding suggests that focusing on the sensory ecologies of key predators will reveal such countermeasures in prey.

Attack Methodology Analysis: Emerging Trends in Computer-Based Attack Methodologies and Their Applicability to Control System Networks

Energy Technology Data Exchange (ETDEWEB)

Bri Rolston

2005-06-01

Threat characterization is a key component in evaluating the threat faced by control systems. Without a thorough understanding of the threat faced by critical infrastructure networks, adequate resources cannot be allocated or directed effectively to the defense of these systems. Traditional methods of threat analysis focus on identifying the capabilities and motivations of a specific attacker, assessing the value the adversary would place on targeted systems, and deploying defenses according to the threat posed by the potential adversary. Too many effective exploits and tools exist and are easily accessible to anyone with access to an Internet connection, minimal technical skills, and a significantly reduced motivational threshold to be able to narrow the field of potential adversaries effectively. Understanding how hackers evaluate new IT security research and incorporate significant new ideas into their own tools provides a means of anticipating how IT systems are most likely to be attacked in the future. This research, Attack Methodology Analysis (AMA), could supply pertinent information on how to detect and stop new types of attacks. Since the exploit methodologies and attack vectors developed in the general Information Technology (IT) arena can be converted for use against control system environments, assessing areas in which cutting edge exploit development and remediation techniques are occurring can provide significance intelligence for control system network exploitation, defense, and a means of assessing threat without identifying specific capabilities of individual opponents. Attack Methodology Analysis begins with the study of what exploit technology and attack methodologies are being developed in the Information Technology (IT) security research community within the black and white hat community. Once a solid understanding of the cutting edge security research is established, emerging trends in attack methodology can be identified and the gap between

Risk-based decision making for staggered bioterrorist attacks : resource allocation and risk reduction in "reload" scenarios.

Energy Technology Data Exchange (ETDEWEB)

Lemaster, Michelle Nicole; Gay, David M. (Sandia National Laboratories, Albuquerque, NM); Ehlen, Mark Andrew (Sandia National Laboratories, Albuquerque, NM); Boggs, Paul T.; Ray, Jaideep

2009-10-01

Staggered bioterrorist attacks with aerosolized pathogens on population centers present a formidable challenge to resource allocation and response planning. The response and planning will commence immediately after the detection of the first attack and with no or little information of the second attack. In this report, we outline a method by which resource allocation may be performed. It involves probabilistic reconstruction of the bioterrorist attack from partial observations of the outbreak, followed by an optimization-under-uncertainty approach to perform resource allocations. We consider both single-site and time-staggered multi-site attacks (i.e., a reload scenario) under conditions when resources (personnel and equipment which are difficult to gather and transport) are insufficient. Both communicable (plague) and non-communicable diseases (anthrax) are addressed, and we also consider cases when the data, the time-series of people reporting with symptoms, are confounded with a reporting delay. We demonstrate how our approach develops allocations profiles that have the potential to reduce the probability of an extremely adverse outcome in exchange for a more certain, but less adverse outcome. We explore the effect of placing limits on daily allocations. Further, since our method is data-driven, the resource allocation progressively improves as more data becomes available.

Trace Attack against Biometric Mobile Applications

Directory of Open Access Journals (Sweden)

Sanaa Ghouzali

2016-01-01

Full Text Available With the exponential increase in the dependence on mobile devices in everyday life, there is a growing concern related to privacy and security issues in the Gulf countries; therefore, it is imperative that security threats should be analyzed in detail. Mobile devices store enormous amounts of personal and financial information, unfortunately without any security. In order to secure mobile devices against different threats, biometrics has been applied and shown to be effective. However, biometric mobile applications are also vulnerable to several types of attacks that can decrease their security. Biometric information itself is considered sensitive data; for example, fingerprints can leave traces in touched objects and facial images can be captured everywhere or accessed by the attacker if the facial image is stored in the mobile device (lost or stolen. Hence, an attacker can easily forge the identity of a legitimate user and access data on a device. In this paper, the effects of a trace attack on the sensitivity of biometric mobile applications are investigated in terms of security and user privacy. Experimental results carried out on facial and fingerprint mobile authentication applications using different databases have shown that these mobile applications are vulnerable to the proposed attack, which poses a serious threat to the overall system security and user privacy.

Limit Asthma Attacks Caused by Colds or Flu

Science.gov (United States)

Asthma: Limit asthma attacks caused by colds or flu A cold or the flu can trigger an asthma attack. Here's why — and how to keep your sneeze ... plan. If you notice warning signs of an asthma attack — such as coughing, wheezing, chest tightness or shortness ...

Quantitative Attack Tree Analysis via Priced Timed Automata

NARCIS (Netherlands)

Kumar, Rajesh; Ruijters, Enno Jozef Johannes; Stoelinga, Mariëlle Ida Antoinette; Sankaranarayanan, Sriram; Vicario, Enrico

The success of a security attack crucially depends on the resources available to an attacker: time, budget, skill level, and risk appetite. Insight in these dependencies and the most vulnerable system parts is key to providing effective counter measures. This paper considers attack trees, one of the

Modeling attacker-defender interactions in information networks.

Energy Technology Data Exchange (ETDEWEB)

Collins, Michael Joseph

2010-09-01

The simplest conceptual model of cybersecurity implicitly views attackers and defenders as acting in isolation from one another: an attacker seeks to penetrate or disrupt a system that has been protected to a given level, while a defender attempts to thwart particular attacks. Such a model also views all non-malicious parties as having the same goal of preventing all attacks. But in fact, attackers and defenders are interacting parts of the same system, and different defenders have their own individual interests: defenders may be willing to accept some risk of successful attack if the cost of defense is too high. We have used game theory to develop models of how non-cooperative but non-malicious players in a network interact when there is a substantial cost associated with effective defensive measures. Although game theory has been applied in this area before, we have introduced some novel aspects of player behavior in our work, including: (1) A model of how players attempt to avoid the costs of defense and force others to assume these costs; (2) A model of how players interact when the cost of defending one node can be shared by other nodes; and (3) A model of the incentives for a defender to choose less expensive, but less effective, defensive actions.

Guideline on management of the acute asthma attack in children by Italian Society of Pediatrics.

Science.gov (United States)

Indinnimeo, Luciana; Chiappini, Elena; Miraglia Del Giudice, Michele

2018-04-06

Acute asthma attack is a frequent condition in children. It is one of the most common reasons for emergency department (ED) visit and hospitalization. Appropriate care is fundamental, considering both the high prevalence of asthma in children, and its life-threatening risks. Italian Society of Pediatrics recently issued a guideline on the management of acute asthma attack in children over age 2, in ambulatory and emergency department settings. The Grading of Recommendations Assessment, Development, and Evaluation (GRADE) methodology was adopted. A literature search was performed using the Cochrane Library and Medline/PubMed databases, retrieving studies in English or Italian and including children over age 2 year. Inhaled ß 2 agonists are the first line drugs for acute asthma attack in children. Ipratropium bromide should be added in moderate/severe attacks. Early use of systemic steroids is associated with reduced risk of ED visits and hospitalization. High doses of inhaled steroids should not replace systemic steroids. Aminophylline use should be avoided in mild/moderate attacks. Weak evidence supports its use in life-threatening attacks. Epinephrine should not be used in the treatment of acute asthma for its lower cost / benefit ratio, compared to β 2 agonists. Intravenous magnesium solphate could be used in children with severe attacks and/or forced expiratory volume1 (FEV1) lower than 60% predicted, unresponsive to initial inhaled therapy. Heliox could be administered in life-threatening attacks. Leukotriene receptor antagonists are not recommended. This Guideline is expected to be a useful resource in managing acute asthma attacks in children over age 2.

Effectiveness of icatibant for treatment of hereditary angioedema attacks is not affected by body weight: findings from the Icatibant Outcome Survey, a cohort observational study.

Science.gov (United States)

Caballero, Teresa; Zanichelli, Andrea; Aberer, Werner; Maurer, Marcus; Longhurst, Hilary J; Bouillet, Laurence; Andresen, Irmgard

2018-01-01

Icatibant is a bradykinin B2-receptor antagonist used for the treatment of hereditary angioedema attacks resulting from C1-inhibitor deficiency. Treatment is not adjusted by body weight however the impact of body mass index (BMI) on the effectiveness of icatibant is not documented in the literature. We examined disease characteristics and icatibant treatment effectiveness in patients stratified by BMI in the Icatibant Outcome Survey, an ongoing, international, observational study monitoring the real-world safety and effectiveness of icatibant. Attack and treatment characteristics as well as outcomes following treatment with icatibant were compared among patients with underweight, normal, overweight, and obese BMI. Data from 2697 icatibant-treated attacks in 342 patients (3.5, 44.7, 34.8, and 17.0% patients of underweight, normal, overweight, and obese BMI, respectively) were analyzed. There was no significant difference in the frequency and severity of attacks across BMI groups, although obese patients tended to have more attacks of high severity. There was no impact of BMI on the frequency of laryngeal attacks, but patients with normal BMI had fewer cutaneous attacks and more abdominal attacks. Most attacks (71.9-83.8%) were treated with a single icatibant injection without the need for rescue with plasma-derived C1-inhibitor (pdC1-INH), regardless of BMI. Patients with obese BMI used pdC1-INH as rescue treatment more often (P < 0.0001; P = 0.0232 excluding 2 outliers) and treated attacks earlier than patients with normal BMI (P = 0.007). Furthermore, time to resolution and duration of attack were shorter for patients with high BMI (P < 0.001 for overweight and P < 0.05 for obese versus normal). Overall, icatibant was comparatively effective in treating attacks in patients across all BMI groups. Trial registration NCT01034969.

Antiplatelet therapy and the effects of B vitamins in patients with previous stroke or transient ischaemic attack: a post-hoc subanalysis of VITATOPS, a randomised, placebo-controlled trial.

Science.gov (United States)

Hankey, Graeme J; Eikelboom, John W; Yi, Qilong; Lees, Kennedy R; Chen, Christopher; Xavier, Denis; Navarro, Jose C; Ranawaka, Udaya K; Uddin, Wasim; Ricci, Stefano; Gommans, John; Schmidt, Reinhold

2012-06-01

Previous studies have suggested that any benefits of folic acid-based therapy to lower serum homocysteine in prevention of cardiovascular events might be offset by concomitant use of antiplatelet therapy. We aimed to establish whether there is an interaction between antiplatelet therapy and the effects of folic acid-based homocysteine-lowering therapy on major vascular events in patients with stroke or transient ischaemic attack enrolled in the vitamins to prevent stroke (VITATOPS) trial. In the VITATOPS trial, 8164 patients with recent stroke or transient ischaemic attack were randomly allocated to double-blind treatment with one tablet daily of placebo or B vitamins (2 mg folic acid, 25 mg vitamin B(6), and 500 μg vitamin B(12)) and followed up for a median 3·4 years (IQR 2·0-5·5) for the primary composite outcome of stroke, myocardial infarction, or death from vascular causes. In our post-hoc analysis of the interaction between antiplatelet therapy and the effects of treatment with B vitamins on the primary outcome, we used Cox proportional hazards regression before and after adjusting for imbalances in baseline prognostic factors in participants who were and were not taking antiplatelet drugs at baseline and in participants assigned to receive B vitamins or placebo. We also assessed the interaction in different subgroups of patients and different secondary outcomes. The VITATOPS trial is registered with ClinicalTrials.gov, number NCT00097669, and Current Controlled Trials, number ISRCTN74743444. At baseline, 6609 patients were taking antiplatelet therapy and 1463 were not. Patients not receiving antiplatelet therapy were more likely to be younger, east Asian, and disabled, to have a haemorrhagic stroke or cardioembolic ischaemic stroke, and to have a history of hypertension or atrial fibrillation. They were less likely to be smokers and to have a history of peripheral artery disease, hypercholesterolaemia, diabetes, ischaemic heart disease, and a

Algebraic Side-Channel Attack on Twofish

Directory of Open Access Journals (Sweden)

Chujiao Ma

2017-05-01

Full Text Available While algebraic side-channel attack (ASCA has been successful in breaking simple cryptographic algorithms, it has never been done on larger or more complex algorithms such as Twofish. Compared to other algorithms that ASCA has been used on, Twofish is more difficult to attack due to the key-dependent S-boxes as well as the complex key scheduling. In this paper, we propose the first algebraic side-channel attack on Twofish, and examine the importance of side-channel information in getting past the key-dependent S-boxes and the complex key scheduling. The cryptographic algorithm and side-channel information are both expressed as boolean equations and a SAT solver is used to recover the key. While algebraic attack by itself is not sufficient to break the algorithm, with the help of side-channel information such as Hamming weights, we are able to correctly solve for 96 bits of the 128 bits key in under 2 hours with known plaintext/ciphertext.

