WorldWideScience

Sample records for gnss-based positioning attacks

  1. False Positive and False Negative Effects on Network Attacks

    Science.gov (United States)

    Shang, Yilun

    2018-01-01

    Robustness against attacks serves as evidence for complex network structures and failure mechanisms that lie behind them. Most often, due to detection capability limitation or good disguises, attacks on networks are subject to false positives and false negatives, meaning that functional nodes may be falsely regarded as compromised by the attacker and vice versa. In this work, we initiate a study of false positive/negative effects on network robustness against three fundamental types of attack strategies, namely, random attacks (RA), localized attacks (LA), and targeted attack (TA). By developing a general mathematical framework based upon the percolation model, we investigate analytically and by numerical simulations of attack robustness with false positive/negative rate (FPR/FNR) on three benchmark models including Erdős-Rényi (ER) networks, random regular (RR) networks, and scale-free (SF) networks. We show that ER networks are equivalently robust against RA and LA only when FPR equals zero or the initial network is intact. We find several interesting crossovers in RR and SF networks when FPR is taken into consideration. By defining the cost of attack, we observe diminishing marginal attack efficiency for RA, LA, and TA. Our finding highlights the potential risk of underestimating or ignoring FPR in understanding attack robustness. The results may provide insights into ways of enhancing robustness of network architecture and improve the level of protection of critical infrastructures.

  2. Noninvasive positive pressure ventilation in acute asthmatic attack

    Directory of Open Access Journals (Sweden)

    A. Soroksky

    2010-03-01

    Full Text Available Asthma is characterised by reversible airway obstruction. In most patients, control of disease activity is easily achieved. However, in a small minority, asthma may be fatal. Between the two extremes lie patients with severe asthmatic attacks, refractory to standard treatment. These patients are at an increased risk of recurrent severe attacks, with respiratory failure, and mechanical ventilation. Invasive mechanical ventilation of the asthmatic patient is associated with a higher risk of complications and, therefore, is a measure of last resort. Noninvasive positive pressure ventilation (NPPV is another treatment modality that may be beneficial in patients with severe asthmatic attack who are at an increased risk of developing respiratory failure. These patients have the potential to benefit from early respiratory support in the form of NPPV. However, reports of NPPV in asthmatic patients are scarce, and its usage in asthmatic attacks is, therefore, still controversial. Only a few reports of NPPV in asthma have been published over the last decade. These studies mostly involve small numbers of patients and those who have problematic methodology. In this article we review the available evidence for NPPV in asthma and try to formulate our recommendations for NPPV application in asthma based on the available evidence and reports.

  3. GNSS-based receiver autonomous integrity monitoring for aircraft navigation

    NARCIS (Netherlands)

    Imparato, D.

    2016-01-01

    Nowadays, GNSS-based navigation is moving more and more to critical applications. Global Navigation Satellite Systems (GNSS), which in the past used to be represented by the American GPS and the Russian GLONASS are now growing in number and performance. The European systemGalileo and the Chinese

  4. Implementation of Positive Operator-Valued Measure in Passive Faraday Mirror Attack

    International Nuclear Information System (INIS)

    Wang Wei-Long; Gao Ming; Ma Zhi

    2015-01-01

    Passive Faraday-mirror (PFM) attack is based on imperfect Faraday mirrors in practical quantum cryptography systems and a set of three-dimensional Positive Operator-Valued Measure (POVM) operators plays an important role in this attack. In this paper, we propose a simple scheme to implement the POVM in PFM attack on an Faraday–Michelson quantum cryptography system. Since the POVM can not be implemented directly with previous methods, in this scheme it needs to expand the states sent by Alice and the POVM operators in the attack into four-dimensional Hilbert space first, without changing the attacking effect by calculation. Based on the methods proposed by Ahnert and Payne, the linear-optical setup for implementing the POVM operators is derived. At last, the complete setup for realizing the PFM attack is presented with all parameters. Furthermore, our scheme can also be applied to realize PFM attack on a plug-and-play system by changing the parameters in the setup. (paper)

  5. A High-Level Functional Architecture for GNSS-Based Road Charging Systems

    DEFF Research Database (Denmark)

    Zabic, Martina

    2011-01-01

    , a short introduction is provided followed by a presentation of the system engineering methodology to illustrate how and why system architectures can be beneficial for GNSS-based road charging systems. Hereafter, a basic set of system functions is determined based on functional system requirements, which...... charging systems, it is important to highlight the overall system architecture which is the framework that defines the basic functions and important concepts of the system. This paper presents a functional architecture for GNSS-based road charging systems based on the concepts of system engineering. First...... defines the necessary tasks that these systems must accomplish. Finally, this paper defines the system functionalities; and provides a generic high-level functional architecture for GNSS-based road charging systems....

  6. Foveal and peripheral fields of vision influences perceptual skill in anticipating opponents' attacking position in volleyball.

    Science.gov (United States)

    Schorer, Jörg; Rienhoff, Rebecca; Fischer, Lennart; Baker, Joseph

    2013-09-01

    The importance of perceptual-cognitive expertise in sport has been repeatedly demonstrated. In this study we examined the role of different sources of visual information (i.e., foveal versus peripheral) in anticipating volleyball attack positions. Expert (n = 11), advanced (n = 13) and novice (n = 16) players completed an anticipation task that involved predicting the location of volleyball attacks. Video clips of volleyball attacks (n = 72) were spatially and temporally occluded to provide varying amounts of information to the participant. In addition, participants viewed the attacks under three visual conditions: full vision, foveal vision only, and peripheral vision only. Analysis of variance revealed significant between group differences in prediction accuracy with higher skilled players performing better than lower skilled players. Additionally, we found significant differences between temporal and spatial occlusion conditions. Both of those factors interacted separately, but not combined with expertise. Importantly, for experts the sum of both fields of vision was superior to either source in isolation. Our results suggest different sources of visual information work collectively to facilitate expert anticipation in time-constrained sports and reinforce the complexity of expert perception.

  7. The GNSS-based component for the new Indonesian tsunami early warning centre provided by GITEWS

    Science.gov (United States)

    Falck, C.; Ramatschi, M.; Bartsch, M.; Merx, A.; Hoeberechts, J.; Rothacher, M.

    2009-04-01

    Introduction Nowadays GNSS technologies are used for a large variety of precise positioning applications. The accuracy can reach the mm level depending on the data analysis methods. GNSS technologies thus offer a high potential to support tsunami early warning systems, e.g., by detection of ground motions due to earthquakes and of tsunami waves on the ocean by GNSS instruments on a buoy. Although GNSS-based precise positioning is a standard method, it is not yet common to apply this technique under tight time constraints and, hence, in the absence of precise satellite orbits and clocks. The new developed GNSS-based component utilises on- and offshore measured GNSS data and is the first system of its kind that was integrated into an operational early warning system. (Indonesian Tsunami Early Warning Centre INATEWS, inaugurated at BMKG, Jakarta on November, 11th 2008) Motivation After the Tsunami event of 26th December 2004 the German government initiated the GITEWS project (German Indonesian Tsunami Early Warning System) to develop a tsunami early warning system for Indonesia. The GFZ Potsdam (German Research Centre for Geosciences) as the consortial leader of GITEWS also covers several work packages, most of them related to sensor systems. The geodetic branch (Department 1) of the GFZ was assigned to develop a GNSS-based component. Brief system description The system covers all aspects from sensor stations with new developed hard- and software designs, manufacturing and installation of stations, real-time data transfer issues, a new developed automatic near real-time data processing and a graphical user interface for early warning centre operators including training on the system. GNSS sensors are installed on buoys, at tide gauges and as real-time reference stations (RTR stations), either stand-alone or co-located with seismic sensors. The GNSS data are transmitted to the warning centre where they are processed in a near real-time data processing chain. For

  8. High angle of attack position sensing for the Southampton University magnetic suspension and balance system

    Science.gov (United States)

    Parker, David H.

    1987-01-01

    An all digital five channel position detection system is to be installed in the Southampton University Magnetic Suspension and Balance System (SUMSBS). The system is intended to monitor a much larger range of model pitch attitudes than has been possible hitherto, up to a maximum of a 90 degree angle of attack. It is based on the use of self-scanning photodiode arrays and illuminating laser light beams, together with purpose built processing electronics. The principles behind the design of the system are discussed, together with the results of testing one channel of the system which was used to control the axial position of a magnetically suspended model in SUMSBS. The removal of optically coupled heave position information from the axial position sensing channel is described.

  9. The risk factors of acute attack of benign paroxysmal positional vertigo

    Directory of Open Access Journals (Sweden)

    Rabiei Sohrab

    2010-04-01

    Full Text Available ntroduction: Many people suffer from vertigo. Its origin in 85% of cases is otological while in 15% is central etiology. Benign paroxysmal positional vertigo (BPPV is the most common cause of the true vertigo. In this research we evaluated the risk factors of acute attack of BPPV. Materials and Methods: This study was performed on 322 patients, presenting with BPPV. Diagnosis was confirmed by history and Dix-Hallpike manoeuvre. The underling risk factors documented carefully. Data analyzed by SPSS and K.square test. Results: Number of 321 patients (including 201 females and 120 males with BPPV included in our study. Their average age was 41. They showed symptoms for 1 month to 15 years (mean 8 months. Emotional stress was positive in 34% and trauma was the only risk factor in 8.12% patients. Ear surgery and prolonged journey were respectively the main risk factors in 7.2 and 12.8% of patients. Conclusion: The confirmed risk factors of acute attack of BPPV were as trauma, major surgery and ear surgery especially stapedotomy, vestibular  neuronitis and prolonged bedrestriction. Meniere was not considered as risk factor. In our study the psychological conflict was the major risk factor for BPPV. Other new risk factors which introduced for first time included; sleep disorder, fatigue, professional sport, starving and prolonged journey.

  10. Prototyping a GNSS-Based Passive Radar for UAVs: An Instrument to Classify the Water Content Feature of Lands

    Directory of Open Access Journals (Sweden)

    Micaela Troglia Gamba

    2015-11-01

    Full Text Available Global Navigation Satellite Systems (GNSS broadcast signals for positioning and navigation, which can be also employed for remote sensing applications. Indeed, the satellites of any GNSS can be seen as synchronized sources of electromagnetic radiation, and specific processing of the signals reflected back from the ground can be used to estimate the geophysical properties of the Earth’s surface. Several experiments have successfully demonstrated GNSS-reflectometry (GNSS-R, whereas new applications are continuously emerging and are presently under development, either from static or dynamic platforms. GNSS-R can be implemented at a low cost, primarily if small devices are mounted on-board unmanned aerial vehicles (UAVs, which today can be equipped with several types of sensors for environmental monitoring. So far, many instruments for GNSS-R have followed the GNSS bistatic radar architecture and consisted of custom GNSS receivers, often requiring a personal computer and bulky systems to store large amounts of data. This paper presents the development of a GNSS-based sensor for UAVs and small manned aircraft, used to classify lands according to their soil water content. The paper provides details on the design of the major hardware and software components, as well as the description of the results obtained through field tests.

  11. Performance Assessment of a Gnss-Based Troposphere Path Delay Estimation Software

    Science.gov (United States)

    Mariotti, Gilles; Avanzi, Alessandro; Graziani, Alberto; Tortora, Paolo

    2013-04-01

    Error budgets of Deep Space Radio Science experiments are heavily affected by interplanetary and Earth transmission media, that corrupt, due to their non-unitary refraction index, the radiometric information of signals coming from the spacecraft. An effective removal of these noise sources is crucial to achieve the accuracy and signal stability levels required by radio science applications. Depending on the nature of these refractions, transmission media are divided into dispersive (that consists of ionized particles, i.e. Solar Wind and Ionosphere) and non-dispersive ones (the refraction is caused by neutral particles: Earth Troposphere). While dispersive noises are successfully removed by multifrequency combinations (as for GPS with the well-known ionofree combination), the most accurate estimation of tropospheric noise is obtained using microwave radiometers (MWR). As the use of MWRs suffers from strong operational limitations (rain and heavy clouds conditions), the GNSS-based processing is still widely adopted to provide a cost-effective, all-weather condition estimation of the troposphere path delay. This work describes the development process and reports the results of a GNSS analysis code specifically aimed to the estimation of the path delays introduced by the troposphere above deep space complexes, to be used for the calibration of Range and Doppler radiometric data. The code has been developed by the Radio Science Laboratory of the University of Bologna in Forlì, and is currently in the testing phase. To this aim, the preliminary output is compared to MWR measurements and IGS TropoSINEX products in order to assess the reliability of the estimate. The software works using ionofree carrier-phase observables and is based upon a double-difference approach, in which the GNSS receiver placed nearby the Deep Space receiver acts as the rover station. Several baselines are then created with various IGS and EUREF stations (master or reference stations) in order to

  12. Time-motion analysis of goalball players in attacks: differences of the player positions and the throwing techniques.

    Science.gov (United States)

    Monezi, Lucas Antônio; Magalhães, Thiago Pinguelli; Morato, Márcio Pereira; Mercadante, Luciano Allegretti; Furtado, Otávio Luis Piva da Cunha; Misuta, Milton Shoiti

    2018-03-26

    In this study, we aimed to analyse goalball players time-motion variables (distance covered, time spent, maximum and average velocities) in official goalball match attacks, taking into account the attack phases (preparation and throwing), player position (centres and wings) and throwing techniques (frontal, spin and between the legs). A total of 365 attacks were assessed using a video based method (2D) through manual tracking using the Dvideo system. Inferential non-parametric statistics were applied for comparison of preparation vs. throwing phase, wings vs. centres and, among the throwing techniques, frontal, spin and between the legs. Significant differences were found between the attack preparation versus the throwing phase for all player time-motion variables: distance covered, time spent, maximum player velocity and average player velocity. Wing players performed most of the throws (85%) and covered longer distances than centres (1.65 vs 0.31 m). The between the legs and the spin throwing techniques presented greater values for most of the time-motion variables (distance covered, time spent and maximum player velocity) than did the frontal technique in both attack phases. These findings provide important information regarding players' movement patterns during goalball matches that can be used to plan more effective training.

  13. Insecurity of position-based quantum-cryptography protocols against entanglement attacks

    International Nuclear Information System (INIS)

    Lau, Hoi-Kwan; Lo, Hoi-Kwong

    2011-01-01

    Recently, position-based quantum cryptography has been claimed to be unconditionally secure. On the contrary, here we show that the existing proposals for position-based quantum cryptography are, in fact, insecure if entanglement is shared among two adversaries. Specifically, we demonstrate how the adversaries can incorporate ideas of quantum teleportation and quantum secret sharing to compromise the security with certainty. The common flaw to all current protocols is that the Pauli operators always map a codeword to a codeword (up to an irrelevant overall phase). We propose a modified scheme lacking this property in which the same cheating strategy used to undermine the previous protocols can succeed with a rate of at most 85%. We prove the modified protocol is secure when the shared quantum resource between the adversaries is a two- or three-level system.

  14. The GNSS-based Ground Tracking System (GTS) of GFZ; from GITEWS to PROTECTS and beyond

    Science.gov (United States)

    Falck, Carsten; Merx, Alexander; Ramatschi, Markus

    2013-04-01

    Introduction An automatic system for the near real-time determination and visualization of ground motions, respectively co-seismic deformations of the Earth's surface, was developed by GFZ (German Research Centre for Geosciences) within the project GITEWS (German Indonesian Tsunami Early Warning System). The system is capable to deliver 3D-displacement vectors for locations with appropriate GPS-equipment in the vicinity of an earthquake's epicenter with a delay of only a few minutes. These vectors can help to assess the earthquake causing tectonic movements, which must be known to make reliable early warning predictions, e.g., concerning the generation of tsunami waves. The GTS (Ground Tracking System) has been integrated into InaTEWS (Indonesian Tsunami Early Warning System) and is in operation at the national warning center in Jakarta since November 2008. After the end of the project GITEWS GFZ continues to support the GTS in Indonesia within the frame of PROTECTS (Project for Training, Education and Consulting for Tsunami Early Warning Systems) and recently some new developments have been introduced. We now aim to make further use of the achievements made, e.g., by developing a license model for the GTS software package. Motivation After the Tsunami of 26th December 2004 the German government initiated the GITEWS project to develop the main components for a tsunami early warning system in Indonesia. The GFZ, as the consortial leader of GITEWS, had several work packages, most of them related to sensor systems. The geodetic branch (Department 1) of GFZ was assigned to develop a GNSS-based component, which since then is known as the GTS (Ground Tracking System). System benefit The ground motion information delivered by the GTS is a valuable source for a fast understanding of an earthquake's mechanism with a high relevance to assess the probability and magnitude of a potentially following tsunami. The system may detect highest displacement vector values, where

  15. GNSS-based Observations and Simulations of Spectral Scintillation Indices in the Arctic Ionosphere

    DEFF Research Database (Denmark)

    Durgonics, Tibor; Hoeg, Per; von Benzon, Hans-Henrik

    During disturbed times, ionospheric scintillations can be severe and adversely impact satellite-based positioning and radio transmissions. The scintillation occurs in the amplitude, phase, polarization, and angle of arrival of the signal. Precise observation, classification, modeling, forecasting...

  16. Attack surfaces

    DEFF Research Database (Denmark)

    Gruschka, Nils; Jensen, Meiko

    2010-01-01

    The new paradigm of cloud computing poses severe security risks to its adopters. In order to cope with these risks, appropriate taxonomies and classification criteria for attacks on cloud computing are required. In this work-in-progress paper we present one such taxonomy based on the notion...... of attack surfaces of the cloud computing scenario participants....

  17. Heart Attack

    Science.gov (United States)

    ... properly causes your body's blood sugar levels to rise, increasing your risk of heart attack. Metabolic syndrome. This occurs when you have obesity, high blood pressure and high blood sugar. Having metabolic ...

  18. Heart Attack

    Science.gov (United States)

    ... family history of heart attack race – African Americans, Mexican Americans, Native Americans, and native Hawaiians are at ... Your doctor will prescribe the medicines that are right for you. If you have had a heart ...

  19. Peacetime Use of Computer Network Attack

    National Research Council Canada - National Science Library

    Busby, Daniel

    2000-01-01

    .... PDD-63 alerts the nation to prepare for impending cyber attacks. This paper examines the nature, scale, and likelihood of cyber attacks posited in PDD-63 and finds that the country does not face an imminent "electronic Pearl Harbor...

  20. OPERATION COBRA. Deliberate Attack, Exploitation

    Science.gov (United States)

    1984-05-25

    to attack Sens, then continue to Troyes , on the Seine River. CCA was in the north, crossing the Loing River at Souppes against light resistance and...advanced from Troyes and prepared positions close to Sens. Under strong artillery support, a task force from CCA (TF Oden) attacked the enemy frontally...movement towards the Seine River on 24 August with an advance toward Troyes . Facing the combat command were what remained of the 51st SS Brigade, light

  1. Heart Attack Recovery FAQs

    Science.gov (United States)

    ... recommendations to make a full recovery. View an animation of a heart attack . Heart Attack Recovery Questions ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

  2. Positioning and applications

    Directory of Open Access Journals (Sweden)

    Rogowski Jerzy B.

    2015-12-01

    Full Text Available The paper presents national report of Poland for IAG on positioning and applications. The selected research presented was carried out at leading Polish research institutions and concern precise multi-GNSS satellite positioning - relative and absolute - and also GNSS-based ionosphere and troposphere modelling and studies. The research resulted in noticeable advancements in these subjects confirmed by the development of new algorithms and methods. New and improved methods of precise GNSS positioning were developed, and also GNSS metrology was studied. New advanced troposphere models were presented and tested. In particular, these models allowed testing IPW variability on regional and global scales. Also, new regional ionosphere monitoring web-based services were developed and launched.

  3. Análisis del ataque posicional de balonmano playa masculino y femenino mediante coordenadas polares. [Analysis of positional attack in beach handball male and female with polar coordinates].

    Directory of Open Access Journals (Sweden)

    Rafael E. Reigal

    2015-07-01

    Full Text Available La presente investigación tiene como objetivo aportar una perspectiva novedosa en la comprensión y diferenciación de las conductas de juego en la fase de ataque posicional en el balonmano playa masculino y femenino. Para ello se analizaron 28 partidos de alto nivel con el programa informático Hoisan. Se utilizó un diseño Observacional de carácter nomotético, de seguimiento y multidimensional con un sistema taxonómico metodológicamente validado. Los datos fueron sometidos a un análisis de coordenadas polares en su versión genuina. Para llevar a cabo estos análisis se escogieron siete conductas focales relativas, principalmente, a los jugadores que finalizan el ataque y el modo de realizarlo. Los resultados mostraron diferencias entre las conductas de apareo en la categoría masculina y femenina. Destaca que el ataque posicional en la categoría femenina se orienta hacia zonas de finalización izquierdas ante un sistema defensivo abierto y depende más de la jugadora que adquiere el rol de doble portera (especialista que en la categoría masculina, donde las responsabilidades están más repartidas y el ataque se dirige hacia la banda derecha ante un sistema defensivo cerrado. El lanzamiento en giro se ha mostrado como el principal recurso ofensivo en ambas categorías. Abstract This research aims to provide a new perspective on understanding and differentiation of play behavior in the phase of positional attack in the male and female beach handball. 28 high-level games with Hoisan software were analyzed. The observational design used is nomothetic, monitoring and multidimensional. The taxonomic system has been validated methodologically. Data were subjected to analysis of polar coordinates in its genuine version. To carry out these analyzes on seven focal behaviors were chosen mainly for players who complete the attack and how to create it. The results showed differences in mating behavior in the male and female category. Emphasizes

  4. Terrorists and Suicide Attacks

    National Research Council Canada - National Science Library

    Cronin, Audrey K

    2003-01-01

    Suicide attacks by terrorist organizations have become more prevalent globally, and assessing the threat of suicide attacks against the United States and its interests at home and abroad has therefore...

  5. Solidarity under Attack

    DEFF Research Database (Denmark)

    Meret, Susi; Goffredo, Sergio

    2017-01-01

    https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack......https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack...

  6. Pericarditis - after heart attack

    Science.gov (United States)

    ... include: A previous heart attack Open heart surgery Chest trauma A heart attack that has affected the thickness of your heart muscle Symptoms Symptoms include: Anxiety Chest pain from the swollen pericardium rubbing on the ...

  7. Heart attack first aid

    Science.gov (United States)

    First aid - heart attack; First aid - cardiopulmonary arrest; First aid - cardiac arrest ... A heart attack occurs when the blood flow that carries oxygen to the heart is blocked. The heart muscle ...

  8. Composite Dos Attack Model

    Directory of Open Access Journals (Sweden)

    Simona Ramanauskaitė

    2012-04-01

    Full Text Available Preparation for potential threats is one of the most important phases ensuring system security. It allows evaluating possible losses, changes in the attack process, the effectiveness of used countermeasures, optimal system settings, etc. In cyber-attack cases, executing real experiments can be difficult for many reasons. However, mathematical or programming models can be used instead of conducting experiments in a real environment. This work proposes a composite denial of service attack model that combines bandwidth exhaustion, filtering and memory depletion models for a more real representation of similar cyber-attacks. On the basis of the introduced model, different experiments were done. They showed the main dependencies of the influence of attacker and victim’s properties on the success probability of denial of service attack. In the future, this model can be used for the denial of service attack or countermeasure optimization.

  9. Web server attack analyzer

    OpenAIRE

    Mižišin, Michal

    2013-01-01

    Web server attack analyzer - Abstract The goal of this work was to create prototype of analyzer of injection flaws attacks on web server. Proposed solution combines capabilities of web application firewall and web server log analyzer. Analysis is based on configurable signatures defined by regular expressions. This paper begins with summary of web attacks, followed by detection techniques analysis on web servers, description and justification of selected implementation. In the end are charact...

  10. Seven Deadliest Microsoft Attacks

    CERN Document Server

    Kraus, Rob; Borkin, Mike; Alpern, Naomi

    2010-01-01

    Do you need to keep up with the latest hacks, attacks, and exploits effecting Microsoft products? Then you need Seven Deadliest Microsoft Attacks. This book pinpoints the most dangerous hacks and exploits specific to Microsoft applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Windows Operating System-Password AttacksActive Directory-Escalat

  11. Transient Ischemic Attack

    Medline Plus

    Full Text Available ... stroke symptoms. Popular Topics TIA Cardiac Catheter Cholesterol Heart Attack Stent © 2018, American Heart Association, Inc. All rights reserved. Unauthorized use prohibited. ...

  12. Seven deadliest USB attacks

    CERN Document Server

    Anderson, Brian

    2010-01-01

    Do you need to keep up with the latest hacks, attacks, and exploits effecting USB technology? Then you need Seven Deadliest USB Attacks. This book pinpoints the most dangerous hacks and exploits specific to USB, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: USB Hacksaw USB Switchblade USB Based Virus/Malicous Code Launch USB Device Overflow RAMdum

  13. Functional characterization of a Nudix hydrolase AtNUDX8 upon pathogen attack indicates a positive role in plant immune responses.

    Directory of Open Access Journals (Sweden)

    Jose Pedro Fonseca

    plant immunity as a positive regulator of defense in Arabidopsis.

  14. Plants under dual attack

    NARCIS (Netherlands)

    Ponzio, C.A.M.

    2016-01-01

    Though immobile, plants are members of complex environments, and are under constant threat from a wide range of attackers, which includes organisms such as insect herbivores or plant pathogens. Plants have developed sophisticated defenses against these attackers, and include chemical responses

  15. Heart attack - discharge

    Science.gov (United States)

    ... and lifestyle Cholesterol - drug treatment Controlling your high blood pressure Deep vein thrombosis - discharge Dietary fats explained Fast food tips Heart attack - discharge Heart attack - what to ask your doctor Heart bypass ... pacemaker - discharge High blood pressure - what to ask your doctor How to read ...

  16. Efecto de la posición inicial sobre la respuesta de reacción en las acciones de ataque en esgrima. [Effect of the initial position on the reaction response in the actions of attack in fencing].

    Directory of Open Access Journals (Sweden)

    Marcos Gutiérrez-Dávila

    2013-10-01

    Full Text Available El propósito de este estudio ha sido comprobar el efecto que produce el desplazamiento del peso del cuerpo hacia el apoyo más retrasado, en la posición de “en guardia”, con respecto a una distribución equidistante de los dos apoyos y la posición habitual, sobre la velocidad de desplazamiento horizontal del centro de masas, CM, durante las acciones posteriores de ataque con fondo. Han participado 19 esgrimistas (14 hombres y 5 mujeres, con una experiencia en competición regional de más de cinco años. Para el registro de los datos, se han utilizado dos plataformas de fuerza, operando a 500 Hz, una cámara de vídeo, a 210 Hz y un cronómetro electrónico adaptado al sistema de cableado de las armas. Una señal electrónica se utilizó para sincronizar temporalmente todos los registros. Para la situación experimental donde el CM se desplazaba hacia el apoyo posterior (retrasada, el esgrimista partía de la posición de “en guardia” manteniendo una fuerza vertical sobre la el pie más retrasado, entre el 65% y 75% del peso corporal, siendo entre el 45% y 55% para la situación experimental de distribución equidistante de los dos apoyos (equidistante. En una tercera situación, se pidió al esgrimista que partiera de su posición habitual de “en guardia”. Los resultados han puesto de manifiesto que, cuando se parte de una posición retrasada del CM para realizar una acción de ataque con fondo, el tiempo de movimiento se incrementa y la velocidad del CM es menor durante los primeros instantes del movimiento.AbstractThe main aim of this study was to determine the effect that produced the displacement of the weight of the body towards the back foot, in the position of "en garde", with regard to an equidistant distribution of both supports and the habitual position, on the speed of horizontal displacement of the center of mass, CM, during a lunge attack in fencing. 19 fencers (14 men and 5 women, with an experience in regional

  17. Heart Attack Payment - National

    Data.gov (United States)

    U.S. Department of Health & Human Services — Payment for heart attack patients measure – national data. This data set includes national-level data for payments associated with a 30-day episode of care for heart...

  18. Heart Attack Payment - Hospital

    Data.gov (United States)

    U.S. Department of Health & Human Services — Payment for heart attack patients measure – provider data. This data set includes provider data for payments associated with a 30-day episode of care for heart...

  19. Heart Attack Payment - State

    Data.gov (United States)

    U.S. Department of Health & Human Services — Payment for heart attack patients measure – state data. This data set includes state-level data for payments associated with a 30-day episode of care for heart...

  20. Cooperating attackers in neural cryptography.

    Science.gov (United States)

    Shacham, Lanir N; Klein, Einat; Mislovaty, Rachel; Kanter, Ido; Kinzel, Wolfgang

    2004-06-01

    A successful attack strategy in neural cryptography is presented. The neural cryptosystem, based on synchronization of neural networks by mutual learning, has been recently shown to be secure under different attack strategies. The success of the advanced attacker presented here, called the "majority-flipping attacker," does not decay with the parameters of the model. This attacker's outstanding success is due to its using a group of attackers which cooperate throughout the synchronization process, unlike any other attack strategy known. An analytical description of this attack is also presented, and fits the results of simulations.

  1. Cyber Attacks, Information Attacks, and Postmodern Warfare

    Directory of Open Access Journals (Sweden)

    Valuch Jozef

    2017-06-01

    Full Text Available The aim of this paper is to evaluate and differentiate between the phenomena of cyberwarfare and information warfare, as manifestations of what we perceive as postmodern warfare. We describe and analyse the current examples of the use the postmodern warfare and the reactions of states and international bodies to these phenomena. The subject matter of this paper is the relationship between new types of postmodern conflicts and the law of armed conflicts (law of war. Based on ICJ case law, it is clear that under current legal rules of international law of war, cyber attacks as well as information attacks (often performed in the cyberspace as well can only be perceived as “war” if executed in addition to classical kinetic warfare, which is often not the case. In most cases perceived “only” as a non-linear warfare (postmodern conflict, this practice nevertheless must be condemned as conduct contrary to the principles of international law and (possibly a crime under national laws, unless this type of conduct will be recognized by the international community as a “war” proper, in its new, postmodern sense.

  2. Seven Deadliest Wireless Technologies Attacks

    CERN Document Server

    Haines, Brad

    2010-01-01

    How can an information security professional keep up with all of the hacks, attacks, and exploits? One way to find out what the worst of the worst are is to read the seven books in our Seven Deadliest Attacks Series. Not only do we let you in on the anatomy of these attacks but we also tell you how to get rid of them and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve. Attacks featured in this book include:Bluetooth AttacksCredit Card, Access Card, and Passport AttacksBad Encryption

  3. The political attack ad

    Directory of Open Access Journals (Sweden)

    Palma Peña-Jiménez, Ph.D.

    2011-01-01

    Full Text Available During election campaigns the political spot has a clear objective: to win votes. This message is communicated to the electorate through television and Internet, and usually presents a negative approach, which includes a direct critical message against the opponent, rather than an exposition of proposals. This article is focused on the analysis of the campaign attack video ad purposely created to encourage the disapproval of the political opponent among voters. These ads focus on discrediting the opponent, many times, through the transmission of ad hominem messages, instead of disseminating the potential of the political party and the virtues and manifesto of its candidate. The article reviews the development of the attack ad since its first appearance, which in Spain dates back to 1996, when the famous Doberman ad was broadcast, and examines the most memorable campaign attack ads.

  4. A fatal elephant attack.

    Science.gov (United States)

    Hejna, Petr; Zátopková, Lenka; Safr, Miroslav

    2012-01-01

    A rare case of an elephant attack is presented. A 44-year-old man working as an elephant keeper was attacked by a cow elephant when he tripped over a foot chain while the animal was being medically treated. The man fell down and was consequently repeatedly attacked with elephant tusks. The man sustained multiple stab injuries to both groin regions, a penetrating injury to the abdominal wall with traumatic prolapse of the loops of the small bowel, multiple defects of the mesentery, and incomplete laceration of the abdominal aorta with massive bleeding into the abdominal cavity. In addition to the penetrating injuries, the man sustained multiple rib fractures with contusion of both lungs and laceration of the right lobe of the liver, and comminuted fractures of the pelvic arch and left femoral body. The man died shortly after he had been received at the hospital. The cause of death was attributed to traumatic shock. © 2011 American Academy of Forensic Sciences.

  5. Attacker Model Lab

    OpenAIRE

    2006-01-01

    tut quiz present Tutorial Quiz Presentation Interactive Media Element This interactive tutorial the two sub-classes of computer attackers: amateurs and professionals. It provides valuable insight into the nature of necessary protection measure for information assets. CS3600 Information Assurance: Introduction to Computer Security Course

  6. Transient Ischemic Attack

    Medline Plus

    Full Text Available ... major stroke. It's important to call 9-1-1 immediately for any stroke symptoms. Popular Topics TIA Cardiac Catheter Cholesterol Heart Attack Stent © 2018, American Heart Association, Inc. All rights reserved. Unauthorized use prohibited. The content in this ...

  7. Temporal Cyber Attack Detection.

    Energy Technology Data Exchange (ETDEWEB)

    Ingram, Joey Burton [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Draelos, Timothy J. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Galiardi, Meghan [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Doak, Justin E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-11-01

    Rigorous characterization of the performance and generalization ability of cyber defense systems is extremely difficult, making it hard to gauge uncertainty, and thus, confidence. This difficulty largely stems from a lack of labeled attack data that fully explores the potential adversarial space. Currently, performance of cyber defense systems is typically evaluated in a qualitative manner by manually inspecting the results of the system on live data and adjusting as needed. Additionally, machine learning has shown promise in deriving models that automatically learn indicators of compromise that are more robust than analyst-derived detectors. However, to generate these models, most algorithms require large amounts of labeled data (i.e., examples of attacks). Algorithms that do not require annotated data to derive models are similarly at a disadvantage, because labeled data is still necessary when evaluating performance. In this work, we explore the use of temporal generative models to learn cyber attack graph representations and automatically generate data for experimentation and evaluation. Training and evaluating cyber systems and machine learning models requires significant, annotated data, which is typically collected and labeled by hand for one-off experiments. Automatically generating such data helps derive/evaluate detection models and ensures reproducibility of results. Experimentally, we demonstrate the efficacy of generative sequence analysis techniques on learning the structure of attack graphs, based on a realistic example. These derived models can then be used to generate more data. Additionally, we provide a roadmap for future research efforts in this area.

  8. Blocking of Brute Force Attack

    OpenAIRE

    M.Venkata Krishna Reddy

    2012-01-01

    A common threat Web developers face is a password-guessing attack known as a brute-force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. If your Web site requires user authentication, you are a good target for a brute-force attack. An attacker can always discover a password through a brute-force attack, but the downside is that it co...

  9. Bluetooth security attacks comparative analysis, attacks, and countermeasures

    CERN Document Server

    Haataja, Keijo; Pasanen, Sanna; Toivanen, Pekka

    2013-01-01

    This overview of Bluetooth security examines network vulnerabilities and offers a comparative analysis of recent security attacks. It also examines related countermeasures and proposes a novel attack that works against all existing Bluetooth versions.