On localization attacks against cloud infrastructure

Science.gov (United States)

Ge, Linqiang; Yu, Wei; Sistani, Mohammad Ali

2013-05-01

One of the key characteristics of cloud computing is the device and location independence that enables the user to access systems regardless of their location. Because cloud computing is heavily based on sharing resource, it is vulnerable to cyber attacks. In this paper, we investigate a localization attack that enables the adversary to leverage central processing unit (CPU) resources to localize the physical location of server used by victims. By increasing and reducing CPU usage through the malicious virtual machine (VM), the response time from the victim VM will increase and decrease correspondingly. In this way, by embedding the probing signal into the CPU usage and correlating the same pattern in the response time from the victim VM, the adversary can find the location of victim VM. To determine attack accuracy, we investigate features in both the time and frequency domains. We conduct both theoretical and experimental study to demonstrate the effectiveness of such an attack.

Analysis Of Default Passwords In Routers Against Brute-Force Attack

Directory of Open Access Journals (Sweden)

Mohammed Farik

2015-08-01

Full Text Available Abstract Password authentication is the main means of access control on network routers and router manufacturers provide a default password for initial login to the router. While there has been many publications regarding the minimum requirements of a good password how widely the manufacturers themselves are adhering to the minimum standards and whether these passwords can withstand brute-force attack are not widely known. The novelty of this research is that this is the first time default passwords have been analyzed and documented from such a large variety of router models to reveal password strengths or weaknesses against brute-force attacks. Firstly individual default router password of each model was collected tabulated and tested using password strength meter for entropy. Then descriptive statistical analysis was performed on the tabulated data. The analysis revealed quantitatively how strong or weak default passwords are against brute-force attacks. The results of this research give router security researchers router manufacturers router administrators a useful guide on the strengths and weaknesses of passwords that follow similar patterns.

Investigating the Influence of Special On–Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks

Directory of Open Access Journals (Sweden)

Wenjuan Li

2018-01-01

Full Text Available Intrusions are becoming more complicated with the recent development of adversarial techniques. To boost the detection accuracy of a separate intrusion detector, the collaborative intrusion detection network (CIDN has thus been developed by allowing intrusion detection system (IDS nodes to exchange data with each other. Insider attacks are a great threat for such types of collaborative networks, where an attacker has the authorized access within the network. In literature, a challenge-based trust mechanism is effective at identifying malicious nodes by sending challenges. However, such mechanisms are heavily dependent on two assumptions, which would cause CIDNs to be vulnerable to advanced insider attacks in practice. In this work, we investigate the influence of advanced on–off attacks on challenge-based CIDNs, which can respond truthfully to one IDS node but behave maliciously to another IDS node. To evaluate the attack performance, we have conducted two experiments under a simulated and a real CIDN environment. The obtained results demonstrate that our designed attack is able to compromise the robustness of challenge-based CIDNs in practice; that is, some malicious nodes can behave untruthfully without a timely detection.

SDN-Based Double Hopping Communication against Sniffer Attack

Directory of Open Access Journals (Sweden)

Zheng Zhao

2016-01-01

Full Text Available Sniffer attack has been a severe threat to network communication security. Traditional network usually uses static network configuration, which provides convenience to sniffer attack. In this paper, an SDN-based double hopping communication (DHC approach is proposed to solve this problem. In DHC, ends in communication packets as well as the routing paths are changed dynamically. Therefore, the traffic will be distributed to multiple flows and transmitted along different paths. Moreover, the data from multiple users will be mixed, bringing difficulty for attackers in obtaining and recovering the communication data, so that sniffer attack will be prevented effectively. It is concluded that DHC is able to increase the overhead of sniffer attack, as well as the difficulty of communication data recovery.

Attacks on Bluetooth Security Architecture and Its Countermeasures

Science.gov (United States)

Iqbal, Mian Muhammad Waseem; Kausar, Firdous; Wahla, Muhammad Arif

WPANs compliment the traditional IEEE 802.11 wireless networks by facilitating the clients with flexibility in network topologies, higher mobility and relaxed configuration/hardware requirements. Bluetooth, a WPAN technology, is an open standard for short-range radio frequency (RF) communication. However, it is also susceptible to typical security threats found in wireless LANs. This paper discuses some of the attack scenarios against the bluetooth network such as hostile intrusion, active Man-in-the-Middle (MITM) attack using unit key and various forms of denial of service (DoS) attacks. These threats and attacks compromise the confidentiality and availability of bluetooth data and services. This paper proposes an improved security architecture for bluetooth device which provides protection against the above mentioned attacks.

Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model

DEFF Research Database (Denmark)

Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For

2017-01-01

To defend against complex attacks, collaborative intrusion detection networks (CIDNs) have been developed to enhance the detection accuracy, which enable an IDS to collect information and learn experience from others. However, this kind of networks is vulnerable to malicious nodes which are utili......To defend against complex attacks, collaborative intrusion detection networks (CIDNs) have been developed to enhance the detection accuracy, which enable an IDS to collect information and learn experience from others. However, this kind of networks is vulnerable to malicious nodes which...... are utilized by insider attacks (e.g., betrayal attacks). In our previous research, we developed a notion of intrusion sensitivity and identified that it can help improve the detection of insider attacks, whereas it is still a challenge for these nodes to automatically assign the values. In this article, we...... of intrusion sensitivity based on expert knowledge. In the evaluation, we compare the performance of three different supervised classifiers in assigning sensitivity values and investigate our trust model under different attack scenarios and in a real wireless sensor network. Experimental results indicate...

An SDN-Based Fingerprint Hopping Method to Prevent Fingerprinting Attacks

Directory of Open Access Journals (Sweden)

Zheng Zhao

2017-01-01

Full Text Available Fingerprinting attacks are one of the most severe threats to the security of networks. Fingerprinting attack aims to obtain the operating system information of target hosts to make preparations for future attacks. In this paper, a fingerprint hopping method (FPH is proposed based on software-defined networks to defend against fingerprinting attacks. FPH introduces the idea of moving target defense to show a hopping fingerprint toward the fingerprinting attackers. The interaction of the fingerprinting attack and its defense is modeled as a signal game, and the equilibriums of the game are analyzed to develop an optimal defense strategy. Experiments show that FPH can resist fingerprinting attacks effectively.

Underlying finite state machine for the social engineering attack detection model

CSIR Research Space (South Africa)

Mouton, Francois

2017-08-01

Full Text Available one to have a clearer overview of the mental processing performed within the model. While the current model provides a general procedural template for implementing detection mechanisms for social engineering attacks, the finite state machine provides a...

Improving the precision of genotype selection in wheat performance trials

Directory of Open Access Journals (Sweden)

Giovani Benin

2013-12-01

Full Text Available The aim of this study was to verify whether using the Papadakis method improves model assumptions and experimental accuracy in field trials used to determine grain yield for wheat lineages indifferent Value for Cultivation and Use (VCU regions. Grain yield data from 572 field trials at 31 locations in the VCU Regions 1, 2, 3 and 4 in 2007-2011 were used. Each trial was run with and without the use of the Papadakis method. The Papadakis method improved the indices of experimental precision measures and reduced the number of experimental repetitions required to predict grain yield performance among the wheat genotypes. There were differences among the wheat adaptation regions in terms of the efficiency of the Papadakis method, the adjustment coefficient of the genotype averages and the increases in the selective accuracy of grain yield.

Rotational Rebound Attacks on Reduced Skein

DEFF Research Database (Denmark)

Khovratovich, Dmitry; Nikolic, Ivica; Rechberger, Christian

2010-01-01

In this paper we combine a recent rotational cryptanalysis with the rebound attack, which results in the best cryptanalysis of Skein, a candidate for the SHA-3 competition. The rebound attack approach was so far only applied to AES-like constructions. For the first time, we show that this approach...

Step to improve neural cryptography against flipping attacks.

Science.gov (United States)

Zhou, Jiantao; Xu, Qinzhen; Pei, Wenjiang; He, Zhenya; Szu, Harold

2004-12-01

Synchronization of neural networks by mutual learning has been demonstrated to be possible for constructing key exchange protocol over public channel. However, the neural cryptography schemes presented so far are not the securest under regular flipping attack (RFA) and are completely insecure under majority flipping attack (MFA). We propose a scheme by splitting the mutual information and the training process to improve the security of neural cryptosystem against flipping attacks. Both analytical and simulation results show that the success probability of RFA on the proposed scheme can be decreased to the level of brute force attack (BFA) and the success probability of MFA still decays exponentially with the weights' level L. The synchronization time of the parties also remains polynomial with L. Moreover, we analyze the security under an advanced flipping attack.

Improved Impossible Differential Attacks on Large-Block Rijndael

DEFF Research Database (Denmark)

Wang, Qingju; Gu, Dawu; Rijmen, Vincent

2012-01-01

. The improvement can lead to 10-round attack on Rijndael-256 as well. With 2198.1 chosen plaintexts, an attack is demonstrated on 9-round Rijndael-224 with 2 195.2 encryptions and 2140.4 bytes memory. Increasing the data complexity to 2216 plaintexts, the time complexity can be reduced to 2130 encryptions...... and the memory requirements to 2 93.6 bytes. For 9-round Rijndael-256, we provide an attack requiring 2229.3 chosen plaintexts, 2194 encryptions, and 2 139.6 bytes memory. Alternatively, with 2245.3 plaintexts, an attack with a reduced time of 2127.1 encryptions and a memory complexity of 290.9 bytes can...... be mounted. With 2244.2 chosen plaintexts, we can attack 10-round Rijndael-256 with 2253.9 encryptions and 2186.8 bytes of memory....

RAPTOR: Ransomware Attack PredicTOR

OpenAIRE

Quinkert, Florian; Holz, Thorsten; Hossain, KSM Tozammel; Ferrara, Emilio; Lerman, Kristina

2018-01-01

Ransomware, a type of malicious software that encrypts a victim's files and only releases the cryptographic key once a ransom is paid, has emerged as a potentially devastating class of cybercrimes in the past few years. In this paper, we present RAPTOR, a promising line of defense against ransomware attacks. RAPTOR fingerprints attackers' operations to forecast ransomware activity. More specifically, our method learns features of malicious domains by looking at examples of domains involved in...

Shark attack-related injuries: Epidemiology and implications for plastic surgeons.

Science.gov (United States)

Ricci, Joseph A; Vargas, Christina R; Singhal, Dhruv; Lee, Bernard T

2016-01-01

The increased media attention to shark attacks has led to a heightened fear and public awareness. Although few sharks are considered dangerous, attacks on humans can result in large soft tissue defects necessitating the intervention of reconstructive surgeons. This study aims to evaluate and describe the characteristics of shark-related injuries in order to improve treatment. The Global Shark Accident File, maintained by the Shark Research Institute (Princeton, NJ, USA), is a compilation of all known worldwide shark attacks. Database records since the 1900s were reviewed to identify differences between fatal and nonfatal attacks, including: geography, injury pattern, shark species, and victim activity. Since the 1900s, there have been 5034 reported shark attacks, of which 1205 (22.7%) were fatal. Although the incidence of attacks per decade has increased, the percentage of fatalities has decreased. Characteristics of fatal attacks included swimming (p = 0.001), boating (p = 0.001), three or more bite sites (p = 0.03), limb loss (p = 0.001), or tiger shark attack (p = 0.002). The most common attacks were bites to the legs (41.8%) or arms (18.4%), with limb loss occurring in 7% of attacks. Geographically, the majority of attacks occurred in North America (36.7%) and Australia (26.5%). Most attacks in the USA occurred in Florida (49.1%) and California (13.6%). Although rare, shark attacks result in devastating injuries to patients. As these injuries often involve multiple sites and limb loss, this creates a significant challenge for reconstructive surgeons. Proper identification of the characteristics of the attack can aid in providing optimal care for those affected. Copyright © 2015 British Association of Plastic, Reconstructive and Aesthetic Surgeons. Published by Elsevier Ltd. All rights reserved.

Expectation-Maximization Tensor Factorization for Practical Location Privacy Attacks

Directory of Open Access Journals (Sweden)

Murakami Takao

2017-10-01

Full Text Available Location privacy attacks based on a Markov chain model have been widely studied to de-anonymize or de-obfuscate mobility traces. An adversary can perform various kinds of location privacy attacks using a personalized transition matrix, which is trained for each target user. However, the amount of training data available to the adversary can be very small, since many users do not disclose much location information in their daily lives. In addition, many locations can be missing from the training traces, since many users do not disclose their locations continuously but rather sporadically. In this paper, we show that the Markov chain model can be a threat even in this realistic situation. Specifically, we focus on a training phase (i.e. mobility profile building phase and propose Expectation-Maximization Tensor Factorization (EMTF, which alternates between computing a distribution of missing locations (E-step and computing personalized transition matrices via tensor factorization (M-step. Since the time complexity of EMTF is exponential in the number of missing locations, we propose two approximate learning methods, one of which uses the Viterbi algorithm while the other uses the Forward Filtering Backward Sampling (FFBS algorithm. We apply our learning methods to a de-anonymization attack and a localization attack, and evaluate them using three real datasets. The results show that our learning methods significantly outperform a random guess, even when there is only one training trace composed of 10 locations per user, and each location is missing with probability 80% (i.e. even when users hardly disclose two temporally-continuous locations.

Competitor presence reduces internal attentional focus and improves 16.1km cycling time trial performance.

Science.gov (United States)

Williams, Emily L; Jones, Hollie S; Andy Sparks, S; Marchant, David C; Midgley, Adrian W; Mc Naughton, Lars R

2015-07-01

Whilst the presence of a competitor has been found to improve performance, the mechanisms influencing the change in selected work rates during direct competition have been suggested but not specifically assessed. The aim was to investigate the physiological and psychological influences of a visual avatar competitor during a 16.1-km cycling time trial performance, using trained, competitive cyclists. Randomised cross-over design. Fifteen male cyclists completed four 16.1km cycling time trials on a cycle ergometer, performing two with a visual display of themselves as a simulated avatar (FAM and SELF), one with no visual display (DO), and one with themselves and an opponent as simulated avatars (COMP). Participants were informed the competitive avatar was a similar ability cyclist but it was actually a representation of their fastest previous performance. Increased performance times were evident during COMP (27.8±2.0min) compared to SELF (28.7±1.9min) and DO (28.4±2.3min). Greater power output, speed and heart rate were apparent during COMP trial than SELF (pperformance. Competitive cyclists performed significantly faster during a 16.1-km competitive trial than when performing maximally, without a competitor. The improvement in performance was elicited due to a greater external distraction, deterring perceived exertion. Copyright © 2014 Sports Medicine Australia. Published by Elsevier Ltd. All rights reserved.

Using simulation to aid trial design: Ring-vaccination trials.

Directory of Open Access Journals (Sweden)

Matt David Thomas Hitchings

2017-03-01

Full Text Available The 2014-6 West African Ebola epidemic highlights the need for rigorous, rapid clinical trial methods for vaccines. A challenge for trial design is making sample size calculations based on incidence within the trial, total vaccine effect, and intracluster correlation, when these parameters are uncertain in the presence of indirect effects of vaccination.We present a stochastic, compartmental model for a ring vaccination trial. After identification of an index case, a ring of contacts is recruited and either vaccinated immediately or after 21 days. The primary outcome of the trial is total vaccine effect, counting cases only from a pre-specified window in which the immediate arm is assumed to be fully protected and the delayed arm is not protected. Simulation results are used to calculate necessary sample size and estimated vaccine effect. Under baseline assumptions about vaccine properties, monthly incidence in unvaccinated rings and trial design, a standard sample-size calculation neglecting dynamic effects estimated that 7,100 participants would be needed to achieve 80% power to detect a difference in attack rate between arms, while incorporating dynamic considerations in the model increased the estimate to 8,900. This approach replaces assumptions about parameters at the ring level with assumptions about disease dynamics and vaccine characteristics at the individual level, so within this framework we were able to describe the sensitivity of the trial power and estimated effect to various parameters. We found that both of these quantities are sensitive to properties of the vaccine, to setting-specific parameters over which investigators have little control, and to parameters that are determined by the study design.Incorporating simulation into the trial design process can improve robustness of sample size calculations. For this specific trial design, vaccine effectiveness depends on properties of the ring vaccination design and on the

What Can We Learn?--The Algonquin Bear Attack.

Science.gov (United States)

Strickland, Dan

1992-01-01

Describes a bear attack in Algonquin Park in Lake Opeongo (Canada) in which a man and woman were killed. Hypothesizes that the bear deliberately preyed on its victims and concludes that the bear was physically normal. Despite this isolated attack, the chance of being attacked by a black bear when camping is virtually nonexistent. (KS)

A randomized double-blind, placebo-controlled, cross-over trial (Vestparoxy) of the treatment of vestibular paroxysmia with oxcarbazepine.

Science.gov (United States)

Bayer, Otmar; Brémová, Tatiana; Strupp, Michael; Hüfner, Katharina

2018-02-01

Vestibular paroxysmia (VP) is characterized by short, often oligosymptomatic attacks of vertigo which occur spontaneously or are sometimes provoked by turning the head. Despite the description of the disease almost 40 years ago (first termed "disabling positional vertigo"), no controlled treatment trial has been published to date. The Vestparoxy trial was designed as a randomized, placebo-controlled, double-blind cross-over trial to examine the therapeutic effect of oxcarbazepine (OXA) in patients with definite or probable VP. Patients were recruited from August 2005 to December 2011 in the outpatient Dizziness Unit of the Department of Neurology of the Munich University Hospital, and randomized to receive OXA (first week: 300 mg once per day, second week: 300 mg b.i.d., third week: 300 mg t.i.d. until the end of the third month), followed by placebo or vice versa with a 1-month wash-out period in between. The primary endpoint was the number of days with one or more attacks. Secondary endpoints were the number of attacks during the observed days, and the median (for each day) duration of attacks. All these endpoints were assessed using standardized diaries collected at the end of each treatment phase. Forty-three patients were randomized, 18 patients provided usable data (2525 patient days) for at least one treatment phase and were included in the main (intention-to-treat) analysis. The most common reasons for discontinuation documented were adverse events. The risk of experiencing a day with at least one attack was 0.41 under OXA, and 0.62 under placebo treatment, yielding a relative risk of 0.67 (95% CI 0.47-0.95, p = 0.025). The number of attacks during the observed days ratio was 0.53 (95% CI 0.42-0.68, p effects.

Combined Heuristic Attack Strategy on Complex Networks

Directory of Open Access Journals (Sweden)

Marek Šimon

2017-01-01

Full Text Available Usually, the existence of a complex network is considered an advantage feature and efforts are made to increase its robustness against an attack. However, there exist also harmful and/or malicious networks, from social ones like spreading hoax, corruption, phishing, extremist ideology, and terrorist support up to computer networks spreading computer viruses or DDoS attack software or even biological networks of carriers or transport centers spreading disease among the population. New attack strategy can be therefore used against malicious networks, as well as in a worst-case scenario test for robustness of a useful network. A common measure of robustness of networks is their disintegration level after removal of a fraction of nodes. This robustness can be calculated as a ratio of the number of nodes of the greatest remaining network component against the number of nodes in the original network. Our paper presents a combination of heuristics optimized for an attack on a complex network to achieve its greatest disintegration. Nodes are deleted sequentially based on a heuristic criterion. Efficiency of classical attack approaches is compared to the proposed approach on Barabási-Albert, scale-free with tunable power-law exponent, and Erdős-Rényi models of complex networks and on real-world networks. Our attack strategy results in a faster disintegration, which is counterbalanced by its slightly increased computational demands.

An efficient collaborative approach for black hole attack discovery and mitigating its impact in manet

Science.gov (United States)

Devipriya, K.; Ivy, B. Persis Urbana; Prabha, D.

2018-04-01

A mobile ad hoc network (MANET) is an assemblage of nodes composed of mobile devices coupled in various ways wirelessly which do not have any central administration. Each node in MANET cooperates in forwarding packets in the network. This type of collaboration incurs high cost but there exits nodes that declines to cooperate leading to selfish conduct of nodes which effects overall network performance. To discover the attacks caused by such nodes, a renowned mechanism using watchdog can be deployed. In infrastructure less network attack detection and reaction and high false positives, false negatives initiating black hole attack becomes major issue in watchdog. This paper put forward a collaborative approach for identifying such attacks in MANET. Through abstract analysis and extensive simulation of this approach, the detection time of misbehaved nodes is reduced and substantial enhancement in overhead and throughput is witnessed.

Face Spoof Attack Recognition Using Discriminative Image Patches

Directory of Open Access Journals (Sweden)

Zahid Akhtar

2016-01-01

Full Text Available Face recognition systems are now being used in many applications such as border crossings, banks, and mobile payments. The wide scale deployment of facial recognition systems has attracted intensive attention to the reliability of face biometrics against spoof attacks, where a photo, a video, or a 3D mask of a genuine user’s face can be used to gain illegitimate access to facilities or services. Though several face antispoofing or liveness detection methods (which determine at the time of capture whether a face is live or spoof have been proposed, the issue is still unsolved due to difficulty in finding discriminative and computationally inexpensive features and methods for spoof attacks. In addition, existing techniques use whole face image or complete video for liveness detection. However, often certain face regions (video frames are redundant or correspond to the clutter in the image (video, thus leading generally to low performances. Therefore, we propose seven novel methods to find discriminative image patches, which we define as regions that are salient, instrumental, and class-specific. Four well-known classifiers, namely, support vector machine (SVM, Naive-Bayes, Quadratic Discriminant Analysis (QDA, and Ensemble, are then used to distinguish between genuine and spoof faces using a voting based scheme. Experimental analysis on two publicly available databases (Idiap REPLAY-ATTACK and CASIA-FASD shows promising results compared to existing works.