  10. Using residual stacking to mitigate site-specific errors in order to improve the quality of GNSS-based coordinate time series of CORS

    Science.gov (United States)

    Knöpfler, Andreas; Mayer, Michael; Heck, Bernhard

    2014-05-01

    Within the last decades, positioning using GNSS (Global Navigation Satellite Systems; e.g., GPS) has become a standard tool in many (geo-) sciences. The positioning methods Precise Point Positioning and differential point positioning based on carrier phase observations have been developed for a broad variety of applications with different demands for example on accuracy. In high precision applications, a lot of effort was invested to mitigate different error sources: the products for satellite orbits and satellite clocks were improved; the misbehaviour of satellite and receiver antennas compared to an ideal antenna is modelled by calibration values on absolute level, the modelling of the ionosphere and the troposphere is updated year by year. Therefore, within processing of data of CORS (continuously operating reference sites), equipped with geodetic hardware using a sophisticated strategy, the latest products and models nowadays enable positioning accuracies at low mm level. Despite the considerable improvements that have been achieved within GNSS data processing, a generally valid multipath model is still lacking. Therefore, site specific multipath still represents a major error source in precise GNSS positioning. Furthermore, the calibration information of receiving GNSS antennas, which is for instance derived by a robot or chamber calibration, is valid strictly speaking only for the location of the calibration. The calibrated antenna can show a slightly different behaviour at the CORS due to near field multipath effects. One very promising strategy to mitigate multipath effects as well as imperfectly calibrated receiver antennas is to stack observation residuals of several days, thereby, multipath-loaded observation residuals are analysed for example with respect to signal direction, to find and reduce systematic constituents. This presentation will give a short overview about existing stacking approaches. In addition, first results of the stacking approach

  11. Robustness analysis of interdependent networks under multiple-attacking strategies

    Science.gov (United States)

    Gao, Yan-Li; Chen, Shi-Ming; Nie, Sen; Ma, Fei; Guan, Jun-Jie

    2018-04-01

    The robustness of complex networks under attacks largely depends on the structure of a network and the nature of the attacks. Previous research on interdependent networks has focused on two types of initial attack: random attack and degree-based targeted attack. In this paper, a deliberate attack function is proposed, where six kinds of deliberate attacking strategies can be derived by adjusting the tunable parameters. Moreover, the robustness of four types of interdependent networks (BA-BA, ER-ER, BA-ER and ER-BA) with different coupling modes (random, positive and negative correlation) is evaluated under different attacking strategies. Interesting conclusions could be obtained. It can be found that the positive coupling mode can make the vulnerability of the interdependent network to be absolutely dependent on the most vulnerable sub-network under deliberate attacks, whereas random and negative coupling modes make the vulnerability of interdependent network to be mainly dependent on the being attacked sub-network. The robustness of interdependent network will be enhanced with the degree-degree correlation coefficient varying from positive to negative. Therefore, The negative coupling mode is relatively more optimal than others, which can substantially improve the robustness of the ER-ER network and ER-BA network. In terms of the attacking strategies on interdependent networks, the degree information of node is more valuable than the betweenness. In addition, we found a more efficient attacking strategy for each coupled interdependent network and proposed the corresponding protection strategy for suppressing cascading failure. Our results can be very useful for safety design and protection of interdependent networks.

  12. Automated Discovery of Mimicry Attacks

    National Research Council Canada - National Science Library

    Giffin, Jonathon T; Jha, Somesh; Miller, Barton P

    2006-01-01

    .... These systems are useful only if they detect actual attacks. Previous research developed manually-constructed mimicry and evasion attacks that avoided detection by hiding a malicious series of system calls within a valid sequence allowed by the model...

  13. Heart Attack Symptoms in Women

    Science.gov (United States)

    ... fat, cholesterol and other substances (plaque). Watch an animation of a heart attack . Many women think the ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

  14. Attack Trees with Sequential Conjunction

    NARCIS (Netherlands)

    Jhawar, Ravi; Kordy, Barbara; Mauw, Sjouke; Radomirović, Sasa; Trujillo-Rasua, Rolando

    2015-01-01

    We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND at- tack tree formalism increases the expressivity of attack trees by intro- ducing the sequential conjunctive operator SAND. This operator enables the modeling of

  15. Seven Deadliest Unified Communications Attacks

    CERN Document Server

    York, Dan

    2010-01-01

    Do you need to keep up with the latest hacks, attacks, and exploits effecting Unified Communications technology? Then you need Seven Deadliest Unified Communication Attacks. This book pinpoints the most dangerous hacks and exploits specific to Unified Communications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks featured in this book include: UC Ecosystem Attacks Insecure Endpo

  16. The attack navigator

    DEFF Research Database (Denmark)

    Probst, Christian W.; Willemson, Jan; Pieters, Wolter

    2016-01-01

    The need to assess security and take protection decisions is at least as old as our civilisation. However, the complexity and development speed of our interconnected technical systems have surpassed our capacity to imagine and evaluate risk scenarios. This holds in particular for risks...... that are caused by the strategic behaviour of adversaries. Therefore, technology-supported methods are needed to help us identify and manage these risks. In this paper, we describe the attack navigator: a graph-based approach to security risk assessment inspired by navigation systems. Based on maps of a socio...

  17. Attacks on computer systems

    Directory of Open Access Journals (Sweden)

    Dejan V. Vuletić

    2012-01-01

    Full Text Available Computer systems are a critical component of the human society in the 21st century. Economic sector, defense, security, energy, telecommunications, industrial production, finance and other vital infrastructure depend on computer systems that operate at local, national or global scales. A particular problem is that, due to the rapid development of ICT and the unstoppable growth of its application in all spheres of the human society, their vulnerability and exposure to very serious potential dangers increase. This paper analyzes some typical attacks on computer systems.

  18. Integrated Guidance and Control Based Air-to-Air Autonomous Attack Occupation of UCAV

    Directory of Open Access Journals (Sweden)

    Chang Luo

    2016-01-01

    Full Text Available An approach of air-to-air autonomous attack occupation for Unmanned Combat Aerial Vehicles (UCAVs is proposed to improve attack precision and combat effectiveness. According to the shortage of UCAV in the task of attack occupation, kinematic and dynamic models of UCAV and missile loaded on it are formed. Then, attack zone and no-escape zone are calculated by pattern search algorithm, and the optimum attack position is indicated. To arrive at the optimum attack position accurately with restriction of gesture, a novel adaptive sliding mode control method is suggested to design the integrated guidance and control system of UCAV in the process of autonomous attack occupation. Key parameters of the control system are adaptively regulated, which further economize control energy at the same time. The simulation results show that compared with traditional methods our approach can guide the UCAV to the optimum attack position with stable gesture and economize nearly 25% control energy.

  19. Recent "phishing" attacks

    CERN Multimedia

    IT Department

    2009-01-01

    Over the last few weeks there has been a marked increase in the number of attacks on CERN made by cybercriminals. Typical attacks arrive in the form of e-mail messages purporting to come from the CERN Help Desk, Mail Service, or some similarly official-sounding entity and suggest that there is a problem with your account, such as it being over-quota. They then ask you to click on a link or to reply and give your password. Please don’t! Be cautious of any unexpected messages containing web links even if they appear to come from known contacts. If you happen to click on such a link and if your permission is requested to run or install software, always decline it. NEVER provide your password or other details if these are requested. These messages try to trick you into clicking on Web links which will help them to install malicious software on your computer, and anti-virus software cannot be relied on to detect all cases. In case of questions on this topic, you may contact mailto:helpdesk@cern.ch. CERN Comput...

  20. Cyber Attacks and Combat Behavior

    Directory of Open Access Journals (Sweden)

    Carataș Maria Alina

    2017-01-01

    Full Text Available Cyber terrorism is an intangible danger, a real over the corner threat in the life of individuals,organizations, and governments and is getting harder to deal with its damages. The motivations forthe cyber-attacks are different, depending on the terrorist group, from cybercrime to hacktivism,attacks over the authorities’ servers. Organizations constantly need to find new ways ofstrengthening protection against cyber-attacks, assess their cyber readiness, expand the resiliencecapacity and adopts international security regulations.

  1. Seven Deadliest Social Network Attacks

    CERN Document Server

    Timm, Carl

    2010-01-01

    Do you need to keep up with the latest hacks, attacks, and exploits effecting social networks? Then you need Seven Deadliest Social Network Attacks. This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: Social Networking Infrastruct

  2. Crony Attack: Strategic Attack’s Silver Bullet

    Science.gov (United States)

    2006-11-01

    physical assets or financial assets. The form of crony attack that most closely resembles classic strategic attack is to deny, degrade, or destroy a money...February 1951. Reprinted in Airpower Studies Coursebook , Air Command and Staff College, Maxwell AFB, AL, 2002, 152–58. Hirsch, Michael. “NATO’s Game of

  3. Multiple cyber attacks against a target with observation errors and dependent outcomes: Characterization and optimization

    International Nuclear Information System (INIS)

    Hu, Xiaoxiao; Xu, Maochao; Xu, Shouhuai; Zhao, Peng

    2017-01-01

    In this paper we investigate a cybersecurity model: An attacker can launch multiple attacks against a target with a termination strategy that says that the attacker will stop after observing a number of successful attacks or when the attacker is out of attack resources. However, the attacker's observation of the attack outcomes (i.e., random variables indicating whether the target is compromised or not) has an observation error that is specified by both a false-negative and a false-positive probability. The novelty of the model we study is the accommodation of the dependence between the attack outcomes, because the dependence was assumed away in the literature. In this model, we characterize the monotonicity and bounds of the compromise probability (i.e., the probability that the target is compromised). In addition to extensively showing the impact of dependence on quantities such as compromise probability and attack cost, we give methods for finding the optimal strategy that leads to maximum compromise probability or minimum attack cost. This study highlights that the dependence between random variables cannot be assumed away, because the results will be misleading. - Highlights: • A novel cybersecurity model is proposed to accommodate the dependence among attack outcomes. • The monotonicity and bounds of the compromise probability are studied. • The dependence effect on the compromise probability and attack cost is discussed via simulation. • The optimal strategy that leads to maximum compromise probability or minimum attack cost is presented.

  4. Invisible Trojan-horse attack

    DEFF Research Database (Denmark)

    Sajeed, Shihan; Minshull, Carter; Jain, Nitin

    2017-01-01

    We demonstrate the experimental feasibility of a Trojan-horse attack that remains nearly invisible to the single-photon detectors employed in practical quantum key distribution (QKD) systems, such as Clavis2 from ID Quantique. We perform a detailed numerical comparison of the attack performance...

  5. When Sinuses Attack! (For Kids)

    Science.gov (United States)

    ... First Aid & Safety Doctors & Hospitals Videos Recipes for Kids Kids site Sitio para niños How the Body Works ... Search English Español When Sinuses Attack! KidsHealth / For Kids / When Sinuses Attack! What's in this article? What ...

  6. Invisible Trojan-horse attack.

    Science.gov (United States)

    Sajeed, Shihan; Minshull, Carter; Jain, Nitin; Makarov, Vadim

    2017-08-21

    We demonstrate the experimental feasibility of a Trojan-horse attack that remains nearly invisible to the single-photon detectors employed in practical quantum key distribution (QKD) systems, such as Clavis2 from ID Quantique. We perform a detailed numerical comparison of the attack performance against Scarani-Ac´ın-Ribordy-Gisin (SARG04) QKD protocol at 1924 nm versus that at 1536 nm. The attack strategy was proposed earlier but found to be unsuccessful at the latter wavelength, as reported in N. Jain et al., New J. Phys. 16, 123030 (2014). However at 1924 nm, we show experimentally that the noise response of the detectors to bright pulses is greatly reduced, and show by modeling that the same attack will succeed. The invisible nature of the attack poses a threat to the security of practical QKD if proper countermeasures are not adopted.

  7. A Color Image Watermarking Scheme Resistant against Geometrical Attacks

    Directory of Open Access Journals (Sweden)

    Y. Xing

    2010-04-01

    Full Text Available The geometrical attacks are still a problem for many digital watermarking algorithms at present. In this paper, we propose a watermarking algorithm for color images resistant to geometrical distortions (rotation and scaling. The singular value decomposition is used for watermark embedding and extraction. The log-polar map- ping (LPM and phase correlation method are used to register the position of geometrical distortion suffered by the watermarked image. Experiments with different kinds of color images and watermarks demonstrate that the watermarking algorithm is robust to common image processing attacks, especially geometrical attacks.

  8. WILD PIG ATTACKS ON HUMANS

    Energy Technology Data Exchange (ETDEWEB)

    Mayer, J.

    2013-04-12

    Attacks on humans by wild pigs (Sus scrofa) have been documented since ancient times. However, studies characterizing these incidents are lacking. In an effort to better understand this phenomenon, information was collected from 412 wild pig attacks on humans. Similar to studies of large predator attacks on humans, data came from a variety of sources. The various attacks compiled occurred in seven zoogeographic realms. Most attacks occurred within the species native range, and specifically in rural areas. The occurrence was highest during the winter months and daylight hours. Most happened under non-hunting circumstances and appeared to be unprovoked. Wounded animals were the chief cause of these attacks in hunting situations. The animals involved were typically solitary, male and large in size. The fate of the wild pigs involved in these attacks varied depending upon the circumstances, however, most escaped uninjured. Most human victims were adult males traveling on foot and alone. The most frequent outcome for these victims was physical contact/mauling. The severity of resulting injuries ranged from minor to fatal. Most of the mauled victims had injuries to only one part of their bodies, with legs/feet being the most frequent body part injured. Injuries were primarily in the form of lacerations and punctures. Fatalities were typically due to blood loss. In some cases, serious infections or toxemia resulted from the injuries. Other species (i.e., pets and livestock) were also accompanying some of the humans during these attacks. The fates of these animals varied from escaping uninjured to being killed. Frequency data on both non-hunting and hunting incidents of wild pig attacks on humans at the Savannah River Site, South Carolina, showed quantitatively that such incidents are rare.

  9. Shark Attack Project - Marine Attack at Towed Hydrophone Arrays

    National Research Council Canada - National Science Library

    Kalmijn, Adrianus J

    2005-01-01

    The original objective of the SIO Marine Attack project was to identify the electric and magnetic fields causing sharks to inflict serious damage upon the towed hydrophone arrays of US Navy submarines...

  10. The Cyber-Physical Attacker

    DEFF Research Database (Denmark)

    Vigo, Roberto

    2012-01-01

    The world of Cyber-Physical Systems ranges from industrial to national interest applications. Even though these systems are pervading our everyday life, we are still far from fully understanding their security properties. Devising a suitable attacker model is a crucial element when studying...... the security properties of CPSs, as a system cannot be secured without defining the threats it is subject to. In this work an attacker scenario is presented which addresses the peculiarities of a cyber-physical adversary, and we discuss how this scenario relates to other attacker models popular in the security...

  11. Forensics Investigation of Web Application Security Attacks

    OpenAIRE

    Amor Lazzez; Thabet Slimani

    2015-01-01

    Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the sec...

  12. Superposition Attacks on Cryptographic Protocols

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Funder, Jakob Løvstad; Nielsen, Jesper Buus

    2011-01-01

    of information. In this paper, we introduce a fundamentally new model of quantum attacks on classical cryptographic protocols, where the adversary is allowed to ask several classical queries in quantum superposition. This is a strictly stronger attack than the standard one, and we consider the security......Attacks on classical cryptographic protocols are usually modeled by allowing an adversary to ask queries from an oracle. Security is then defined by requiring that as long as the queries satisfy some constraint, there is some problem the adversary cannot solve, such as compute a certain piece...... of several primitives in this model. We show that a secret-sharing scheme that is secure with threshold $t$ in the standard model is secure against superposition attacks if and only if the threshold is lowered to $t/2$. We use this result to give zero-knowledge proofs for all of NP in the common reference...

  13. Genetic attack on neural cryptography.

    Science.gov (United States)

    Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

    2006-03-01

    Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

  14. Panic Attacks and Panic Disorder

    Science.gov (United States)

    ... Major changes in your life, such as a divorce or the addition of a baby Smoking or ... quality of life. Complications that panic attacks may cause or be linked to include: Development of specific ...

  15. Genetic attack on neural cryptography

    International Nuclear Information System (INIS)

    Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

    2006-01-01

    Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size

  16. Genetic attack on neural cryptography

    Science.gov (United States)

    Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

    2006-03-01

    Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

  17. What Is a Heart Attack?

    Science.gov (United States)

    ... medical center. Support from family and friends also can help relieve stress and anxiety. Let your loved ones know how you feel and what they can do to help you. Risk of a Repeat Heart Attack Once ...

  18. Software-based Microarchitectural Attacks

    OpenAIRE

    Gruss, Daniel

    2017-01-01

    Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Software-based microarchitectural attacks exploit effects of these optimizations. Microarchitectural side-channel attacks leak secrets from cryptographic computations, from general purpose computations, or from the kernel. This leakage even persists across all common isolation boundaries, such as processes, containers, and virtual ...

  19. Data-plane Defenses against Routing Attacks on Tor

    Directory of Open Access Journals (Sweden)

    Tan Henry

    2016-10-01

    Full Text Available Tor is susceptible to traffic correlation attacks in which an adversary who observes flows entering and leaving the anonymity network can apply statistical techniques to correlate flows and de-anonymize their endpoints. While an adversary may not be naturally positioned to conduct such attacks, a recent study shows that the Internet’s control-plane can be manipulated to increase an adversary’s view of the network, and consequently, improve its ability to perform traffic correlation. This paper explores, in-depth, the effects of control-plane attacks on the security of the Tor network. Using accurate models of the live Tor network, we quantify Tor’s susceptibility to these attacks by measuring the fraction of the Tor network that is vulnerable and the advantage to the adversary of performing the attacks. We further propose defense mechanisms that protect Tor users from manipulations at the control-plane. Perhaps surprisingly, we show that by leveraging existing trust anchors in Tor, defenses deployed only in the data-plane are sufficient to detect most control-plane attacks. Our defenses do not assume the active participation of Internet Service Providers, and require only very small changes to Tor. We show that our defenses result in a more than tenfold decrease in the effectiveness of certain control-plane attacks.

  20. Fatal injection: a survey of modern code injection attack countermeasures

    Directory of Open Access Journals (Sweden)

    Dimitris Mitropoulos

    2017-11-01

    Full Text Available With a code injection attack (CIA an attacker can introduce malicious code into a computer program or system that fails to properly encode data that comes from an untrusted source. A CIA can have different forms depending on the execution context of the application and the location of the programming flaw that leads to the attack. Currently, CIAs are considered one of the most damaging classes of application attacks since they can severely affect an organisation’s infrastructure and cause financial and reputational damage to it. In this paper we examine and categorize the countermeasures developed to detect the various attack forms. In particular, we identify two distinct categories. The first incorporates static program analysis tools used to eliminate flaws that can lead to such attacks during the development of the system. The second involves the use of dynamic detection safeguards that prevent code injection attacks while the system is in production mode. Our analysis is based on nonfunctional characteristics that are considered critical when creating security mechanisms. Such characteristics involve usability, overhead, implementation dependencies, false positives and false negatives. Our categorization and analysis can help both researchers and practitioners either to develop novel approaches, or use the appropriate mechanisms according to their needs.

  1. Messaging Attacks on Android: Vulnerabilities and Intrusion Detection

    Directory of Open Access Journals (Sweden)

    Khodor Hamandi

    2015-01-01

    Full Text Available Currently, Android is the leading mobile operating system in number of users worldwide. On the security side, Android has had significant challenges despite the efforts of the Android designers to provide a secure environment for apps. In this paper, we present numerous attacks targeting the messaging framework of the Android system. Our focus is on SMS, USSD, and the evolution of their associated security in Android and accordingly the development of related attacks. Also, we shed light on the Android elements that are responsible for these attacks. Furthermore, we present the architecture of an intrusion detection system (IDS that promises to thwart SMS messaging attacks. Our IDS shows a detection rate of 87.50% with zero false positives.

  2. Analytical Characterization of Internet Security Attacks

    Science.gov (United States)

    Sellke, Sarah H.

    2010-01-01

    Internet security attacks have drawn significant attention due to their enormously adverse impact. These attacks includes Malware (Viruses, Worms, Trojan Horse), Denial of Service, Packet Sniffer, and Password Attacks. There is an increasing need to provide adequate defense mechanisms against these attacks. My thesis proposal deals with analytical…

  3. Automated Generation of Attack Trees

    DEFF Research Database (Denmark)

    Vigo, Roberto; Nielson, Flemming; Nielson, Hanne Riis

    2014-01-01

    Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impractica......Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error......-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees...... are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase...

  4. An Analysis of Media’s Role: Case Study of Army Public School (APS Peshawar Attack

    Directory of Open Access Journals (Sweden)

    Qureshi Rameesha

    2016-12-01

    Full Text Available The study aimed at analyzing the role of media during and after terrorist attacks by examining the media handling of APS Peshawar attack. The sample consisted of males and females selected on convenience basis from universities of Rawalpindi and Islamabad. It was hypothesized that (1 Extensive media coverage of terrorist attacks leads to greater publicity/recognition of terrorist groups (2 Media coverage of APS Peshawar attack increased fear and anxiety in public (3 Positive media handling/coverage of APS Peshawar attack led to public solidarity and peace. The results indicate that i Media coverage of terrorist attacks does help terrorist groups to gain publicity and recognition amongst public ii Media coverage of Aps Peshawar attack did not increase fear/anxiety in fact it directed the Pakistani nation towards public solidarity and peace.

  5. An Analysis of Attacks on Blockchain Consensus

    OpenAIRE

    Bissias, George; Levine, Brian Neil; Ozisik, A. Pinar; Andresen, Gavin

    2016-01-01

    We present and validate a novel mathematical model of the blockchain mining process and use it to conduct an economic evaluation of the double-spend attack, which is fundamental to all blockchain systems. Our analysis focuses on the value of transactions that can be secured under a conventional double-spend attack, both with and without a concurrent eclipse attack. Our model quantifies the importance of several factors that determine the attack's success, including confirmation depth, attacke...

  6. Recurrent spontaneous attacks of dizziness.

    Science.gov (United States)

    Lempert, Thomas

    2012-10-01

    This article describes the common causes of recurrent vertigo and dizziness that can be diagnosed largely on the basis of history. Ninety percent of spontaneous recurrent vertigo and dizziness can be explained by six disorders: (1) Ménière disease is characterized by vertigo attacks, lasting 20 minutes to several hours, with concomitant hearing loss, tinnitus, and aural fullness. Aural symptoms become permanent during the course of the disease. (2) Attacks of vestibular migraine may last anywhere from minutes to days. Most patients have a previous history of migraine headaches, and many experience migraine symptoms during the attack. (3) Vertebrobasilar TIAs affect older adults with vascular risk factors. Most attacks last less than 1 hour and are accompanied by other symptoms from the posterior circulation territory. (4) Vestibular paroxysmia is caused by vascular compression of the eighth cranial nerve. It manifests itself with brief attacks of vertigo that recur many times per day, sometimes with concomitant cochlear symptoms. (5) Orthostatic hypotension causes brief episodes of dizziness lasting seconds to a few minutes after standing up and is relieved by sitting or lying down. In older adults, it may be accompanied by supine hypertension. (6) Panic attacks usually last minutes, occur in specific situations, and are accompanied by choking, palpitations, tremor, heat, and anxiety. Less common causes of spontaneous recurrent vertigo and dizziness include perilymph fistula, superior canal dehiscence, autoimmune inner ear disease, otosclerosis, cardiac arrhythmia, and medication side effects. Neurologists need to venture into otolaryngology, internal medicine, and psychiatry to master the differential diagnosis of recurrent dizziness.

  7. Mitigating Higher Ed Cyber Attacks

    Science.gov (United States)

    Rogers, Gary; Ashford, Tina

    2015-01-01

    In this presentation we will discuss the many and varied cyber attacks that have recently occurred in the higher ed community. We will discuss the perpetrators, the victims, the impact and how these institutions have evolved to meet this threat. Mitigation techniques and defense strategies will be covered as will a discussion of effective security…

  8. Detection of complex cyber attacks

    Science.gov (United States)

    Gregorio-de Souza, Ian; Berk, Vincent H.; Giani, Annarita; Bakos, George; Bates, Marion; Cybenko, George; Madory, Doug

    2006-05-01

    One significant drawback to currently available security products is their inabilty to correlate diverse sensor input. For instance, by only using network intrusion detection data, a root kit installed through a weak username-password combination may go unnoticed. Similarly, an administrator may never make the link between deteriorating response times from the database server and an attacker exfiltrating trusted data, if these facts aren't presented together. Current Security Information Management Systems (SIMS) can collect and represent diverse data but lack sufficient correlation algorithms. By using a Process Query System, we were able to quickly bring together data flowing from many sources, including NIDS, HIDS, server logs, CPU load and memory usage, etc. We constructed PQS models that describe dynamic behavior of complicated attacks and failures, allowing us to detect and differentiate simultaneous sophisticated attacks on a target network. In this paper, we discuss the benefits of implementing such a multistage cyber attack detection system using PQS. We focus on how data from multiple sources can be combined and used to detect and track comprehensive network security events that go unnoticed using conventional tools.

  9. Low heat pain thresholds in migraineurs between attacks.

    Science.gov (United States)

    Schwedt, Todd J; Zuniga, Leslie; Chong, Catherine D

    2015-06-01

    Between attacks, migraine is associated with hypersensitivities to sensory stimuli. The objective of this study was to investigate hypersensitivity to pain in migraineurs between attacks. Cutaneous heat pain thresholds were measured in 112 migraineurs, migraine free for ≥ 48 hours, and 75 healthy controls. Pain thresholds at the head and at the arm were compared between migraineurs and controls using two-tailed t-tests. Among migraineurs, correlations between heat pain thresholds and headache frequency, allodynia symptom severity, and time interval until next headache were calculated. Migraineurs had lower pain thresholds than controls at the head (43.9 ℃ ± 3.2 ℃ vs. 45.1 ℃ ± 3.0 ℃, p = 0.015) and arm (43.2 ℃ ± 3.4 ℃ vs. 44.8 ℃ ± 3.3 ℃, p pain thresholds and headache frequency or allodynia symptom severity. For the 41 migraineurs for whom time to next headache was known, there were positive correlations between time to next headache and pain thresholds at the head (r = 0.352, p = 0.024) and arm (r = 0.312, p = 0.047). This study provides evidence that migraineurs have low heat pain thresholds between migraine attacks. Mechanisms underlying these lower pain thresholds could also predispose migraineurs to their next migraine attack, a hypothesis supported by finding positive correlations between pain thresholds and time to next migraine attack. © International Headache Society 2014 Reprints and permissions: sagepub.co.uk/journalsPermissions.nav.

  10. Women's Heart Disease: Heart Attack Symptoms

    Science.gov (United States)

    ... of this page please turn JavaScript on. Feature: Women's Heart Disease Heart Attack Symptoms Past Issues / Winter ... most common heart attack symptom in men and women is chest pain or discomfort. However, women also ...

  11. Stochastic Model of TCP SYN Attacks

    Directory of Open Access Journals (Sweden)

    Simona Ramanauskaitė

    2011-08-01

    Full Text Available A great proportion of essential services are moving into internet space making the threat of DoS attacks even more actual. To estimate the real risk of some kind of denial of service (DoS attack in real world is difficult, but mathematical and software models make this task easier. In this paper we overview the ways of implementing DoS attack models and offer a stochastic model of SYN flooding attack. It allows evaluating the potential threat of SYN flooding attacks, taking into account both the legitimate system flow as well as the possible attack power. At the same time we can assess the effect of such parameters as buffer capacity, open connection storage in the buffer or filte­ring efficiency on the success of different SYN flooding attacks. This model can be used for other type of memory depletion denial of service attacks.Article in Lithuanian

  12. Robust Detection of Stepping-Stone Attacks

    National Research Council Canada - National Science Library

    He, Ting; Tong, Lang

    2006-01-01

    The detection of encrypted stepping-stone attack is considered. Besides encryption and padding, the attacker is capable of inserting chaff packets and perturbing packet timing and transmission order...

  13. Using an ontology for network attack planning

    CSIR Research Space (South Africa)

    Van Heerden, R

    2016-09-01

    Full Text Available The modern complexity of network attacks and their counter-measures (cyber operations) requires detailed planning. This paper presents a Network Attack Planning ontology which is aimed at providing support for planning such network operations within...

  14. Attack Graph Construction for Security Events Analysis

    Directory of Open Access Journals (Sweden)

    Andrey Alexeevich Chechulin

    2014-09-01

    Full Text Available The paper is devoted to investigation of the attack graphs construction and analysis task for a network security evaluation and real-time security event processing. Main object of this research is the attack modeling process. The paper contains the description of attack graphs building, modifying and analysis technique as well as overview of implemented prototype for network security analysis based on attack graph approach.

  15. Vesper: Using Echo-Analysis to Detect Man-in-the-Middle Attacks in LANs

    OpenAIRE

    Mirsky, Yisroel; Kalbo, Naor; Elovici, Yuval; Shabtai, Asaf

    2018-01-01

    The Man-in-the-Middle (MitM) attack is a cyber-attack in which an attacker intercepts traffic, thus harming the confidentiality, integrity, and availability of the network. It remains a popular attack vector due to its simplicity. However, existing solutions are either not portable, suffer from a high false positive rate, or are simply not generic. In this paper, we propose Vesper: a novel plug-and-play MitM detector for local area networks. Vesper uses a technique inspired from impulse respo...

  16. Attacks and countermeasures on AES and ECC

    DEFF Research Database (Denmark)

    Tange, Henrik; Andersen, Birger

    2013-01-01

    AES (Advanced Encryption Standard) is widely used in LTE and Wi-Fi communication systems. AES has recently been exposed to new attacks which have questioned the overall security of AES. The newest attack is a so called biclique attack, which is using the fact that the content of the state array...

  17. Automated classification of computer network attacks

    CSIR Research Space (South Africa)

    Van Heerden, R

    2013-11-01

    Full Text Available according to the relevant types of attack scenarios depicted in the ontology. The two network attack instances are the Distributed Denial of Service attack on SpamHaus in 2013 and the theft of 42 million Rand ($6.7 million) from South African Postbank...

  18. Cyberprints: Identifying Cyber Attackers by Feature Analysis

    Science.gov (United States)

    Blakely, Benjamin A.

    2012-01-01

    The problem of attributing cyber attacks is one of increasing importance. Without a solid method of demonstrating the origin of a cyber attack, any attempts to deter would-be cyber attackers are wasted. Existing methods of attribution make unfounded assumptions about the environment in which they will operate: omniscience (the ability to gather,…

  19. SYN Flood Attack Detection in Cloud Computing using Support Vector Machine

    Directory of Open Access Journals (Sweden)

    Zerina Mašetić

    2017-11-01

    Full Text Available Cloud computing is a trending technology, as it reduces the cost of running a business. However, many companies are skeptic moving about towards cloud due to the security concerns. Based on the Cloud Security Alliance report, Denial of Service (DoS attacks are among top 12 attacks in the cloud computing. Therefore, it is important to develop a mechanism for detection and prevention of these attacks. The aim of this paper is to evaluate Support Vector Machine (SVM algorithm in creating the model for classification of DoS attacks and normal network behaviors. The study was performed in several phases: a attack simulation, b data collection, cfeature selection, and d classification. The proposedmodel achieved 100% classification accuracy with true positive rate (TPR of 100%. SVM showed outstanding performance in DoS attack detection and proves that it serves as a valuable asset in the network security area.

  20. Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers

    NARCIS (Netherlands)

    Pieters, Wolter; Davarynejad, Mohsen

    2015-01-01

    Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in

  1. Research Note on the Energy Infrastructure Attack Database (EIAD

    Directory of Open Access Journals (Sweden)

    Jennifer Giroux

    2013-12-01

    Full Text Available The January 2013 attack on the In Amenas natural gas facility drew international attention. However this attack is part of a portrait of energy infrastructure targeting by non-state actors that spans the globe. Data drawn from the Energy Infrastructure Attack Database (EIAD shows that in the last decade there were, on average, nearly 400 annual attacks carried out by armed non-state actors on energy infrastructure worldwide, a figure that was well under 200 prior to 1999. This data reveals a global picture whereby violent non-state actors target energy infrastructures to air grievances, communicate to governments, impact state economic interests, or capture revenue in the form of hijacking, kidnapping ransoms, theft. And, for politically motivated groups, such as those engaged in insurgencies, attacking industry assets garners media coverage serving as a facilitator for international attention. This research note will introduce EIAD and position its utility within various research areas where the targeting of energy infrastructure, or more broadly energy infrastructure vulnerability, has been addressed, either directly or indirectly. We also provide a snapshot of the initial analysis of the data between 1980-2011, noting specific temporal and spatial trends, and then conclude with a brief discussion on the contribution of EIAD, highlighting future research trajectories. 

  2. Whispering through DDoS attack

    OpenAIRE

    Miralem Mehic; Jiri Slachta; Miroslav Voznak

    2016-01-01

    Denial of service (DoS) attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS) attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes o...

  3. Script-viruses Attacks on UNIX OS

    Directory of Open Access Journals (Sweden)

    D. M. Mikhaylov

    2010-06-01

    Full Text Available In this article attacks on UNIX OS are considered. Currently antivirus developers are concentrated on protecting systems from viruses that are most common and attack popular operating systems. If the system or its components are not often attacked then the antivirus products are not protecting these components as it is not profitable. The same situation is with script-viruses for UNIX OS as most experts consider that it is impossible for such viruses to get enough rights to attack. Nevertheless the main conclusion of this article is the fact that such viruses can be very powerful and can attack systems and get enough rights.

  4. Protecting Cryptographic Memory against Tampering Attack

    DEFF Research Database (Denmark)

    Mukherjee, Pratyay

    In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks. In prac......In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks....... In practice such attacks can be executed easily, e.g. by heating the device, as substantiated by numerous works in the past decade. Tampering attacks are a class of such physical attacks where the attacker can change the memory/computation, gains additional (non-black-box) knowledge by interacting...... with the faulty device and then tries to break the security. Prior works show that generically approaching such problem is notoriously difficult. So, in this dissertation we attempt to solve an easier question, known as memory-tampering, where the attacker is allowed tamper only with the memory of the device...

  5. Attack Tree Generation by Policy Invalidation

    DEFF Research Database (Denmark)

    Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

    2015-01-01

    through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based......Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified...... on invalidating policies in the system model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps....

  6. Whispering through DDoS attack

    Directory of Open Access Journals (Sweden)

    Miralem Mehic

    2016-03-01

    Full Text Available Denial of service (DoS attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes of hiding data or concealing the existing covert channel. In addition, in this paper we analyzed the possibility of detection of such covert communication with the well-known statistical method. Also, we proposed the coordination mechanisms of the attack which may be used. A lot of research has been done in order to describe and prevent DDoS attacks, yet research on steganography on this field is still scarce.

  7. Network Protection Against DDoS Attacks

    Directory of Open Access Journals (Sweden)

    Petr Dzurenda

    2015-03-01

    Full Text Available The paper deals with possibilities of the network protection against Distributed Denial of Service attacks (DDoS. The basic types of DDoS attacks and their impact on the protected network are presented here. Furthermore, we present basic detection and defense techniques thanks to which it is possible to increase resistance of the protected network or device against DDoS attacks. Moreover, we tested the ability of current commercial Intrusion Prevention Systems (IPS, especially Radware DefensePro 6.10.00 product against the most common types of DDoS attacks. We create five scenarios that are varied in type and strength of the DDoS attacks. The attacks intensity was much greater than the normal intensity of the current DDoS attacks.

  8. NETWORK SECURITY ATTACKS. ARP POISONING CASE STUDY

    Directory of Open Access Journals (Sweden)

    Luminiţa DEFTA

    2010-12-01

    Full Text Available Arp poisoning is one of the most common attacks in a switched network. A switch is a network device that limits the ability of attackers that use a packet sniffer to gain access to information from internal network traffic. However, using ARP poisoning the traffic between two computers can be intercepted even in a network that uses switches. This method is known as man in the middle attack. With this type of attack the affected stations from a network will have invalid entries in the ARP table. Thus, it will contain only the correspondence between the IP addresses of the stations from the same network and a single MAC address (the station that initiated the attack. In this paper we present step by step the initiation of such an attack in a network with three computers. We will intercept the traffic between two stations using the third one (the attacker.

  9. Cache timing attacks on recent microarchitectures

    DEFF Research Database (Denmark)

    Andreou, Alexandres; Bogdanov, Andrey; Tischhauser, Elmar Wolfgang

    2017-01-01

    Cache timing attacks have been known for a long time, however since the rise of cloud computing and shared hardware resources, such attacks found new potentially devastating applications. One prominent example is S$A (presented by Irazoqui et al at S&P 2015) which is a cache timing attack against...... AES or similar algorithms in virtualized environments. This paper applies variants of this cache timing attack to Intel's latest generation of microprocessors. It enables a spy-process to recover cryptographic keys, interacting with the victim processes only over TCP. The threat model is a logically...... separated but CPU co-located attacker with root privileges. We report successful and practically verified applications of this attack against a wide range of microarchitectures, from a two-core Nehalem processor (i5-650) to two-core Haswell (i7-4600M) and four-core Skylake processors (i7-6700). The attack...

  10. SQL Injection Attacks and Defense

    CERN Document Server

    Clarke, Justin

    2012-01-01

    SQL Injection Attacks and Defense, First Edition: Winner of the Best Book Bejtlich Read Award "SQL injection is probably the number one problem for any server-side application, and this book unequaled in its coverage." -Richard Bejtlich, Tao Security blog SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information available for penetration testers, IT security consultants and practitioners, and web/software developers to turn to for help. SQL Injection Att

  11. Attack-Resistant Trust Metrics

    Science.gov (United States)

    Levien, Raph

    The Internet is an amazingly powerful tool for connecting people together, unmatched in human history. Yet, with that power comes great potential for spam and abuse. Trust metrics are an attempt to compute the set of which people are trustworthy and which are likely attackers. This chapter presents two specific trust metrics developed and deployed on the Advogato Website, which is a community blog for free software developers. This real-world experience demonstrates that the trust metrics fulfilled their goals, but that for good results, it is important to match the assumptions of the abstract trust metric computation to the real-world implementation.

  12. Migraine attacks the Basal Ganglia

    Directory of Open Access Journals (Sweden)

    Bigal Marcelo

    2011-09-01

    Full Text Available Abstract Background With time, episodes of migraine headache afflict patients with increased frequency, longer duration and more intense pain. While episodic migraine may be defined as 1-14 attacks per month, there are no clear-cut phases defined, and those patients with low frequency may progress to high frequency episodic migraine and the latter may progress into chronic daily headache (> 15 attacks per month. The pathophysiology of this progression is completely unknown. Attempting to unravel this phenomenon, we used high field (human brain imaging to compare functional responses, functional connectivity and brain morphology in patients whose migraine episodes did not progress (LF to a matched (gender, age, age of onset and type of medication group of patients whose migraine episodes progressed (HF. Results In comparison to LF patients, responses to pain in HF patients were significantly lower in the caudate, putamen and pallidum. Paradoxically, associated with these lower responses in HF patients, gray matter volume of the right and left caudate nuclei were significantly larger than in the LF patients. Functional connectivity analysis revealed additional differences between the two groups in regard to response to pain. Conclusions Supported by current understanding of basal ganglia role in pain processing, the findings suggest a significant role of the basal ganglia in the pathophysiology of the episodic migraine.

  13. Anger attacks in obsessive compulsive disorder

    Directory of Open Access Journals (Sweden)

    Nitesh Prakash Painuly

    2011-01-01

    Full Text Available Background: Research on anger attacks has been mostly limited to depression, and only a few studies have focused on anger attacks in obsessive compulsive disorder. Materials and Methods: In a cross-sectional study all new obsessive compulsive disorder patients aged 20-60 years attending an outpatient clinic were assessed using the anger attack questionnaire, irritability, depression and anxiety scale (for the direction of the aggressive behavior and quality of life (QOL. Results: The sample consisted of 42 consecutive subjects with obsessive compulsive disorder, out of which 21 (50% had anger attacks. The obsessive compulsive disorder subjects with and without anger attacks did not show significant differences in terms of sociodemographic variables, duration of illness, treatment, and family history. However, subjects with anger attacks had significantly higher prevalence of panic attacks and comorbid depression. Significantly more subjects with anger attacks exhibited aggressive acts toward spouse, parents, children, and other relatives in the form of yelling and threatening to hurt, trying to hurt, and threatening to leave. However, the two groups did not differ significantly in terms of QOL, except for the psychological domain being worse in the subjects with anger attacks. Conclusion: Anger attacks are present in half of the patients with obsessive compulsive disorder, and they correlate with the presence of comorbid depression.

  14. Critical location identification and vulnerability analysis of interdependent infrastructure systems under spatially localized attacks

    International Nuclear Information System (INIS)

    Ouyang, Min

    2016-01-01

    Infrastructure systems are usually spatially distributed in a wide area and are subject to many types of hazards. For each type of hazards, modeling their direct impact on infrastructure components and analyzing their induced system-level vulnerability are important for identifying mitigation strategies. This paper mainly studies spatially localized attacks that a set of infrastructure components located within or crossing a circle shaped spatially localized area is subject to damage while other components do not directly fail. For this type of attacks, taking interdependent power and gas systems in Harris County, Texas, USA as an example, this paper proposes an approach to exactly identify critical locations in interdependent infrastructure systems and make pertinent vulnerability analysis. Results show that (a) infrastructure interdependencies and attack radius largely affect the position of critical locations; (b) spatially localized attacks cause less vulnerability than equivalent random failures; (c) in most values of attack radius critical locations identified by considering only node failures do not change when considering both node and edge failures in the attack area; (d) for many values of attack radius critical locations identified by topology-based model are also critical from the flow-based perspective. - Highlights: • We propose a method to identify critical locations in interdependent infrastructures. • Geographical interdependencies and attack radius largely affect critical locations. • Localized attacks cause less vulnerability than equivalent random failures. • Whether considering both node and edge failures affects critical locations. • Topology-based critical locations are also critical from flow-based perspective.

  15. [Comparative analysis of phenomenology of paroxysms of atrial fibrillation and panic attacks].

    Science.gov (United States)

    San'kova, T A; Solov'eva, A D; Nedostup, A V

    2004-01-01

    To study phenomenology of attacks of atrial fibrillation (AF) and to compare it with phenomenology of panic attacks for elucidation of pathogenesis of atrial fibrillation and for elaboration of rational therapeutic intervention including those aimed at correction of psychovegetative abnormalities. Patients with nonrheumatic paroxysmal AF (n=105) and 100 patients with panic attacks (n=100). Clinical, cardiological and neurological examination, analysis of patients complaints during attacks of AF, and comparison them with diagnostic criteria for panic attack. It was found that clinical picture of attacks of AF comprised vegetative, emotional and functional neurological phenomena similar to those characteristic for panic attacks. This similarity as well as positive therapeutic effect of clonazepam allowed to propose a novel pathogenic mechanism of AF attacks. Severity of psychovegetative disorders during paroxysm of AF could be evaluated by calculation of psychovegetative iudex: Psychovegetative index should be used for detection of panic attack-like component in clinical picture of AF paroxysm and thus for determination of indications for inclusion of vegetotropic drugs, e. g. clonazepam, in complex preventive therapy.

  16. Defending networks against denial-of-service attacks

    Science.gov (United States)

    Gelenbe, Erol; Gellman, Michael; Loukas, George

    2004-11-01

    Denial of service attacks, viruses and worms are common tools for malicious adversarial behavior in networks. Experience shows that over the last few years several of these techniques have probably been used by governments to impair the Internet communications of various entities, and we can expect that these and other information warfare tools will be used increasingly as part of hostile behavior either independently, or in conjunction with other forms of attack in conventional or asymmetric warfare, as well as in other forms of malicious behavior. In this paper we concentrate on Distributed Denial of Service Attacks (DDoS) where one or more attackers generate flooding traffic and direct it from multiple sources towards a set of selected nodes or IP addresses in the Internet. We first briefly survey the literature on the subject, and discuss some examples of DDoS incidents. We then present a technique that can be used for DDoS protection based on creating islands of protection around a critical information infrastructure. This technique, that we call the CPN-DoS-DT (Cognitive Packet Networks DoS Defence Technique), creates a self-monitoring sub-network surrounding each critical infrastructure node. CPN-DoS-DT is triggered by a DDoS detection scheme, and generates control traffic from the objects of the DDoS attack to the islands of protection where DDOS packet flows are destroyed before they reach the critical infrastructure. We use mathematical modelling, simulation and experiments on our test-bed to show the positive and negative outcomes that may result from both the attack, and the CPN-DoS-DT protection mechanism, due to imperfect detection and false alarms.

  17. VoIP attacks detection engine based on neural network

    Science.gov (United States)

    Safarik, Jakub; Slachta, Jiri

    2015-05-01

    The security is crucial for any system nowadays, especially communications. One of the most successful protocols in the field of communication over IP networks is Session Initiation Protocol. It is an open-source project used by different kinds of applications, both open-source and proprietary. High penetration and text-based principle made SIP number one target in IP telephony infrastructure, so security of SIP server is essential. To keep up with hackers and to detect potential malicious attacks, security administrator needs to monitor and evaluate SIP traffic in the network. But monitoring and following evaluation could easily overwhelm the security administrator in networks, typically in networks with a number of SIP servers, users and logically or geographically separated networks. The proposed solution lies in automatic attack detection systems. The article covers detection of VoIP attacks through a distributed network of nodes. Then the gathered data analyze aggregation server with artificial neural network. Artificial neural network means multilayer perceptron network trained with a set of collected attacks. Attack data could also be preprocessed and verified with a self-organizing map. The source data is detected by distributed network of detection nodes. Each node contains a honeypot application and traffic monitoring mechanism. Aggregation of data from each node creates an input for neural networks. The automatic classification on a centralized server with low false positive detection reduce the cost of attack detection resources. The detection system uses modular design for easy deployment in final infrastructure. The centralized server collects and process detected traffic. It also maintains all detection nodes.

  18. Attacks on IEEE 802.11 wireless networks

    Directory of Open Access Journals (Sweden)

    Dejan Milan Tepšić

    2013-06-01

    . Antennas are an integral part of wireless networks. A selected antenna type affects performance, network availability and safety of wireless networks. Finding default values CommView for WiFi is a tool for monitoring data flow (sniffer especially written for wireless networks. Cain & Abel is a universal tool for the detection of all types of passwords. If a wireless network uses a protective mechanism of MAC address filtering, then the attacker must collect the IP addresses. To connect to a wireless access point, it is necessary to know its SSID. Contrary to what some people think, SSID is not a password. Wardriving Driving a car with a portable computer aimed at the detection of wireless computer networks, onto which connection is later possible, is called wardriving. For wardriving, it is necessary to have an appropriate software tool and a wireless network card or an adapter, on which an external antenna can be added to increase signal strength. It is also possible to use a global positioning device (GPS to determine the coordinates of the detected wireless access points on a map. The most widely used software tools for wardriving are Network Stumbler, Kismet and MiniStumbler. Network attacks Hackers’ most usual attack to circumvent the basic access control in wireless networks is masking their own MAC address with an MAC address of a legitimate client on the network (MAC address spoofing. Man-in-the-Middle attack inserts the attacker’s system in the middle between wireless clients and the wireless access point. Legitimate wireless users will be fooled when they try to connect, by being associated to the attacker's system instead of the legitimate wireless access point. The ARP table poisoning attack inserts the attacker's system in the middle of communication between legitimate clients and the wireless access point. Attackers could use the address resolution protocol if it is running on the network. The aim of this attack is to introduce an attacker as a legitimate

  19. DDOS ATTACK DETECTION SIMULATION AND HANDLING MECHANISM

    Directory of Open Access Journals (Sweden)

    Ahmad Sanmorino

    2013-11-01

    Full Text Available In this study we discuss how to handle DDoS attack that coming from the attacker by using detection method and handling mechanism. Detection perform by comparing number of packets and number of flow. Whereas handling mechanism perform by limiting or drop the packets that detected as a DDoS attack. The study begins with simulation on real network, which aims to get the real traffic data. Then, dump traffic data obtained from the simulation used for detection method on our prototype system called DASHM (DDoS Attack Simulation and Handling Mechanism. From the result of experiment that has been conducted, the proposed method successfully detect DDoS attack and handle the incoming packet sent by attacker.

  20. Model checking exact cost for attack scenarios

    DEFF Research Database (Denmark)

    Aslanyan, Zaruhi; Nielson, Flemming

    2017-01-01

    Attack trees constitute a powerful tool for modelling security threats. Many security analyses of attack trees can be seamlessly expressed as model checking of Markov Decision Processes obtained from the attack trees, thus reaping the benefits of a coherent framework and a mature tool support....... However, current model checking does not encompass the exact cost analysis of an attack, which is standard for attack trees. Our first contribution is the logic erPCTL with cost-related operators. The extended logic allows to analyse the probability of an event satisfying given cost bounds and to compute...... the exact cost of an event. Our second contribution is the model checking algorithm for erPCTL. Finally, we apply our framework to the analysis of attack trees....

  1. Securing internet by eliminating DDOS attacks

    Science.gov (United States)

    Niranchana, R.; Gayathri Devi, N.; Santhi, H.; Gayathri, P.

    2017-11-01

    The major threat caused to the authorised usage of Internet is Distributed Denial of Service attack. The mechanisms used to prevent the DDoS attacks are said to overcome the attack’s ability in spoofing the IP packets source addresses. By utilising Internet Protocol spoofing, the attackers cause a consequential load over the networks destination for policing attack packets. To overcome the IP Spoofing level on the Internet, We propose an Inter domain Packet Filter (IPF) architecture. The proposed scheme is not based on global routing information. The packets with reliable source addresses are not rejected, the IPF frame work works in such a manner. The spoofing capability of attackers is confined by IPF, and also the filter identifies the source of an attack packet by minimal number of candidate network.

  2. Where can an Insider attack?

    DEFF Research Database (Denmark)

    Probst, Christian W.; Hansen, René Rydhof; Nielson, Flemming

    2006-01-01

    By definition, an insider has better access, is more trusted, and has better information about internal procedures, high-value targets, and potential weak spots in the security, than an outsider. Consequently, an insider attack has the potential to cause significant, even catastrophic, damage...... to the targeted organisation. While the problem is well recognised in the security community as well as in law-enforcement and intelligence communities, the main resort still is to audit log files \\$\\backslash\\$emph{after the fact}. There has been little research into developing models, automated tools......, and techniques for analysing and solving (parts of) the problem. In this paper we first develop a formal model of systems, that can describe real-world scenarios. These high-level models are then mapped to acKlaim, a process algebra with support for access control, that is used to study and analyse properties...

  3. Transient ischemic attack: diagnostic evaluation.

    Science.gov (United States)

    Messé, Steven R; Jauch, Edward C

    2008-08-01

    A transient ischemic attack portends significant risk of a stroke. Consequently, the diagnostic evaluation in the emergency department is focused on identifying high-risk causes so that preventive strategies can be implemented. The evaluation consists of a facilitated evaluation of the patient's metabolic, cardiac, and neurovascular systems. At a minimum, the following tests are recommended: fingerstick glucose level, electrolyte levels, CBC count, urinalysis, and coagulation studies; noncontrast computed tomography (CT) of the head; electrocardiography; and continuous telemetry monitoring. Vascular imaging studies, such as carotid ultrasonography, CT angiography, or magnetic resonance angiography, should be performed on an urgent basis and prioritized according to the patient's risk stratification for disease. Consideration should be given for echocardiography if no large vessel abnormality is identified.

  4. Integrating cyber attacks within fault trees

    International Nuclear Information System (INIS)

    Nai Fovino, Igor; Masera, Marcelo; De Cian, Alessio

    2009-01-01

    In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

  5. Visualizing Risks: Icons for Information Attack Scenarios

    National Research Council Canada - National Science Library

    Hosmer, Hilary

    2000-01-01

    .... Visual attack scenarios help defenders see system ambiguities, imprecision, vulnerabilities and omissions, thus speeding up risk analysis, requirements gathering, safeguard selection, cryptographic...

  6. Classifying network attack scenarios using an ontology

    CSIR Research Space (South Africa)

    Van Heerden, RP

    2012-03-01

    Full Text Available ) or to the target?s reputation. The Residue sub-phase refers to damage or artefacts of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example after the launch of a DDOS..., A. (1995). Hacking theft of $10 million from citibank revealed. Retrieved 10/10, 2011, from http://articles.latimes.com/1995-08-19/business/fi-36656_1_citibank-system Hurley, E. (2004). SCO site succumbs to DDoS attack. Retrieved 10/10, 2011, from...

  7. A computer network attack taxonomy and ontology

    CSIR Research Space (South Africa)

    Van Heerden, RP

    2012-01-01

    Full Text Available of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example, after the launch of a DDOS (Distributed Denial of Service) attack, zombie computers may still connect to the target...-scrap- value-of-a-hacked-pc-revisited/ . Lancor, L., & Workman, R. (2007). Using Google Hacking to Enhance Defense Strategies. ACM SIGCSE Bulletin, 39 (1), 491-495. Lau, F., Rubin, S. H., Smith, M. H., & Trajkovic, L. (2000). Distributed Denial of Service...

  8. Integrating cyber attacks within fault trees

    Energy Technology Data Exchange (ETDEWEB)

    Nai Fovino, Igor [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy)], E-mail: igor.nai@jrc.it; Masera, Marcelo [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy); De Cian, Alessio [Department of Electrical Engineering, University di Genova, Genoa (Italy)

    2009-09-15

    In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

  9. The distinguishing motor features of cataplexy: a study from video-recorded attacks.

    Science.gov (United States)

    Pizza, Fabio; Antelmi, Elena; Vandi, Stefano; Meletti, Stefano; Erro, Roberto; Baumann, Christian R; Bhatia, Kailash P; Dauvilliers, Yves; Edwards, Mark J; Iranzo, Alex; Overeem, Sebastiaan; Tinazzi, Michele; Liguori, Rocco; Plazzi, Giuseppe

    2018-05-01

    To describe the motor pattern of cataplexy and to determine its phenomenological differences from pseudocataplexy in the differential diagnosis of episodic falls. We selected 30 video-recorded cataplexy and 21 pseudocataplexy attacks in 17 and 10 patients evaluated for suspected narcolepsy and with final diagnosis of narcolepsy type 1 and conversion disorder, respectively, together with self-reported attacks features, and asked expert neurologists to blindly evaluate the motor features of the attacks. Video documented and self-reported attack features of cataplexy and pseudocataplexy were contrasted. Video-recorded cataplexy can be positively differentiated from pseudocataplexy by the occurrence of facial hypotonia (ptosis, mouth opening, tongue protrusion) intermingled by jerks and grimaces abruptly interrupting laughter behavior (i.e. smile, facial expression) and postural control (head drops, trunk fall) under clear emotional trigger. Facial involvement is present in both partial and generalized cataplexy. Conversely, generalized pseudocataplexy is associated with persistence of deep tendon reflexes during the attack. Self-reported features confirmed the important role of positive emotions (laughter, telling a joke) in triggering the attacks, as well as the more frequent occurrence of partial body involvement in cataplexy compared with pseudocataplexy. Cataplexy is characterized by abrupt facial involvement during laughter behavior. Video recording of suspected cataplexy attacks allows the identification of positive clinical signs useful for diagnosis and, possibly in the future, for severity assessment.

  10. Jamming Attack in Wireless Sensor Network: From Time to Space

    Science.gov (United States)

    Sun, Yanqiang; Wang, Xiaodong; Zhou, Xingming

    Classical jamming attack models in the time domain have been proposed, such as constant jammer, random jammer, and reactive jammer. In this letter, we consider a new problem: given k jammers, how does the attacker minimize the pair-wise connectivity among the nodes in a Wireless Sensor Network (WSN)? We call this problem k-Jammer Deployment Problem (k-JDP). To the best of our knowledge, this is the first attempt at considering the position-critical jamming attack against wireless sensor network. We mainly make three contributions. First, we prove that the decision version of k-JDP is NP-complete even in the ideal situation where the attacker has full knowledge of the topology information of sensor network. Second, we propose a mathematical formulation based on Integer Programming (IP) model which yields an optimal solution. Third, we present a heuristic algorithm HAJDP, and compare it with the IP model. Numerical results show that our heuristic algorithm is computationally efficient.

  11. Attack Trees for Practical Security Assessment: Ranking of Attack Scenarios with ADTool 2.0

    NARCIS (Netherlands)

    Gadyatskaya, Olga; Jhawar, Ravi; Kordy, P.T.; Lounis, Karim; Mauw, Sjouke; Trujillo-Rasua, Rolando

    2016-01-01

    In this tool demonstration paper we present the ADTool2.0: an open-source software tool for design, manipulation and analysis of attack trees. The tool supports ranking of attack scenarios based on quantitative attributes entered by the user; it is scriptable; and it incorporates attack trees with

  12. The work-averse cyber attacker model : theory and evidence from two million attack signatures

    NARCIS (Netherlands)

    Allodi, L.; Massacci, F.; Williams, J.

    The typical cyber attacker is assumed to be all powerful and to exploit all possible vulnerabilities. In this paper we present, and empirically validate, a novel and more realistic attacker model. The intuition of our model is that an attacker will optimally choose whether to act and weaponize a new

  13. Attack Tree Generation by Policy Invalidation

    NARCIS (Netherlands)

    Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, René Rydhof; Kammüller, Florian; Naeem Akram, R.; Jajodia, S.

    2015-01-01

    Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identi﬿cation. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identi﬿ed

  14. Evaluation of Crosstalk Attacks in Access Networks

    DEFF Research Database (Denmark)

    Wagner, Christoph; Eiselt, Michael; Grobe, Klaus

    2016-01-01

    WDM-PON systems regained interest as low-cost solution for metro and access networks. We present a comparative analysis of resilience of wavelength-selective and wavelength-routed architectures against crosstalk attackers. We compare the vulnerability of these architectures against attacks...

  15. Drammer : Deterministic Rowhammer attacks on mobile platforms

    NARCIS (Netherlands)

    Van Der Veen, Victor; Fratantonio, Yanick; Lindorfer, Martina; Gruss, Daniel; Maurice, Clémentine; Vigna, Giovanni; Bos, Herbert; Razavi, Kaveh; Giuffrida, Cristiano

    2016-01-01

    Recent work shows that the Rowhammer hardware bug can be used to craft powerful attacks and completely subvert a system. However, existing efforts either describe probabilistic (and thus unreliable) attacks or rely on special (and often unavailable) memory management features to place victim objects

  16. Collaborative Attack Mitigation and Response: A survey

    NARCIS (Netherlands)

    Steinberger, Jessica; Sperotto, Anna; Baier, Harald; Pras, Aiko

    2015-01-01

    Over recent years, network-based attacks have become to one of the top causes of network infrastructure and service outages. To counteract a network-based attack, an approach is to move mitigation from the target network to the networks of Internet Service Providers (ISP). However, it remains

  17. Rotational Rebound Attacks on Reduced Skein

    DEFF Research Database (Denmark)

    Khovratovich, Dmitry; Nikolic, Ivica; Rechberger, Christian

    2010-01-01

    In this paper we combine a recent rotational cryptanalysis with the rebound attack, which results in the best cryptanalysis of Skein, a candidate for the SHA-3 competition. The rebound attack approach was so far only applied to AES-like constructions. For the first time, we show that this approach...

  18. Phase-remapping attack in practical quantum-key-distribution systems

    International Nuclear Information System (INIS)

    Fung, Chi-Hang Fred; Qi, Bing; Lo, Hoi-Kwong; Tamaki, Kiyoshi

    2007-01-01

    Quantum key distribution (QKD) can be used to generate secret keys between two distant parties. Even though QKD has been proven unconditionally secure against eavesdroppers with unlimited computation power, practical implementations of QKD may contain loopholes that may lead to the generated secret keys being compromised. In this paper, we propose a phase-remapping attack targeting two practical bidirectional QKD systems (the 'plug-and-play' system and the Sagnac system). We showed that if the users of the systems are unaware of our attack, the final key shared between them can be compromised in some situations. Specifically, we showed that, in the case of the Bennett-Brassard 1984 (BB84) protocol with ideal single-photon sources, when the quantum bit error rate (QBER) is between 14.6% and 20%, our attack renders the final key insecure, whereas the same range of QBER values has been proved secure if the two users are unaware of our attack; also, we demonstrated three situations with realistic devices where positive key rates are obtained without the consideration of Trojan horse attacks but in fact no key can be distilled. We remark that our attack is feasible with only current technology. Therefore, it is very important to be aware of our attack in order to ensure absolute security. In finding our attack, we minimize the QBER over individual measurements described by a general POVM, which has some similarity with the standard quantum state discrimination problem

  19. Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method.

    Science.gov (United States)

    Dhamodharan, Udaya Suriya Raj Kumar; Vayanaperumal, Rajamani

    2015-01-01

    Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method) with MAP (message authentication and passing) for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting.

  20. Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method

    Directory of Open Access Journals (Sweden)

    Udaya Suriya Raj Kumar Dhamodharan

    2015-01-01

    Full Text Available Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method with MAP (message authentication and passing for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting.

  1. Combating Memory Corruption Attacks On Scada Devices

    Science.gov (United States)

    Bellettini, Carlo; Rrushi, Julian

    Memory corruption attacks on SCADA devices can cause significant disruptions to control systems and the industrial processes they operate. However, despite the presence of numerous memory corruption vulnerabilities, few, if any, techniques have been proposed for addressing the vulnerabilities or for combating memory corruption attacks. This paper describes a technique for defending against memory corruption attacks by enforcing logical boundaries between potentially hostile data and safe data in protected processes. The technique encrypts all input data using random keys; the encrypted data is stored in main memory and is decrypted according to the principle of least privilege just before it is processed by the CPU. The defensive technique affects the precision with which attackers can corrupt control data and pure data, protecting against code injection and arc injection attacks, and alleviating problems posed by the incomparability of mitigation techniques. An experimental evaluation involving the popular Modbus protocol demonstrates the feasibility and efficiency of the defensive technique.

  2. Use of Attack Graphs in Security Systems

    Directory of Open Access Journals (Sweden)

    Vivek Shandilya

    2014-01-01

    Full Text Available Attack graphs have been used to model the vulnerabilities of the systems and their potential exploits. The successful exploits leading to the partial/total failure of the systems are subject of keen security interest. Considerable effort has been expended in exhaustive modeling, analyses, detection, and mitigation of attacks. One prominent methodology involves constructing attack graphs of the pertinent system for analysis and response strategies. This not only gives the simplified representation of the system, but also allows prioritizing the security properties whose violations are of greater concern, for both detection and repair. We present a survey and critical study of state-of-the-art technologies in attack graph generation and use in security system. Based on our research, we identify the potential, challenges, and direction of the current research in using attack graphs.

  3. Automatic Classification of Attacks on IP Telephony

    Directory of Open Access Journals (Sweden)

    Jakub Safarik

    2013-01-01

    Full Text Available This article proposes an algorithm for automatic analysis of attack data in IP telephony network with a neural network. Data for the analysis is gathered from variable monitoring application running in the network. These monitoring systems are a typical part of nowadays network. Information from them is usually used after attack. It is possible to use an automatic classification of IP telephony attacks for nearly real-time classification and counter attack or mitigation of potential attacks. The classification use proposed neural network, and the article covers design of a neural network and its practical implementation. It contains also methods for neural network learning and data gathering functions from honeypot application.

  4. High level of Brazilian men´s volleyball: characterization and difference of predictive factors of back row attack

    Directory of Open Access Journals (Sweden)

    Gustavo de Conti Teixeira Costa Conti

    2018-05-01

    Full Text Available This study aimed to identify the predictive factors of attacks, performed from positions 1 and 6 according to the effect of reception in high level Brazilian male volleyball and to find the predictive factors that differentiate the game practiced from these positions. The sample consisted in the observation of 142 games of the Brazilian Men's Super League, totalling 2969 actions of reception, setting and attack from positions 1 and 6. The significance value adopted was 5% (p ≤ 0.05. The analysis of the predictive factors of the game performed by the attacker of position 1 showed greater chances to score after an excellent (odds ratio adjusted – ORA = 1.48 and moderate effect of reception (ORA = 1.31, the second attack tempo (ORA = 1.32, the powerful attack in parallel (ORA = 1.91 and in diagonal (ORA =3.44. The attacker of position 6 showed higher chances of scoring after a high effect of reception (ORA = 3.39 and powerful attack in the parallel (ORA = 1.53. In conclusion, regardless the effect of reception, the use of the back-row attackers is recommended to increase the uncertainty on the opposing team and the chances to score.

  5. Aftermath of bustamante attack on genomic beacon service.

    Science.gov (United States)

    Aziz, Md Momin Al; Ghasemi, Reza; Waliullah, Md; Mohammed, Noman

    2017-07-26

    With the enormous need for federated eco-system for holding global genomic and clinical data, Global Alliance for Genomic and Health (GA4GH) has created an international website called beacon service which allows a researcher to find out whether a specific dataset can be utilized to his or her research beforehand. This simple webservice is quite useful as it allows queries like whether a certain position of a target chromosome has a specific nucleotide. However, the increased integration of individuals genomic data into clinical practice and research raised serious privacy concern. Though the answer of such queries are yes or no in Bacon network, it results in serious privacy implication as demonstrated in a recent work from Shringarpure and Bustamante. In their attack model, the authors demonstrated that with a limited number of queries, presence of an individual in any dataset can be determined. We propose two lightweight algorithms (based on randomized response) which captures the efficacy while preserving the privacy of the participants in a genomic beacon service. We also elaborate the strength and weakness of the attack by explaining some of their statistical and mathematical models using real world genomic database. We extend their experimental simulations for different adversarial assumptions and parameters. We experimentally evaluated the solutions on the original attack model with different parameters for better understanding of the privacy and utility tradeoffs provided by these two methods. Also, the statistical analysis further elaborates the different aspects of the prior attack which leads to a better risk management for the participants in a beacon service. The differentially private and lightweight solutions discussed here will make the attack much difficult to succeed while maintaining the fundamental motivation of beacon database network.

  6. Secure positioning in wireless networks

    DEFF Research Database (Denmark)

    Capkun, Srdjan; Hubaux, Jean-Pierre

    2006-01-01

    So far, the problem of positioning in wireless networks has been studied mainly in a non-adversarial settings. In this work, we analyze the resistance of positioning techniques to position and distance spoofing attacks. We propose a mechanism for secure positioning of wireless devices, that we call...... Verifiable Multilateration. We then show how this mechanism can be used to secure positioning in sensor networks. We analyze our system through simulations....

  7. Adaptive cyber-attack modeling system

    Science.gov (United States)

    Gonsalves, Paul G.; Dougherty, Edward T.

    2006-05-01

    The pervasiveness of software and networked information systems is evident across a broad spectrum of business and government sectors. Such reliance provides an ample opportunity not only for the nefarious exploits of lone wolf computer hackers, but for more systematic software attacks from organized entities. Much effort and focus has been placed on preventing and ameliorating network and OS attacks, a concomitant emphasis is required to address protection of mission critical software. Typical software protection technique and methodology evaluation and verification and validation (V&V) involves the use of a team of subject matter experts (SMEs) to mimic potential attackers or hackers. This manpower intensive, time-consuming, and potentially cost-prohibitive approach is not amenable to performing the necessary multiple non-subjective analyses required to support quantifying software protection levels. To facilitate the evaluation and V&V of software protection solutions, we have designed and developed a prototype adaptive cyber attack modeling system. Our approach integrates an off-line mechanism for rapid construction of Bayesian belief network (BN) attack models with an on-line model instantiation, adaptation and knowledge acquisition scheme. Off-line model construction is supported via a knowledge elicitation approach for identifying key domain requirements and a process for translating these requirements into a library of BN-based cyber-attack models. On-line attack modeling and knowledge acquisition is supported via BN evidence propagation and model parameter learning.

  8. Situational awareness of a coordinated cyber attack

    Science.gov (United States)

    Sudit, Moises; Stotz, Adam; Holender, Michael

    2005-03-01

    As technology continues to advance, services and capabilities become computerized, and an ever increasing amount of business is conducted electronically the threat of cyber attacks gets compounded by the complexity of such attacks and the criticality of the information which must be secured. A new age of virtual warfare has dawned in which seconds can differentiate between the protection of vital information and/or services and a malicious attacker attaining their goal. In this paper we present a novel approach in the real-time detection of multistage coordinated cyber attacks and the promising initial testing results we have obtained. We introduce INFERD (INformation Fusion Engine for Real-time Decision-making), an adaptable information fusion engine which performs fusion at levels zero, one, and two to provide real-time situational assessment and its application to the cyber domain in the ECCARS (Event Correlation for Cyber Attack Recognition System) system. The advantages to our approach are fourfold: (1) The complexity of the attacks which we consider, (2) the level of abstraction in which the analyst interacts with the attack scenarios, (3) the speed at which the information fusion is presented and performed, and (4) our disregard for ad-hoc rules or a priori parameters.

  9. Radiological attacks and accidents. Medical consequences

    International Nuclear Information System (INIS)

    Sakuta, Hidenari

    2007-01-01

    Probability of the occurrence of radiological attacks appears to be elevated after the terrorist attacks against the United States on September 11 in 2001. There are a lot of scenarios of radiological attack: simple radiological device, radiological disperse device (RDD or dirty bomb), attacks against nuclear reactor, improvised nuclear device, and nuclear weapons. Of these, RDD attack is the most probable scenario, because it can be easily made and can generate enormous psychological and economic damages. Radiological incidents are occurring to and fro in the world, including several cases of theft to nuclear facilities and unsuccessful terrorist attacks against them. Recently, a former Russian spy has allegedly been killed using polonium-210. In addition, serious radiological accidents have occurred in Chernobyl, Goiania, and Tokai-mura. Planning, preparation, education, and training exercise appear to be essential factors to cope with radiological attacks and accidents effectively without feeling much anxiety. Triage and psychological first aid are prerequisite to manage and provide effective medial care for mass casualties without inducing panic. (author)

  10. Classification of cyber attacks in South Africa

    CSIR Research Space (South Africa)

    Van Heerden, R

    2016-05-01

    Full Text Available various ATM's throughout South Africa. Two criminals, Motsoane and Masoleng, were arrested in February 2012 and both sentenced to 15 years in jail [36, 37]. 3.10 2013: IOL DDoS Anonymous Africa claimed responsibility for launching a Distributed Denial... of Service (DDoS) attack on the Independent Newspaper web site iol.co.za. The attack was in response to claims that the IOL group supports Zimbabwean president Robert Mugabe. The following taunt was sent to boast about the attack: “IOL bad boys bad boys...

  11. Attacker Modelling in Ubiquitous Computing Systems

    DEFF Research Database (Denmark)

    Papini, Davide

    in with our everyday life. This future is visible to everyone nowadays: terms like smartphone, cloud, sensor, network etc. are widely known and used in our everyday life. But what about the security of such systems. Ubiquitous computing devices can be limited in terms of energy, computing power and memory...... attacker remain somehow undened and still under extensive investigation. This Thesis explores the nature of the ubiquitous attacker with a focus on how she interacts with the physical world and it denes a model that captures the abilities of the attacker. Furthermore a quantitative implementation...

  12. Enhancing the Statistical Filtering Scheme to Detect False Negative Attacks in Sensor Networks

    Directory of Open Access Journals (Sweden)

    Muhammad Akram

    2017-06-01

    Full Text Available In this paper, we present a technique that detects both false positive and false negative attacks in statistical filtering-based wireless sensor networks. In statistical filtering scheme, legitimate reports are repeatedly verified en route before they reach the base station, which causes heavy energy consumption. While the original statistical filtering scheme detects only false reports, our proposed method promises to detect both attacks.