Eurados trial performance test for photon dosimetry

DEFF Research Database (Denmark)

Stadtmann, H.; Bordy, J.M.; Ambrosi, P.

2001-01-01

Within the framework of the EURADOS Action entitled Harmonisation and Dosimetric Quality Assurance in Individual Monitoring for External Radiation, trial performance tests for whole-body and extremity personal dosemeters were carried out. Photon, beta and neutron dosemeters were considered....... This paper summarises the results of the whole-body photon dosemeter test. Twenty-six dosimetry services from all EU Member States and Switzerland participated. Twelve different radiation fields were used to simulate various workplace irradiation fields. Dose values from 0.4 mSv to 80 mSv were chosen. From...

How Game Location Affects Soccer Performance: T-Pattern Analysis of Attack Actions in Home and Away Matches

Directory of Open Access Journals (Sweden)

Barbara Diana

2017-08-01

Full Text Available The influence of game location on performance has been widely examined in sport contexts. Concerning soccer, game-location affects positively the secondary and tertiary level of performance; however, there are fewer evidences about its effect on game structure (primary level of performance. This study aimed to detect the effect of game location on a primary level of performance in soccer. In particular, the objective was to reveal the hidden structures underlying the attack actions, in both home and away matches played by a top club (Serie A 2012/2013—First Leg. The methodological approach was based on systematic observation, supported by digital recordings and T-pattern analysis. Data were analyzed with THEME 6.0 software. A quantitative analysis, with nonparametric Mann–Whitney test and descriptive statistics, was carried out to test the hypotheses. A qualitative analysis on complex patterns was performed to get in-depth information on the game structure. This study showed that game tactics were significantly different, with home matches characterized by a more structured and varied game than away matches. In particular, a higher number of different patterns, with a higher level of complexity and including more unique behaviors was detected in home matches than in the away ones. No significant differences were found in the number of events coded per game between the two conditions. THEME software, and the corresponding T-pattern detection algorithm, enhance research opportunities by going further than frequency-based analyses, making this method an effective tool in supporting sport performance analysis and training.

How Game Location Affects Soccer Performance: T-Pattern Analysis of Attack Actions in Home and Away Matches.

Science.gov (United States)

Diana, Barbara; Zurloni, Valentino; Elia, Massimiliano; Cavalera, Cesare M; Jonsson, Gudberg K; Anguera, M Teresa

2017-01-01

The influence of game location on performance has been widely examined in sport contexts. Concerning soccer, game-location affects positively the secondary and tertiary level of performance; however, there are fewer evidences about its effect on game structure (primary level of performance). This study aimed to detect the effect of game location on a primary level of performance in soccer. In particular, the objective was to reveal the hidden structures underlying the attack actions, in both home and away matches played by a top club (Serie A 2012/2013-First Leg). The methodological approach was based on systematic observation, supported by digital recordings and T-pattern analysis. Data were analyzed with THEME 6.0 software. A quantitative analysis, with nonparametric Mann-Whitney test and descriptive statistics, was carried out to test the hypotheses. A qualitative analysis on complex patterns was performed to get in-depth information on the game structure. This study showed that game tactics were significantly different, with home matches characterized by a more structured and varied game than away matches. In particular, a higher number of different patterns, with a higher level of complexity and including more unique behaviors was detected in home matches than in the away ones. No significant differences were found in the number of events coded per game between the two conditions. THEME software, and the corresponding T-pattern detection algorithm, enhance research opportunities by going further than frequency-based analyses, making this method an effective tool in supporting sport performance analysis and training.

An integrative literature review to examine the provision of self-management support following transient ischaemic attack.

Science.gov (United States)

Kessler, Dorothy; Liddy, Clare

2017-11-01

To identify the types of self-management support that have been provided to persons with transient ischaemic attack and the evidence for the effectiveness of these programmes. Self-management is a key element for the effective management of chronic conditions. For persons with transient ischaemic attack, secondary stroke prevention is a recognised standard of care. Best practice guidelines indicate that persons who have experienced transient ischaemic attack should be supported to develop self-management skills. However, it is not clear how best to support the development of these skills. An integrative literature review was conducted. A search was conducted using Medline, Embase, HealthSTAR, CINAHL and PsycINFO. Published quantitative and qualitative studies, abstracts or dissertations describing the provision, experience or outcomes of self-management interventions for people with transient ischaemic attack, and published in English before March 2016, were included. Articles were selected and rated separately by two reviewers. The American Academy for Cerebral Palsy and Developmental Medicine Level of Evidence and Conduct Rating tools were used for rating. Interventions were described and compared, and evidence was presented using the traffic lighting system. Sixteen interventions representing a variety of group- and individual-based interventions were identified. Interventions differed in target population, content, structure, duration and outcomes. Only four interventions were specifically designed for persons with transient ischaemic attack. While evidence to support self-management interventions is promising, there is limited evidence to support any one intervention. However, one good-quality randomised controlled trial supports the provision of a group self-management programme for improving blood pressure control. There are numerous interventions to support self-management by persons with transient ischaemic attack. More research is needed to determine

Impact of Cyber Attacks on High Voltage DC Transmission Damping Control

Directory of Open Access Journals (Sweden)

Rui Fan

2018-04-01

Full Text Available Hybrid AC/HVDC (AC-HVDC grids have evolved to become huge cyber-physical systems that are vulnerable to cyber attacks because of the wide attack surface and increasing dependence on intelligent electronic devices, computing resources and communication networks. This paper, for the first time, studies the impact of cyber attacks on HVDC transmission oscillation damping control.Three kinds of cyber attack models are considered: timing attack, replay attack and false data injection attack. Followed by a brief introduction of the HVDC model and conventional oscillation damping control method, the design of three attack models is described in the paper. These attacks are tested on a modified IEEE New England 39-Bus AC-HVDC system. Simulation results have shown that all three kinds of attacks are capable of driving the AC-HVDC system into large oscillations or even unstable conditions.

Effect of lactate supplementation and sodium bicarbonate on 40-km cycling time trial performance.

Science.gov (United States)

Northgraves, Matthew J; Peart, Daniel J; Jordan, Christian A; Vince, Rebecca V

2014-01-01

The use of nutritional supplements to improve sporting performance and increase training adaptations is commonplace among athletes and is an expanding market in terms of product choice and availability. The purpose of this study was to examine the effects of 2 ergogenic aids with extracellular blood buffering potential, namely sodium bicarbonate (NaHCO3) and a lactate supplement, during a 40-km cycling time trial. Seven recreationally active men (age, 22.3 ± 3.3 years; height, 182.5 ± 6.5 cm; body mass, 79.2 ± 6.3 kg) completed five 40-km cycling time trials, including a familiarization trial in a randomized, blind, double placebo-controlled design. Subjects ingested (a) 300 mg·kg-1 body mass NaHCO3 (BICARB), (b) 45 mg·kg-1 body mass sodium chloride (PL-BICARB) as the placebo for the NaHCO3 trial, (c) 1115 mg lactate (LACTATE), or (d) plain flour as the placebo for the lactate trial (PL-LACTATE) 60 minutes before exercise. There was no significant difference in performance between the 4 conditions (p > 0.05). Although NaHCO3 ingestion induced significant changes in all the acid-base variables (all p 0.05). Subjects in the LACTATE condition did have a significantly higher heart rate (p 0.05) than the other 3 conditions. Neither NaHCO3 nor lactate supplementation seem to improve 40-km cycling time trial performance. However, the potential benefits following LACTATE regarding perceived exertion require further research.

Capacity and optimal collusion attack channels for Gaussian fingerprinting games

Science.gov (United States)

Wang, Ying; Moulin, Pierre

2007-02-01

In content fingerprinting, the same media covertext - image, video, audio, or text - is distributed to many users. A fingerprint, a mark unique to each user, is embedded into each copy of the distributed covertext. In a collusion attack, two or more users may combine their copies in an attempt to "remove" their fingerprints and forge a pirated copy. To trace the forgery back to members of the coalition, we need fingerprinting codes that can reliably identify the fingerprints of those members. Researchers have been focusing on designing or testing fingerprints for Gaussian host signals and the mean square error (MSE) distortion under some classes of collusion attacks, in terms of the detector's error probability in detecting collusion members. For example, under the assumptions of Gaussian fingerprints and Gaussian attacks (the fingerprinted signals are averaged and then the result is passed through a Gaussian test channel), Moulin and Briassouli1 derived optimal strategies in a game-theoretic framework that uses the detector's error probability as the performance measure for a binary decision problem (whether a user participates in the collusion attack or not); Stone2 and Zhao et al. 3 studied average and other non-linear collusion attacks for Gaussian-like fingerprints; Wang et al. 4 stated that the average collusion attack is the most efficient one for orthogonal fingerprints; Kiyavash and Moulin 5 derived a mathematical proof of the optimality of the average collusion attack under some assumptions. In this paper, we also consider Gaussian cover signals, the MSE distortion, and memoryless collusion attacks. We do not make any assumption about the fingerprinting codes used other than an embedding distortion constraint. Also, our only assumptions about the attack channel are an expected distortion constraint, a memoryless constraint, and a fairness constraint. That is, the colluders are allowed to use any arbitrary nonlinear strategy subject to the above

OPERATION COBRA. Deliberate Attack, Exploitation

Science.gov (United States)

1984-05-25

to attack Sens, then continue to Troyes , on the Seine River. CCA was in the north, crossing the Loing River at Souppes against light resistance and...advanced from Troyes and prepared positions close to Sens. Under strong artillery support, a task force from CCA (TF Oden) attacked the enemy frontally...movement towards the Seine River on 24 August with an advance toward Troyes . Facing the combat command were what remained of the 51st SS Brigade, light

Robustness of non-interdependent and interdependent networks against dependent and adaptive attacks

Science.gov (United States)

Tyra, Adam; Li, Jingtao; Shang, Yilun; Jiang, Shuo; Zhao, Yanjun; Xu, Shouhuai

2017-09-01

Robustness of complex networks has been extensively studied via the notion of site percolation, which typically models independent and non-adaptive attacks (or disruptions). However, real-life attacks are often dependent and/or adaptive. This motivates us to characterize the robustness of complex networks, including non-interdependent and interdependent ones, against dependent and adaptive attacks. For this purpose, dependent attacks are accommodated by L-hop percolation where the nodes within some L-hop (L ≥ 0) distance of a chosen node are all deleted during one attack (with L = 0 degenerating to site percolation). Whereas, adaptive attacks are launched by attackers who can make node-selection decisions based on the network state in the beginning of each attack. The resulting characterization enriches the body of knowledge with new insights, such as: (i) the Achilles' Heel phenomenon is only valid for independent attacks, but not for dependent attacks; (ii) powerful attack strategies (e.g., targeted attacks and dependent attacks, dependent attacks and adaptive attacks) are not compatible and cannot help the attacker when used collectively. Our results shed some light on the design of robust complex networks.

Study design of the CLOSURE I Trial: a prospective, multicenter, randomized, controlled trial to evaluate the safety and efficacy of the STARFlex septal closure system versus best medical therapy in patients with stroke or transient ischemic attack due to presumed paradoxical embolism through a patent foramen ovale.

Science.gov (United States)

Furlan, Anthony J; Reisman, Mark; Massaro, Joseph; Mauri, Laura; Adams, Harold; Albers, Gregory W; Felberg, Robert; Herrmann, Howard; Kar, Saibal; Landzberg, Michael; Raizner, Albert; Wechsler, Lawrence

2010-12-01

Some strokes of unknown etiology may be the result of a paradoxical embolism traversing through a nonfused foramen ovale (patent foramen ovale [PFO]). The utility of percutaneously placed devices for treatment of patients with cryptogenic stroke or transient ischemic attack (TIA) and PFO is unknown. In addition, there are no clear data about the utility of medical interventions or other surgical procedures in this situation. Despite limited data, many patients are being treated with PFO closure devices. Thus, there is a strong need for clinical trials that test the potential efficacy of PFO occlusive devices in this situation. To address this gap in medical knowledge, we designed the CLOSURE I trial, a randomized, clinical trial comparing the use of a percutaneously placed PFO occlusive device and best medical therapy versus best medical therapy alone for prevention of recurrent ischemic neurologic symptoms among persons with TIA or ischemic stroke. This prospective, multicenter, randomized, controlled trial has finished enrollment. Two-year follow-up for all 910 patients is required. The primary end point is the 2-year incidence of stroke or TIA, all-cause mortality for the first 30 days, and neurologic mortality from ≥ 31 days of follow-up, as adjudicated by a panel of physicians who are unaware of treatment allocation. This article describes the rationale and study design of CLOSURE I. This trial should provide information as to whether the STARFlex septal closure system is safe and more effective than best medical therapy alone in preventing recurrent stroke/TIA and mortality in patients with PFO and whether the STARFlex septal closure device can demonstrate superiority compared with best medical therapy alone. Clinical Trial Registration-URL: http://www.clinicaltrials.gov. Unique identifier: NCT00201461.

Improving the multiparty quantum secret sharing over two collective-noise channels against insider attack

Science.gov (United States)

Sun, Ying; Wen, Qiao-yan; Zhu, Fu-chen

2010-01-01

The security of the multiparty quantum secret sharing protocol presented by Zhang [Z.J. Zhang, Physica A, 361 (2006) 233] is analyzed. It is shown that this protocol is vulnerable to the insider attack since eavesdropping detection is performed only when all states arrive at the last agent. We propose an attack strategy and give an improved version of the original protocol. The improved protocol is robust and has the same traits with the original one.

Command Disaggregation Attack and Mitigation in Industrial Internet of Things

Directory of Open Access Journals (Sweden)

Peng Xun

2017-10-01

Full Text Available A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1 the command sequence is disordered and (2 disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework.

Command Disaggregation Attack and Mitigation in Industrial Internet of Things.

Science.gov (United States)

Xun, Peng; Zhu, Pei-Dong; Hu, Yi-Fan; Cui, Peng-Shuai; Zhang, Yan

2017-10-21

A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1) the command sequence is disordered and (2) disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework.

Competitive Reactions to Advertising and Promotion Attacks

OpenAIRE

Jan-Benedict E. M. Steenkamp; Vincent R. Nijs; Dominique M. Hanssens; Marnik G. Dekimpe

2005-01-01

How do competitors react to each other's price-promotion and advertising attacks? What are the reasons for the observed reaction behavior? We answer these questions by performing a large-scale empirical study on the short-run and long-run reactions to promotion and advertising shocks in over 400 consumer product categories over a four-year time span. Our results clearly show that the most predominant form of competitive response is passive in nature. When a reaction does occur, it is usually ...

Counteracting Power Analysis Attacks by Masking

Science.gov (United States)

Oswald, Elisabeth; Mangard, Stefan

The publication of power analysis attacks [12] has triggered a lot of research activities. On the one hand these activities have been dedicated toward the development of secure and efficient countermeasures. On the other hand also new and improved attacks have been developed. In fact, there has been a continuous arms race between designers of countermeasures and attackers. This chapter provides a brief overview of the state-of-the art in the arms race in the context of a countermeasure called masking. Masking is a popular countermeasure that has been extensively discussed in the scientific community. Numerous articles have been published that explain different types of masking and that analyze weaknesses of this countermeasure.

Metrics for Assessment of Smart Grid Data Integrity Attacks

Energy Technology Data Exchange (ETDEWEB)

Annarita Giani; Miles McQueen; Russell Bent; Kameshwar Poolla; Mark Hinrichs

2012-07-01

There is an emerging consensus that the nation’s electricity grid is vulnerable to cyber attacks. This vulnerability arises from the increasing reliance on using remote measurements, transmitting them over legacy data networks to system operators who make critical decisions based on available data. Data integrity attacks are a class of cyber attacks that involve a compromise of information that is processed by the grid operator. This information can include meter readings of injected power at remote generators, power flows on transmission lines, and relay states. These data integrity attacks have consequences only when the system operator responds to compromised data by redispatching generation under normal or contingency protocols. These consequences include (a) financial losses from sub-optimal economic dispatch to service loads, (b) robustness/resiliency losses from placing the grid at operating points that are at greater risk from contingencies, and (c) systemic losses resulting from cascading failures induced by poor operational choices. This paper is focused on understanding the connections between grid operational procedures and cyber attacks. We first offer two examples to illustrate how data integrity attacks can cause economic and physical damage by misleading operators into taking inappropriate decisions. We then focus on unobservable data integrity attacks involving power meter data. These are coordinated attacks where the compromised data are consistent with the physics of power flow, and are therefore passed by any bad data detection algorithm. We develop metrics to assess the economic impact of these attacks under re-dispatch decisions using optimal power flow methods. These metrics can be use to prioritize the adoption of appropriate countermeasures including PMU placement, encryption, hardware upgrades, and advance attack detection algorithms.

A Computationally Intelligent Approach to the Detection of Wormhole Attacks in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Mohammad Nurul Afsar Shaon

2017-05-01

Full Text Available A wormhole attack is one of the most critical and challenging security threats for wireless sensor networks because of its nature and ability to perform concealed malicious activities. This paper proposes an innovative wormhole detection scheme to detect wormhole attacks using computational intelligence and an artificial neural network (ANN. Most wormhole detection schemes reported in the literature assume the sensors are uniformly distributed in a network, and, furthermore, they use statistical and topological information and special hardware for their detection. However, these schemes may perform poorly in non-uniformly distributed networks, and, moreover, they may fail to defend against “out of band” and “in band” wormhole attacks. The aim of the proposed research is to develop a detection scheme that is able to detect all kinds of wormhole attacks in both uniformly and non-uniformly distributed sensor networks. Furthermore, the proposed research does not require any special hardware and causes no significant network overhead throughout the network. Most importantly, the probable location of the malicious nodes can be identified by the proposed ANN based detection scheme. We evaluate the efficacy of the proposed detection scheme in terms of detection accuracy, false positive rate, and false negative rate. The performance of the proposed algorithm is also compared with other machine learning techniques (i.e. SVM and regularized nonlinear logistic regression (LR based detection models. The simulation results show that proposed ANN based algorithm outperforms the SVM or LR based detection schemes in terms of detection accuracy, false positive rate, and false negative rates.

Virtual reality training improves da Vinci performance: a prospective trial.

Science.gov (United States)

Cho, Jae Sung; Hahn, Koo Yong; Kwak, Jung Myun; Kim, Jin; Baek, Se Jin; Shin, Jae Won; Kim, Seon Hahn

2013-12-01

The DV-Trainer™ (a virtual reality [VR] simulator) (Mimic Technologies, Inc., Seattle, WA) is one of several different robotic surgical training methods. We designed a prospective study to determine whether VR training could improve da Vinci(®) Surgical System (Intuitive Surgical, Inc., Sunnyvale, CA) performance. Surgeons (n=12) were enrolled using a randomized protocol. Groups 1 (VR training) and 2 (control) participated in VR and da Vinci exercises. Participants' time and moving distance were combined to determine a composite score: VR index=1000/(time×moving distance). The da Vinci exercises included needle control and suturing. Procedure time and error were measured. A composite index (DV index) was computed and used to measure da Vinci competency. After the initial trial with both the VR and da Vinci exercises, only Group 1 was trained with the VR simulator following our institutional curriculum for 3 weeks. All members of both groups then participated in the second trial of the VR and da Vinci exercises and were scored in the same way as in the initial trial. In the initial trial, there was no difference in the VR index (Group 1 versus Group 2, 8.9 ± 3.3 versus 9.4 ± 3.7; P=.832) and the DV index (Group 1 versus Group 2, 3.85 ± 0.73 versus 3.66 ± 0.65; P=.584) scores between the two groups. At the second time point, Group 1 showed increased VR index scores in comparison with Group 2 (19.3 ± 4.5 versus 9.7 ± 4.1, respectively; P=.001) and improved da Vinci performance skills as measured by the DV index (5.80 ± 1.13 versus 4.05 ± 1.03, respectively; P=.028) and by suturing time (7.1 ± 1.54 minutes versus 10.55 ± 1.93 minutes, respectively; P=.018). We found that VR simulator training can improve da Vinci performance. VR practice can result in an early plateau in the learning curve for robotic practice under controlled circumstances.

A taxonomy of distributed denial of service attacks

DEFF Research Database (Denmark)

De Donno, Michele; Giaretta, Alberto; Dragoni, Nicola

2017-01-01

Distributed Denial of Service (DDoS) attacks which are now even more powerful and easier to achieve than the past. Understanding how these attacks work, in all their different forms, represents a first crucial step to tackle this urgent issue. To this end, in this paper we propose a new up-to-date taxonomy...... and a comprehensive classification of current DDoS attacks....

An Explanation of Nakamoto's Analysis of Double-spend Attacks

OpenAIRE

Ozisik, A. Pinar; Levine, Brian Neil

2017-01-01

The fundamental attack against blockchain systems is the double-spend attack. In this tutorial, we provide a very detailed explanation of just one section of Satoshi Nakamoto's original paper where the attack's probability of success is stated. We show the derivation of the mathematics relied upon by Nakamoto to create a model of the attack. We also validate the model with a Monte Carlo simulation, and we determine which model component is not perfect.

Coherent eavesdropping attacks in tomographic quantum cryptography: Nonequivalence of quantum and classical key distillation

International Nuclear Information System (INIS)

Kaszlikowski, Dagomir; Lim, J.Y.; Englert, Berthold-Georg; Kwek, L.C.

2005-01-01

The security of a cryptographic key that is generated by communication through a noisy quantum channel relies on the ability to distill a shorter secure key sequence from a longer insecure one. We show that - for protocols that use quantum channels of any dimension and completely characterize them by state tomography - the noise threshold for classical advantage distillation of a specific kind is substantially lower than the threshold for quantum entanglement distillation if the eavesdropper can perform powerful coherent attacks. In marked contrast, earlier investigations had shown that the thresholds are identical for incoherent attacks on the same classical distillation scheme. It remains an open question whether other schemes for classical advantage distillation have higher thresholds for coherent eavesdropping attacks

Modeling and Analysis of Information Attack in Computer Networks

National Research Council Canada - National Science Library

Pepyne, David

2003-01-01

... (as opposed to physical and other forms of attack) . Information based attacks are attacks that can be carried out from anywhere in the world, while sipping cappuccino at an Internet cafe' or while enjoying the comfort of a living room armchair...