  13. Dead or Alive? Factors Affecting the Survival of Victims during Attacks by Saltwater Crocodiles (Crocodylus porosus in Australia.

    Directory of Open Access Journals (Sweden)

    Yusuke Fukuda

    Full Text Available Conflicts between humans and crocodilians are a widespread conservation challenge and the number of crocodile attacks is increasing worldwide. We identified the factors that most effectively decide whether a victim is injured or killed in a crocodile attack by fitting generalized linear models to a 42-year dataset of 87 attacks (27 fatal and 60 non-fatal by saltwater crocodiles (Crocodylus porosus in Australia. The models showed that the most influential factors were the difference in body mass between crocodile and victim, and the position of victim in relation to the water at the time of an attack. In-water position (for diving, swimming, and wading had a higher risk than on-water (boating or on-land (fishing, and hunting near the water's edge positions. In the in-water position a 75 kg person would have a relatively high probability of survival (0.81 if attacked by a 300 cm crocodile, but the probability becomes much lower (0.17 with a 400 cm crocodile. If attacked by a crocodile larger than 450 cm, the survival probability would be extremely low (<0.05 regardless of the victim's size. These results indicate that the main cause of death during a crocodile attack is drowning and larger crocodiles can drag a victim more easily into deeper water. A higher risk associated with a larger crocodile in relation to victim's size is highlighted by children's vulnerability to fatal attacks. Since the first recently recorded fatal attack involving a child in 2006, six out of nine fatal attacks (66.7% involved children, and the average body size of crocodiles responsible for these fatal attacks was considerably smaller (384 cm, 223 kg than that of crocodiles that killed adults (450 cm, 324 kg during the same period (2006-2014. These results suggest that culling programs targeting larger crocodiles may not be an effective management option to improve safety for children.

  14. YET ANOTHER ATTACK ON WAGES AND CONDITIONS.

    Science.gov (United States)

    McCarthy, Andrew

    2016-10-01

    An unobjectionable-sounding title obscures the real intent of the latest in a series of Bills which the federal Coalition government is attempting to legislate in its ongoing attempts to undermine employee wages and conditions and attack unions.

  15. A Unique Fatal Moose Attack Mimicking Homicide.

    Science.gov (United States)

    Gudmannsson, Petur; Berge, Johan; Druid, Henrik; Ericsson, Göran; Eriksson, Anders

    2018-03-01

    Fatalities caused by animal attacks are rare, but have the potential to mimic homicide. We present a case in which a moose attacked and killed a woman who was walking her dog in a forest. Autopsy showed widespread blunt trauma with a large laceration on one leg in which blades of grass were embedded. Flail chest was the cause of death. The case was initially conceived as homicide by means of a riding lawn mower. A review of the case by moose experts and analyses of biological trace material that proved to originate from moose, established the true source of injury. The dog probably provoked a moose, which, in response, stomped and gored the victim to death. The injuries resembled those previously reported from attacks by cattle and water buffalo. Fatal moose attacks constitute an extremely rare threat in boreal areas, but can be considered in traumatic deaths of unknown cause. © 2017 American Academy of Forensic Sciences.

  16. Diabetes - preventing heart attack and stroke

    Science.gov (United States)

    Diabetes complications - heart; Coronary artery disease - diabetes; CAD - diabetes; Cerebrovascular disease - diabetes ... People with diabetes have a higher chance of having heart attacks and strokes. Smoking and having high blood pressure and high ...

  17. Marine Attack on Towed Hydrophone Arrays

    National Research Council Canada - National Science Library

    Kalmijn, Ad

    2002-01-01

    The original objective of the SIO Marine Attack project was to identify the electric and magnetic fields causing sharks to inflict serious damage upon the towed hydrophone arrays of US Navy submarines...

  18. Heuristic attacks against graphical password generators

    CSIR Research Space (South Africa)

    Peach, S

    2010-05-01

    Full Text Available In this paper the authors explore heuristic attacks against graphical password generators. A new trend is emerging to use user clickable pictures to generate passwords. This technique of authentication can be successfully used for - for example...

  19. On localization attacks against cloud infrastructure

    Science.gov (United States)

    Ge, Linqiang; Yu, Wei; Sistani, Mohammad Ali

    2013-05-01

    One of the key characteristics of cloud computing is the device and location independence that enables the user to access systems regardless of their location. Because cloud computing is heavily based on sharing resource, it is vulnerable to cyber attacks. In this paper, we investigate a localization attack that enables the adversary to leverage central processing unit (CPU) resources to localize the physical location of server used by victims. By increasing and reducing CPU usage through the malicious virtual machine (VM), the response time from the victim VM will increase and decrease correspondingly. In this way, by embedding the probing signal into the CPU usage and correlating the same pattern in the response time from the victim VM, the adversary can find the location of victim VM. To determine attack accuracy, we investigate features in both the time and frequency domains. We conduct both theoretical and experimental study to demonstrate the effectiveness of such an attack.

  20. Using agility to combat cyber attacks.

    Science.gov (United States)

    Anderson, Kerry

    2017-06-01

    Some incident response practitioners feel that they have been locked in a battle with cyber criminals since the popular adoption of the internet. Initially, organisations made great inroads in preventing and containing cyber attacks. In the last few years, however, cyber criminals have become adept at eluding defence security technologies and rapidly modifying their exploit strategies for financial or political gains. Similar to changes in military combat tactics, cyber criminals utilise distributed attack cells, real-time communications, and rapidly mutating exploits to minimise the potential for detection. Cyber criminals have changed their attack paradigm. This paper describes a new incident response paradigm aimed at combating the new model of cyber attacks with an emphasis on agility to increase the organisation's ability to respond rapidly to these new challenges.

  1. Social engineering attack examples, templates and scenarios

    CSIR Research Space (South Africa)

    Mouton, Francois

    2016-06-01

    Full Text Available that are representative of real-world examples, whilst still being general enough to encompass several different real-world examples. The proposed social engineering attack templates cover all three types of communication, namely bidirectional communication...

  2. Compiling symbolic attacks to protocol implementation tests

    Directory of Open Access Journals (Sweden)

    Michael Rusinowitch

    2013-07-01

    Full Text Available Recently efficient model-checking tools have been developed to find flaws in security protocols specifications. These flaws can be interpreted as potential attacks scenarios but the feasability of these scenarios need to be confirmed at the implementation level. However, bridging the gap between an abstract attack scenario derived from a specification and a penetration test on real implementations of a protocol is still an open issue. This work investigates an architecture for automatically generating abstract attacks and converting them to concrete tests on protocol implementations. In particular we aim to improve previously proposed blackbox testing methods in order to discover automatically new attacks and vulnerabilities. As a proof of concept we have experimented our proposed architecture to detect a renegotiation vulnerability on some implementations of SSL/TLS, a protocol widely used for securing electronic transactions.

  3. The role of sleep in migraine attacks

    Directory of Open Access Journals (Sweden)

    Elaine Inamorato

    1993-11-01

    Full Text Available Migraine attacks may be precipitated by sleep deprivation or excessive sleep and sleep is also associated with relief of migraine attacks. In view of this variable relationship we studied the records of 159 consecutive outpatients of our Headache Unit. In 121 records there was reference to sleep involvement, in 55% by a single form and in 45% by more than one form. When only one form was related, relief was most common (70%. 30% of that group of patients had the migraine attack precipitated by sleep, 24% by deprivation and 6% by sleep excess. When the effects of sleep were multiple, these effects were as expected logically in 65%: «in accordance» group (e.g attack precipitated by sleep deprivation and relieved by sleep onset. In a second group, («conflicting» where the involvement was not logical, there were three different combinations of sleep involvement, possibly due to more than one pathophysiological mechanism.

  4. ATTACK WARNING: Costs to Modernize NORAD's Computer System Significantly Understated

    National Research Council Canada - National Science Library

    Cross, F

    1991-01-01

    ...) Integrated Tactical Warning and Attack Assessment (ITW/AA) system. These subsystems provide critical strategic surveillance and attack warning and assessment information to United States and Canadian leaders...

  5. RAPTOR: Ransomware Attack PredicTOR

    OpenAIRE

    Quinkert, Florian; Holz, Thorsten; Hossain, KSM Tozammel; Ferrara, Emilio; Lerman, Kristina

    2018-01-01

    Ransomware, a type of malicious software that encrypts a victim's files and only releases the cryptographic key once a ransom is paid, has emerged as a potentially devastating class of cybercrimes in the past few years. In this paper, we present RAPTOR, a promising line of defense against ransomware attacks. RAPTOR fingerprints attackers' operations to forecast ransomware activity. More specifically, our method learns features of malicious domains by looking at examples of domains involved in...

  6. Attack Helicopter Operations: Art or Science

    Science.gov (United States)

    1991-05-13

    ATTACK HELICOPTER OPERATIONS: ART OR SCIENCE ? BY LIEUTENANT COLONEL JAN CALLEN United States Army DISTRIBUTION STATEMENT A: Approved for public release...TASK IWORK UNIT ELEMENT NO. NO. NO. ACCESSION NC 11. TITLE (Include Socurity Classification) Attack Helicopter Operations: Art or Science ? 12. PERSONAL...OPERATIONS: ART OR SCIENCE ? AN INDIVIDUAL STUDY PROJECT by Lieutenant Colonel Jan Callen United States Army Colonel Greg Snelgrove Project Adviser U.S

  7. Protecting mobile agents from external replay attacks

    OpenAIRE

    Garrigues Olivella, Carles; Migas, Nikos; Buchanan, William; Robles, Sergi; Borrell Viader, Joan

    2014-01-01

    Peer-reviewed This paper presents a protocol for the protection of mobile agents against external replay attacks. This kind of attacks are performed by malicious platforms when dispatching an agent multiple times to a remote host, thus making it reexecute part of its itinerary. Current proposals aiming to address this problem are based on storing agent identifiers, or trip markers, inside agent platforms, so that future reexecutions can be detected and prevented. The problem of these solut...

  8. Semantic Identification Attacks on Web Browsing

    OpenAIRE

    Guha, Neel

    2016-01-01

    We introduce a Semantic Identification Attack, in which an adversary uses semantic signals about the pages visited in one browsing session to identify other browsing sessions launched by the same user. This attack allows an adver- sary to determine if two browsing sessions originate from the same user regardless of any measures taken by the user to disguise their browser or network. We use the MSNBC Anonymous Browsing data set, which contains a large set of user visits (labeled by category) t...

  9. Consciousness in Non-Epileptic Attack Disorder

    OpenAIRE

    Reuber, M.; Kurthen, M.

    2011-01-01

    Non-epileptic attack disorder (NEAD) is one of the most important differential diagnoses of epilepsy. Impairment of\\ud consciousness is the key feature of non-epileptic attacks (NEAs). The first half of this review summarises the clinical research\\ud literature featuring observations relating to consciousness in NEAD. The second half places this evidence in the wider context\\ud of the recent discourse on consciousness in neuroscience and the philosophy of mind. We argue that studies of consci...

  10. Cyber Security Audit and Attack Detection Toolkit

    Energy Technology Data Exchange (ETDEWEB)

    Peterson, Dale

    2012-05-31

    This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

  11. Distinguishing attack and second-preimage attack on encrypted message authentication codes (EMAC)

    Science.gov (United States)

    Ariwibowo, Sigit; Windarta, Susila

    2016-02-01

    In this paper we show that distinguisher on CBC-MAC can be applied to Encrypted Message Authentication Code (EMAC) scheme. EMAC scheme in general is vulnerable to distinguishing attack and second preimage attack. Distinguishing attack simulation on AES-EMAC using 225 message modifications, no collision have been found. According to second preimage attack simulation on AES-EMAC no collision found between EMAC value of S1 and S2, i.e. no second preimage found for messages that have been tested. Based on distinguishing attack simulation on truncated AES-EMAC we found collision in every message therefore we cannot distinguish truncated AES-EMAC with random function. Second-preimage attack is successfully performed on truncated AES-EMAC.

  12. Combined Heuristic Attack Strategy on Complex Networks

    Directory of Open Access Journals (Sweden)

    Marek Šimon

    2017-01-01

    Full Text Available Usually, the existence of a complex network is considered an advantage feature and efforts are made to increase its robustness against an attack. However, there exist also harmful and/or malicious networks, from social ones like spreading hoax, corruption, phishing, extremist ideology, and terrorist support up to computer networks spreading computer viruses or DDoS attack software or even biological networks of carriers or transport centers spreading disease among the population. New attack strategy can be therefore used against malicious networks, as well as in a worst-case scenario test for robustness of a useful network. A common measure of robustness of networks is their disintegration level after removal of a fraction of nodes. This robustness can be calculated as a ratio of the number of nodes of the greatest remaining network component against the number of nodes in the original network. Our paper presents a combination of heuristics optimized for an attack on a complex network to achieve its greatest disintegration. Nodes are deleted sequentially based on a heuristic criterion. Efficiency of classical attack approaches is compared to the proposed approach on Barabási-Albert, scale-free with tunable power-law exponent, and Erdős-Rényi models of complex networks and on real-world networks. Our attack strategy results in a faster disintegration, which is counterbalanced by its slightly increased computational demands.

  13. SCADA system vulnerabilities to cyber attack

    Energy Technology Data Exchange (ETDEWEB)

    Shaw, W. T. [Cyber Security Consulting (Canada)

    2004-10-01

    The susceptibility to terrorist attacks of computer-based supervisory control (SCADA) systems that are used to monitor and control water distribution systems, oil and gas pipelines and the electrical grid, is discussed. The discussion includes ways in which SCADA systems may be attacked and remedial actions that may be taken to reduce or eliminate the possibility of such attacks. Attacks may take the form of causing the system to generate false data to divert attention from impending system disasters, or commandeer the system to seriously disable it, or cause damage to the process or equipment being controlled by sending improper control commands. SCADA systems are also vulnerable to internal threats, either from an accidental action that results in damage, or an intentional action, as for example by a disgruntled employee, or ex-employee, usually by way of reprogramming an RTU or PLC by accessing the polling/communications circuit. Recent SCADA systems are much more susceptible to concerted cyber attacks because of the adoption of IT technologies and standards into the design of such systems. (Older systems are more likely to be unique designs, hence less susceptible to attack). As far as protection of SCADA systems is concerned, there are no technologies that would prevent a technologically sophisticated terrorist or disgruntled employee from doing major damage to the system, however, the IT world has developed a range of technologies for the protection of IT assets, and many of these same technologies can also be used to safeguard modern SCADA systems.

  14. Optimal Attack Strategies Subject to Detection Constraints Against Cyber-Physical Systems

    International Nuclear Information System (INIS)

    Chen, Yuan; Kar, Soummya; Moura, Jose M. F.

    2017-01-01

    This paper studies an attacker against a cyberphysical system (CPS) whose goal is to move the state of a CPS to a target state while ensuring that his or her probability of being detected does not exceed a given bound. The attacker’s probability of being detected is related to the nonnegative bias induced by his or her attack on the CPS’s detection statistic. We formulate a linear quadratic cost function that captures the attacker’s control goal and establish constraints on the induced bias that reflect the attacker’s detection-avoidance objectives. When the attacker is constrained to be detected at the false-alarm rate of the detector, we show that the optimal attack strategy reduces to a linear feedback of the attacker’s state estimate. In the case that the attacker’s bias is upper bounded by a positive constant, we provide two algorithms – an optimal algorithm and a sub-optimal, less computationally intensive algorithm – to find suitable attack sequences. Lastly, we illustrate our attack strategies in numerical examples based on a remotely-controlled helicopter under attack.

  15. Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

    Directory of Open Access Journals (Sweden)

    Apostolos P. Fournaris

    2017-07-01

    Full Text Available Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT and Operational Technology (OT systems that are meant to operate harmonically under a security critical framework. As security IT countermeasures are gradually been installed in many embedded system nodes, thus securing them from many well-know cyber attacks there is a lurking danger that is still overlooked. Apart from the software vulnerabilities that typical malicious programs use, there are some very interesting hardware vulnerabilities that can be exploited in order to mount devastating software or hardware attacks (typically undetected by software countermeasures capable of fully compromising any embedded system device. Real-time microarchitecture attacks such as the cache side-channel attacks are such case but also the newly discovered Rowhammer fault injection attack that can be mounted even remotely to gain full access to a device DRAM (Dynamic Random Access Memory. Under the light of the above dangers that are focused on the device hardware structure, in this paper, an overview of this attack field is provided including attacks, threat directives and countermeasures. The goal of this paper is not to exhaustively overview attacks and countermeasures but rather to survey the various, possible, existing attack directions and highlight the security risks that they can pose to security critical embedded systems as well as indicate their strength on compromising the Quality of Service (QoS such systems are designed to provide.

  16. Predicting Factors of Zone 4 Attack in Volleyball.

    Science.gov (United States)

    Costa, Gustavo C; Castro, Henrique O; Evangelista, Breno F; Malheiros, Laura M; Greco, Pablo J; Ugrinowitsch, Herbert

    2017-06-01

    This study examined 142 volleyball games of the Men's Super League 2014/2015 seasons in Brazil from which we analyzed 24-26 games of each participating team, identifying 5,267 Zone 4 attacks for further analysis. Within these Zone 4 attacks, we analyzed the association between the effect of the attack carried out and the separate effects of serve reception, tempo and type of attack. We found that the reception, tempo of attack, second tempo of attack, and power of diagonal attack were predictors of the attack effect in Zone 4. Moreover, placed attacks showed a tendency to not yield a score. In conclusion, winning points in high-level men's volleyball requires excellent receptions, a fast attack tempo and powerfully executed of attacks.

  17. Diffusion Weighted Imaging in Acute Attacks of Multiple Sclerosis

    International Nuclear Information System (INIS)

    Davoudi, Yasmin; Foroughipour, Mohsen; Torabi, Reza; Layegh, Parvaneh; Matin, Nassim; Shoeibi, Ali

    2016-01-01

    Multiple sclerosis (MS) is one of the most common autoimmune disorders of the central nervous system. In spite of various imaging modalities, the definitive diagnosis of MS remains challenging. This study was designed to evaluate the usefulness of diffusion weighted imaging (DWI) in the diagnosis of acute MS attack and to compare its results with contrast enhanced MRI (CE-MRI). In this cross sectional study, seventy patients with definite diagnosis of relapsing-remitting MS were included. CE-MRI using 0.1 mmol/kg gadolinium as well as DWI sequences were performed for all patients. The percentage of patients with positive DWI was compared with the results of CE-MRI and the consistency between the two imaging modalities was evaluated. Moreover, the relationship between the time of onset of patient’s symptoms and test results for both methods were investigated. CE-MRI yielded positive results for 61 (87%) patients and DWI yielded positive for 53 (76%) patients. In fifty patients (71.42%), both tests were positive and in six cases (8.57%), both were negative. The test results of three patients turned out to be positive in DWI, while they tested negative in CE-MRI. There was no significant relationship between the results of CE-MRI as well as DWI and the time of imaging from the onset of symptoms. These data indicate that while CE-MRI will depict more positive results, there are cases in which DWI will show a positive result while CE-MRI is negative. We suggest that the combination of these two imaging modalities might yield more positive results in diagnosing acute MS attack giving rise to a more accurate diagnosis

  18. Robotic exoskeleton assessment of transient ischemic attack.

    Directory of Open Access Journals (Sweden)

    Leif Simmatis

    Full Text Available We used a robotic exoskeleton to quantify specific patterns of abnormal upper limb motor behaviour in people who have had transient ischemic attack (TIA. A cohort of people with TIA was recruited within two weeks of symptom onset. All individuals completed a robotic-based assessment of 8 behavioural tasks related to upper limb motor and proprioceptive function, as well as cognitive function. Robotic task performance was compared to a large cohort of controls without neurological impairments corrected for the influence of age. Impairment in people with TIA was defined as performance below the 5th percentile of controls. Participants with TIA were also assessed with the National Institutes of Health Stroke Scale (NIHSS score, Chedoke-McMaster Stroke Assessment (CMSA of the arm, the Behavioural Inattention Test (BIT, the Purdue pegboard test (PPB, and the Montreal Cognitive Assessment (MoCA. Age-related white matter change (ARWMC, prior infarction and cella-media index (CMI were assessed from baseline CT scan that was performed within 24 hours of TIA. Acute infarction was assessed from diffusion-weighted imaging in a subset of people with TIA. Twenty-two people with TIA were assessed. Robotic assessment showed impaired upper limb motor function in 7/22 people with TIA patients and upper limb sensory impairment in 4/22 individuals. Cognitive tasks involving robotic assessment of the upper limb were completed in 13 participants, of whom 8 (61.5% showed significant impairment. Abnormal performance in the CMSA arm inventory was present in 12/22 (54.5% participants. ARWMC was 11.8 ± 6.4 and CMI was 5.4 ± 1.5. DWI was positive in 0 participants. Quantitative robotic assessment showed that people who have had a TIA display a spectrum of upper limb motor and sensory performance deficits as well as cognitive function deficits despite resolution of symptoms and no evidence of tissue infarction.

  19. Robotic exoskeleton assessment of transient ischemic attack.

    Science.gov (United States)

    Simmatis, Leif; Krett, Jonathan; Scott, Stephen H; Jin, Albert Y

    2017-01-01

    We used a robotic exoskeleton to quantify specific patterns of abnormal upper limb motor behaviour in people who have had transient ischemic attack (TIA). A cohort of people with TIA was recruited within two weeks of symptom onset. All individuals completed a robotic-based assessment of 8 behavioural tasks related to upper limb motor and proprioceptive function, as well as cognitive function. Robotic task performance was compared to a large cohort of controls without neurological impairments corrected for the influence of age. Impairment in people with TIA was defined as performance below the 5th percentile of controls. Participants with TIA were also assessed with the National Institutes of Health Stroke Scale (NIHSS) score, Chedoke-McMaster Stroke Assessment (CMSA) of the arm, the Behavioural Inattention Test (BIT), the Purdue pegboard test (PPB), and the Montreal Cognitive Assessment (MoCA). Age-related white matter change (ARWMC), prior infarction and cella-media index (CMI) were assessed from baseline CT scan that was performed within 24 hours of TIA. Acute infarction was assessed from diffusion-weighted imaging in a subset of people with TIA. Twenty-two people with TIA were assessed. Robotic assessment showed impaired upper limb motor function in 7/22 people with TIA patients and upper limb sensory impairment in 4/22 individuals. Cognitive tasks involving robotic assessment of the upper limb were completed in 13 participants, of whom 8 (61.5%) showed significant impairment. Abnormal performance in the CMSA arm inventory was present in 12/22 (54.5%) participants. ARWMC was 11.8 ± 6.4 and CMI was 5.4 ± 1.5. DWI was positive in 0 participants. Quantitative robotic assessment showed that people who have had a TIA display a spectrum of upper limb motor and sensory performance deficits as well as cognitive function deficits despite resolution of symptoms and no evidence of tissue infarction.

  20. A TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS

    Directory of Open Access Journals (Sweden)

    S.Seetha

    2010-06-01

    Full Text Available Distributed Denial of service is a major threat to the availability of internet services. Due to the distributed, large scale nature of the Internet makes DDoS (Distributed Denial-of-Service attacks stealthy and difficult to counter. Defense against Distributed Denial- of -Service attacks is one of the hardest security problems on the Internet. Recently these network attacks have been increasing. Therefore more effective countermeasures are required to counter the threat. This requirement has motivated us to propose a novel mechanism against DDoS attack. This paper presents the design details of a distributed defense mechanism against DDoS attack. In our approach, the egress routers of the intermediate network coordinate with each other to provide the information necessary to detect and respond to the attack. Thus, a detection system based on single site will have either high positive or high negative rates. Unlike the traditional IDSs (Intrusion Detection System this method has the potential to achieve high true positive ratio. This work has been done by using consensus algorithms for exchanging the information between the detection systems. So the overall detection time would be reduced for global decision making.

  1. Nonepileptic attack disorder among married women.

    Science.gov (United States)

    Dhanaraj, M; Rangaraj, R; Arulmozhi, T; Vengatesan, A

    2005-06-01

    To study the clinical features, precipitating stressful life events and prognosis of nonepileptic attack disorder (NEAD) among married women. Prospective cohort study with 1-year follow-up. A tertiary care teaching hospital. Of the 1020 patients with epilepsy referred to the epilepsy clinic during 2002-2003, 30 were married women with NEAD. The diagnostic criteria for NEAD included normal EEG during ictal and post-ictal phase of the generalized 'attack.' The data collected included clinical characteristics, semiology of the attacks, precipitating stressful events, and co-morbid psychiatric disorders. The control group included 30 age-matched married women with generalized tonic-clonic seizures. The long-term outcome and factors influencing the outcomes were analyzed. The mean duration of illness was 18 months, and the pattern of the attack was 'fall and lying still' in 53% and 'fall with generalized motor movements' in 47%. The frequency was one or more per week in 57% and occasionally in 43%. The important stressful events were matrimonial discord following illegal relationship of the husband with another woman (chi2 = 9.02, P = 0.003) and constant quarrel with other family members (chi2 = 5.19, P = 0.02). The prevalence of sexual abuse was low (7%). Co-morbid psychiatric disorder was observed in 70%. At the end of 1 year, 39% were free from the attack. Resolution of the stressful life events (chi2 = 4.52, P = 0.03) and lower frequency of attack at the time of reporting (chi2 = 3.88, P = 0.05) correlated with good outcomes. Among patients with NEAD in India, the major precipitating factors were matrimonial discord following illegal relationship of the husband with another woman and constant quarrel with other family members and not sexual abuse. Women with low frequency of attack at the time of reporting and the remission of the stressful events had better outcomes.

  2. Advanced unambiguous state discrimination attack and countermeasure strategy in a practical B92 QKD system

    Science.gov (United States)

    Ko, Heasin; Choi, Byung-Seok; Choe, Joong-Seon; Youn, Chun Ju

    2018-01-01

    Even though unconditional security of B92 quantum key distribution (QKD) system is based on the assumption of perfect positive-operator-valued measures, practical B92 systems only utilize two projective measurements. Unfortunately, such implementation may degrade the security of the B92 QKD system due to Eve's potential attack exploiting the imperfection of system. In this paper, we propose an advanced attack strategy with an unambiguous state discrimination (USD) measurement which makes practical B92 QKD systems insecure even under a lossless channel. In addition, we propose an effective countermeasure against the advanced USD attack model by monitoring double-click events. We further address a fundamental approach to make the B92 QKD system tolerable to attack strategies with USD measurements using a multi-qubit scheme.

  3. A blind video watermarking scheme resistant to rotation and collusion attacks

    Directory of Open Access Journals (Sweden)

    Amlan Karmakar

    2016-04-01

    Full Text Available In this paper, Discrete Cosine Transform (DCT based blind video watermarking algorithm is proposed, which is perceptually invisible and robust against rotation and collusion attacks. To make the scheme resistant against rotation, watermark is embedded within the square blocks, placed on the middle position of every luminance channel. Then Zernike moments of those square blocks are calculated. The rotation invariance property of the Complex Zernike moments is exploited to predict the rotation angle of the video at the time of extraction of watermark bits. To make the scheme robust against collusion, design of the scheme is done in such a way that the embedding blocks will vary for the successive frames of the video. A Pseudo Random Number (PRN generator and a permutation vector are used to achieve the goal. The experimental results show that the scheme is robust against conventional video attacks, rotation attack and collusion attacks.

  4. An efficient collaborative approach for black hole attack discovery and mitigating its impact in manet

    Science.gov (United States)

    Devipriya, K.; Ivy, B. Persis Urbana; Prabha, D.

    2018-04-01

    A mobile ad hoc network (MANET) is an assemblage of nodes composed of mobile devices coupled in various ways wirelessly which do not have any central administration. Each node in MANET cooperates in forwarding packets in the network. This type of collaboration incurs high cost but there exits nodes that declines to cooperate leading to selfish conduct of nodes which effects overall network performance. To discover the attacks caused by such nodes, a renowned mechanism using watchdog can be deployed. In infrastructure less network attack detection and reaction and high false positives, false negatives initiating black hole attack becomes major issue in watchdog. This paper put forward a collaborative approach for identifying such attacks in MANET. Through abstract analysis and extensive simulation of this approach, the detection time of misbehaved nodes is reduced and substantial enhancement in overhead and throughput is witnessed.

  5. Chronic thought suppression and posttraumatic symptoms: data from the Madrid March 11, 2004 terrorist attack.

    Science.gov (United States)

    Vázquez, Carmelo; Hervás, Gonzalo; Pérez-Sales, Pau

    2008-12-01

    Although a considerable number of people either witnessed directly or in the mass media the traumatic scenes of the terrorist attack that took place on March 11th, 2004 in Madrid, only a fraction of Madrid citizens developed posttraumatic symptoms. In this study, posttraumatic stress-related symptoms, degree of exposure, coping strategies related to the attack, and chronic attempts to avoid intrusive thoughts (i.e., thought suppression) were assessed in a general population Madrid sample (N=503) 2-3 weeks after the attacks. Our results showed that participants with higher scores in chronic thought suppression exhibited higher levels of PTSD symptoms. Higher scores in chronic thought suppression also correlated positively with the use of avoidant coping strategies after the attacks. We discuss the possible common roots of avoidance of intrusive thoughts and avoidant coping strategies and the implications of this relationship for the emergence of stress-related symptoms as well as for public health policies.

  6. Do terrorist attacks affect ethnic discrimination in the labour market? Evidence from two randomized field experiments.

    Science.gov (United States)

    Birkelund, Gunn Elisabeth; Chan, Tak Wing; Ugreninov, Elisabeth; Midtbøen, Arnfinn H; Rogstad, Jon

    2018-01-24

    Terrorist attacks are known to influence public opinion. But do they also change behaviour? We address this question by comparing the results of two identical randomized field experiments on ethnic discrimination in hiring that we conducted in Oslo. The first experiment was conducted before the 2011 terrorist attacks in Norway; the second experiment was conducted after the attacks. In both experiments, applicants with a typical Pakistani name were significantly less likely to get a job interview compared to those with a typical Norwegian name. But the ethnic gap in call-back rates were very similar in the two experiments. Thus, Pakistanis in Norway still experienced the same level of discrimination, despite claims that Norwegians have become more positive about migrants after the far-right, anti-migrant terrorist attacks of 2011. © London School of Economics and Political Science 2018.

  7. Dead or Alive? Factors Affecting the Survival of Victims during Attacks by Saltwater Crocodiles (Crocodylus porosus) in Australia.

    Science.gov (United States)

    Fukuda, Yusuke; Manolis, Charlie; Saalfeld, Keith; Zuur, Alain

    2015-01-01

    Conflicts between humans and crocodilians are a widespread conservation challenge and the number of crocodile attacks is increasing worldwide. We identified the factors that most effectively decide whether a victim is injured or killed in a crocodile attack by fitting generalized linear models to a 42-year dataset of 87 attacks (27 fatal and 60 non-fatal) by saltwater crocodiles (Crocodylus porosus) in Australia. The models showed that the most influential factors were the difference in body mass between crocodile and victim, and the position of victim in relation to the water at the time of an attack. In-water position (for diving, swimming, and wading) had a higher risk than on-water (boating) or on-land (fishing, and hunting near the water's edge) positions. In the in-water position a 75 kg person would have a relatively high probability of survival (0.81) if attacked by a 300 cm crocodile, but the probability becomes much lower (0.17) with a 400 cm crocodile. If attacked by a crocodile larger than 450 cm, the survival probability would be extremely low (drag a victim more easily into deeper water. A higher risk associated with a larger crocodile in relation to victim's size is highlighted by children's vulnerability to fatal attacks. Since the first recently recorded fatal attack involving a child in 2006, six out of nine fatal attacks (66.7%) involved children, and the average body size of crocodiles responsible for these fatal attacks was considerably smaller (384 cm, 223 kg) than that of crocodiles that killed adults (450 cm, 324 kg) during the same period (2006-2014). These results suggest that culling programs targeting larger crocodiles may not be an effective management option to improve safety for children.

  8. 12 CFR 263.17 - Collateral attacks on adjudicatory proceeding.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 3 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in... shall be excused based on the pendency before any court of any interlocutory appeal or collateral attack. ...

  9. 12 CFR 509.17 - Collateral attacks on adjudicatory proceeding.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding....17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is... shall be excused based on the pendency before any court of any interlocutory appeal or collateral attack. ...

  10. A Game Theoretic Approach to Cyber Attack Prediction

    Energy Technology Data Exchange (ETDEWEB)

    Peng Liu

    2005-11-28

    The area investigated by this project is cyber attack prediction. With a focus on correlation-based prediction, current attack prediction methodologies overlook the strategic nature of cyber attack-defense scenarios. As a result, current cyber attack prediction methodologies are very limited in predicting strategic behaviors of attackers in enforcing nontrivial cyber attacks such as DDoS attacks, and may result in low accuracy in correlation-based predictions. This project develops a game theoretic framework for cyber attack prediction, where an automatic game-theory-based attack prediction method is proposed. Being able to quantitatively predict the likelihood of (sequences of) attack actions, our attack prediction methodology can predict fine-grained strategic behaviors of attackers and may greatly improve the accuracy of correlation-based prediction. To our best knowledge, this project develops the first comprehensive framework for incentive-based modeling and inference of attack intent, objectives, and strategies; and this project develops the first method that can predict fine-grained strategic behaviors of attackers. The significance of this research and the benefit to the public can be demonstrated to certain extent by (a) the severe threat of cyber attacks to the critical infrastructures of the nation, including many infrastructures overseen by the Department of Energy, (b) the importance of cyber security to critical infrastructure protection, and (c) the importance of cyber attack prediction to achieving cyber security.

  11. Trace Attack against Biometric Mobile Applications

    Directory of Open Access Journals (Sweden)

    Sanaa Ghouzali

    2016-01-01

    Full Text Available With the exponential increase in the dependence on mobile devices in everyday life, there is a growing concern related to privacy and security issues in the Gulf countries; therefore, it is imperative that security threats should be analyzed in detail. Mobile devices store enormous amounts of personal and financial information, unfortunately without any security. In order to secure mobile devices against different threats, biometrics has been applied and shown to be effective. However, biometric mobile applications are also vulnerable to several types of attacks that can decrease their security. Biometric information itself is considered sensitive data; for example, fingerprints can leave traces in touched objects and facial images can be captured everywhere or accessed by the attacker if the facial image is stored in the mobile device (lost or stolen. Hence, an attacker can easily forge the identity of a legitimate user and access data on a device. In this paper, the effects of a trace attack on the sensitivity of biometric mobile applications are investigated in terms of security and user privacy. Experimental results carried out on facial and fingerprint mobile authentication applications using different databases have shown that these mobile applications are vulnerable to the proposed attack, which poses a serious threat to the overall system security and user privacy.

  12. Subclinical endophthalmitis following a rooster attack.

    Science.gov (United States)

    Lekse Kovach, Jaclyn; Maguluri, Srilakshmi; Recchia, Franco M

    2006-12-01

    Ocular injury resulting from rooster attacks is rarely reported in the literature. Sadly, the target of these attacks is most often children younger than 3 years old, whose naiveté of the aggressive, territorial behavior of birds can place them at risk. Acute sequelae of these attacks can result in a lifetime of visual impairment. The possibility of a subacute or occult infection is an unusual occurrence that must always be considered. In an effort to prevent future attacks and ocular casualties, we present a case of a 12-month-old boy who suffered an open globe following a rooster attack. The open globe was emergently repaired. One week later, a white cataract was noticed on examination in the absence of systemic or ocular signs of inflammation. Traumatic endophthalmitis and lenticular abscess were suspected during examination under anesthesia. Vitrectomy, lensectomy, and injection of intravitreal antibiotics were performed. Culture of lenticular and vitreous aspirates grew alpha-streptococcus. Alpha-streptococcal endophthalmitis can result from ocular injuries caused by rooster pecking. The infection may present insidiously and without typical ocular or systemic symptoms or signs. Management is challenging and may require surgery.