Using an ontology for network attack planning

CSIR Research Space (South Africa)

Van Heerden, R

2016-09-01

Full Text Available The modern complexity of network attacks and their counter-measures (cyber operations) requires detailed planning. This paper presents a Network Attack Planning ontology which is aimed at providing support for planning such network operations within...

Protecting infrastructure networks from cost-based attacks

International Nuclear Information System (INIS)

Wang Xingang; Guan Shuguang; Lai, Choy Heng

2009-01-01

It is well known that heterogeneous networks are vulnerable to the intentional removal of a small fraction of highly connected or loaded nodes, implying that to protect the network effectively, the important nodes should be allocated more defense resource than the others. However, if too much resource is allocated to the few important nodes, the numerous less-important nodes will be less protected, which if attacked together can still lead to devastating damage. A natural question is therefore how to efficiently distribute the limited defense resource among the network nodes such that the network damage is minimized against any attack strategy. In this paper, taking into account the factor of attack cost, the problem of network security is reconsidered in terms of efficient network defense against cost-based attacks. The results show that, for a general complex network, there exists an optimal distribution of the defense resource with which the network is best protected from cost-based attacks. Furthermore, it is found that the configuration of the optimal defense is dependent on the network parameters. Specifically, networks of larger size, sparser connection and more heterogeneous structure will more likely benefit from the defense optimization.

Constructing APT Attack Scenarios Based on Intrusion Kill Chain and Fuzzy Clustering

Directory of Open Access Journals (Sweden)

Ru Zhang

2017-01-01

Full Text Available The APT attack on the Internet is becoming more serious, and most of intrusion detection systems can only generate alarms to some steps of APT attack and cannot identify the pattern of the APT attack. To detect APT attack, many researchers established attack models and then correlated IDS logs with the attack models. However, the accuracy of detection deeply relied on the integrity of models. In this paper, we propose a new method to construct APT attack scenarios by mining IDS security logs. These APT attack scenarios can be further used for the APT detection. First, we classify all the attack events by purpose of phase of the intrusion kill chain. Then we add the attack event dimension to fuzzy clustering, correlate IDS alarm logs with fuzzy clustering, and generate the attack sequence set. Next, we delete the bug attack sequences to clean the set. Finally, we use the nonaftereffect property of probability transfer matrix to construct attack scenarios by mining the attack sequence set. Experiments show that the proposed method can construct the APT attack scenarios by mining IDS alarm logs, and the constructed scenarios match the actual situation so that they can be used for APT attack detection.

Attacker-defender game from a network science perspective

Science.gov (United States)

Li, Ya-Peng; Tan, Suo-Yi; Deng, Ye; Wu, Jun

2018-05-01

Dealing with the protection of critical infrastructures, many game-theoretic methods have been developed to study the strategic interactions between defenders and attackers. However, most game models ignore the interrelationship between different components within a certain system. In this paper, we propose a simultaneous-move attacker-defender game model, which is a two-player zero-sum static game with complete information. The strategies and payoffs of this game are defined on the basis of the topology structure of the infrastructure system, which is represented by a complex network. Due to the complexity of strategies, the attack and defense strategies are confined by two typical strategies, namely, targeted strategy and random strategy. The simulation results indicate that in a scale-free network, the attacker virtually always attacks randomly in the Nash equilibrium. With a small cost-sensitive parameter, representing the degree to which costs increase with the importance of a target, the defender protects the hub targets with large degrees preferentially. When the cost-sensitive parameter exceeds a threshold, the defender switches to protecting nodes randomly. Our work provides a new theoretical framework to analyze the confrontations between the attacker and the defender on critical infrastructures and deserves further study.

Are the rules for the right to self-defense outdated to address current conflicts like attacks from non-state actors and cyber-attacks?

Directory of Open Access Journals (Sweden)

Gonzalo J. Arias

2017-06-01

Full Text Available The latest US-led coalition’s attacks against ISIS in Syria raised the question whether states can use defensive force against non-state actors. Two critical incidents had previously triggered the discussion on the importance and consequences of cyber-attacks as a new form armed attacks. The first one occurred in Estonia in 2007, when the country experienced extensive computer hacking attacks that lasted several weeks. The second incident happened in 2008, during the Georgia–Russia conflict over South Ossetia, when Georgia experienced cyber-attacks similar to those suffered by Estonia in the previous year. Furthermore, on June 21, 2016, the central banks of Indonesia and South Korea were hit by cyber-attacks on their public websites since activist hacking group Anonymous pledged last month to target banks across the world. The previous incidents have created, once again, public questioning if the rules on the use of force and the right of self-defense established in the United Nations Charter are sufficient and efficient to address these new forms of attacks.

After-gate attack on a quantum cryptosystem

International Nuclear Information System (INIS)

Wiechers, C; Wittmann, C; Elser, D; Marquardt, Ch; Leuchs, G; Lydersen, L; Skaar, J; Makarov, V

2011-01-01

We present a method to control the detection events in quantum key distribution systems that use gated single-photon detectors. We employ bright pulses as faked states, timed to arrive at the avalanche photodiodes outside the activation time. The attack can remain unnoticed, since the faked states do not increase the error rate per se. This allows for an intercept-resend attack, where an eavesdropper transfers her detection events to the legitimate receiver without causing any errors. As a side effect, afterpulses, originating from accumulated charge carriers in the detectors, increase the error rate. We have experimentally tested detectors of the system id3110 (Clavis2) from ID Quantique. We identify the parameter regime in which the attack is feasible despite the side effect. Furthermore, we outline how simple modifications in the implementation can make the device immune to this attack.

Compiling symbolic attacks to protocol implementation tests

Directory of Open Access Journals (Sweden)

Michael Rusinowitch

2013-07-01

Full Text Available Recently efficient model-checking tools have been developed to find flaws in security protocols specifications. These flaws can be interpreted as potential attacks scenarios but the feasability of these scenarios need to be confirmed at the implementation level. However, bridging the gap between an abstract attack scenario derived from a specification and a penetration test on real implementations of a protocol is still an open issue. This work investigates an architecture for automatically generating abstract attacks and converting them to concrete tests on protocol implementations. In particular we aim to improve previously proposed blackbox testing methods in order to discover automatically new attacks and vulnerabilities. As a proof of concept we have experimented our proposed architecture to detect a renegotiation vulnerability on some implementations of SSL/TLS, a protocol widely used for securing electronic transactions.

Classification of cyber attacks in South Africa

CSIR Research Space (South Africa)

Van Heerden, R

2016-05-01

Full Text Available various ATM's throughout South Africa. Two criminals, Motsoane and Masoleng, were arrested in February 2012 and both sentenced to 15 years in jail [36, 37]. 3.10 2013: IOL DDoS Anonymous Africa claimed responsibility for launching a Distributed Denial... of Service (DDoS) attack on the Independent Newspaper web site iol.co.za. The attack was in response to claims that the IOL group supports Zimbabwean president Robert Mugabe. The following taunt was sent to boast about the attack: “IOL bad boys bad boys...

A Review Of Recent Cyber-Attacks In Fiji

Directory of Open Access Journals (Sweden)

Neeraj A. Sharma

2015-08-01

Full Text Available Computing technology has evolved in such dramatic ways that a child can use such technology and their features. Internet is one such technology which allows peripheral devices to be connected to each other creating a network to share information. In the same way information can be attacked. In this paper we will be discussing the different types of cyber-attack that recently took place in Fiji. Common attacks discussed in this review paper are phishing email scams website defacement and skimming. Apart from common preventative methods some novel recommendations have been made. We believe the Fiji experiences and recommendations will assist technology users prepare better against such attacks.

Research on high power intra-channel crosstalk attack in optical networks

Science.gov (United States)

Ren, Shuai; Zhang, Yinfa; Wang, Jingyu; Zhang, Jumei; Rao, Xuejun; Fang, Yuanyuan

2017-02-01

The mechanism of high power intra-channel crosstalk attack is analyzed theoretically and the conclusion that power of attack signal and crosstalk coefficient of optical switch are the main factors for which high power intra-channel have destructive effect on quality of legitimate signals is drawn. Effects of high power intra-channel crosstalk attack on quality of legitimate signals and its capability of attack propagation are investigated quantitatively by building the simulation system in VPI software. The results show that legitimate signals through the first and the second stage optical switch are affected by attack and legitimate signal through the third stage optical switch is almost unaffected by attack when power of original attack signal (OAS) is above 20dB more than that of legitimate signals and crosstalk coefficient of optical switch is -20dB at optical cross connect 1 (OXC1). High power intra-channel crosstalk attack has a certain capability of attack propagation. Attack capability of OAS can be propagated to OXC3 when power of OAS is 27dB more than that of legitimate signals and crosstalk coefficient of optical switch is -20dB. We also find that the secondary attack signal (SAS) does not have capability of attack propagation.

Transient Ischaemic Attack 999 Emergency Referral (TIER: a cluster randomised feasibility trial facilitated by data linkage

Directory of Open Access Journals (Sweden)

Anne Seagrove

2017-04-01

Will inform full trial development using criteria: intervention acceptability to practitioners and patients; trial design feasibility; outcome data completeness. Conclusions • If indicated, full trial conducted • If not, but positive results - advise intervention development for immediate implementation • If not, but negative results – advise delivery of intervention should cease.

Evaluation of Crosstalk Attacks in Access Networks

DEFF Research Database (Denmark)

Wagner, Christoph; Eiselt, Michael; Grobe, Klaus

2016-01-01

WDM-PON systems regained interest as low-cost solution for metro and access networks. We present a comparative analysis of resilience of wavelength-selective and wavelength-routed architectures against crosstalk attackers. We compare the vulnerability of these architectures against attacks...

Optimal counterterrorism and the recruitment effect of large terrorist attacks

DEFF Research Database (Denmark)

Jensen, Thomas

2011-01-01

We analyze a simple dynamic model of the interaction between terrorists and authorities. Our primary aim is to study optimal counterterrorism and its consequences when large terrorist attacks lead to a temporary increase in terrorist recruitment. First, we show that an increase in counterterrorism...... makes it more likely that terrorist cells plan small rather than large attacks and therefore may increase the probability of a successful attack. Analyzing optimal counterterrorism we see that the recruitment effect makes authorities increase the level of counterterrorism after large attacks. Therefore......, in periods following large attacks a new attack is more likely to be small compared to other periods. Finally, we analyze the long-run consequences of the recruitment effect. We show that it leads to more counterterrorism, more small attacks, and a higher sum of terrorism damage and counterterrorism costs...

Quantitative Verification and Synthesis of Attack-Defence Scenarios Conference

NARCIS (Netherlands)

Aslanyan, Zaruhi; Nielson, Flemming; Parker, David

Attack-defence trees are a powerful technique for formally evaluating attack-defence scenarios. They represent in an intuitive, graphical way the interaction between an attacker and a defender who compete in order to achieve conflicting objectives. We propose a novel framework for the formal

Brain imaging with 123I-IMP-SPECT in migraine between attacks

International Nuclear Information System (INIS)

Schlake, H.P.; Boettger, I.G.G.; Grotemeyer, K.H.; Husstedt, I.W.

1989-01-01

123 I-IMP-SPECT brain imaging was performed in patients with classic migraine (n = 5) and migraine accompagnee (n = 18) during the headache-free interval. A regional reduction of tracer uptake into brain was observed in all patients with migraine accompagnee, while in patients with classic migraine only one case showed an area of decreased activity. The most marked alteration was found in a patient with persisting neurological symptoms (complicated migraine). In most cases the areas of decreased tracer uptake corresponded to headache localization as well as to topography of neurologic symptoms during migraine attacks. It may be concluded that migraine attacks occur in connection with exacerbations of preexisting changes of cerebral autoregulation due to endogenous or exogenous factors

'Cryptogenic Drop Attacks' revisited: evidence of overlap with functional neurological disorder.

Science.gov (United States)

Hoeritzauer, Ingrid; Carson, Alan J; Stone, Jon

2018-02-07

In their 1973 BMJ paper 'Cryptogenic Drop Attacks', Stevens and Matthews described 40, mostly middle-aged, female patients with drop attacks of unknown cause. Although clinically common, there has been little on this topic since. We aimed to determine clinical features, comorbidity and outcome of patients with drop attacks. We carried out a retrospective review of patients with cryptogenic drop attacks seen consecutively by one clinician (JS) between 2006 and 2016. Demographics, phenomenology, duration and frequency of attacks, attack description and comorbid diagnoses were recorded. Patients were followed up with a notes review. 83 patients with cryptogenic drop attacks were predominantly female (89%, n=79), mean age 44  years. The majority (93%, n=77) could not remember the fall itself and almost half (43%, n=36) experienced prodromal dissociative symptoms. Mechanical trips or syncope preceded drop attacks, historically, in 24% (n=20) of cases. Persistent fatigue (73%, n=61), chronic pain (40%, n=33), functional limb weakness (31%,n=26) and dissociative (non-epileptic) attacks 28% (n=23) were common, with the latter usually preceding or emerging from drop attacks. At follow-up (88%, mean 38 months), 28% (n=23) had resolution of their drop attacks. Predisposing (but non-causative) disease comorbidity was found at baseline (n=12) and follow-up (n=5). Cryptogenic drop attacks are associated with high frequency of comorbid functional somatic and functional neurological disorders. Patients commonly have prodromal dissociative symptoms and in some there was a clear relationship with prior or subsequent dissociative (non-epileptic) attacks. Some cryptogenic drop attacks may be best understood as phenomena on the spectrum of dissociative attacks. © Article author(s) (or their employer(s) unless otherwise stated in the text of the article) 2018. All rights reserved. No commercial use is permitted unless otherwise expressly granted.

Optimal Patrol to Detect Attacks at Dispersed Heterogeneous Locations

Science.gov (United States)

2013-12-01

solution RALP Random-attacker linear program SALP Strategic-attacker linear program SMDP Semi-Markov decision process SP Shortest path SPR1 Shortest...average cost per attack among all vertices, which we refer to as the strategic-attacker linear program ( SALP ): min x zOPT (3.1a) subject to ∑ (k,l)∈A c...the SALP is indicated by zOPT. The lower bound that is obtained from using the LBLP is indicated by zLB. Solutions obtained from using a heuristic

Detecting Distributed SQL Injection Attacks in a Eucalyptus Cloud Environment

Science.gov (United States)

Kebert, Alan; Barnejee, Bikramjit; Solano, Juan; Solano, Wanda

2013-01-01

The cloud computing environment offers malicious users the ability to spawn multiple instances of cloud nodes that are similar to virtual machines, except that they can have separate external IP addresses. In this paper we demonstrate how this ability can be exploited by an attacker to distribute his/her attack, in particular SQL injection attacks, in such a way that an intrusion detection system (IDS) could fail to identify this attack. To demonstrate this, we set up a small private cloud, established a vulnerable website in one instance, and placed an IDS within the cloud to monitor the network traffic. We found that an attacker could quite easily defeat the IDS by periodically altering its IP address. To detect such an attacker, we propose to use multi-agent plan recognition, where the multiple source IPs are considered as different agents who are mounting a collaborative attack. We show that such a formulation of this problem yields a more sophisticated approach to detecting SQL injection attacks within a cloud computing environment.

Can a Copycat Effect be Observed in Terrorist Suicide Attacks?

Directory of Open Access Journals (Sweden)

Nicholas Farnham

2017-03-01

Full Text Available The purpose of this paper is to explore how a copycat effect – established within the field of suicide studies – may manifest itself in terrorist suicide attacks, and takes an exploratory approach in evaluating the prospect of incorporating open-data resources in future counter-terrorism research. This paper explores a possible ‘copycat effect’ in cases of suicide terrorism, which entails a perpetrator being inspired by a preceding attack to carry out a similar attack not long after the original. In the wake of mounting risks of lone wolf terrorist attacks today and due to the general difficulties faced in preventing such attacks, in this paper we explore a potential area of future prevention in media reporting, security and anti-terrorism policies today. Using the START Global Terrorism Database (GTD, this paper investigates terrorist suicide-attack clusters and analyses the relationship between attacks found within the same cluster. Using a mixed-method approach, our analyses did not uncover clear evidence supporting a copycat effect among the studied attacks. These and other findings have numerous policy and future research implications.

Transient Ischemic Attack

Medline Plus

Full Text Available ... major stroke. It's important to call 9-1-1 immediately for any stroke symptoms. Popular Topics TIA Cardiac Catheter Cholesterol Heart Attack Stent © 2018, American Heart Association, Inc. All rights reserved. Unauthorized use prohibited. The content in this ...

THE REPRISAL ATTACKS BY AL-SHABAAB AGAINST KENYA

Directory of Open Access Journals (Sweden)

E.O.S.ODHIAMBO

2013-10-01

Full Text Available The incursion of Kenya Defence Forces (KDF into Somalia was met by a series of threats from the Al-Shabaab that it would increase the attacks against Kenya if the troops were not withdrawn. The capture of Kismayu by KDF has weakened the nerve of Al-Shabaab but has not eliminated the imminent danger of a substantive terror attack. Since the incursion by KDF, Kenya has succumbed to a sequence of grenade and Improvised Explosive Devices attacks, roadside bombs, landmines and raids by fighters using small arms and light weapons and Rocket Propelled Grenades against Kenyans mostly in North Eastern, Coastal and Nairobi counties, marking the resurgence of terrorism in the country. We argue that Kenya is more vulnerable to Al-Shabaab terrorists attack than before the KDF incursion by citing the frequencies of reprisal attacks from October 2011 to January 2013. Hence, our troops should be withdrawn and deployed within our boundary.

Thwarting Nonintrusive Occupancy Detection Attacks from Smart Meters

Directory of Open Access Journals (Sweden)

Dapeng Man

2017-01-01

Full Text Available Occupancy information is one of the most important privacy issues of a home. Unfortunately, an attacker is able to detect occupancy from smart meter data. The current battery-based load hiding (BLH methods cannot solve this problem. To thwart occupancy detection attacks, we propose a framework of battery-based schemes to prevent occupancy detection (BPOD. BPOD monitors the power consumption of a home and detects the occupancy in real time. According to the detection result, BPOD modifies those statistical metrics of power consumption, which highly correlate with the occupancy by charging or discharging a battery, creating a delusion that the home is always occupied. We evaluate BPOD in a simulation using several real-world smart meter datasets. Our experiment results show that BPOD effectively prevents the threshold-based and classifier-based occupancy detection attacks. Furthermore, BPOD is also able to prevent nonintrusive appliance load monitoring attacks (NILM as a side-effect of thwarting detection attacks.

Detecting peripheral-based attacks on the host memory

CERN Document Server

Stewin, Patrick

2015-01-01

This work addresses stealthy peripheral-based attacks on host computers and presents a new approach to detecting them. Peripherals can be regarded as separate systems that have a dedicated processor and dedicated runtime memory to handle their tasks. The book addresses the problem that peripherals generally communicate with the host via the host’s main memory, storing cryptographic keys, passwords, opened files and other sensitive data in the process – an aspect attackers are quick to exploit.  Here, stealthy malicious software based on isolated micro-controllers is implemented to conduct an attack analysis, the results of which provide the basis for developing a novel runtime detector. The detector reveals stealthy peripheral-based attacks on the host’s main memory by exploiting certain hardware properties, while a permanent and resource-efficient measurement strategy ensures that the detector is also capable of detecting transient attacks, which can otherwise succeed when the applied strategy only me...

Why cryptography should not rely on physical attack complexity

CERN Document Server

Krämer, Juliane

2015-01-01

This book presents two practical physical attacks. It shows how attackers can reveal the secret key of symmetric as well as asymmetric cryptographic algorithms based on these attacks, and presents countermeasures on the software and the hardware level that can help to prevent them in the future. Though their theory has been known for several years now, since neither attack has yet been successfully implemented in practice, they have generally not been considered a serious threat. In short, their physical attack complexity has been overestimated and the implied security threat has been underestimated. First, the book introduces the photonic side channel, which offers not only temporal resolution, but also the highest possible spatial resolution. Due to the high cost of its initial implementation, it has not been taken seriously. The work shows both simple and differential photonic side channel analyses. Then, it presents a fault attack against pairing-based cryptography. Due to the need for at least two indepe...

Multi-Layer Approach for the Detection of Selective Forwarding Attacks.

Science.gov (United States)

Alajmi, Naser; Elleithy, Khaled

2015-11-19

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Multi-Layer Approach for the Detection of Selective Forwarding Attacks

Directory of Open Access Journals (Sweden)

Naser Alajmi

2015-11-01

Full Text Available Security breaches are a major threat in wireless sensor networks (WSNs. WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD. The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Adversarial Feature Selection Against Evasion Attacks.

Science.gov (United States)

Zhang, Fei; Chan, Patrick P K; Biggio, Battista; Yeung, Daniel S; Roli, Fabio

2016-03-01

Pattern recognition and machine learning techniques have been increasingly adopted in adversarial settings such as spam, intrusion, and malware detection, although their security against well-crafted attacks that aim to evade detection by manipulating data at test time has not yet been thoroughly assessed. While previous work has been mainly focused on devising adversary-aware classification algorithms to counter evasion attempts, only few authors have considered the impact of using reduced feature sets on classifier security against the same attacks. An interesting, preliminary result is that classifier security to evasion may be even worsened by the application of feature selection. In this paper, we provide a more detailed investigation of this aspect, shedding some light on the security properties of feature selection against evasion attacks. Inspired by previous work on adversary-aware classifiers, we propose a novel adversary-aware feature selection model that can improve classifier security against evasion attacks, by incorporating specific assumptions on the adversary's data manipulation strategy. We focus on an efficient, wrapper-based implementation of our approach, and experimentally validate its soundness on different application examples, including spam and malware detection.

Trojan-horse attacks on quantum-key-distribution systems

International Nuclear Information System (INIS)

Gisin, N.; Fasel, S.; Kraus, B.; Zbinden, H.; Ribordy, G.