  13. Modeling attacking of high skills volleyball players

    Directory of Open Access Journals (Sweden)

    Vladimir Gamaliy

    2014-12-01

    Full Text Available Purpose: to determine the model indicators of technical and tactical actions in the attack highly skilled volleyball players. Material and Methods: the study used statistical data of major international competitions: Olympic Games – 2012 World Championships – 2010, World League – 2010–2014 European Championship – 2010–2014. A total of 130 analyzed games. Methods were used: analysis and generalization of scientific and methodological literature, analysis of competitive activity highly skilled volleyball players, teacher observation, modeling technical and tactical actions in attacking highly skilled volleyball players. Results: it was found that the largest volume application of technical and tactical actions in the attack belongs to the group tactics «supple movement», whose indicator is 21,3%. The smallest amount of application belongs to the group tactics «flight level» model whose indicators is 5,4%, the efficiency of 3,4%, respectively. It is found that the power service in the jump from model parameters used in 51,6% of cases, the planning targets – 21,7% and 4,4% planning to reduce. Attacks performed with the back line, on model parameters used in the amount of 20,8% efficiency –13,7%. Conclusions: we prove that the performance of technical and tactical actions in the attack can be used as model in the control system of training and competitive process highly skilled volleyball players

  14. On the anatomy of social engineering attacks : A literature-based dissection of successful attacks

    NARCIS (Netherlands)

    Bullee, Jan-Willem; Montoya, L.; Pieters, Wolter; Junger, Marianne; Hartel, Pieter H.

    The aim of this studywas to explore the extent towhich persuasion principles are used in successful social engineering attacks. Seventy-four scenarioswere extracted from 4 books on social engineering (written by social engineers) and analysed. Each scenariowas split into attack steps, containing

  15. Attacks on public telephone networks: technologies and challenges

    Science.gov (United States)

    Kosloff, T.; Moore, Tyler; Keller, J.; Manes, Gavin W.; Shenoi, Sujeet

    2003-09-01

    Signaling System 7 (SS7) is vital to signaling and control in America's public telephone networks. This paper describes a class of attacks on SS7 networks involving the insertion of malicious signaling messages via compromised SS7 network components. Three attacks are discussed in detail: IAM flood attacks, redirection attacks and point code spoofing attacks. Depending on their scale of execution, these attacks can produce effects ranging from network congestion to service disruption. Methods for detecting these denial-of-service attacks and mitigating their effects are also presented.

  16. Cross-site scripting attacks procedure and Prevention Strategies

    Directory of Open Access Journals (Sweden)

    Wang Xijun

    2016-01-01

    Full Text Available Cross-site scripting attacks and defense has been the site of attack and defense is an important issue, this paper, the definition of cross-site scripting attacks, according to the current understanding of the chaos on the cross-site scripting, analyzes the causes and harm cross-site scripting attacks formation of attacks XXS complete process XSS attacks made a comprehensive analysis, and then for the web program includes Mobility there are cross-site scripting filter laxity given from ordinary users browse the web and web application developers two the defense cross-site scripting attacks effective strategy.

  17. Overview of DOS attacks on wireless sensor networks and experimental results for simulation of interference attacks

    Directory of Open Access Journals (Sweden)

    Željko Gavrić

    2018-01-01

    Full Text Available Wireless sensor networks are now used in various fields. The information transmitted in the wireless sensor networks is very sensitive, so the security issue is very important. DOS (denial of service attacks are a fundamental threat to the functioning of wireless sensor networks. This paper describes some of the most common DOS attacks and potential methods of protection against them. The case study shows one of the most frequent attacks on wireless sensor networks – the interference attack. In the introduction of this paper authors assume that the attack interference can cause significant obstruction of wireless sensor networks. This assumption has been proved in the case study through simulation scenario and simulation results.

  18. Counteracting Power Analysis Attacks by Masking

    Science.gov (United States)

    Oswald, Elisabeth; Mangard, Stefan

    The publication of power analysis attacks [12] has triggered a lot of research activities. On the one hand these activities have been dedicated toward the development of secure and efficient countermeasures. On the other hand also new and improved attacks have been developed. In fact, there has been a continuous arms race between designers of countermeasures and attackers. This chapter provides a brief overview of the state-of-the art in the arms race in the context of a countermeasure called masking. Masking is a popular countermeasure that has been extensively discussed in the scientific community. Numerous articles have been published that explain different types of masking and that analyze weaknesses of this countermeasure.

  19. The WOMBAT Attack Attribution Method: Some Results

    Science.gov (United States)

    Dacier, Marc; Pham, Van-Hau; Thonnard, Olivier

    In this paper, we present a new attack attribution method that has been developed within the WOMBAT project. We illustrate the method with some real-world results obtained when applying it to almost two years of attack traces collected by low interaction honeypots. This analytical method aims at identifying large scale attack phenomena composed of IP sources that are linked to the same root cause. All malicious sources involved in a same phenomenon constitute what we call a Misbehaving Cloud (MC). The paper offers an overview of the various steps the method goes through to identify these clouds, providing pointers to external references for more detailed information. Four instances of misbehaving clouds are then described in some more depth to demonstrate the meaningfulness of the concept.

  20. A novel proposed network security management approach for cyber attacks

    International Nuclear Information System (INIS)

    Ahmed, Z.; Nazir, B.; Zafar, M.F.; Anwar, M.M.; Azam, K.; Asar, A.U.

    2007-01-01

    Network security is a discipline that focuses on securing networks from unauthorized access. Given the Escalating threats of malicious cyber attacks, modern enterprises employ multiple lines of defense. A comprehensive defense strategy against such attacks should include (I) an attack detection component that deter- mines the fact that a program is compromised, (2) an attack identification and prevention component that identifies attack packets so that one can block such packets in the future and prevents the attack from further propagation. Over the last decade, a significant amount of research has been vested in the systems that can detect cyber attacks either statically at compile time or dynamically at run time, However, not much effort is spent on automated attack packet identification or attack prevention. In this paper we present a unified solution to the problems mentioned above. We implemented this solution after the forward engineering of Open Source Security Information Management (OSSIM) system called Preventive Information Security management (PrISM) system that correlates input from different sensors so that the resulting product can automatically detect any cyber attack against it and prevents by identifying the actual attack packet(s). The PrISM was always able to detect the attacks, identify the attack packets and most often prevent by blocking the attacker's IP address to continue normal execution. There is no additional run-time performance overhead for attack prevention. (author)

  1. Playing Attack and Defense with Trusted Storage

    DEFF Research Database (Denmark)

    Gonzalez, Javier; Bonnet, Philippe; Bouganim, Luc

    2014-01-01

    It is often convenient to assume in a data management platform that one or several computing devices are trusted, specially when the goal is to provide privacy guarantees over personal data. But what does it take for a computing device to be trusted? More specifically, how can a personal device...... provide trusted storage? This is the question we tackle in this demonstration. We describe how secure devices, equipped with a trusted execution environment, differ from general purpose devices. We illustrate with our demonstration scenario, that it is much more difficult to attack a storage service...... running on a secure device, than to attack the same service running on a general purpose device....

  2. Rotational Rebound Attacks on Reduced Skein

    DEFF Research Database (Denmark)

    Khovratovich, Dmitry; Nikolić, Ivica; Rechberger, Christian

    2014-01-01

    ciphers, including the new standard SHA-3 (Keccak). The rebound attack is a start-from-the-middle approach for finding differential paths and conforming pairs in byte-oriented designs like Substitution-Permutation networks and AES. We apply our new compositional attack to the reduced version of the hash...... number of rounds. We also use neutral bits and message modification methods from the practice of collision search in MD5 and SHA-1 hash functions. These methods push the rotational property through more rounds than previous analysis suggested, and eventually establish a distinguishing property...

  3. A Distinguish Attack on COSvd Cipher

    OpenAIRE

    Mohammad Ali Orumiehchi ha; R. Mirghadri

    2007-01-01

    The COSvd Ciphers has been proposed by Filiol and others (2004). It is a strengthened version of COS stream cipher family denoted COSvd that has been adopted for at least one commercial standard. We propose a distinguish attack on this version, and prove that, it is distinguishable from a random stream. In the COSvd Cipher used one S-Box (10×8) on the final part of cipher. We focus on S-Box and use weakness this S-Box for distinguish attack. In addition, found a leak on HNLL that the sub s-bo...

  4. Attacks and infections in percolation processes

    International Nuclear Information System (INIS)

    Janssen, Hans-Karl; Stenull, Olaf

    2017-01-01

    We discuss attacks and infections at propagating fronts of percolation processes based on the extended general epidemic process. The scaling behavior of the number of the attacked and infected sites in the long time limit at the ordinary and tricritical percolation transitions is governed by specific composite operators of the field-theoretic representation of this process. We calculate corresponding critical exponents for tricritical percolation in mean-field theory and for ordinary percolation to 1-loop order. Our results agree well with the available numerical data. (paper)

  5. Attack strategies on quantum cryptographic protocols

    International Nuclear Information System (INIS)

    Schauer, S.; Suda, M.

    2006-01-01

    Full text: Quantum key distribution (QKD) and quantum authentication (QA) have been a topic of extensive research in the last 20 years. In course of that many attacks on QKD and QA protocols have been studied. Among these, Zhang, Lee and Guo presented an attack on a QKD protocol using entanglement swapping. Based on that strategy we take a look at other protocols to inspect how much information an adversary may get if he shares entanglement with either one or both parties. We will present some protocols where an adversary can even get full information about the key using entanglement. (author)

  6. Adaptive EWMA Method Based on Abnormal Network Traffic for LDoS Attacks

    Directory of Open Access Journals (Sweden)

    Dan Tang

    2014-01-01

    Full Text Available The low-rate denial of service (LDoS attacks reduce network services capabilities by periodically sending high intensity pulse data flows. For their concealed performance, it is more difficult for traditional DoS detection methods to detect LDoS attacks; at the same time the accuracy of the current detection methods for LDoS attacks is relatively low. As the fact that LDoS attacks led to abnormal distribution of the ACK traffic, LDoS attacks can be detected by analyzing the distribution characteristics of ACK traffic. Then traditional EWMA algorithm which can smooth the accidental error while being the same as the exceptional mutation may cause some misjudgment; therefore a new LDoS detection method based on adaptive EWMA (AEWMA algorithm is proposed. The AEWMA algorithm which uses an adaptive weighting function instead of the constant weighting of EWMA algorithm can smooth the accidental error and retain the exceptional mutation. So AEWMA method is more beneficial than EWMA method for analyzing and measuring the abnormal distribution of ACK traffic. The NS2 simulations show that AEWMA method can detect LDoS attacks effectively and has a low false negative rate and a false positive rate. Based on DARPA99 datasets, experiment results show that AEWMA method is more efficient than EWMA method.

  7. Investigating the Possibility to Individualize Asthma Attack Therapy Based on Attack Severity and Patient Characteristics

    Directory of Open Access Journals (Sweden)

    Sárkány Zoltán

    2016-03-01

    Full Text Available Introduction: The objective of this study was to investigate with the help of a computerized simulation model whether the treatment of an acute asthma attack can be individualized based on the severity of the attack and the characteristics of the patient. Material and Method: A stochastic lung model was used to simulate the deposition of 1 nm - 10 μm particles during a mild and a moderate asthma attack. Breathing parameters were varied to maximize deposition, and simulation results were compared with those obtained in the case of a severe asthma attack. In order to investigate the effect of height on the deposition of inhaled particles, another series of simulations was carried out with identical breathing parameters, comparing patient heights of 155 cm, 175 cm and 195 cm. Results: The optimization process yielded an increase in the maximum deposition values of around 6-7% for each type of investigated asthma attack, and the difference between attacks of different degree of severity was around 5% for both the initial and the optimized values, a higher degree of obstruction increasing the amount of deposited particles. Conclusions: Our results suggest that the individualization of asthma attack treatment cannot be based on particles of different size, as the highest deposited fraction in all three types of attacks can be obtained using 0.01 μm particles. The use of a specific set of breathing parameters yields a difference between a mild and a moderate, as well as a moderate and a severe asthma attack of around 5%.

  8. Sequential and Parallel Attack Tree Modelling

    NARCIS (Netherlands)

    Arnold, Florian; Guck, Dennis; Kumar, Rajesh; Stoelinga, Mariëlle Ida Antoinette; Koornneef, Floor; van Gulijk, Coen

    The intricacy of socio-technical systems requires a careful planning and utilisation of security resources to ensure uninterrupted, secure and reliable services. Even though many studies have been conducted to understand and model the behaviour of a potential attacker, the detection of crucial

  9. Cooperative Electronic Attack using Unmanned Air Vehicles

    National Research Council Canada - National Science Library

    Mears, Mark J

    2006-01-01

    ... that are salient in the context of cooperative control. The utility of electronic attack is described in the context of integrated air defense systems that rely on RADAR sites that act as a network to gather information about potential airborne threats...

  10. Network overload due to massive attacks

    Science.gov (United States)

    Kornbluth, Yosef; Barach, Gilad; Tuchman, Yaakov; Kadish, Benjamin; Cwilich, Gabriel; Buldyrev, Sergey V.

    2018-05-01

    We study the cascading failure of networks due to overload, using the betweenness centrality of a node as the measure of its load following the Motter and Lai model. We study the fraction of survived nodes at the end of the cascade pf as a function of the strength of the initial attack, measured by the fraction of nodes p that survive the initial attack for different values of tolerance α in random regular and Erdös-Renyi graphs. We find the existence of a first-order phase-transition line pt(α ) on a p -α plane, such that if p pt , pf is large and the giant component of the network is still present. Exactly at pt, the function pf(p ) undergoes a first-order discontinuity. We find that the line pt(α ) ends at a critical point (pc,αc) , in which the cascading failures are replaced by a second-order percolation transition. We find analytically the average betweenness of nodes with different degrees before and after the initial attack, we investigate their roles in the cascading failures, and we find a lower bound for pt(α ) . We also study the difference between localized and random attacks.

  11. Attack Classification Schema for Smart City WSNs

    Directory of Open Access Journals (Sweden)

    Victor Garcia-Font

    2017-04-01

    Full Text Available Urban areas around the world are populating their streets with wireless sensor networks (WSNs in order to feed incipient smart city IT systems with metropolitan data. In the future smart cities, WSN technology will have a massive presence in the streets, and the operation of municipal services will be based to a great extent on data gathered with this technology. However, from an information security point of view, WSNs can have failures and can be the target of many different types of attacks. Therefore, this raises concerns about the reliability of this technology in a smart city context. Traditionally, security measures in WSNs have been proposed to protect specific protocols in an environment with total control of a single network. This approach is not valid for smart cities, as multiple external providers deploy a plethora of WSNs with different security requirements. Hence, a new security perspective needs to be adopted to protect WSNs in smart cities. Considering security issues related to the deployment of WSNs as a main data source in smart cities, in this article, we propose an intrusion detection framework and an attack classification schema to assist smart city administrators to delimit the most plausible attacks and to point out the components and providers affected by incidents. We demonstrate the use of the classification schema providing a proof of concept based on a simulated selective forwarding attack affecting a parking and a sound WSN.

  12. Adversarial Feature Selection Against Evasion Attacks.

    Science.gov (United States)

    Zhang, Fei; Chan, Patrick P K; Biggio, Battista; Yeung, Daniel S; Roli, Fabio

    2016-03-01

    Pattern recognition and machine learning techniques have been increasingly adopted in adversarial settings such as spam, intrusion, and malware detection, although their security against well-crafted attacks that aim to evade detection by manipulating data at test time has not yet been thoroughly assessed. While previous work has been mainly focused on devising adversary-aware classification algorithms to counter evasion attempts, only few authors have considered the impact of using reduced feature sets on classifier security against the same attacks. An interesting, preliminary result is that classifier security to evasion may be even worsened by the application of feature selection. In this paper, we provide a more detailed investigation of this aspect, shedding some light on the security properties of feature selection against evasion attacks. Inspired by previous work on adversary-aware classifiers, we propose a novel adversary-aware feature selection model that can improve classifier security against evasion attacks, by incorporating specific assumptions on the adversary's data manipulation strategy. We focus on an efficient, wrapper-based implementation of our approach, and experimentally validate its soundness on different application examples, including spam and malware detection.

  13. Intrusion-Tolerant Replication under Attack

    Science.gov (United States)

    Kirsch, Jonathan

    2010-01-01

    Much of our critical infrastructure is controlled by large software systems whose participants are distributed across the Internet. As our dependence on these critical systems continues to grow, it becomes increasingly important that they meet strict availability and performance requirements, even in the face of malicious attacks, including those…

  14. Strengthening Crypto-1 Cipher Against Algebraic Attacks

    Directory of Open Access Journals (Sweden)

    Farah Afianti

    2015-08-01

    Full Text Available In the last few years, several studies addressed the problem of data security in Mifare Classic. One of its weaknesses is the low random number quality. This causes SAT solver attacks to have lower complexity. In order to strengthen Crypto-1 against SAT solver attacks, a modification of the feedback function with better cryptographic properties is proposed. It applies a primitive polynomial companion matrix. SAT solvers cannot directly attack the feedback shift register that uses the modified Boolean feedback function, the register has to be split into smaller groups. Experimental testing showed that the amount of memory and CPU time needed were highest when attacking the modified Crypto-1 using the modified feedback function and the original filter function. In addition, another modified Crypto-1, using the modified feedback function and a modified filter function, had the lowest percentage of revealed variables. It can be concluded that the security strength and performance of the modified Crypto-1 using the modified feedback function and the modified filter function are better than those of the original Crypto-1.

  15. Wrap-Attack Pack: Product Packaging Exercise

    Science.gov (United States)

    Lee, Seung Hwan; Hoffman, K. Douglas

    2016-01-01

    Although many marketing courses discuss traditional concepts pertaining to product strategy, concepts specifically relating to packaging are often glossed over. This exercise, "Wrap-Attack Pack," teaches students about the utilitarian and hedonic design elements of packaging. More specifically, the primary objective is to creatively…

  16. Social Engineering Attack Detection Model: SEADMv2

    CSIR Research Space (South Africa)

    Mouton, F

    2015-10-01

    Full Text Available link in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy as far as formal...

  17. Attack Classification Schema for Smart City WSNs.

    Science.gov (United States)

    Garcia-Font, Victor; Garrigues, Carles; Rifà-Pous, Helena

    2017-04-05

    Urban areas around the world are populating their streets with wireless sensor networks (WSNs) in order to feed incipient smart city IT systems with metropolitan data. In the future smart cities, WSN technology will have a massive presence in the streets, and the operation of municipal services will be based to a great extent on data gathered with this technology. However, from an information security point of view, WSNs can have failures and can be the target of many different types of attacks. Therefore, this raises concerns about the reliability of this technology in a smart city context. Traditionally, security measures in WSNs have been proposed to protect specific protocols in an environment with total control of a single network. This approach is not valid for smart cities, as multiple external providers deploy a plethora of WSNs with different security requirements. Hence, a new security perspective needs to be adopted to protect WSNs in smart cities. Considering security issues related to the deployment of WSNs as a main data source in smart cities, in this article, we propose an intrusion detection framework and an attack classification schema to assist smart city administrators to delimit the most plausible attacks and to point out the components and providers affected by incidents. We demonstrate the use of the classification schema providing a proof of concept based on a simulated selective forwarding attack affecting a parking and a sound WSN.

  18. Algebraic Side-Channel Attack on Twofish

    Directory of Open Access Journals (Sweden)

    Chujiao Ma

    2017-05-01

    Full Text Available While algebraic side-channel attack (ASCA has been successful in breaking simple cryptographic algorithms, it has never been done on larger or more complex algorithms such as Twofish. Compared to other algorithms that ASCA has been used on, Twofish is more difficult to attack due to the key-dependent S-boxes as well as the complex key scheduling. In this paper, we propose the first algebraic side-channel attack on Twofish, and examine the importance of side-channel information in getting past the key-dependent S-boxes and the complex key scheduling. The cryptographic algorithm and side-channel information are both expressed as boolean equations and a SAT solver is used to recover the key. While algebraic attack by itself is not sufficient to break the algorithm, with the help of side-channel information such as Hamming weights, we are able to correctly solve for 96 bits of the 128 bits key in under 2 hours with known plaintext/ciphertext.

  19. Armed Deterrence: Countering Soft Target Attacks

    Science.gov (United States)

    2016-02-06

    offer no security. With over 17,430 such geographically separated military sites across the United States, these fatal shootings by a Kuwaiti- born ...increasing trend and the carnage 4 that IS sympathizers can unleash. This coordinated attack on a concert hall, a soccer stadium, and restaurant

  20. 47 CFR 76.1612 - Personal attack.

    Science.gov (United States)

    2010-10-01

    ... Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) BROADCAST RADIO SERVICES MULTICHANNEL VIDEO AND... issues of public importance, an attack is made upon the honesty, character, integrity, or like personal qualities of an identified person or group, the cable television system operator shall, within a reasonable...

  1. Rising Trend: Complex and sophisticated attack methods

    Indian Academy of Sciences (India)

    Stux, DuQu, Nitro, Luckycat, Exploit Kits, FLAME. ADSL/SoHo Router Compromise. Botnets of compromised ADSL/SoHo Routers; User Redirection via malicious DNS entry. Web Application attacks. SQL Injection, RFI etc. More and more Webshells. More utility to hackers; Increasing complexity and evading mechanisms.

  2. Strategic defense and attack for reliability systems

    International Nuclear Information System (INIS)

    Hausken, Kjell

    2008-01-01

    This article illustrates a method by which arbitrarily complex series/parallel reliability systems can be analyzed. The method is illustrated with the series-parallel and parallel-series systems. Analytical expressions are determined for the investments and utilities of the defender and the attacker, depend on their unit costs of investment for each component, the contest intensity for each component, and their evaluations of the value of system functionality. For a series-parallel system, infinitely many components in parallel benefit the defender maximally regardless of the finite number of parallel subsystems in series. Conversely, infinitely many components in series benefit the attacker maximally regardless of the finite number of components in parallel in each subsystem. For a parallel-series system, the results are opposite. With equivalent components, equal unit costs for defender and attacker, equal intensity for all components, and equally many components in series and parallel, the defender always prefers the series-parallel system rather than the parallel-series system, and converse holds for the attacker. Hence from the defender's perspective, ceteris paribus, the series-parallel system is more reliable, and has fewer 'cut sets' or failure modes

  3. Validation Method of a Telecommunications Blackout Attack

    National Research Council Canada - National Science Library

    Amado, Joao; Nunes, Paulo

    2005-01-01

    ..., and to obtain the maximum disruptive effect over the services. The proposed method uses a top-down approach, starting on the service level and ending on the different network elements that can be identified in the end as the targets for the attack.

  4. Association between Terror Attacks and Suicide Attempts

    Science.gov (United States)

    Weizman, Tal; Yagil, Yaron; Schreiber, Shaul

    2009-01-01

    Based on Durkheim's "Control theory," we explored the association between frequency of terror attacks in Israel and the frequency of suicide attempts admitted to the Emergency Room of a major general hospital in Tel-Aviv (1999-2004). Analysis of the six-year study period as a whole revealed no significant correlation between the…

  5. Rising Trend: Complex and sophisticated attack methods

    Indian Academy of Sciences (India)

    Increased frequency and intensity of DoS/DDoS. Few Gbps is now normal; Anonymous VPNs being used; Botnets being used as a vehicle for launching DDoS attacks. Large scale booking of domain names. Hundred thousands of domains registered in short duration via few registrars; Single registrant; Most of the domains ...

  6. Media participation and mental health in terrorist attack survivors.

    Science.gov (United States)

    Thoresen, Siri; Jensen, Tine K; Dyb, Grete

    2014-12-01

    Terrorism and disasters receive massive media attention, and victims are often approached by reporters. Not much is known about how terror and disaster victims perceive the contact with media and whether such experiences influence mental health. In this study, we describe how positive and negative experiences with media relate to posttraumatic stress (PTS) reactions among survivors of the 2011 Utøya Island terrorist attack in Norway. Face-to-face interviews were conducted with 285 survivors (47.0% female and 53.0% male) 14-15 months after the terrorist attack. Most survivors were approached by reporters (94%), and participated in media interviews (88%). The majority of survivors evaluated their media contact and participation as positive, and media participation was unrelated to PTS reactions. Survivors who found media participation distressing had more PTS reactions (quite distressing: B = 0.440, extremely distressing: B = 0.611, p = .004 in adjusted model). Perceiving media participation as distressing was slightly associated with lower levels of social support (r = -.16, p = .013), and regretting media participation was slightly associated with feeling let down (r = .18, p = .004). Reporters should take care when interviewing victims, and clinicians should be aware of media exposure as a potential additional strain on victims. Copyright © 2014 International Society for Traumatic Stress Studies.

  7. Understanding How Components of Organisations Contribute to Attacks

    DEFF Research Database (Denmark)

    Gu, Min; Aslanyan, Zaruhi; Probst, Christian W.

    2016-01-01

    Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors is diffi......Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors...... is difficult. Recently, system models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However......, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, understanding the relations between several model...

  8. An Adaptive Approach for Defending against DDoS Attacks

    Directory of Open Access Journals (Sweden)

    Muhai Li

    2010-01-01

    Full Text Available In various network attacks, the Distributed Denial-of-Service (DDoS attack is a severe threat. In order to deal with this kind of attack in time, it is necessary to establish a special type of defense system to change strategy dynamically against attacks. In this paper, we introduce an adaptive approach, which is used for defending against DDoS attacks, based on normal traffic analysis. The approach can check DDoS attacks and adaptively adjust its configurations according to the network condition and attack severity. In order to insure the common users to visit the victim server that is being attacked, we provide a nonlinear traffic control formula for the system. Our simulation test indicates that the nonlinear control approach can prevent the malicious attack packets effectively while making legitimate traffic flows arrive at the victim.

  9. Activity Modelling and Comparative Evaluation of WSN MAC Security Attacks

    DEFF Research Database (Denmark)

    Pawar, Pranav M.; Nielsen, Rasmus Hjorth; Prasad, Neeli R.

    2012-01-01

    and initiate security attacks that disturb the normal functioning of the network in a severe manner. Such attacks affect the performance of the network by increasing the energy consumption, by reducing throughput and by inducing long delays. Of all existing WSN attacks, MAC layer attacks are considered...... the most harmful as they directly affect the available resources and thus the nodes’ energy consumption. The first endeavour of this paper is to model the activities of MAC layer security attacks to understand the flow of activities taking place when mounting the attack and when actually executing it....... The second aim of the paper is to simulate these attacks on hybrid MAC mechanisms, which shows the performance degradation of aWSN under the considered attacks. The modelling and implementation of the security attacks give an actual view of the network which can be useful in further investigating secure...

  10. Recovery of human remains after shark attack.

    Science.gov (United States)

    Byard, Roger W; James, Ross A; Heath, Karen J

    2006-09-01

    Two cases of fatal shark attack are reported where the only tissues recovered were fragments of lung. Case 1: An 18-year-old male who was in the sea behind a boat was observed by friends to be taken by a great white shark (Carcharodon carcharias). The shark dragged him under the water and then, with a second shark, dismembered the body. Witnesses noted a large amount of blood and unrecognizable body parts coming to the surface. The only tissues recovered despite an intensive beach and sea search were 2 fragments of lung. Case 2: A 19-year-old male was attacked by a great white shark while diving. A witness saw the shark swim away with the victim's body in its mouth. Again, despite intensive beach and sea searches, the only tissue recovered was a single piece of lung, along with pieces of wetsuit and diving equipment. These cases indicate that the only tissue to escape being consumed or lost in fatal shark attacks, where there is a significant attack with dismemberment and disruption of the integrity of the body, may be lung. The buoyancy of aerated pulmonary tissue ensures that it rises quickly to the surface, where it may be recovered by searchers soon after the attack. Aeration of the lung would be in keeping with death from trauma rather than from drowning and may be a useful marker in unwitnessed deaths to separate ante- from postmortem injury, using only relatively small amounts of tissues. Early organ recovery enhances the identification of human tissues as the extent of morphologic alterations by putrefactive processes and sea scavengers will have been minimized. DNA testing is also possible on such recovered fragments, enabling confirmation of the identity of the victim.

  11. Transforming Graphical System Models to Graphical Attack Models

    DEFF Research Database (Denmark)

    Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

    2016-01-01

    Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations...... approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset....

  12. New attacks on Wi-Fi Protected Setup

    OpenAIRE

    Hamed Mohtadi; Alireza Rahimi

    2015-01-01

    Wi-Fi Protected Setup (WPS) is a network security standard that is used to secure networks in home and office, introduced in 2006 by the Wi-Fi Alliance. It provides easier configuration setup and is used in almost all recent Wi-Fi devices. In this paper we propose two attacks on this standard. The first attack is an offline brute force attack that uses imbalance on registration protocol. This attack needs user action, but it is more efficient than previous attacks. The second attack uses weak...

  13. 1994 Attack Team Workshop: Phase II - Full-Scale Offensive Fog Attack Tests

    National Research Council Canada - National Science Library

    Scheffey, Joseph

    1997-01-01

    .... This report demonstrates the benefits of using a medium angle fog stream to control the overhead fire threat when conducting a direct attack on a growing/steady state fire where the sea of the fire is obstructed...

  14. A Framework for Attack-Resilient Industrial Control Systems : Attack Detection and Controller Reconfiguration

    OpenAIRE

    Paridari, Kaveh; O'Mahony, Niamh; Mady, Alie El-Din; Chabukswar, Rohan; Boubekeur, Menouer; Sandberg, Henrik

    2017-01-01

    Most existing industrial control systems (ICSs), such as building energy management systems (EMSs), were installed when potential security threats were only physical. With advances in connectivity, ICSs are now, typically, connected to communications networks and, as a result, can be accessed remotely. This extends the attack surface to include the potential for sophisticated cyber attacks, which can adversely impact ICS operation, resulting in service interruption, equipment damage, safety c...

  15. Attack Potential Evaluation in Desktop and Smartphone Fingerprint Sensors: Can They Be Attacked by Anyone?

    Directory of Open Access Journals (Sweden)

    Ines Goicoechea-Telleria

    2018-01-01

    Full Text Available The use of biometrics keeps growing. Every day, we use biometric recognition to unlock our phones or to have access to places such as the gym or the office, so we rely on the security manufacturers offer when protecting our privileges and private life. It is well known that it is possible to hack into a fingerprint sensor using fake fingers made of Play-Doh and other easy-to-obtain materials but to what extent? Is this true for all users or only for specialists with a deep knowledge on biometrics? Are smartphone fingerprint sensors as reliable as desktop sensors? To answer these questions, we performed 3 separate evaluations. First, we evaluated 4 desktop fingerprint sensors of different technologies by attacking them with 7 different fake finger materials. All of them were successfully attacked by an experienced attacker. Secondly, we carried out a similar test on 5 smartphones with embedded sensors using the most successful materials, which also hacked the 5 sensors. Lastly, we gathered 15 simulated attackers with no background in biometrics to create fake fingers of several materials, and they had one week to attack the fingerprint sensors of the same 5 smartphones, with the starting point of a short video with the techniques to create them. All 5 smartphones were successfully attacked by an inexperienced attacker. This paper will provide the results achieved, as well as an analysis on the attack potential of every case. All results are given following the metrics of the standard ISO/IEC 30107-3.

  16. Defense and attack of complex and dependent systems

    International Nuclear Information System (INIS)

    Hausken, Kjell

    2010-01-01

    A framework is constructed for how to analyze the strategic defense of an infrastructure subject to attack by a strategic attacker. Merging operations research, reliability theory, and game theory for optimal analytical impact, the optimization program for the defender and attacker is specified. Targets can be in parallel, series, combined series-parallel, complex, k-out-of-n redundancy, independent, interdependent, and dependent. The defender and attacker determine how much to invest in defending versus attacking each of multiple targets. A target can have economic, human, and symbolic values, subjectively assessed by the defender and attacker. A contest success function determines the probability of a successful attack on each target, dependent on the investments by the defender and attacker into each target, and on characteristics of the contest. The defender minimizes the expected damage plus the defense costs. The attacker maximizes the expected damage minus the attack costs. Each agent is concerned about how his investments vary across the targets, and the impact on his utilities. Interdependent systems are analyzed where the defense and attack on one target impacts all targets. Dependent systems are analyzed applying Markov analysis and repeated games where a successful attack on one target in the first period impacts the unit costs of defense and attack, and the contest intensity, for the other target in the second period.

  17. Defense and attack of complex and dependent systems

    Energy Technology Data Exchange (ETDEWEB)

    Hausken, Kjell, E-mail: kjell.hausken@uis.n [Faculty of Social Sciences, University of Stavanger, N-4036 Stavanger (Norway)

    2010-01-15

    A framework is constructed for how to analyze the strategic defense of an infrastructure subject to attack by a strategic attacker. Merging operations research, reliability theory, and game theory for optimal analytical impact, the optimization program for the defender and attacker is specified. Targets can be in parallel, series, combined series-parallel, complex, k-out-of-n redundancy, independent, interdependent, and dependent. The defender and attacker determine how much to invest in defending versus attacking each of multiple targets. A target can have economic, human, and symbolic values, subjectively assessed by the defender and attacker. A contest success function determines the probability of a successful attack on each target, dependent on the investments by the defender and attacker into each target, and on characteristics of the contest. The defender minimizes the expected damage plus the defense costs. The attacker maximizes the expected damage minus the attack costs. Each agent is concerned about how his investments vary across the targets, and the impact on his utilities. Interdependent systems are analyzed where the defense and attack on one target impacts all targets. Dependent systems are analyzed applying Markov analysis and repeated games where a successful attack on one target in the first period impacts the unit costs of defense and attack, and the contest intensity, for the other target in the second period.

  18. The Effect of Sleep Disordered Breathing on the Outcome of Stroke and Transient Ischemic Attack

    DEFF Research Database (Denmark)

    Birkbak, Johannes; Clark, Alice J; Rod, Naja Hulvej

    2014-01-01

    The primary objective was to systematically review the literature on how sleep disordered breathing (SDB) affects recurrence and death among stroke or transient ischemic attack (TIA) patients. A secondary objective was to evaluate how treatment of SDB with continuous positive airway pressure (CPAP...

  19. Information Warfare: Defining the Legal Response to An Attack

    National Research Council Canada - National Science Library

    Pottorff, James

    1999-01-01

    This paper discusses the difficulty in determining whether an information warfare attack, such as a computer virus, can be treated as an "armed attack" for purposes of national defense under the United Nations charter. As the U.S...

  20. Denial of Service Attack Techniques: Analysis, Implementation and Comparison

    Directory of Open Access Journals (Sweden)

    Khaled Elleithy

    2005-02-01

    Full Text Available A denial of service attack (DOS is any type of attack on a networking structure to disable a server from servicing its clients. Attacks range from sending millions of requests to a server in an attempt to slow it down, flooding a server with large packets of invalid data, to sending requests with an invalid or spoofed IP address. In this paper we show the implementation and analysis of three main types of attack: Ping of Death, TCP SYN Flood, and Distributed DOS. The Ping of Death attack will be simulated against a Microsoft Windows 95 computer. The TCP SYN Flood attack will be simulated against a Microsoft Windows 2000 IIS FTP Server. Distributed DOS will be demonstrated by simulating a distribution zombie program that will carry the Ping of Death attack. This paper will demonstrate the potential damage from DOS attacks and analyze the ramifications of the damage.

  1. Calcium Supplements: A Risk Factor for Heart Attack?

    Science.gov (United States)

    ... factor for heart attack? I've read that calcium supplements may increase the risk of heart attack. ... D. Some doctors think it's possible that taking calcium supplements may increase your risk of a heart ...

  2. Cyber Attacks During the War on Terrorism: A Predictive Analysis

    National Research Council Canada - National Science Library

    Vatis, Michael

    2001-01-01

    .... Just as the terrorist attacks of September 11, 2001 defied what many thought possible, cyber attacks could escalate in response to United States and allied retaliatory measures against the terrorists...

  3. Quantum Communication Attacks on Classical Cryptographic Protocols

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre

    , one can show that the protocol remains secure even under such an attack. However, there are also cases where the honest players are quantum as well, even if the protocol uses classical communication. For instance, this is the case when classical multiparty computation is used as a “subroutine......In the literature on cryptographic protocols, it has been studied several times what happens if a classical protocol is attacked by a quantum adversary. Usually, this is taken to mean that the adversary runs a quantum algorithm, but communicates classically with the honest players. In several cases......” in quantum multiparty computation. Furthermore, in the future, players in a protocol may employ quantum computing simply to improve efficiency of their local computation, even if the communication is supposed to be classical. In such cases, it no longer seems clear that a quantum adversary must be limited...

  4. Two fatal tiger attacks in zoos.

    Science.gov (United States)

    Tantius, Britta; Wittschieber, Daniel; Schmidt, Sven; Rothschild, Markus A; Banaschak, Sibylle

    2016-01-01

    Two captive tiger attacks are presented that took place in Cologne and Münster zoos. Both attacks occurred when the handlers, intent on cleaning the enclosures, entered whilst the tigers accidently retained access to the location, and thus defended their territory against the perceived intruders. Both victims suffered fatal neck injuries from the bites. At Münster, colleagues managed to lure the tiger away from its victim to enable treatment, whilst the Cologne zoo tiger had to be shot in order to allow access to be gained. Whilst it was judged that human error led to the deaths of the experienced zookeepers, the investigation in Münster was closed as no third party was found to be at fault, whereas the Cologne zoo director was initially charged with being negligent. These charges were subsequently dismissed as safety regulations were found to be up to date.

  5. RISK DISCLOSURE AGAINST ATTACK ON CRITICAL INFRASTRUCTURES

    Science.gov (United States)

    Yoshida, Mamoru; Kobayashi, Kiyoshi

    This paper analyzes the government's defensive and disclosure strategies to reduce the damage caused by terrorists that attack critical infrastructures using subjective game theory. The government recognizes a terrorist as a hidden opponent and the government's decision making about the policies against terror attacks depends on the belief about the existence of terrorist. In addition, it is not necessarily true that the government and the terrorist play the common game and make their decisions. Considering these points, the paper formulates the model in which the government and the terrorist formulate the subjective games respectively, and they induce the strategies using the equilibriums of their subjective games. The paper concluded that the government's disclosure about the implementation of the countermeasure, rather than the disclosure of warning level related with the belief about the existence of terrorist, brings about the higher increment of the subjective payoffs of the government.

  6. Marine microalgae attack and feed on metazoans

    DEFF Research Database (Denmark)

    Berge, Terje; Poulsen, Louise K.; Moldrup, Morten

    2012-01-01

    Free-living microalgae from the dinoflagellate genus Karlodinium are known to formmassive blooms in eutrophic coastal waters worldwide and are often associated with fish kills. Natural bloom populations, recently shown to consist of the two mixotrophic and toxic species Karlodinium armiger...... and Karlodinium veneficum have caused fast paralysis and mortality of finfish and copepods in the laboratory, and have been associated with reduced metazooplankton biomass in-situ. Here we show that a strain of K. armiger (K-0688) immobilises the common marine copepod Acartia tonsa in a densitydependent manner...... and collectively ingests the grazer to promote its own growth rate. In contrast, four strains of K. veneficum did not attack or affect the motility and survival of the copepods. Copepod immobilisation by the K. armiger strain was fast (within 15min) and caused by attacks of swarming cells, likely through...

  7. Cascade-based attacks on complex networks

    Science.gov (United States)

    Motter, Adilson E.; Lai, Ying-Cheng

    2002-12-01

    We live in a modern world supported by large, complex networks. Examples range from financial markets to communication and transportation systems. In many realistic situations the flow of physical quantities in the network, as characterized by the loads on nodes, is important. We show that for such networks where loads can redistribute among the nodes, intentional attacks can lead to a cascade of overload failures, which can in turn cause the entire or a substantial part of the network to collapse. This is relevant for real-world networks that possess a highly heterogeneous distribution of loads, such as the Internet and power grids. We demonstrate that the heterogeneity of these networks makes them particularly vulnerable to attacks in that a large-scale cascade may be triggered by disabling a single key node. This brings obvious concerns on the security of such systems.

  8. Research About Attacks Over Cloud Environment

    Directory of Open Access Journals (Sweden)

    Li Jie

    2017-01-01

    Full Text Available Cloud computing is expected to continue expanding in the next few years and people will start to see some of the following benefits in their real lives. Security of cloud computing environments is the set of control-based technologies and policies absolute to adhere regulatory compliance rules and protect information data applications and infrastructure related with cloud use. In this paper we suggest a model to estimating the cloud computing security and test the services provided to users. The simulator NG-Cloud Next Generation Secure Cloud Storage is used and modified to administer the proposed model. This implementation achieved security functions potential attacks as defined in the proposed model. Finally we also solve some attacks over cloud computing to provide the security and safety of the cloud.

  9. Quantum Communication Attacks on Classical Cryptographic Protocols

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre

    , one can show that the protocol remains secure even under such an attack. However, there are also cases where the honest players are quantum as well, even if the protocol uses classical communication. For instance, this is the case when classical multiparty computation is used as a “subroutine......” in quantum multiparty computation. Furthermore, in the future, players in a protocol may employ quantum computing simply to improve efficiency of their local computation, even if the communication is supposed to be classical. In such cases, it no longer seems clear that a quantum adversary must be limited......In the literature on cryptographic protocols, it has been studied several times what happens if a classical protocol is attacked by a quantum adversary. Usually, this is taken to mean that the adversary runs a quantum algorithm, but communicates classically with the honest players. In several cases...

  10. Blind Data Attack on BGP Routers

    Science.gov (United States)

    2017-03-01

    Second Reader Dr. Cynthia Irvine Chair, Cyber Academic Group iii THIS PAGE INTENTIONALLY LEFT BLANK iv ABSTRACT Transport Communication Protocol (TCP...Postgraduate School. The experience of higher learning at this institution was incredible, and I would whole-heartedly recommend it to any of my peers and...data attack packets to the victim device. Scapy is a Python library that is used to craft and send packets [28]. BGP is supported in Python through

  11. Fighting Through a Logistics Cyber Attack

    Science.gov (United States)

    2015-06-19

    cumulative cost of cyber-attacks was more than the combined global black market cost of cocaine, heroin and marijuana. These alarming figures raised...the country to its knees. The Luftwaffe was uncontested in the Battle of Britain until radar’s ability to detect inbound aircraft provided the...manifest information in IGC and provides inbound passenger manifest data to the aerial port of debarkation (APOD) and other receiving activities for

  12. Are blockchains immune to all malicious attacks?

    OpenAIRE

    Xu, Jennifer J.

    2016-01-01

    Background: In recent years, blockchain technology has attracted considerable attention. It records cryptographic transactions in a public ledger that is difficult to alter and compromise because of the distributed consensus. As a result, blockchain is believed to resist fraud and hacking. Results: This work explores the types of fraud and malicious activities that can be prevented by blockchain technology and identifies attacks to which blockchain remains vulnerable. Conclusions: This study ...

  13. An Explanation of Nakamoto's Analysis of Double-spend Attacks

    OpenAIRE

    Ozisik, A. Pinar; Levine, Brian Neil

    2017-01-01

    The fundamental attack against blockchain systems is the double-spend attack. In this tutorial, we provide a very detailed explanation of just one section of Satoshi Nakamoto's original paper where the attack's probability of success is stated. We show the derivation of the mathematics relied upon by Nakamoto to create a model of the attack. We also validate the model with a Monte Carlo simulation, and we determine which model component is not perfect.

  14. Fuzzy Expert System for Heart Attack Diagnosis

    Science.gov (United States)

    Hassan, Norlida; Arbaiy, Nureize; Shah, Noor Aziyan Ahmad; Afizah Afif@Afip, Zehan

    2017-08-01

    Heart attack is one of the serious illnesses and reported as the main killer disease. Early prevention is significant to reduce the risk of having the disease. The prevention efforts can be strengthen through awareness and education about risk factor and healthy lifestyle. Therefore the knowledge dissemination is needed to play role in order to distribute and educate public in health care management and disease prevention. Since the knowledge dissemination in medical is important, there is a need to develop a knowledge based system that can emulate human intelligence to assist decision making process. Thereby, this study utilized hybrid artificial intelligence (AI) techniques to develop a Fuzzy Expert System for Diagnosing Heart Attack Disease (HAD). This system integrates fuzzy logic with expert system, which helps the medical practitioner and people to predict the risk and as well as diagnosing heart attack based on given symptom. The development of HAD is expected not only providing expert knowledge but potentially become one of learning resources to help citizens to develop awareness about heart-healthy lifestyle.

  15. Iraqi violence, Saudi attack and further bombings

    Energy Technology Data Exchange (ETDEWEB)

    Anon

    2006-03-15

    Iraq moved closer to all-out civil war following an attack on the Imam Ali al-Hadi mosque in Samarra, one of Shi'i Islam's holiest shrines, on 22nd February. In the days that followed, several hundred Iraqis died in inter-communal violence. Attacks on installations close to the Basrah Oil Terminal were reported. Earlier in the month, the main oil storage facility in Kirkuk was bombed, forcing the Northern Oil Company to shut-in the 0.3 mn bpd field. Oil and electricity supplies in southern Iraq were cut by attacks on installations some 40 miles south of Baghdad. Turkey agreed to resume product exports to Iraq after a deal was agreed on repaying Iraqi debts of $1 bn to Turkish suppliers. An official Australian inquiry into illegal payments made under the UN's oil-for-food programme is to investigate allegations involving two Australian-controlled oil firms. (author)

  16. Trichobothrial mediation of an aquatic escape response: Directional jumps by the fishing spider, Dolomedes triton, foil frog attacks

    Directory of Open Access Journals (Sweden)

    Robert B. Suter

    2003-07-01

    Full Text Available Fishing spiders (Pisauridae frequent the surfaces of ponds and streams and thereby expose themselves to predation by a variety of aquatic and semi-aquatic vertebrates. To assess the possibility that the impressive jumps of fishing spiders from the water surface function in evading attacks by frogs, attacks by bullfrogs (Rana catesbiana and green frogs (R. clamitans on Dolomedes triton were studied. Both the attack dynamics of the frogs and the evasive behaviors of the spiders were recorded at 250 frames per second. A freeze-dried bullfrog, propelled toward spiders with acceleration, posture, and position that approximated the natural attack posture and dynamics, was used to assess the spiders' behavior. Qualitatively, the spiders responded to these mock-attacks just as they had to attacks by live frogs: jumping (N=29 jumps, 56.9% of instances, rearing the legs nearest the attacking frog (N=15, 29.4%, or showing no visible response (N=7, 13.7%. Spiders that jumped always did so away (in the vertical plane from the attack (mean =137° vs. vertical at 90° or horizontally toward the frog at 0°. The involvement of the trichobothria (leg hairs sensitive to air movements, and the eyes as sensory mediators of the evasion response was assessed. Spiders with deactivated trichobothria were significantly impaired relative to intact and sham-deactivated spiders, and relative to spiders in total darkness. Thus, functional trichobothria, unlike the eyes, are both necessary and sufficient mediators of the evasion response. Measurements of air flow during frog attacks suggest that an exponential rise in flow velocity is the airborne signature of an attack.

  17. Quantitative Attack Tree Analysis via Priced Timed Automata

    NARCIS (Netherlands)

    Kumar, Rajesh; Ruijters, Enno Jozef Johannes; Stoelinga, Mariëlle Ida Antoinette; Sankaranarayanan, Sriram; Vicario, Enrico

    The success of a security attack crucially depends on the resources available to an attacker: time, budget, skill level, and risk appetite. Insight in these dependencies and the most vulnerable system parts is key to providing effective counter measures. This paper considers attack trees, one of the

  18. Pareto Efficient Solution of Attack-Defence Trees

    NARCIS (Netherlands)

    Aslanyan, Zaruhi; Nielson, Flemming

    Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as

  19. Vulnerability Assessment by Learning Attack Specifications in Graphs

    NARCIS (Netherlands)

    Nunes Leal Franqueira, V.; Lopes, Raul H.C.

    This paper presents an evolutionary approach for learning attack specifications that describe attack scenarios. The objective is to find vulnerabilities in computer networks which minimise the cost of an attack with maximum impact. Although we focus on Insider Threat, the proposed approach applies

  20. Attacks on the AJPS Mersenne-based cryptosystem

    NARCIS (Netherlands)

    K. de Boer (Koen); L. Ducas (Léo); S. Jeffery (Stacey); R. M. de Wolf (Ronald)

    2018-01-01

    textabstractAggarwal, Joux, Prakash and Santha recently introduced a new potentially quantum-safe public-key cryptosystem, and suggested that a brute-force attack is essentially optimal against it. They consider but then dismiss both Meet-in-the-Middle attacks and LLL-based attacks. Very soon after

  1. 12 CFR 747.17 - Collateral attacks on adjudicatory proceeding.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... INVESTIGATIONS Uniform Rules of Practice and Procedure § 747.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any court concerning all or any part of an...

  2. 12 CFR 308.17 - Collateral attacks on adjudicatory proceeding.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 4 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... PRACTICE RULES OF PRACTICE AND PROCEDURE Uniform Rules of Practice and Procedure § 308.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any...

  3. 12 CFR 19.17 - Collateral attacks on adjudicatory proceeding.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 1 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... OF PRACTICE AND PROCEDURE Uniform Rules of Practice and Procedure § 19.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any court concerning all...

  4. Limit Asthma Attacks Caused by Colds or Flu

    Science.gov (United States)

    Asthma: Limit asthma attacks caused by colds or flu A cold or the flu can trigger an asthma attack. Here's why — and how to keep your sneeze ... plan. If you notice warning signs of an asthma attack — such as coughing, wheezing, chest tightness or shortness ...

  5. Link-layer Jamming Attacks on S-MAC

    NARCIS (Netherlands)

    Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

    2004-01-01

    We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

  6. Link-layer jamming attacks on S-MAC

    NARCIS (Netherlands)

    Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

    We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

  7. Regression Nodes: Extending attack trees with data from social sciences

    NARCIS (Netherlands)

    Bullee, Jan-Willem; Montoya, L.; Pieters, Wolter; Junger, Marianne; Hartel, Pieter H.

    In the field of security, attack trees are often used to assess security vulnerabilities probabilistically in relation to multi-step attacks. The nodes are usually connected via AND-gates, where all children must be executed, or via OR-gates, where only one action is necessary for the attack step to

  8. What Can We Learn?--The Algonquin Bear Attack.

    Science.gov (United States)

    Strickland, Dan

    1992-01-01

    Describes a bear attack in Algonquin Park in Lake Opeongo (Canada) in which a man and woman were killed. Hypothesizes that the bear deliberately preyed on its victims and concludes that the bear was physically normal. Despite this isolated attack, the chance of being attacked by a black bear when camping is virtually nonexistent. (KS)

  9. Quantitative Verification and Synthesis of Attack-Defence Scenarios Conference

    NARCIS (Netherlands)

    Aslanyan, Zaruhi; Nielson, Flemming; Parker, David

    Attack-defence trees are a powerful technique for formally evaluating attack-defence scenarios. They represent in an intuitive, graphical way the interaction between an attacker and a defender who compete in order to achieve conflicting objectives. We propose a novel framework for the formal

  10. Modeling and Analysis of Information Attack in Computer Networks

    National Research Council Canada - National Science Library

    Pepyne, David

    2003-01-01

    ... (as opposed to physical and other forms of attack) . Information based attacks are attacks that can be carried out from anywhere in the world, while sipping cappuccino at an Internet cafe' or while enjoying the comfort of a living room armchair...

  11. Robust multiple frequency multiple power localization schemes in the presence of multiple jamming attacks.

    Directory of Open Access Journals (Sweden)

    Ahmed Abdulqader Hussein

    Full Text Available Localization of the wireless sensor network is a vital area acquiring an impressive research concern and called upon to expand more with the rising of its applications. As localization is gaining prominence in wireless sensor network, it is vulnerable to jamming attacks. Jamming attacks disrupt communication opportunity among the sender and receiver and deeply impact the localization process, leading to a huge error of the estimated sensor node position. Therefore, detection and elimination of jamming influence are absolutely indispensable. Range-based techniques especially Received Signal Strength (RSS is facing severe impact of these attacks. This paper proposes algorithms based on Combination Multiple Frequency Multiple Power Localization (C-MFMPL and Step Function Multiple Frequency Multiple Power Localization (SF-MFMPL. The algorithms have been tested in the presence of multiple types of jamming attacks including capture and replay, random and constant jammers over a log normal shadow fading propagation model. In order to overcome the impact of random and constant jammers, the proposed method uses two sets of frequencies shared by the implemented anchor nodes to obtain the averaged RSS readings all over the transmitted frequencies successfully. In addition, three stages of filters have been used to cope with the replayed beacons caused by the capture and replay jammers. In this paper the localization performance of the proposed algorithms for the ideal case which is defined by without the existence of the jamming attack are compared with the case of jamming attacks. The main contribution of this paper is to achieve robust localization performance in the presence of multiple jamming attacks under log normal shadow fading environment with a different simulation conditions and scenarios.

  12. Systematic Poisoning Attacks on and Defenses for Machine Learning in Healthcare.

    Science.gov (United States)

    Mozaffari-Kermani, Mehran; Sur-Kolay, Susmita; Raghunathan, Anand; Jha, Niraj K

    2015-11-01

    Machine learning is being used in a wide range of application domains to discover patterns in large datasets. Increasingly, the results of machine learning drive critical decisions in applications related to healthcare and biomedicine. Such health-related applications are often sensitive, and thus, any security breach would be catastrophic. Naturally, the integrity of the results computed by machine learning is of great importance. Recent research has shown that some machine-learning algorithms can be compromised by augmenting their training datasets with malicious data, leading to a new class of attacks called poisoning attacks. Hindrance of a diagnosis may have life-threatening consequences and could cause distrust. On the other hand, not only may a false diagnosis prompt users to distrust the machine-learning algorithm and even abandon the entire system but also such a false positive classification may cause patient distress. In this paper, we present a systematic, algorithm-independent approach for mounting poisoning attacks across a wide range of machine-learning algorithms and healthcare datasets. The proposed attack procedure generates input data, which, when added to the training set, can either cause the results of machine learning to have targeted errors (e.g., increase the likelihood of classification into a specific class), or simply introduce arbitrary errors (incorrect classification). These attacks may be applied to both fixed and evolving datasets. They can be applied even when only statistics of the training dataset are available or, in some cases, even without access to the training dataset, although at a lower efficacy. We establish the effectiveness of the proposed attacks using a suite of six machine-learning algorithms and five healthcare datasets. Finally, we present countermeasures against the proposed generic attacks that are based on tracking and detecting deviations in various accuracy metrics, and benchmark their effectiveness.

  13. Attacking 22 entries in rugby union: running demands and differences between successful and unsuccessful entries.

    Science.gov (United States)

    Tierney, P; Tobin, D P; Blake, C; Delahunt, E

    2017-12-01

    Global Positioning System (GPS) technology is commonly utilized in team sports, including rugby union. It has been used to describe the average running demands of rugby union. This has afforded an enhanced understanding of the physical fitness requirements for players. However, research in team sports has suggested that training players relative to average demands may underprepare them for certain scenarios within the game. To date, no research has investigated the running demands of attacking 22 entries in rugby union. Additionally, no research has been undertaken to determine whether differences exist in the running intensity of successful and unsuccessful attacking 22 entries in rugby union. The first aim of this study was to describe the running intensity of attacking 22 entries. The second aim of this study was to investigate whether differences exist in the running intensity of successful and unsuccessful attacking 22 entries. Running intensity was measured using meters per minute (m min -1 ) for (a) total distance, (b) running distance, (c) high-speed running distance, and (d) very high-speed running distance. This study provides normative data for the running intensity of attacking 22 entries in rugby union. Forwards achieved greater high-speed running intensity in successful (3.6 m min -1 ) compared to unsuccessful (1.8 m min -1 ) attacking 22 entries. Forwards should try and achieve greater high-speed running intensity in attacking 22 entries to increase the likelihood of successful outcomes during this period of gameplay. © 2016 John Wiley & Sons A/S. Published by John Wiley & Sons Ltd.

  14. WRHT: A Hybrid Technique for Detection of Wormhole Attack in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Rupinder Singh

    2016-01-01

    Full Text Available Wormhole attack is a challenging security threat to wireless sensor networks which results in disrupting most of the routing protocols as this attack can be triggered in different modes. In this paper, WRHT, a wormhole resistant hybrid technique, is proposed, which can detect the presence of wormhole attack in a more optimistic manner than earlier techniques. WRHT is based on the concept of watchdog and Delphi schemes and ensures that the wormhole will not be left untreated in the sensor network. WRHT makes use of the dual wormhole detection mechanism of calculating probability factor time delay probability and packet loss probability of the established path in order to find the value of wormhole presence probability. The nodes in the path are given different ranking and subsequently colors according to their behavior. The most striking feature of WRHT consists of its capacity to defend against almost all categories of wormhole attacks without depending on any required additional hardware such as global positioning system, timing information or synchronized clocks, and traditional cryptographic schemes demanding high computational needs. The experimental results clearly indicate that the proposed technique has significant improvement over the existing wormhole attack detection techniques.

  15. Unified communications forensics anatomy of common UC attacks

    CERN Document Server

    Grant, Nicholas Mr

    2013-01-01

    Unified Communications Forensics: Anatomy of Common UC Attacks is the first book to explain the issues and vulnerabilities and demonstrate the attacks, forensic artifacts, and countermeasures required to establish a secure (UC) environment. This book is written by leading UC experts Nicholas Grant and Joseph W. Shaw II and provides material never before found on the market, including: analysis of forensic artifacts in common UC attacks an in-depth look at established UC technologies and attack exploits hands-on understanding of UC attack vectors and associated countermeasures

  16. Quantitative Verification and Synthesis of Attack-Defence Scenarios

    DEFF Research Database (Denmark)

    Aslanyan, Zaruhi; Nielson, Flemming; Parker, David

    2016-01-01

    analysis of quantitative properties of complex attack-defence scenarios, using an extension of attack-defence trees which models temporal ordering of actions and allows explicit dependencies in the strategies adopted by attackers and defenders. We adopt a game-theoretic approach, translating attack...... which guarantee or optimise some quantitative property, such as the probability of a successful attack, the expected cost incurred, or some multi-objective trade-off between the two. We implement our approach, building upon the PRISM-games model checker, and apply it to a case study of an RFID goods...

  17. Hybrid attacks on model-based social recommender systems

    Science.gov (United States)

    Yu, Junliang; Gao, Min; Rong, Wenge; Li, Wentao; Xiong, Qingyu; Wen, Junhao

    2017-10-01

    With the growing popularity of the online social platform, the social network based approaches to recommendation emerged. However, because of the open nature of rating systems and social networks, the social recommender systems are susceptible to malicious attacks. In this paper, we present a certain novel attack, which inherits characteristics of the rating attack and the relation attack, and term it hybrid attack. Furtherly, we explore the impact of the hybrid attack on model-based social recommender systems in multiple aspects. The experimental results show that, the hybrid attack is more destructive than the rating attack in most cases. In addition, users and items with fewer ratings will be influenced more when attacked. Last but not the least, the findings suggest that spammers do not depend on the feedback links from normal users to become more powerful, the unilateral links can make the hybrid attack effective enough. Since unilateral links are much cheaper, the hybrid attack will be a great threat to model-based social recommender systems.

  18. Machine Learning Methods for Attack Detection in the Smart Grid.

    Science.gov (United States)

    Ozay, Mete; Esnaola, Inaki; Yarman Vural, Fatos Tunay; Kulkarni, Sanjeev R; Poor, H Vincent

    2016-08-01

    Attack detection problems in the smart grid are posed as statistical learning problems for different attack scenarios in which the measurements are observed in batch or online settings. In this approach, machine learning algorithms are used to classify measurements as being either secure or attacked. An attack detection framework is provided to exploit any available prior knowledge about the system and surmount constraints arising from the sparse structure of the problem in the proposed approach. Well-known batch and online learning algorithms (supervised and semisupervised) are employed with decision- and feature-level fusion to model the attack detection problem. The relationships between statistical and geometric properties of attack vectors employed in the attack scenarios and learning algorithms are analyzed to detect unobservable attacks using statistical learning methods. The proposed algorithms are examined on various IEEE test systems. Experimental analyses show that machine learning algorithms can detect attacks with performances higher than attack detection algorithms that employ state vector estimation methods in the proposed attack detection framework.

  19. Optimal counterterrorism and the recruitment effect of large terrorist attacks

    DEFF Research Database (Denmark)

    Jensen, Thomas

    2011-01-01

    We analyze a simple dynamic model of the interaction between terrorists and authorities. Our primary aim is to study optimal counterterrorism and its consequences when large terrorist attacks lead to a temporary increase in terrorist recruitment. First, we show that an increase in counterterrorism...... makes it more likely that terrorist cells plan small rather than large attacks and therefore may increase the probability of a successful attack. Analyzing optimal counterterrorism we see that the recruitment effect makes authorities increase the level of counterterrorism after large attacks. Therefore......, in periods following large attacks a new attack is more likely to be small compared to other periods. Finally, we analyze the long-run consequences of the recruitment effect. We show that it leads to more counterterrorism, more small attacks, and a higher sum of terrorism damage and counterterrorism costs...

  20. Adaptive optimisation-offline cyber attack on remote state estimator

    Science.gov (United States)

    Huang, Xin; Dong, Jiuxiang

    2017-10-01

    Security issues of cyber-physical systems have received increasing attentions in recent years. In this paper, deception attacks on the remote state estimator equipped with the chi-squared failure detector are considered, and it is assumed that the attacker can monitor and modify all the sensor data. A novel adaptive optimisation-offline cyber attack strategy is proposed, where using the current and previous sensor data, the attack can yield the largest estimation error covariance while ensuring to be undetected by the chi-squared monitor. From the attacker's perspective, the attack is better than the existing linear deception attacks to degrade the system performance. Finally, some numerical examples are provided to demonstrate theoretical results.

  1. Usefulness of chest radiographs in first asthma attacks

    International Nuclear Information System (INIS)

    Gershel, J.C.; Goldman, H.S.; Stein, R.E.K.; Shelov, S.P.; Ziprkowski, M.

    1983-01-01

    To assess the value of routine chest radiography during acute first attacks of asthma, we studied 371 consecutive children over one year of age who presented with an initial episode of wheezing. Three hundred fifty children (94.3%) had radiographic findings that were compatible with uncomplicated asthma and were considered negative. Twenty-one (5.7%) had positive findings: atelectasis and pneumonia were noted in seven, segmental atelectasis in six, pneumonia in five, multiple areas of subsegmental atelectasis in two, and pneumomediastinum in one. The patients with positive films were more likely to have a respiratory rate above 60 or a pulse rate above 160 (P < 0.001), localized rales or localized decreased breath sounds before treatment (P < 0.01), and localized rales (P < 0.005) and localized wheezing (P < 0.02) after treatment; also, these patients were admitted to the hospital more often (P < 0.001). Ninety-five percent (20 of 21) of the children with positive films could be identified before treatment on the basis of a combination of tachypnea, tachycardia, fever, and localized rales or localized decreased breath sounds. Most first-time wheezers will not have positive radiographs; careful clinical evaluation should reveal which patients will have abnormal radiographs and will therefore benefit from the procedure. 20 references, 3 tables

  2. Neuroradiological study of transient ischemic attack

    Energy Technology Data Exchange (ETDEWEB)

    Takusagawa, Yoshihiko; Fujiwara, Yasuhiro; Ichiki, Ken; Suga, Takeshi; Nishigaki, Shinichi

    1986-08-01

    Fifty-two patients with carotid TIAs and thirteen patients with vertebrobasilar TIAs were investigated by angiography and computed tomography. TIA was diagnosed by clinical symptoms in accordance with the criteria for TIA of the Joint Committee for Stroke Facilities in the U.S.A. (1974). The 65 patients with TIAs included 49 males and 16 females with average age of 63.5 years old at the initial episode of TIA. As for the diseases associated with TIA, hypertension (51 %), diabetes mellitus (15 %) and ischemic heart diseases (11 %) were the major disorders. Atrial fibrillation was observed in 2 cases. Intervals from last TIA attack to angiography were less than 7 days in 22 cases, 8 -- 30 days in 19 cases, 1 -- 4 monthes in 14 cases and more than 4 monthes in 10 cases, respectively. The cases in which angiography was done earlier after attacks displayed more abnormal findings. In 52 patients with caroted TIAs the artherosclerotic change of extracranial portion of the internal carotid artery was found in 14 cases (27 %), that of intracranial portion of the artery in 11 cases (21 %) and both lesions in 2 cases (4 %). On the other hand, in 13 patients with vertebrobasilar TIAs, this change was observed in 4 cases at the extracranival potion and in 1 case at the intracranial potion (siphon) of the internal carotid artery. Abnormal CT findings were found in 29 of 65 patients, namely 9 had ventricular dilatation and brain atrophy, 6 had cerebral infarction which was not associated with associated with symptoms of TIA. In carotid TIAs, Cerebral infarction was associated with symptoms of TIAs in 15 cases, namely 10 had a small low density area in the basal ganglia near the internal capsule and 5 had a low density area in the cortical or subcortical region. All of these 5 cases had cerebral embolism, which recanalized after attacks. (J.P.N.).

  3. Neuroradiological study of transient ischemic attack

    International Nuclear Information System (INIS)

    Takusagawa, Yoshihiko; Fujiwara, Yasuhiro; Ichiki, Ken; Suga, Takeshi; Nishigaki, Shinichi

    1986-01-01

    Fifty-two patients with carotid TIAs and thirteen patients with vertebrobasilar TIAs were investigated by angiography and computed tomography. TIA was diagnosed by clinical symptoms in accordance with the criteria for TIA of the Joint Committee for Stroke Facilities in the U.S.A. (1974). The 65 patients with TIAs included 49 males and 16 females with average age of 63.5 years old at the initial episode of TIA. As for the diseases associated with TIA, hypertension (51 %), diabetes mellitus (15 %) and ischemic heart diseases (11 %) were the major disorders. Atrial fibrillation was observed in 2 cases. Intervals from last TIA attack to angiography were less than 7 days in 22 cases, 8 ∼ 30 days in 19 cases, 1 ∼ 4 monthes in 14 cases and more than 4 monthes in 10 cases, respectively. The cases in which angiography was done earlier after attacks displayed more abnormal findings. In 52 patients with caroted TIAs the artherosclerotic change of extracranial portion of the internal carotid artery was found in 14 cases (27 %), that of intracranial portion of the artery in 11 cases (21 %) and both lesions in 2 cases (4 %). On the other hand, in 13 patients with vertebrobasilar TIAs, this change was observed in 4 cases at the extracranival potion and in 1 case at the intracranial potion (siphon) of the internal carotid artery. Abnormal CT findings were found in 29 of 65 patients, namely 9 had ventricular dilatation and brain atrophy, 6 had cerebral infarction which was not associated with associated with symptoms of TIA. In carotid TIAs, Cerebral infarction was associated with symptoms of TIAs in 15 cases, namely 10 had a small low density area in the basal ganglia near the internal capsule and 5 had a low density area in the cortical or subcortical region. All of these 5 cases had cerebral embolism, which recanalized after attacks. (J.P.N.)

  4. Cyber Attacks and Energy Infrastructures: Anticipating Risks

    International Nuclear Information System (INIS)

    Desarnaud, Gabrielle

    2017-01-01

    This study analyses the likelihood of cyber-attacks against European energy infrastructures and their potential consequences, particularly on the electricity grid. It also delivers a comparative analysis of measures taken by different European countries to protect their industries and collaborate within the European Union. The energy sector experiences an unprecedented digital transformation upsetting its activities and business models. Our energy infrastructures, sometimes more than a decade old and designed to remain functional for many years to come, now constantly interact with light digital components. The convergence of the global industrial system with the power of advanced computing and analytics reveals untapped opportunities at every step of the energy value chain. However, the introduction of digital elements in old and unprotected industrial equipment also exposes the energy industry to the cyber risk. One of the most compelling example of the type of threat the industry is facing, is the 2015 cyber-attack on the Ukraine power grid, which deprived about 200 000 people of electricity in the middle of the winter. The number and the level of technical expertise of cyber-attacks rose significantly after the discovery of the Stuxnet worm in the network of Natanz uranium enrichment site in 2010. Energy transition policies and the growing integration of renewable sources of energy will intensify this tendency, if cyber security measures are not part of the design of our future energy infrastructures. Regulators try to catch up and adapt, like in France where the authorities collaborate closely with the energy industry to set up a strict and efficient regulatory framework, and protect critical operators. This approach is adopted elsewhere in Europe, but common measures applicable to the whole European Union are essential to protect strongly interconnected energy infrastructures against a multiform threat that defies frontiers

  5. LAN attack detection using Discrete Event Systems.

    Science.gov (United States)

    Hubballi, Neminath; Biswas, Santosh; Roopa, S; Ratti, Ritesh; Nandi, Sukumar

    2011-01-01

    Address Resolution Protocol (ARP) is used for determining the link layer or Medium Access Control (MAC) address of a network host, given its Internet Layer (IP) or Network Layer address. ARP is a stateless protocol and any IP-MAC pairing sent by a host is accepted without verification. This weakness in the ARP may be exploited by malicious hosts in a Local Area Network (LAN) by spoofing IP-MAC pairs. Several schemes have been proposed in the literature to circumvent these attacks; however, these techniques either make IP-MAC pairing static, modify the existing ARP, patch operating systems of all the hosts etc. In this paper we propose a Discrete Event System (DES) approach for Intrusion Detection System (IDS) for LAN specific attacks which do not require any extra constraint like static IP-MAC, changing the ARP etc. A DES model is built for the LAN under both a normal and compromised (i.e., spoofed request/response) situation based on the sequences of ARP related packets. Sequences of ARP events in normal and spoofed scenarios are similar thereby rendering the same DES models for both the cases. To create different ARP events under normal and spoofed conditions the proposed technique uses active ARP probing. However, this probing adds extra ARP traffic in the LAN. Following that a DES detector is built to determine from observed ARP related events, whether the LAN is operating under a normal or compromised situation. The scheme also minimizes extra ARP traffic by probing the source IP-MAC pair of only those ARP packets which are yet to be determined as genuine/spoofed by the detector. Also, spoofed IP-MAC pairs determined by the detector are stored in tables to detect other LAN attacks triggered by spoofing namely, man-in-the-middle (MiTM), denial of service etc. The scheme is successfully validated in a test bed. Copyright © 2010 ISA. Published by Elsevier Ltd. All rights reserved.