2006-01-01

General Trojan-horse attacks on quantum-key-distribution systems, i.e., attacks on Alice or Bob's system via the quantum channel, are analyzed. We illustrate the power of such attacks with today's technology and conclude that all systems must implement active counter measures. In particular, all systems must include an auxiliary detector that monitors any incoming light. We show that such counter measures can be efficient, provided that enough additional privacy amplification is applied to the data. We present a practical way to reduce the maximal information gain that an adversary can gain using Trojan-horse attacks. This does reduce the security analysis of the two-way plug-and-play implementation to those of the standard one-way systems

Note on Studying Change Point of LRD Traffic Based on Li's Detection of DDoS Flood Attacking

Directory of Open Access Journals (Sweden)

Zhengmin Xia

2010-01-01

Full Text Available Distributed denial-of-service (DDoS flood attacks remain great threats to the Internet. To ensure network usability and reliability, accurate detection of these attacks is critical. Based on Li's work on DDoS flood attack detection, we propose a DDoS detection method by monitoring the Hurst variation of long-range dependant traffic. Specifically, we use an autoregressive system to estimate the Hurst parameter of normal traffic. If the actual Hurst parameter varies significantly from the estimation, we assume that DDoS attack happens. Meanwhile, we propose two methods to determine the change point of Hurst parameter that indicates the occurrence of DDoS attacks. The detection rate associated with one method and false alarm rate for the other method are also derived. The test results on DARPA intrusion detection evaluation data show that the proposed approaches can achieve better detection performance than some well-known self-similarity-based detection methods.

12 CFR 308.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 4 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... PRACTICE RULES OF PRACTICE AND PROCEDURE Uniform Rules of Practice and Procedure § 308.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any...

12 CFR 19.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 1 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... OF PRACTICE AND PROCEDURE Uniform Rules of Practice and Procedure § 19.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any court concerning all...

Drammer : Deterministic Rowhammer attacks on mobile platforms

NARCIS (Netherlands)

Van Der Veen, Victor; Fratantonio, Yanick; Lindorfer, Martina; Gruss, Daniel; Maurice, Clémentine; Vigna, Giovanni; Bos, Herbert; Razavi, Kaveh; Giuffrida, Cristiano

2016-01-01

Recent work shows that the Rowhammer hardware bug can be used to craft powerful attacks and completely subvert a system. However, existing efforts either describe probabilistic (and thus unreliable) attacks or rely on special (and often unavailable) memory management features to place victim objects

Using exponentially weighted moving average algorithm to defend against DDoS attacks

CSIR Research Space (South Africa)

Machaka, P

2016-11-01

Full Text Available This paper seeks to investigate the performance of the Exponentially Weighted Moving Average (EWMA) for mining big data and detection of DDoS attacks in Internet of Things (IoT) infrastructure. The paper will investigate the tradeoff between...

The accountability problem of flooding attacks in service-oriented architectures

DEFF Research Database (Denmark)

Jensen, Meiko; Schwenk, Jörg

2009-01-01

The threat of Denial of Service attacks poses a serious problem to the security of network-based services in general. For flooding attacks against service-oriented applications, this threat is dramatically amplified with potentially much higher impact and very little effort on the attacker's side....... Additionally, due to the high distribution of a SOA application's components, fending such attacks becomes a far more complex task. In this paper, we present the problem of accountability, referring to the issue of resolving the attacker in a highly distributed service-oriented application. Using a general...

Attack Helicopter Operations: Art or Science

Science.gov (United States)

1991-05-13

ATTACK HELICOPTER OPERATIONS: ART OR SCIENCE ? BY LIEUTENANT COLONEL JAN CALLEN United States Army DISTRIBUTION STATEMENT A: Approved for public release...TASK IWORK UNIT ELEMENT NO. NO. NO. ACCESSION NC 11. TITLE (Include Socurity Classification) Attack Helicopter Operations: Art or Science ? 12. PERSONAL...OPERATIONS: ART OR SCIENCE ? AN INDIVIDUAL STUDY PROJECT by Lieutenant Colonel Jan Callen United States Army Colonel Greg Snelgrove Project Adviser U.S

Attacker Model Lab

OpenAIRE

2006-01-01

tut quiz present Tutorial Quiz Presentation Interactive Media Element This interactive tutorial the two sub-classes of computer attackers: amateurs and professionals. It provides valuable insight into the nature of necessary protection measure for information assets. CS3600 Information Assurance: Introduction to Computer Security Course

Pindolol augmentation in patients with treatment-resistant panic disorder: A double-blind, placebo-controlled trial.

Science.gov (United States)

Hirschmann, S; Dannon, P N; Iancu, I; Dolberg, O T; Zohar, J; Grunhaus, L

2000-10-01

The objective of this study was to determine the efficacy of pindolol as an augmentor of fluoxetine in treatment-resistant panic disorder (PD). Twenty-five outpatients having PD with or without agoraphobia were included. These patients had not responded to two different trials with antidepressants and an 8-week trial of fluoxetine 20 mg/day. Treatment-resistant PD was defined as a less than 20% reduction in score on the Panic Self-Questionnaire (number of attacks per week) (PSQ) and the Clinical Anxiety Scale With Panic Attacks (CAS+PA). These patients continued to receive fluoxetine 20 mg/day and were randomly assigned to additionally receive either pindolol (2.5 mg three times daily) or placebo for the following 4 weeks. Evaluations were performed weekly using the Hamilton Rating Scale for Anxiety, the Hamilton Rating Scale for Depression (HAM-D), the CAS+PA, the NIMH Anxiety Scale, the PSQ, and the Clinical Global Impression Scale. The data were analyzed using a repeated-measures analysis of variance (ANOVA) and a t-test for independent samples. Patients treated with the combination of pindolol and fluoxetine (N = 13) demonstrated a significant improvement over the patients treated with fluoxetine and placebo on all rating scales, with the exception of HAM-D. The statistical differences were shown using the repeated-measures ANOVA (baseline, week 2, week 4) and also with t-tests from the second week of the trial. These preliminary results demonstrate that pindolol has an augmenting effect on fluoxetine in patients with treatment-resistant PD.

A Secure Localization Approach against Wormhole Attacks Using Distance Consistency

Directory of Open Access Journals (Sweden)

Lou Wei

2010-01-01

Full Text Available Wormhole attacks can negatively affect the localization in wireless sensor networks. A typical wormhole attack can be launched by two colluding attackers, one of which sniffs packets at one point in the network and tunnels them through a wired or wireless link to another point, and the other relays them within its vicinity. In this paper, we investigate the impact of the wormhole attack on the localization and propose a novel distance-consistency-based secure localization scheme against wormhole attacks, which includes three phases of wormhole attack detection, valid locators identification and self-localization. The theoretical model is further formulated to analyze the proposed secure localization scheme. The simulation results validate the theoretical results and also demonstrate the effectiveness of our proposed scheme.

Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication

Science.gov (United States)

Sasaki, Yu; Wang, Lei; Ohta, Kazuo; Kunihiro, Noboru

In this paper, we propose password recovery attacks against challenge-response authentication protocols. Our attacks use a message difference for a MD5 collision attack proposed in IEICE 2008. First, we show how to efficiently find a message pair that collides with the above message difference. Second, we show that a password used in authenticated post office protocol (APOP) can be recovered practically. We also show that the password recovery attack can be applied to a session initiation protocol (SIP) and digest authentication. Our attack can recover up to the first 31 password characters in a short time and up to the first 60 characters faster than the naive search method. We have implemented our attack and confirmed that 31 characters can be successfully recovered.

12 CFR 747.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... INVESTIGATIONS Uniform Rules of Practice and Procedure § 747.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any court concerning all or any part of an...

Phase-remapping attack in practical quantum-key-distribution systems

International Nuclear Information System (INIS)

Fung, Chi-Hang Fred; Qi, Bing; Lo, Hoi-Kwong; Tamaki, Kiyoshi

2007-01-01

Quantum key distribution (QKD) can be used to generate secret keys between two distant parties. Even though QKD has been proven unconditionally secure against eavesdroppers with unlimited computation power, practical implementations of QKD may contain loopholes that may lead to the generated secret keys being compromised. In this paper, we propose a phase-remapping attack targeting two practical bidirectional QKD systems (the 'plug-and-play' system and the Sagnac system). We showed that if the users of the systems are unaware of our attack, the final key shared between them can be compromised in some situations. Specifically, we showed that, in the case of the Bennett-Brassard 1984 (BB84) protocol with ideal single-photon sources, when the quantum bit error rate (QBER) is between 14.6% and 20%, our attack renders the final key insecure, whereas the same range of QBER values has been proved secure if the two users are unaware of our attack; also, we demonstrated three situations with realistic devices where positive key rates are obtained without the consideration of Trojan horse attacks but in fact no key can be distilled. We remark that our attack is feasible with only current technology. Therefore, it is very important to be aware of our attack in order to ensure absolute security. In finding our attack, we minimize the QBER over individual measurements described by a general POVM, which has some similarity with the standard quantum state discrimination problem

Effectiveness of the Call in Beach Volleyball Attacking Play

Directory of Open Access Journals (Sweden)

Künzell Stefan

2014-12-01

Full Text Available In beach volleyball the setter has the opportunity to give her or his hitter a “call”. The call intends that the setter suggests to her or his partner where to place the attack in the opponent’s court. The effectiveness of a call is still unknown. We investigated the women’s and men’s Swiss National Beach Volleyball Championships in 2011 and analyzed 2185 attacks. We found large differences between female and male players. While men called in only 38.4% of attacks, women used calls in 85.5% of attacks. If the male players followed a given call, 63% of the attacks were successful. The success rate of attacks without any call was 55.8% and 47.6% when the call was ignored. These differences were not significant (χ2(2 = 4.55, p = 0.103. In women’s beach volleyball, the rate of successful attacks was 61.5% when a call was followed, 35% for attacks without a call, and 42.6% when a call was ignored. The differences were highly significant (χ2(2 = 23.42, p < 0.0005. Taking into account the findings of the present study, we suggested that the call was effective in women’s beach volleyball, while its effect in men’s game was unclear. Considering the quality of calls we indicate that there is a significant potential to increase the effectiveness of a call.

Effects of preparation time and trial type probability on performance of anti- and pro-saccades.

Science.gov (United States)

Pierce, Jordan E; McDowell, Jennifer E

2016-02-01

Cognitive control optimizes responses to relevant task conditions by balancing bottom-up stimulus processing with top-down goal pursuit. It can be investigated using the ocular motor system by contrasting basic prosaccades (look toward a stimulus) with complex antisaccades (look away from a stimulus). Furthermore, the amount of time allotted between trials, the need to switch task sets, and the time allowed to prepare for an upcoming saccade all impact performance. In this study the relative probabilities of anti- and pro-saccades were manipulated across five blocks of interleaved trials, while the inter-trial interval and trial type cue duration were varied across subjects. Results indicated that inter-trial interval had no significant effect on error rates or reaction times (RTs), while a shorter trial type cue led to more antisaccade errors and faster overall RTs. Responses following a shorter cue duration also showed a stronger effect of trial type probability, with more antisaccade errors in blocks with a low antisaccade probability and slower RTs for each saccade task when its trial type was unlikely. A longer cue duration yielded fewer errors and slower RTs, with a larger switch cost for errors compared to a short cue duration. Findings demonstrated that when the trial type cue duration was shorter, visual motor responsiveness was faster and subjects relied upon the implicit trial probability context to improve performance. When the cue duration was longer, increased fixation-related activity may have delayed saccade motor preparation and slowed responses, guiding subjects to respond in a controlled manner regardless of trial type probability. Copyright © 2016 Elsevier B.V. All rights reserved.

Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis.

Science.gov (United States)

Zhou, Wei; Wen, Junhao; Koh, Yun Sing; Xiong, Qingyu; Gao, Min; Dobbie, Gillian; Alam, Shafiq

2015-01-01

Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.