  6. Key Recovery Attacks on Recent Authenticated Ciphers

    DEFF Research Database (Denmark)

    Bogdanov, Andrey; Dobraunig, Christoph; Eichlseder, Maria

    2014-01-01

    In this paper, we cryptanalyze three authenticated ciphers: AVALANCHE, Calico, and RBS. While the former two are contestants in the ongoing international CAESAR competition for authenticated encryption schemes, the latter has recently been proposed for lightweight applications such as RFID systems...... and wireless networks. All these schemes use well-established and secure components such as the AES, Grain-like NFSRs, ChaCha and SipHash as their building blocks. However, we discover key recovery attacks for all three designs, featuring square-root complexities. Using a key collision technique, we can...

  7. Twisted Polynomials and Forgery Attacks on GCM

    DEFF Research Database (Denmark)

    Abdelraheem, Mohamed Ahmed A. M. A.; Beelen, Peter; Bogdanov, Andrey

    2015-01-01

    Polynomial hashing as an instantiation of universal hashing is a widely employed method for the construction of MACs and authenticated encryption (AE) schemes, the ubiquitous GCM being a prominent example. It is also used in recent AE proposals within the CAESAR competition which aim at providing...... in an improved key recovery algorithm. As cryptanalytic applications of our twisted polynomials, we develop the first universal forgery attacks on GCM in the weak-key model that do not require nonce reuse. Moreover, we present universal weak-key forgeries for the nonce-misuse resistant AE scheme POET, which...

  8. Competitive Reactions to Advertising and Promotion Attacks

    OpenAIRE

    Jan-Benedict E. M. Steenkamp; Vincent R. Nijs; Dominique M. Hanssens; Marnik G. Dekimpe

    2005-01-01

    How do competitors react to each other's price-promotion and advertising attacks? What are the reasons for the observed reaction behavior? We answer these questions by performing a large-scale empirical study on the short-run and long-run reactions to promotion and advertising shocks in over 400 consumer product categories over a four-year time span. Our results clearly show that the most predominant form of competitive response is passive in nature. When a reaction does occur, it is usually ...

  9. On Realistically Attacking Tor with Website Fingerprinting

    Directory of Open Access Journals (Sweden)

    Wang Tao

    2016-10-01

    Full Text Available Website fingerprinting allows a local, passive observer monitoring a web-browsing client’s encrypted channel to determine her web activity. Previous attacks have shown that website fingerprinting could be a threat to anonymity networks such as Tor under laboratory conditions. However, there are significant differences between laboratory conditions and realistic conditions. First, in laboratory tests we collect the training data set together with the testing data set, so the training data set is fresh, but an attacker may not be able to maintain a fresh data set. Second, laboratory packet sequences correspond to a single page each, but for realistic packet sequences the split between pages is not obvious. Third, packet sequences may include background noise from other types of web traffic. These differences adversely affect website fingerprinting under realistic conditions. In this paper, we tackle these three problems to bridge the gap between laboratory and realistic conditions for website fingerprinting. We show that we can maintain a fresh training set with minimal resources. We demonstrate several classification-based techniques that allow us to split full packet sequences effectively into sequences corresponding to a single page each. We describe several new algorithms for tackling background noise. With our techniques, we are able to build the first website fingerprinting system that can operate directly on packet sequences collected in the wild.

  10. Recent computer attacks via Instant Messaging

    CERN Multimedia

    IT Department

    2008-01-01

    Be cautious of any unexpected messages containing web links even if they appear to come from known contacts. If you happen to click on such a link and if your permission is requested to run or install software, always decline it. Several computers at CERN have recently been broken into by attackers who have tricked users of Instant Messaging applications (e.g. MSN, Yahoo Messenger, etc.) into clicking on web links which appeared to come from known contacts. The links appeared to be photos from ‘friends’ and requested software to be installed. In practice, attacker software was installed and the messages did not come from real contacts. In the past such fake messages were mainly sent by email but now a wider range of applications are being targeted, including Instant Messaging. Cybercriminals are making growing use of fake messages to try to trick you into clicking on Web links which will help them to install malicious software on your computer. Anti-virus software cann...

  11. Consciousness in non-epileptic attack disorder.

    Science.gov (United States)

    Reuber, Markus; Kurthen, M

    2011-01-01

    Non-epileptic attack disorder (NEAD) is one of the most important differential diagnoses of epilepsy. Impairment of consciousness is the key feature of non-epileptic attacks (NEAs). The first half of this review summarises the clinical research literature featuring observations relating to consciousness in NEAD. The second half places this evidence in the wider context of the recent discourse on consciousness in neuroscience and the philosophy of mind. We argue that studies of consciousness should not only distinguish between the 'level' and `content' of consciousness but also between 'phenomenal consciousness' (consciousness of states it somehow "feels to be like") and 'access consciousness' (having certain 'higher' cognitive processes at one's disposal). The existing evidence shows that there is a great intra- and interindividual variability of NEA experience. However, in most NEAs phenomenal experience - and, as a precondition for that experience, vigilance or wakefulness - is reduced to a lesser degree than in those epileptic seizures involving impairment of consciousness. In fact, complete loss of "consciousness" is the exception rather than the rule in NEAs. Patients, as well as external observers, may have a tendency to overestimate impairments of consciousness during the seizures.

  12. Command Disaggregation Attack and Mitigation in Industrial Internet of Things

    Directory of Open Access Journals (Sweden)

    Peng Xun

    2017-10-01

    Full Text Available A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1 the command sequence is disordered and (2 disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework.

  13. Command Disaggregation Attack and Mitigation in Industrial Internet of Things.

    Science.gov (United States)

    Xun, Peng; Zhu, Pei-Dong; Hu, Yi-Fan; Cui, Peng-Shuai; Zhang, Yan

    2017-10-21

    A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1) the command sequence is disordered and (2) disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework.

  14. Simulation of Attacks for Security in Wireless Sensor Network.

    Science.gov (United States)

    Diaz, Alvaro; Sanchez, Pablo

    2016-11-18

    The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node's software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work.

  15. Simulation of Attacks for Security in Wireless Sensor Network

    Science.gov (United States)

    Diaz, Alvaro; Sanchez, Pablo

    2016-01-01

    The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node’s software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work. PMID:27869710

  16. Speeding up detection of SHA-1 collision attacks using unavoidable attack conditions

    NARCIS (Netherlands)

    M.M.J. Stevens (Marc); D. Shumow

    2017-01-01

    textabstractCounter-cryptanalysis, the concept of using cryptanalytic techniques to detect cryptanalytic attacks, was introduced by Stevens at CRYPTO 2013 [22] with a hash collision detection algorithm. That is, an algorithm that detects whether a given single message is part of a colliding message

  17. MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 1

    Directory of Open Access Journals (Sweden)

    K. Smirnova

    2017-08-01

    Full Text Available The possibility of applying machine learning is considered for the classification of malicious requests to a Web application. This approach excludes the use of deterministic analysis systems (for example, expert systems, and based on the application of a cascade of neural networks or perceptrons on an approximate model to the real human brain. The main idea of the work is to enable to describe complex attack vectors consisting of feature sets, abstract terms for compiling a training sample, controlling the quality of recognition and classifying each of the layers (networks participating in the work, with the ability to adjust not the entire network, But only a small part of it, in the training of which a mistake or inaccuracy crept in.  The design of the developed network can be described as a cascaded, scalable neural network.  The developed system of intrusion detection uses a three-layer neural network. Layers can be built independently of each other by cascades. In the first layer, for each class of attack recognition, there is a corresponding network and correctness is checked on this network. To learn this layer, we have chosen classes of things that can be classified uniquely as yes or no, that is, they are linearly separable. Thus, a layer is obtained not just of neurons, but of their microsets, which can best determine whether is there some data class in the query or not. The following layers are not trained to recognize the attacks themselves, they are trained that a set of attacks creates certain threats. This allows you to more accurately recognize the attacker's attempts to bypass the defense system, as well as classify the target of the attack, and not just its fact. Simple layering allows you to minimize the percentage of false positives.

  18. Managing burn victims of suicide bombing attacks: outcomes, lessons learnt, and changes made from three attacks in Indonesia.

    Science.gov (United States)

    Chim, Harvey; Yew, Woon Si; Song, Colin

    2007-01-01

    Terror attacks in Southeast Asia were almost nonexistent until the 2002 Bali bomb blast, considered the deadliest attack in Indonesian history. Further attacks in 2003 (Jakarta), 2004 (Jakarta), and 2005 (Bali) have turned terrorist attacks into an ever-present reality. The authors reviewed medical charts of victims evacuated to the Singapore General Hospital (SGH) Burns Centre during three suicide attacks involving Bali (2002 and 2005) and the Jakarta Marriott hotel (2003). Problems faced, lessons learnt, and costs incurred are discussed. A burns disaster plan drawing on lessons learnt from these attacks is presented. Thirty-one patients were treated at the SGH Burns Centre in three attacks (2002 Bali attack [n = 15], 2003 Jakarta attack [n = 14], and 2005 Bali attack [n = 2]). For the 2002 Bali attack, median age was 29 years (range 20 to 50 years), median percentage of total burn surface area (TBSA) was 29% (range 5% to 55%), and median abbreviated burn severity index (ABSI) was 6 (range 3 to 10). Eight of 15 patients were admitted to the intensive care unit. For the 2003 Jakarta attack, median age was 35 years (range 24 to 56 years), median percentage of TBSA was 10% (range 2% to 46%), and median ABSI was 4 (range 3 to 9). A large number of patients had other injuries. Problems faced included manpower issues, lack of bed space, shortage of blood products, and lack of cadaver skin. The changing nature of terror attacks mandates continued vigilance and disaster preparedness. The multidimensional burns patient, complicated by other injuries, is likely to become increasingly common. A burns disaster plan with emphasis on effective command, control, and communication as well as organisation of health care personnel following a 'team concept' will do much to ensure that the sudden onset of a crisis situation at an unexpected time does not overwhelm hospital manpower and resources.

  19. A Secure Localization Approach against Wormhole Attacks Using Distance Consistency

    Directory of Open Access Journals (Sweden)

    Lou Wei

    2010-01-01

    Full Text Available Wormhole attacks can negatively affect the localization in wireless sensor networks. A typical wormhole attack can be launched by two colluding attackers, one of which sniffs packets at one point in the network and tunnels them through a wired or wireless link to another point, and the other relays them within its vicinity. In this paper, we investigate the impact of the wormhole attack on the localization and propose a novel distance-consistency-based secure localization scheme against wormhole attacks, which includes three phases of wormhole attack detection, valid locators identification and self-localization. The theoretical model is further formulated to analyze the proposed secure localization scheme. The simulation results validate the theoretical results and also demonstrate the effectiveness of our proposed scheme.

  20. Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication

    Science.gov (United States)

    Sasaki, Yu; Wang, Lei; Ohta, Kazuo; Kunihiro, Noboru

    In this paper, we propose password recovery attacks against challenge-response authentication protocols. Our attacks use a message difference for a MD5 collision attack proposed in IEICE 2008. First, we show how to efficiently find a message pair that collides with the above message difference. Second, we show that a password used in authenticated post office protocol (APOP) can be recovered practically. We also show that the password recovery attack can be applied to a session initiation protocol (SIP) and digest authentication. Our attack can recover up to the first 31 password characters in a short time and up to the first 60 characters faster than the naive search method. We have implemented our attack and confirmed that 31 characters can be successfully recovered.

  1. Attack and Vulnerability Penetration Testing: FreeBSD

    Directory of Open Access Journals (Sweden)

    Abdul Hanan Abdullah

    2013-07-01

    Full Text Available Computer system security has become a major concern over the past few years. Attacks, threasts or intrusions, against computer system and network have become commonplace events. However, there are some system devices and other tools that are available to overcome the threat of these attacks. Currently, cyber attack is a major research and inevitable. This paper presents some steps of penetration in FreeBSD operating system, some tools and new steps to attack used in this experiment, probes for reconnaissance, guessing password via brute force, gaining privilege access and flooding victim machine to decrease availability. All these attacks were executed and infiltrate within the environment of Intrusion Threat Detection Universiti Teknologi Malaysia (ITD UTM data set. This work is expected to be a reference for practitioners to prepare their systems from Internet attacks.

  2. Analysis of Network Vulnerability Under Joint Node and Link Attacks

    Science.gov (United States)

    Li, Yongcheng; Liu, Shumei; Yu, Yao; Cao, Ting

    2018-03-01

    The security problem of computer network system is becoming more and more serious. The fundamental reason is that there are security vulnerabilities in the network system. Therefore, it’s very important to identify and reduce or eliminate these vulnerabilities before they are attacked. In this paper, we are interested in joint node and link attacks and propose a vulnerability evaluation method based on the overall connectivity of the network to defense this attack. Especially, we analyze the attack cost problem from the attackers’ perspective. The purpose is to find the set of least costs for joint links and nodes, and their deletion will lead to serious network connection damage. The simulation results show that the vulnerable elements obtained from the proposed method are more suitable for the attacking idea of the malicious persons in joint node and link attack. It is easy to find that the proposed method has more realistic protection significance.

  3. Why cryptography should not rely on physical attack complexity

    CERN Document Server

    Krämer, Juliane

    2015-01-01

    This book presents two practical physical attacks. It shows how attackers can reveal the secret key of symmetric as well as asymmetric cryptographic algorithms based on these attacks, and presents countermeasures on the software and the hardware level that can help to prevent them in the future. Though their theory has been known for several years now, since neither attack has yet been successfully implemented in practice, they have generally not been considered a serious threat. In short, their physical attack complexity has been overestimated and the implied security threat has been underestimated. First, the book introduces the photonic side channel, which offers not only temporal resolution, but also the highest possible spatial resolution. Due to the high cost of its initial implementation, it has not been taken seriously. The work shows both simple and differential photonic side channel analyses. Then, it presents a fault attack against pairing-based cryptography. Due to the need for at least two indepe...

  4. September 11th, an attack at the limits of thought.

    Science.gov (United States)

    Patalano, Roberta

    2017-10-01

    The paper deals with imagination and its failures from a psychoanalytic perspective. We offer a definition of imagination failures and suggest how they can be interpreted as an opportunity to learn from experience. In order to show that the topic has a concrete and not only speculative significance we consider the public report on September 11 as a case study. The report was published by the National Commission on Terrorist Attacks Upon the United States after a long investigation of the facts and circumstances relating to the September 11 attacks. The document has been the object of strong criticisms, as we argue in the paper. Both the document and some of the critiques that it received focus, however, on significant aspects of the debate about imagination, such us the fragility of imaginative thought, its dependence on unconscious desires and its plurality of outcomes: a plethora of imaginaries can in fact be developed at any time, from the same set of information about reality. We comment on these aspects and reinterpret them from a Bionian perspective. The concepts of 'unthinkability', 'imagination failure' and 'depressive position' are used to inform the necessity of dealing with an evolving and conflictual geopolitical scenario. Particular attention is paid to the proposal of 'routinizing, even bureaucratizing, the exercise of imagination' within the institutions that deal with National Defense. This possibility is discussed in depth in order to suggest how it may be concretely implemented. In conclusion, a strong case is made for the usefulness of psychoanalytic reflection in the arena of relationships among countries, with particular emphasis on the new terrorist challenges. Copyright © 2016 Institute of Psychoanalysis.

  5. Sleep Deprivation Attack Detection in Wireless Sensor Network

    OpenAIRE

    Bhattasali, Tapalina; Chaki, Rituparna; Sanyal, Sugata

    2012-01-01

    Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maxi...

  6. Countermeasures for unintentional and intentional video watermarking attacks

    Science.gov (United States)

    Deguillaume, Frederic; Csurka, Gabriela; Pun, Thierry

    2000-05-01

    These last years, the rapidly growing digital multimedia market has revealed an urgent need for effective copyright protection mechanisms. Therefore, digital audio, image and video watermarking has recently become a very active area of research, as a solution to this problem. Many important issues have been pointed out, one of them being the robustness to non-intentional and intentional attacks. This paper studies some attacks and proposes countermeasures applied to videos. General attacks are lossy copying/transcoding such as MPEG compression and digital/analog (D/A) conversion, changes of frame-rate, changes of display format, and geometrical distortions. More specific attacks are sequence edition, and statistical attacks such as averaging or collusion. Averaging attack consists of averaging locally consecutive frames to cancel the watermark. This attack works well for schemes which embed random independent marks into frames. In the collusion attack the watermark is estimated from single frames (based on image denoising), and averaged over different scenes for better accuracy. The estimated watermark is then subtracted from each frame. Collusion requires that the same mark is embedded into all frames. The proposed countermeasures first ensures robustness to general attacks by spread spectrum encoding in the frequency domain and by the use of an additional template. Secondly, a Bayesian criterion, evaluating the probability of a correctly decoded watermark, is used for rejection of outliers, and to implement an algorithm against statistical attacks. The idea is to embed randomly chosen marks among a finite set of marks, into subsequences of videos which are long enough to resist averaging attacks, but short enough to avoid collusion attacks. The Bayesian criterion is needed to select the correct mark at the decoding step. Finally, the paper presents experimental results showing the robustness of the proposed method.

  7. A taxonomy of distributed denial of service attacks

    DEFF Research Database (Denmark)

    De Donno, Michele; Giaretta, Alberto; Dragoni, Nicola

    2017-01-01

    Distributed Denial of Service (DDoS) attacks which are now even more powerful and easier to achieve than the past. Understanding how these attacks work, in all their different forms, represents a first crucial step to tackle this urgent issue. To this end, in this paper we propose a new up-to-date taxonomy...... and a comprehensive classification of current DDoS attacks....

  8. Somatotype, Level of Competition, and Performance in Attack in Elite Male Volleyball

    Science.gov (United States)

    Giannopoulos, Nikiforos; Vagenas, George; Noutsos, Konstantinos; Barzouka, Karolina; Bergeles, Nikolaos

    2017-01-01

    Abstract This study investigated the relationship between somatotype, level of competition, and performance in attack in elite level male volleyball players. The objective was to test for the potential covariation of competition level (Division A1 vs. A2) and playing position (hitters vs. centers vs. opposites) considering performance in attack. Anthropometric, body composition and somatotype variables were measured according to the Heath-Carter method. The attack actions of 144 players from 48 volleyball matches were analyzed and their performance was rated using a 5-point numerical scale. Results showed that players of Division A1 were taller, heavier, more muscular, and less endomorphic compared to those of Division A2. MANOVA and follow-up discriminant function analysis revealed somatotype differences among playing positions with centers and opposites being endomorph-ectomorph and hitters being central. Centers performed constantly better than hitters and opposites regardless of the division and somatotype. Multiple linear regression analysis showed that variables defining ectomorph and endomorph players, centers, and players of Division A1 significantly determined the relative performance superiority and were able to explain the variation in performance by almost 25%. These results could be taken into account by coaches when assigning players to particular playing positions or when designing individualized position-specific training programs. PMID:28828084

  9. Somatotype, Level of Competition, and Performance in Attack in Elite Male Volleyball

    Directory of Open Access Journals (Sweden)

    Giannopoulos Nikiforos

    2017-08-01

    Full Text Available This study investigated the relationship between somatotype, level of competition, and performance in attack in elite level male volleyball players. The objective was to test for the potential covariation of competition level (Division A1 vs. A2 and playing position (hitters vs. centers vs. opposites considering performance in attack. Anthropometric, body composition and somatotype variables were measured according to the Heath-Carter method. The attack actions of 144 players from 48 volleyball matches were analyzed and their performance was rated using a 5-point numerical scale. Results showed that players of Division A1 were taller, heavier, more muscular, and less endomorphic compared to those of Division A2. MANOVA and follow-up discriminant function analysis revealed somatotype differences among playing positions with centers and opposites being endomorph-ectomorph and hitters being central. Centers performed constantly better than hitters and opposites regardless of the division and somatotype. Multiple linear regression analysis showed that variables defining ectomorph and endomorph players, centers, and players of Division A1 significantly determined the relative performance superiority and were able to explain the variation in performance by almost 25%. These results could be taken into account by coaches when assigning players to particular playing positions or when designing individualized position-specific training programs.

  10. Resveratrol products resulting by free radical attack

    Energy Technology Data Exchange (ETDEWEB)

    Bader, Yvonne; Quint, R.M. [Section Radiation Biology, Department of Nutritional Sciences, Faculty of Life Sciences, University of Vienna, UZAII, Althanstrasse 14, A-1090 Vienna (Austria); Getoff, Nikola [Section Radiation Biology, Department of Nutritional Sciences, Faculty of Life Sciences, University of Vienna, UZAII, Althanstrasse 14, A-1090 Vienna (Austria)], E-mail: nikola.getoff@univie.ac.at

    2008-06-15

    Trans-resveratrol (trans-3,4',5-trihydroxystilbene; RES), which is contained in red wine and many plants, is one of the most relevant and extensively investigated stilbenes with a broad spectrum of biological activities. Among other duties, RES has been reported to have anti-carcinogenetic activities, which could be attributed to its antioxidant properties. The degradation of RES was studied under various conditions. The products (aldehydes, carboxylic acids, etc.) generated from RES by the attack of free radicals were registered as a function of the radical concentration (absorbed radiation dose). Based on the obtained data it appears that the OH radicals are initiating the rather complicated process, which involves of the numerous consecutive reactions. A possible starting reaction mechanism is presented.

  11. Detecting Cyber Attacks On Nuclear Power Plants

    Science.gov (United States)

    Rrushi, Julian; Campbell, Roy

    This paper proposes an unconventional anomaly detection approach that provides digital instrumentation and control (I&C) systems in a nuclear power plant (NPP) with the capability to probabilistically discern between legitimate protocol frames and attack frames. The stochastic activity network (SAN) formalism is used to model the fusion of protocol activity in each digital I&C system and the operation of physical components of an NPP. SAN models are employed to analyze links between protocol frames as streams of bytes, their semantics in terms of NPP operations, control data as stored in the memory of I&C systems, the operations of I&C systems on NPP components, and NPP processes. Reward rates and impulse rewards are defined in the SAN models based on the activity-marking reward structure to estimate NPP operation profiles. These profiles are then used to probabilistically estimate the legitimacy of the semantics and payloads of protocol frames received by I&C systems.

  12. Entanglement generation secure against general attacks

    Science.gov (United States)

    Pirker, Alexander; Dunjko, Vedran; Dür, Wolfgang; Briegel, Hans J.

    2017-11-01

    We present a security proof for establishing private entanglement by means of recurrence-type entanglement distillation protocols over noisy quantum channels. We consider protocols where the local devices are imperfect, and show that nonetheless a confidential quantum channel can be established, and used to e.g. perform distributed quantum computation in a secure manner. While our results are not fully device independent (which we argue to be unachievable in settings with quantum outputs), our proof holds for arbitrary channel noise and noisy local operations, and even in the case where the eavesdropper learns the noise. Our approach relies on non-trivial properties of distillation protocols which are used in conjunction with de-Finetti and post-selection-type techniques to reduce a general quantum attack in a non-asymptotic scenario to an i.i.d. setting. As a side result, we also provide entanglement distillation protocols for non-i.i.d. input states.

  13. Suicide bomb attack causing penetrating craniocerebral injury

    Directory of Open Access Journals (Sweden)

    Hussain Manzar

    2013-02-01

    Full Text Available 【Abstract】Penetrating cerebral injuries caused by foreign bodies are rare in civilian neurosurgical trauma, al-though there are various reports of blast or gunshot inju-ries in warfare due to multiple foreign bodies like pellets and nails. In our case, a 30-year-old man presented to neurosur-gery clinic with signs and symptoms of right-sided weak-ness after suicide bomb attack. The skull X-ray showed a single intracranial nail. Small craniotomy was done and the nail was removed with caution to avoid injury to surround-ing normal brain tissue. At 6 months’ follow-up his right-sided power improved to against gravity. Key words: Head injury, penetrating; Bombs; Nails

  14. Neural network classifier of attacks in IP telephony

    Science.gov (United States)

    Safarik, Jakub; Voznak, Miroslav; Mehic, Miralem; Partila, Pavol; Mikulec, Martin

    2014-05-01

    Various types of monitoring mechanism allow us to detect and monitor behavior of attackers in VoIP networks. Analysis of detected malicious traffic is crucial for further investigation and hardening the network. This analysis is typically based on statistical methods and the article brings a solution based on neural network. The proposed algorithm is used as a classifier of attacks in a distributed monitoring network of independent honeypot probes. Information about attacks on these honeypots is collected on a centralized server and then classified. This classification is based on different mechanisms. One of them is based on the multilayer perceptron neural network. The article describes inner structure of used neural network and also information about implementation of this network. The learning set for this neural network is based on real attack data collected from IP telephony honeypot called Dionaea. We prepare the learning set from real attack data after collecting, cleaning and aggregation of this information. After proper learning is the neural network capable to classify 6 types of most commonly used VoIP attacks. Using neural network classifier brings more accurate attack classification in a distributed system of honeypots. With this approach is possible to detect malicious behavior in a different part of networks, which are logically or geographically divided and use the information from one network to harden security in other networks. Centralized server for distributed set of nodes serves not only as a collector and classifier of attack data, but also as a mechanism for generating a precaution steps against attacks.

  15. Further attacks on Yeung-Mintzer fragile watermarking scheme

    Science.gov (United States)

    Fridrich, Jessica; Goljan, Miroslav; Memon, Nasir D.

    2000-05-01

    In this paper, we describe new and improved attacks on the authentication scheme previously proposed by Yeung and Mintzer. Previous attacks assumed that the binary watermark logo inserted in an image for the purposes of authentication was known. Here we remove that assumption and show how the scheme is still vulnerable, even if the binary logo is not known but the attacker has access to multiple images that have been watermarked with the same secret key and contain the same (but unknown) logo. We present two attacks. The first attack infers the secret watermark insertion function and the binary logo, given multiple images authenticated with the same key and containing the same logo. We show that a very good approximation to the logo and watermark insertion function can be constructed using as few as two images. With color images, one needs many more images, nevertheless the attack is still feasible. The second attack we present, which we call the 'collage-attack' is a variation of the Holliman-Memon counterfeiting attack. The proposed variation does not require knowledge of the watermark logo and produces counterfeits of superior quality by means of a suitable dithering process that we develop.

  16. Cybersecurity protecting critical infrastructures from cyber attack and cyber warfare

    CERN Document Server

    Johnson, Thomas A

    2015-01-01

    The World Economic Forum regards the threat of cyber attack as one of the top five global risks confronting nations of the world today. Cyber attacks are increasingly targeting the core functions of the economies in nations throughout the world. The threat to attack critical infrastructures, disrupt critical services, and induce a wide range of damage is becoming more difficult to defend against. Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare examines the current cyber threat landscape and discusses the strategies being used by governments and corporatio

  17. Train-the-Trainer Video on the Deliberate Night Attack

    National Research Council Canada - National Science Library

    Dyer, Jean

    1998-01-01

    .... Night and day photography illustrate the training sequence needed to master the individual and buddy team skills, battle drills, and situational training exercises that support the night attack...

  18. The Need for Situational Awareness in a CBRNE Attack

    Directory of Open Access Journals (Sweden)

    Jordan Nelms

    2011-02-01

    Full Text Available Six years before the terrorist attacks on the World Trade Center and the Pentagon, and eight years before the United States went to war with Saddam Hussein for his alleged concealment of chemical and biological weapons caches, Japan's Tokyo subway was struck by one of the most vicious terror attacks in modern history.  The 1995 Sarin terrorist attack represents an important case study for post-9/11 emergency managers because it highlights the key issues first responders and public health officials face when confronted with a CBRNE ('C'hemical, 'B'iological, 'R'adiological, 'N'uclear, 'E'xplosive mass-casualty attack.

  19. Privacy Leaks through Data Hijacking Attack on Mobile Systems

    Directory of Open Access Journals (Sweden)

    Zhang Daojuan

    2017-01-01

    Full Text Available To persistently eavesdrop on the mobile devices, attackers may obtain the elevated privilege and inject malicious modules into the user devices. Unfortunately, the attackers may not be able to obtain the privilege for a long period of time since the exploitable vulnerabilities may be fixed or the malware may be removed. In this paper, we propose a new data hijacking attack for the mobile apps. By employing the proposed method, the attackers are only required to obtain the root privilege of the user devices once, and they can persistently eavesdrop without any change to the original device. Specifically, we design a new approach to construct a shadow system by hijacking user data files. In the shadow system, attackers possess the identical abilities to the victims. For instance, if a victim has logged into the email app, the attacker can also access the email server in the shadow system without authentication in a long period of time. Without reauthentication of the app, it is difficult for victims to notice the intrusion since the whole eavesdropping is performed on other devices (rather than the user devices. In our experiments, we evaluate the effectiveness of the proposed attack and the result demonstrates that even the Android apps released by the top developers cannot resist this attack. Finally, we discuss some approaches to defend the proposed attack.

  20. Network attacks and defenses a hands-on approach

    CERN Document Server

    Trabelsi, Zouheir; Al Braiki, Arwa; Mathew, Sujith Samuel

    2012-01-01

    The attacks on computers and business networks are growing daily, and the need for security professionals who understand how malfeasants perform attacks and compromise networks is a growing requirement to counter the threat. Network security education generally lacks appropriate textbooks with detailed, hands-on exercises that include both offensive and defensive techniques. Using step-by-step processes to build and generate attacks using offensive techniques, Network Attacks and Defenses: A Hands-on Approach enables students to implement appropriate network security solutions within a laborat

  1. Optimal Patrol to Detect Attacks at Dispersed Heterogeneous Locations

    Science.gov (United States)

    2013-12-01

    solution RALP Random-attacker linear program SALP Strategic-attacker linear program SMDP Semi-Markov decision process SP Shortest path SPR1 Shortest...average cost per attack among all vertices, which we refer to as the strategic-attacker linear program ( SALP ): min x zOPT (3.1a) subject to ∑ (k,l)∈A c...the SALP is indicated by zOPT. The lower bound that is obtained from using the LBLP is indicated by zLB. Solutions obtained from using a heuristic

  2. Modelling Social-Technical Attacks with Timed Automata

    DEFF Research Database (Denmark)

    David, Nicolas; David, Alexandre; Hansen, Rene Rydhof

    2015-01-01

    . In this paper we develop an approach towards modelling socio-technical systems in general and socio-technical attacks in particular, using timed automata and illustrate its application by a complex case study. Thanks to automated model checking and automata theory, we can automatically generate possible attacks...... in our model and perform analysis and simulation of both model and attack, revealing details about the specific interaction between attacker and victim. Using timed automata also allows for intuitive modelling of systems, in which quantities like time and cost can be easily added and analysed....

  3. Attack Pattern Analysis Framework for a Multiagent Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Krzysztof Juszczyszyn

    2008-08-01

    Full Text Available The paper proposes the use of attack pattern ontology and formal framework for network traffic anomalies detection within a distributed multi-agent Intrusion Detection System architecture. Our framework assumes ontology-based attack definition and distributed processing scheme with exchange of communicates between agents. The role of traffic anomalies detection was presented then it has been discussed how some specific values characterizing network communication can be used to detect network anomalies caused by security incidents (worm attack, virus spreading. Finally, it has been defined how to use the proposed techniques in distributed IDS using attack pattern ontology.

  4. Cyber-physical attacks a growing invisible threat

    CERN Document Server

    Loukas, George

    2015-01-01

    Cyber-Physical Attacks: A Growing Invisible Threat presents the growing list of harmful uses of computers and their ability to disable cameras, turn off a building's lights, make a car veer off the road,  or a drone land in enemy hands. In essence, it details the ways cyber-physical attacks are replacing physical attacks in crime, warfare, and terrorism. The book explores how attacks using computers affect the physical world in ways that were previously only possible through physical means. Perpetrators can now cause damage without the same risk, and without the political, social, or moral

  5. A Review Of Recent Cyber-Attacks In Fiji

    Directory of Open Access Journals (Sweden)

    Neeraj A. Sharma

    2015-08-01

    Full Text Available Computing technology has evolved in such dramatic ways that a child can use such technology and their features. Internet is one such technology which allows peripheral devices to be connected to each other creating a network to share information. In the same way information can be attacked. In this paper we will be discussing the different types of cyber-attack that recently took place in Fiji. Common attacks discussed in this review paper are phishing email scams website defacement and skimming. Apart from common preventative methods some novel recommendations have been made. We believe the Fiji experiences and recommendations will assist technology users prepare better against such attacks.

  6. Software test attacks to break mobile and embedded devices

    CERN Document Server

    Hagar, Jon Duncan

    2013-01-01

    Address Errors before Users Find Them Using a mix-and-match approach, Software Test Attacks to Break Mobile and Embedded Devices presents an attack basis for testing mobile and embedded systems. Designed for testers working in the ever-expanding world of ""smart"" devices driven by software, the book focuses on attack-based testing that can be used by individuals and teams. The numerous test attacks show you when a software product does not work (i.e., has bugs) and provide you with information about the software product under test. The book guides you step by step starting with the basics. It

  7. Application distribution model and related security attacks in VANET

    Science.gov (United States)

    Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

    2013-03-01

    In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

  8. Computer Network Attacks and Modern International Law

    Directory of Open Access Journals (Sweden)

    Andrey L. Kozik

    2014-01-01

    Full Text Available Computer network attacks (CNA is a no doubt actual theoretical and practical topic today. Espionage, public and private computer-systems disruptions committed by states have been a real life. States execute CNA's involving its agents or hiring private hacker groups. However, the application of lex lata remains unclear in practice and still undeveloped in doctrine. Nevertheless the international obligations, which states have accepted under the UN Charter and other treaties as well as customs - with any related exemptions and reservations - are still in force and create a legal framework, which one cannot ignore. Taking into account the intensity level or the consequences of a CNA the later could be considered as an unfriendly, but legal doing, or, as a use of force (prohibited under the article 2(4 of the UN Charter, or - in the case the proper threshold is taken - as an armed attack (which gives the victim-state the right to use force in self-defence under the customs and the article 51 of the UN Charter. Researches in the field of lex lata applicability to the CNAs could highlight gaps and week points of the nowadays legal regime. The subject is on agenda in western doctrine, and it is a pity - not in Russian one - the number of publication here is still unsatisfied. The article formulates issues related to CNAs and the modern international legal regime. The author explores the definition, legal volume of the term CNA, highlights main issues, which have to be analyzed from the point of the contemporary law.

  9. Developing International Attack Strategy: the Case of Smartcard Expansion at PT CSL

    OpenAIRE

    Hidayah, Taufiqul; Toha, Mohamad

    2013-01-01

    PT CSL is the biggest smartcard manufacturer in Indonesia which has occupied more than 50% of domestic market share. CSL should expand its market abroad to avoid from KPPU regulation related with monopolistic. For competing with global competitors, CSL should position its products and solutions among global manufacturers. CSL should have appropriate attack strategy while entering certain market/segment to fight with existing competitors. Both strategies must be supported International corpora...

  10. Treatment of HAE Attacks in the Icatibant Outcome Survey

    DEFF Research Database (Denmark)

    Hernández Fernandez de Rojas, Dolores; Ibañez, Ethel; Longhurst, Hilary

    2015-01-01

    BACKGROUND: Icatibant, a selective bradykinin B2 receptor antagonist for the treatment of acute hereditary angio-oedema (HAE) attacks in adults, can be administered by health care professionals (HCPs) or self-administered. This analysis compared characteristics and outcomes of acute HAE attacks t...

  11. Transforming Graphical System Models To Graphical Attack Models

    NARCIS (Netherlands)

    Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, René Rydhof; Kammüller, Florian; Mauw, S.; Kordy, B.

    2015-01-01

    Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations that

  12. Israeli Adolescents' Coping Strategies in Relation to Terrorist Attacks

    Science.gov (United States)

    Tatar, Moshe; Amram, Sima

    2007-01-01

    Exposure to terrorism seriously threatens the well-being of children and adolescents. Israeli citizens have witnessed massive ongoing terrorist attacks during the last few years. The present research, conducted among 330 Israeli adolescents, examined coping strategies in relation to terrorist attacks. We found that adolescents utilize more…

  13. Pareto Efficient Solutions of Attack-Defence Trees

    DEFF Research Database (Denmark)

    Aslanyan, Zaruhi; Nielson, Flemming

    2015-01-01

    Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as proba......Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes......, such as probability or cost of attacks and defences. In case of multiple parameters most analytical methods optimise one parameter at a time, e.g., minimise cost or maximise probability of an attack. Such methods may lead to sub-optimal solutions when optimising conflicting parameters, e.g., minimising cost while...... maximising probability. In order to tackle this challenge, we devise automated techniques that optimise all parameters at once. Moreover, in the case of conflicting parameters our techniques compute the set of all optimal solutions, defined in terms of Pareto efficiency. The developments are carried out...

  14. Effectiveness of the Call in Beach Volleyball Attacking Play

    Directory of Open Access Journals (Sweden)

    Künzell Stefan

    2014-12-01

    Full Text Available In beach volleyball the setter has the opportunity to give her or his hitter a “call”. The call intends that the setter suggests to her or his partner where to place the attack in the opponent’s court. The effectiveness of a call is still unknown. We investigated the women’s and men’s Swiss National Beach Volleyball Championships in 2011 and analyzed 2185 attacks. We found large differences between female and male players. While men called in only 38.4% of attacks, women used calls in 85.5% of attacks. If the male players followed a given call, 63% of the attacks were successful. The success rate of attacks without any call was 55.8% and 47.6% when the call was ignored. These differences were not significant (χ2(2 = 4.55, p = 0.103. In women’s beach volleyball, the rate of successful attacks was 61.5% when a call was followed, 35% for attacks without a call, and 42.6% when a call was ignored. The differences were highly significant (χ2(2 = 23.42, p < 0.0005. Taking into account the findings of the present study, we suggested that the call was effective in women’s beach volleyball, while its effect in men’s game was unclear. Considering the quality of calls we indicate that there is a significant potential to increase the effectiveness of a call.

  15. 12 CFR 1780.16 - Collateral attacks on adjudicatory proceeding.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 7 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... Rules § 1780.16 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral... subpart shall be excused based on the pendency before any court of any interlocutory appeal or collateral...

  16. Extended KCI attack against two-party key establishment protocols

    NARCIS (Netherlands)

    Tang, Qiang; Chen, Liqun

    2011-01-01

    We introduce an extended Key Compromise Impersonation (KCI) attack against two-party key establishment protocols, where an adversary has access to both long-term and ephemeral secrets of a victim. Such an attack poses serious threats to both key authentication and key confirmation properties of a

  17. Practical Attacks on AES-like Cryptographic Hash Functions

    DEFF Research Database (Denmark)

    Kölbl, Stefan; Rechberger, Christian

    2015-01-01

    to drastically reduce the complexity of attacks to very practical values for reduced-round versions. Furthermore, we describe new and practical attacks on Whirlpool and the recently proposed GOST R hash function with one or more of the following properties: more rounds, less time/memory complexity, and more...

  18. Novel Method For Low-Rate Ddos Attack Detection

    Science.gov (United States)

    Chistokhodova, A. A.; Sidorov, I. D.

    2018-05-01

    The relevance of the work is associated with an increasing number of advanced types of DDoS attacks, in particular, low-rate HTTP-flood. Last year, the power and complexity of such attacks increased significantly. The article is devoted to the analysis of DDoS attacks detecting methods and their modifications with the purpose of increasing the accuracy of DDoS attack detection. The article details low-rate attacks features in comparison with conventional DDoS attacks. During the analysis, significant shortcomings of the available method for detecting low-rate DDoS attacks were found. Thus, the result of the study is an informal description of a new method for detecting low-rate denial-of-service attacks. The architecture of the stand for approbation of the method is developed. At the current stage of the study, it is possible to improve the efficiency of an already existing method by using a classifier with memory, as well as additional information.

  19. "Dateline NBC"'s Persuasive Attack on Wal-Mart.

    Science.gov (United States)

    Benoit, William L.; Dorries, Bruce

    1996-01-01

    Develops a typology of persuasive attack strategies. Identifies two key components of persuasive attack: responsibility and offensiveness. Describes several strategies for intensifying each of these elements. Applies this analysis to "Dateline NBC"'s allegations that Wal-Mart's "Buy American" campaign was deceptive. Concludes…

  20. Detecting Distributed SQL Injection Attacks in a Eucalyptus Cloud Environment

    Science.gov (United States)

    Kebert, Alan; Barnejee, Bikramjit; Solano, Juan; Solano, Wanda

    2013-01-01

    The cloud computing environment offers malicious users the ability to spawn multiple instances of cloud nodes that are similar to virtual machines, except that they can have separate external IP addresses. In this paper we demonstrate how this ability can be exploited by an attacker to distribute his/her attack, in particular SQL injection attacks, in such a way that an intrusion detection system (IDS) could fail to identify this attack. To demonstrate this, we set up a small private cloud, established a vulnerable website in one instance, and placed an IDS within the cloud to monitor the network traffic. We found that an attacker could quite easily defeat the IDS by periodically altering its IP address. To detect such an attacker, we propose to use multi-agent plan recognition, where the multiple source IPs are considered as different agents who are mounting a collaborative attack. We show that such a formulation of this problem yields a more sophisticated approach to detecting SQL injection attacks within a cloud computing environment.

  1. Understanding Bifurcation of Slow Versus Fast Cyber-Attackers

    NARCIS (Netherlands)

    van Wieren, Maarten; Doerr, Christian; Jacobs, Vivian; Pieters, Wolter; Livraga, Giovanni; Torra, Vicenç; Aldini, Alessandro; Martinelli, Fabio; Suri, Neeraj

    2016-01-01

    Anecdotally, the distinction between fast “Smash-and-Grab‿ cyber-attacks on the one hand and slow attacks or “Advanced Persistent Threats‿ on the other hand is well known. In this article, we provide an explanation for this phenomenon as the outcome of an optimization from the perspective of the

  2. Quantitative security and safety analysis with attack-fault trees

    NARCIS (Netherlands)

    Kumar, Rajesh; Stoelinga, Mariëlle Ida Antoinette

    2017-01-01

    Cyber physical systems, like power plants, medical devices and data centers have to meet high standards, both in terms of safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to malicious attacks). This paper presents attack fault trees (AFTs), a formalism that

  3. Internet Attack Traceback: Cross-Validation and Pebble-Trace

    Science.gov (United States)

    2013-02-28

    stolen-cyber-attack. [3] Hacked: Data breach costly for Ohio State, victims of compromised info http://www.thelantern.com/campus/hacked- data ... breach -costly-for-ohio-state-victims-of-compromised-info-1.1831311. [4] S. C. Lee and C. Shields, “Tracing the Source of Network Attack: A Technical

  4. Measuring the effectiveness of SDN mitigations against cyber attacks

    NARCIS (Netherlands)

    Koning, R.; de Graaff, B.; Meijer, R.; de Laat, C.; Grosso, P.

    2017-01-01

    To address increasing problems caused by cyber attacks, we leverage Software Defined networks and Network Function Virtualisation governed by a SARNET-agent to enable autonomous response and attack mitigation. A Secure Autonomous Response Network (SARNET) uses a control loop to constantly assess the

  5. A Survey of Man in the Middle Attacks

    DEFF Research Database (Denmark)

    Conti, Mauro; Dragoni, Nicola; Lesyk, Viktor

    2016-01-01

    extensively review the literature on MITM to analyse and categorize the scope of MITM attacks, considering both a reference model, such as the open systems interconnection (OSI) model, as well as two specific widely used network technologies, i.e., GSM and UMTS. In particular, we classify MITM attacks based...

  6. The Rebound Attack and Subspace Distinguishers: Application to Whirlpool

    DEFF Research Database (Denmark)

    Lamberger, Mario; Mendel, Florian; Schläffer, Martin

    2015-01-01

    We introduce the rebound attack as a variant of differential cryptanalysis on hash functions and apply it to the hash function Whirlpool, standardized by ISO/IEC. We give attacks on reduced variants of the 10-round Whirlpool hash function and compression function. Our results are collisions for 5...

  7. Can a Copycat Effect be Observed in Terrorist Suicide Attacks?

    Directory of Open Access Journals (Sweden)

    Nicholas Farnham

    2017-03-01

    Full Text Available The purpose of this paper is to explore how a copycat effect – established within the field of suicide studies – may manifest itself in terrorist suicide attacks, and takes an exploratory approach in evaluating the prospect of incorporating open-data resources in future counter-terrorism research. This paper explores a possible ‘copycat effect’ in cases of suicide terrorism, which entails a perpetrator being inspired by a preceding attack to carry out a similar attack not long after the original. In the wake of mounting risks of lone wolf terrorist attacks today and due to the general difficulties faced in preventing such attacks, in this paper we explore a potential area of future prevention in media reporting, security and anti-terrorism policies today. Using the START Global Terrorism Database (GTD, this paper investigates terrorist suicide-attack clusters and analyses the relationship between attacks found within the same cluster. Using a mixed-method approach, our analyses did not uncover clear evidence supporting a copycat effect among the studied attacks. These and other findings have numerous policy and future research implications.

  8. Attacks on Mobile Phones that Use the Automatic Configuration Mechanism

    Directory of Open Access Journals (Sweden)

    A. G. Beltov

    2012-09-01

    Full Text Available The authors analyze the attacks on mobile devices that use the mechanism of an automatic configuration OMA/OTA, whose aim is listening to the Internet traffic of subscribers and the intrusion of malicious software on the user’s device, and suggest ways to protect mobile phones against such attacks.

  9. Noncombatants and liability to be attacked in wars

    DEFF Research Database (Denmark)

    Lippert-Rasmussen, Kasper

    2013-01-01

    The paper assumes that some people, at least, are liable to attack in war. In a number of ways, this is an ambiguous statement, so before proceeding, I need to clarify the specific senses in which I shall generally be using the terms "liable" and "attack." When I write that "S is liable to milita...

  10. Fault attacks, injection techniques and tools for simulation

    NARCIS (Netherlands)

    Piscitelli, R.; Bhasin, S.; Regazzoni, F.

    2015-01-01

    Faults attacks are a serious threat to secure devices, because they are powerful and they can be performed with extremely cheap equipment. Resistance against fault attacks is often evaluated directly on the manufactured devices, as commercial tools supporting fault evaluation do not usually provide

  11. Python Source Code Plagiarism Attacks on Introductory Programming Course Assignments

    Science.gov (United States)

    Karnalim, Oscar

    2017-01-01

    This paper empirically enlists Python plagiarism attacks that have been found on Introductory Programming course assignments for undergraduate students. According to our observation toward 400 plagiarism-suspected cases, there are 35 plagiarism attacks that have been conducted by students. It starts with comment & whitespace modification as…

  12. Optimizing power system investments and resilience against attacks

    International Nuclear Information System (INIS)

    Fang, Yiping; Sansavini, Giovanni

    2017-01-01

    This paper studies the combination of capacity expansion and switch installation in electric systems that ensures optimum performance under nominal operations and attacks. The planner–attacker–defender model is adopted to develop decisions that minimize investment and operating costs, and functionality loss after attacks. The model bridges long-term system planning for transmission expansion and short-term switching operations in reaction to attacks. The mixed-integer optimization is solved by decomposition via two-layer cutting plane algorithm. Numerical results on an IEEE system shows that small investments in transmission line switching enhance resilience by responding to disruptions via system reconfiguration. Sensitivity analyses show that transmission planning under the assumption of small-scale attacks provides the most robust strategy, i.e. the minimum-regret planning, if many constraints and limited investment budget affect the planning. On the other hand, the assumption of large-scale attacks provides the most robust strategy if the planning process involves large flexibility and budget. - Highlights: • Investment optimization in power systems under attacks is presented. • Capacity expansion and switch installation for system reconfiguration are combined. • The problem is solved by decomposition via two-layer cutting plane algorithm. • Small investments in switch installation enhance resilience by response to attacks. • Sensitivity analyses identify robust planning against different attack scenarios.

  13. Studies on sulfate attack: Mechanisms, test methods, and modeling

    Science.gov (United States)

    Santhanam, Manu

    The objective of this research study was to investigate various issues pertaining to the mechanism, testing methods, and modeling of sulfate attack in concrete. The study was divided into the following segments: (1) effect of gypsum formation on the expansion of mortars, (2) attack by the magnesium ion, (3) sulfate attack in the presence of chloride ions---differentiating seawater and groundwater attack, (4) use of admixtures to mitigate sulfate attack---entrained air, sodium citrate, silica fume, and metakaolin, (5) effects of temperature and concentration of the attack solution, (6) development of new test methods using concrete specimens, and (7) modeling of the sulfate attack phenomenon. Mortar specimens using portland cement (PC) and tricalcium silicate (C 3S), with or without mineral admixtures, were prepared and immersed in different sulfate solutions. In addition to this, portland cement concrete specimens were also prepared and subjected to complete and partial immersion in sulfate solutions. Physical measurements, chemical analyses and microstructural studies were performed periodically on the specimens. Gypsum formation was seen to cause expansion of the C3S mortar specimens. Statistical analyses of the data also indicated that the quantity of gypsum was the most significant factor controlling the expansion of mortar bars. The attack by magnesium ion was found to drive the reaction towards the formation of brucite. Decalcification of the C-S-H and its subsequent conversion to the non-cementitious M-S-H was identified as the mechanism of destruction in magnesium sulfate attack. Mineral admixtures were beneficial in combating sodium sulfate attack, while reducing the resistance to magnesium sulfate attack. Air entrainment did not change the measured physical properties, but reduced the visible distress of the mortars. Sodium citrate caused a substantial reduction in the rate of damage of the mortars due to its retarding effect. Temperature and

  14. Vulnerability of complex networks under intentional attack with incomplete information

    International Nuclear Information System (INIS)

    Wu, J; Deng, H Z; Tan, Y J; Zhu, D Z

    2007-01-01

    We study the vulnerability of complex networks under intentional attack with incomplete information, which means that one can only preferentially attack the most important nodes among a local region of a network. The known random failure and the intentional attack are two extreme cases of our study. Using the generating function method, we derive the exact value of the critical removal fraction f c of nodes for the disintegration of networks and the size of the giant component. To validate our model and method, we perform simulations of intentional attack with incomplete information in scale-free networks. We show that the attack information has an important effect on the vulnerability of scale-free networks. We also demonstrate that hiding a fraction of the nodes information is a cost-efficient strategy for enhancing the robustness of complex networks

  15. Matrix metalloproteinases during and outside of migraine attacks without aura

    DEFF Research Database (Denmark)

    Ashina, M.; Tvedskov, J.F.; Thiesen, Kerstin Lipka

    2010-01-01

    Ashina M, Tvedskov JF, Lipka K, Bilello J, Penkowa M & Olesen J. Matrix metalloproteinases during and outside of migraine attacks without aura. Cephalalgia 2009. London. ISSN 0333-1024To test the hypothesis that permeability of the blood-brain barrier (BBB) is altered during migraine attack due...... to enhanced activation of matrix metalloproteinases (MMPs), we investigated MMP-3, MMP-9 and tissue inhibitor of metalloproteases (TIMP)-1 in the external jugular vein during and outside of migraine attacks in 21 patients with migraine without aura. In addition, we measured plasma levels of several other...... of MMP-3 in the external jugular (P = 0.002) and cubital (P = 0.008) vein during attacks compared with outside of attacks. We found no correlation of ictal or interictal MMP-3, MMP-9 and TIMP-1 to migraine duration and frequency analysed in 21 patients (P > 0.05). There was no difference between ictal...

  16. THE REPRISAL ATTACKS BY AL-SHABAAB AGAINST KENYA

    Directory of Open Access Journals (Sweden)

    E.O.S.ODHIAMBO

    2013-10-01

    Full Text Available The incursion of Kenya Defence Forces (KDF into Somalia was met by a series of threats from the Al-Shabaab that it would increase the attacks against Kenya if the troops were not withdrawn. The capture of Kismayu by KDF has weakened the nerve of Al-Shabaab but has not eliminated the imminent danger of a substantive terror attack. Since the incursion by KDF, Kenya has succumbed to a sequence of grenade and Improvised Explosive Devices attacks, roadside bombs, landmines and raids by fighters using small arms and light weapons and Rocket Propelled Grenades against Kenyans mostly in North Eastern, Coastal and Nairobi counties, marking the resurgence of terrorism in the country. We argue that Kenya is more vulnerable to Al-Shabaab terrorists attack than before the KDF incursion by citing the frequencies of reprisal attacks from October 2011 to January 2013. Hence, our troops should be withdrawn and deployed within our boundary.

  17. Variability of clinical features in attacks of migraine with aura

    DEFF Research Database (Denmark)

    Hansen, Jakob M; Goadsby, Peter J; Charles, Andrew C

    2016-01-01

    . CONCLUSION: These findings are consistent with variable involvement of different brain regions during a migraine attack. The variable occurrence of nausea, and phonophobia in conjunction with photophobia, both defining features of migraine, may be an important consideration in designing clinical studies......BACKGROUND: There is significant variability in the clinical presentation of migraine, both among patients, and between attacks in an individual patient. We examined clinical features of migraine with aura in a large group of patients enrolled in a clinical trial, and compared retrospective...... a detailed retrospective description of the clinical features of their attacks of migraine. During the trial, clinical symptoms in migraine attacks starting with aura were recorded prospectively in 861 attacks. RESULTS: Retrospectively reported visual aura symptoms were variable and often overlapping...

  18. Anti-discrimination Analysis Using Privacy Attack Strategies

    KAUST Repository

    Ruggieri, Salvatore

    2014-09-15

    Social discrimination discovery from data is an important task to identify illegal and unethical discriminatory patterns towards protected-by-law groups, e.g., ethnic minorities. We deploy privacy attack strategies as tools for discrimination discovery under hard assumptions which have rarely tackled in the literature: indirect discrimination discovery, privacy-aware discrimination discovery, and discrimination data recovery. The intuition comes from the intriguing parallel between the role of the anti-discrimination authority in the three scenarios above and the role of an attacker in private data publishing. We design strategies and algorithms inspired/based on Frèchet bounds attacks, attribute inference attacks, and minimality attacks to the purpose of unveiling hidden discriminatory practices. Experimental results show that they can be effective tools in the hands of anti-discrimination authorities.

  19. Attacks on Bluetooth Security Architecture and Its Countermeasures

    Science.gov (United States)

    Iqbal, Mian Muhammad Waseem; Kausar, Firdous; Wahla, Muhammad Arif

    WPANs compliment the traditional IEEE 802.11 wireless networks by facilitating the clients with flexibility in network topologies, higher mobility and relaxed configuration/hardware requirements. Bluetooth, a WPAN technology, is an open standard for short-range radio frequency (RF) communication. However, it is also susceptible to typical security threats found in wireless LANs. This paper discuses some of the attack scenarios against the bluetooth network such as hostile intrusion, active Man-in-the-Middle (MITM) attack using unit key and various forms of denial of service (DoS) attacks. These threats and attacks compromise the confidentiality and availability of bluetooth data and services. This paper proposes an improved security architecture for bluetooth device which provides protection against the above mentioned attacks.

  20. Step to improve neural cryptography against flipping attacks.

    Science.gov (United States)

    Zhou, Jiantao; Xu, Qinzhen; Pei, Wenjiang; He, Zhenya; Szu, Harold

    2004-12-01

    Synchronization of neural networks by mutual learning has been demonstrated to be possible for constructing key exchange protocol over public channel. However, the neural cryptography schemes presented so far are not the securest under regular flipping attack (RFA) and are completely insecure under majority flipping attack (MFA). We propose a scheme by splitting the mutual information and the training process to improve the security of neural cryptosystem against flipping attacks. Both analytical and simulation results show that the success probability of RFA on the proposed scheme can be decreased to the level of brute force attack (BFA) and the success probability of MFA still decays exponentially with the weights' level L. The synchronization time of the parties also remains polynomial with L. Moreover, we analyze the security under an advanced flipping attack.

  1. SDN-Based Double Hopping Communication against Sniffer Attack

    Directory of Open Access Journals (Sweden)

    Zheng Zhao

    2016-01-01

    Full Text Available Sniffer attack has been a severe threat to network communication security. Traditional network usually uses static network configuration, which provides convenience to sniffer attack. In this paper, an SDN-based double hopping communication (DHC approach is proposed to solve this problem. In DHC, ends in communication packets as well as the routing paths are changed dynamically. Therefore, the traffic will be distributed to multiple flows and transmitted along different paths. Moreover, the data from multiple users will be mixed, bringing difficulty for attackers in obtaining and recovering the communication data, so that sniffer attack will be prevented effectively. It is concluded that DHC is able to increase the overhead of sniffer attack, as well as the difficulty of communication data recovery.

  2. Improved Impossible Differential Attacks on Large-Block Rijndael

    DEFF Research Database (Denmark)

    Wang, Qingju; Gu, Dawu; Rijmen, Vincent

    2012-01-01

    . The improvement can lead to 10-round attack on Rijndael-256 as well. With 2198.1 chosen plaintexts, an attack is demonstrated on 9-round Rijndael-224 with 2 195.2 encryptions and 2140.4 bytes memory. Increasing the data complexity to 2216 plaintexts, the time complexity can be reduced to 2130 encryptions...... and the memory requirements to 2 93.6 bytes. For 9-round Rijndael-256, we provide an attack requiring 2229.3 chosen plaintexts, 2194 encryptions, and 2 139.6 bytes memory. Alternatively, with 2245.3 plaintexts, an attack with a reduced time of 2127.1 encryptions and a memory complexity of 290.9 bytes can...... be mounted. With 2244.2 chosen plaintexts, we can attack 10-round Rijndael-256 with 2253.9 encryptions and 2186.8 bytes of memory....

  3. Detecting peripheral-based attacks on the host memory

    CERN Document Server

    Stewin, Patrick

    2015-01-01

    This work addresses stealthy peripheral-based attacks on host computers and presents a new approach to detecting them. Peripherals can be regarded as separate systems that have a dedicated processor and dedicated runtime memory to handle their tasks. The book addresses the problem that peripherals generally communicate with the host via the host’s main memory, storing cryptographic keys, passwords, opened files and other sensitive data in the process – an aspect attackers are quick to exploit.  Here, stealthy malicious software based on isolated micro-controllers is implemented to conduct an attack analysis, the results of which provide the basis for developing a novel runtime detector. The detector reveals stealthy peripheral-based attacks on the host’s main memory by exploiting certain hardware properties, while a permanent and resource-efficient measurement strategy ensures that the detector is also capable of detecting transient attacks, which can otherwise succeed when the applied strategy only me...

  4. Metrics for Assessment of Smart Grid Data Integrity Attacks

    Energy Technology Data Exchange (ETDEWEB)

    Annarita Giani; Miles McQueen; Russell Bent; Kameshwar Poolla; Mark Hinrichs

    2012-07-01

    There is an emerging consensus that the nation’s electricity grid is vulnerable to cyber attacks. This vulnerability arises from the increasing reliance on using remote measurements, transmitting them over legacy data networks to system operators who make critical decisions based on available data. Data integrity attacks are a class of cyber attacks that involve a compromise of information that is processed by the grid operator. This information can include meter readings of injected power at remote generators, power flows on transmission lines, and relay states. These data integrity attacks have consequences only when the system operator responds to compromised data by redispatching generation under normal or contingency protocols. These consequences include (a) financial losses from sub-optimal economic dispatch to service loads, (b) robustness/resiliency losses from placing the grid at operating points that are at greater risk from contingencies, and (c) systemic losses resulting from cascading failures induced by poor operational choices. This paper is focused on understanding the connections between grid operational procedures and cyber attacks. We first offer two examples to illustrate how data integrity attacks can cause economic and physical damage by misleading operators into taking inappropriate decisions. We then focus on unobservable data integrity attacks involving power meter data. These are coordinated attacks where the compromised data are consistent with the physics of power flow, and are therefore passed by any bad data detection algorithm. We develop metrics to assess the economic impact of these attacks under re-dispatch decisions using optimal power flow methods. These metrics can be use to prioritize the adoption of appropriate countermeasures including PMU placement, encryption, hardware upgrades, and advance attack detection algorithms.

  5. Clinical study on transient ischemic attack

    International Nuclear Information System (INIS)

    Takusagawa, Yoshihiko; Fujiwara, Yasuhiro; Ichiki, Ken; Suga, Takeshi; Nishigaki, Shinichi

    1986-01-01

    The purpose of this study was to neuroradiologically elucidate the mechanism by which transient ischemic attack (TIA) occurs. A total of 65 patients with TIA, including 52 with TIA in the internal carotid artery (Group I) and 13 with TIA in the vertebrobasilar artery (Group II), underwent computed tomography (CT) and cerebral angiography (CAG). In Group I, CAG revealed normal findings in 25 patients, extracranial lesions in 14, intracranial lesions in 11, and mixed extra- and intra-cranial lesions in 2; and the corresponding figures for Group II were 8, 4, 1 and 0, respectively. CT findings in Groups I and II included: normal findings in 27 and 9 patients, atrophied cerebrum and dilated cerebral ventricle in 7 and 2, TIA-unrelated infarction in 5 and one, and TIA-related infarction in 15 and one, respectively. In the 15 patients with TIA-related infarction in Group I, 10 had infarction in the basal cell nucleolus and the other 5 had widespread infarction extending to the area under the cortex. The latter 5 patients had cerebral infarction, and showed recanalization of the vessels. This finding may support the theory of ''microembolus'' as a possible cause of TIA. (Namekawa, K.)

  6. Current therapy for chronic cerebrovascular attack

    Directory of Open Access Journals (Sweden)

    A. A. Shmonin

    2015-01-01

    Full Text Available Chronic cerebrovascular attack (CCVA is a brain lesion caused by vascular factors. CCVA appears as cognitive impairments (CIs, affective (emotional disorders and focal syndromes. Treatment for CCVA requires a comprehensive approach. Effective combination therapy for CCVA involves secondary prevention of stroke and CIs; treatment of CIs; treatment of depression and other affective disorders; and neuroprotective therapy. Basic therapy for CCVA includes modification of risk factors, antihypertensive, hypolipidemic, and antithrombotic therapies. Central acetylcholinesterase inhibitors (galantamine, rivastigmine, donepezil and a reversible NMDA receptor blocker (memantine are symptomatically used at a stage of vascular and mixed dementia. There are no unique guidelines for the therapy of mild and moderate vascular nondementia-related CIs. Drug use, based on the neurochemical mechanisms underlying the development of vascular CIs, is substantiated. When choosing psychotropic agents, it is necessary to take into account the causes and clinical manifestations of neuromediator deficiency. Antidepressants are used as essential drugs. Neuroleptics and tranquilizers are additionally administered in complex-pattern syndromes, such as depression with marked anxiety. Prescription of neuroprotectors may be effective in treating both stroke and CCVA. These medicaments are most effective when a damaging factor acts, i.e. neuroprotectors should be given in a risk situation and to reduce damage. Citicoline is one of the most test drugs in a group of neuroprotectors. 

  7. Intergranular attack evaluation from hideout return

    International Nuclear Information System (INIS)

    Nordmann, F.; Dupin, M.; Menet, O.; Fiquet, J.-M.

    1989-01-01

    Intergranular Attack (IGA) is the secondary side corrosion mechanism on PWR steam generator tubing, which can occur most frequently even with a good waterchemistry. It has moderately developed in a few French units. Consequently, several remedies have been implemented, such as sodium content decrease in makeup water and application of more stringent chemistry specifications. In order to evaluate the local chemistry in restricted areas where IGA may occur, a large hideout return programme has been carried out on many units. It shows that free alkalinity returning during shutdown is usually ranging from 0.5 to 5 g of sodium per steam generator, and that the required time to let it return is about 40 hours. However, high temperature pH calculations indicate that such an amount of alkalinity can correspond to a potentially corrosive solution in restricted areas, where a concentration factor of 10 5 to 10 7 can be reached, inducing a pH of 10 at 300 o C. Studies are still in progress in order to define when a shutdown should be required to allow hideout return and help to prevent IGA. (author)

  8. Inflammation and neuropathic attacks in hereditary brachial plexus neuropathy

    Science.gov (United States)

    Klein, C; Dyck, P; Friedenberg, S; Burns, T; Windebank, A; Dyck, P

    2002-01-01

    Objective: To study the role of mechanical, infectious, and inflammatory factors inducing neuropathic attacks in hereditary brachial plexus neuropathy (HBPN), an autosomal dominant disorder characterised by attacks of pain and weakness, atrophy, and sensory alterations of the shoulder girdle and upper limb muscles. Methods: Four patients from separate kindreds with HBPN were evaluated. Upper extremity nerve biopsies were obtained during attacks from a person of each kindred. In situ hybridisation for common viruses in nerve tissue and genetic testing for a hereditary tendency to pressure palsies (HNPP; tomaculous neuropathy) were undertaken. Two patients treated with intravenous methyl prednisolone had serial clinical and electrophysiological examinations. One patient was followed prospectively through pregnancy and during the development of a stereotypic attack after elective caesarean delivery. Results: Upper extremity nerve biopsies in two patients showed prominent perivascular inflammatory infiltrates with vessel wall disruption. Nerve in situ hybridisation for viruses was negative. There were no tomaculous nerve changes. In two patients intravenous methyl prednisolone ameliorated symptoms (largely pain), but with tapering of steroid dose, signs and symptoms worsened. Elective caesarean delivery did not prevent a typical postpartum attack. Conclusions: Inflammation, probably immune, appears pathogenic for some if not all attacks of HBPN. Immune modulation may be useful in preventing or reducing the neuropathic attacks, although controlled trials are needed to establish efficacy, as correction of the mutant gene is still not possible. The genes involved in immune regulation may be candidates for causing HBPN disorders. PMID:12082044

  9. Construction of a Cyber Attack Model for Nuclear Power Plants

    Energy Technology Data Exchange (ETDEWEB)

    Varuttamaseni, Athi; Bari, Robert A.; Youngblood, Robert

    2017-05-01

    The consideration of how one compromised digital equipment can impact neighboring equipment is critical to understanding the progression of cyber attacks. The degree of influence that one component may have on another depends on a variety of factors, including the sharing of resources such as network bandwidth or processing power, the level of trust between components, and the inclusion of segmentation devices such as firewalls. The interactions among components via mechanisms that are unique to the digital world are not usually considered in traditional PRA. This means potential sequences of events that may occur during an attack may be missed if one were to only look at conventional accident sequences. This paper presents a method where, starting from the initial attack vector, the progression of a cyber attack can be modeled. The propagation of the attack is modeled by considering certain attributes of the digital components in the system. These attributes determine the potential vulnerability of a component to a class of attack and the capability gained by the attackers once they are in control of the equipment. The use of attributes allows similar components (components with the same set of attributes) to be modeled in the same way, thereby reducing the computing resources required for analysis of large systems.

  10. Changes in vestibular evoked myogenic potentials after Meniere attacks.

    Science.gov (United States)

    Kuo, Shih-Wei; Yang, Ting-Hua; Young, Yi-Ho

    2005-09-01

    The aim of this study was to apply videonystagmography (VNG) and vestibular evoked myogenic potential (VEMP) tests to patients with Meniere attacks, to explore the mechanics of where saccular disorders may affect the semicircular canals. From January 2001 to December 2003, 12 consecutive patients with unilateral definite Meniere's disease with vertiginous attacks underwent VNG for recording spontaneous nystagmus, as well as VEMP tests. At the very beginning of the Meniere attack, the spontaneous nystagmus beat toward the lesion side in 5 patients (42%) and toward the healthy side in 7 patients (58%). Twenty-four hours later, only 6 patients (50%) showed spontaneous nystagmus beating toward the healthy side. Nevertheless, spontaneous nystagmus subsided in all patients within 48 hours. The VEMP test was performed within 24 hours of a Meniere attack; the VEMPs were normal in 4 patients and abnormal in 8 patients (67%). After 48 hours, 4 patients with initially abnormal VEMPs had resolution and return to normal VEMPs, and the other 4 patients still had absent VEMPs. Most patients (67%) with Meniere attacks revealed abnormal VEMPs, indicating that the saccule participates in a Meniere attack. This is an important idea that stimulates consideration of the mechanism of Meniere attacks.

  11. Position Information

    Data.gov (United States)

    Social Security Administration — The Position Information Data Asset provides the ability to search for active SSA position descriptions using various search criteria. An individual may search by PD...

  12. TCPL: A Defense against wormhole attacks in wireless sensor networks

    International Nuclear Information System (INIS)

    Kumar, K. E. Naresh; Waheed, Mohd. Abdul; Basappa, K. Kari

    2010-01-01

    Do In this paper presents recent advances in technology have made low-cost, low-power wireless sensors with efficient energy consumption. A network of such nodes can coordinate among themselves for distributed sensing and processing of certain data. For which, we propose an architecture to provide a stateless solution in sensor networks for efficient routing in wireless sensor networks. This type of architecture is known as Tree Cast. We propose a unique method of address allocation, building up multiple disjoint trees which are geographically inter-twined and rooted at the data sink. Using these trees, routing messages to and from the sink node without maintaining any routing state in the sensor nodes is possible. In this paper, we introduce the wormhole attack, a severe attack in ad hoc networks that is particularly challenging to defend against. The wormhole attack is possible even if the attacker has not compromised any hosts and even if all communication provides authenticity and confidentiality. In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them to another location, and retransmits them there into the network. The wormhole attack can form a serious threat in wireless networks, especially against many sensor network routing protocols and location-based wireless security systems. For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to find routes longer than one or two hops, severely disrupting communication. We present a new, general mechanism, called packet leashes, for detecting and thus defending against wormhole attacks, and we present a specific protocol, called TIK, that implements leashes.

  13. Positive Psychology

    Science.gov (United States)

    Peterson, Christopher

    2009-01-01

    Positive psychology is a deliberate correction to the focus of psychology on problems. Positive psychology does not deny the difficulties that people may experience but does suggest that sole attention to disorder leads to an incomplete view of the human condition. Positive psychologists concern themselves with four major topics: (1) positive…

  14. Suicide to harass others: clues from mythology to understanding suicide bombing attacks.

    Science.gov (United States)

    Preti, Antonio

    2006-01-01

    Suicide by revenge, the Samsonic suicide, and the suicide by devotio, all described in classical mythology and also reported in the ethnographic literature, belong to the same class of suicidal behaviors as kamikaze suicide and the suicide bombing attack: suicide to harass and burden others or suicide with a hostile intent. The lack of a social dimension to share in a positive manner may lead an individual to integrate him/herself in another social structure, e.g., a military organization, which allows the individual to express his/her desires and personal identity only by destroying others and themselves. The dynamics of these forms of suicide are also likely to work in other displays of life-threatening behavior, such as family annihilation, mass murder, and spree killing. A more thorough investigation of the dynamics operating in suicide bombing attacks could, therefore, contribute to preventative strategies against violence at large.

  15. A General Ligand Design for Gold Catalysis allowing Ligand-Directed Anti Nucleophilic Attack of Alkynes

    Science.gov (United States)

    Wang, Yanzhao; Wang, Zhixun; Li, Yuxue; Wu, Gongde; Cao, Zheng; Zhang, Liming

    2014-01-01

    Most homogenous gold catalyses demand ≥0.5 mol % catalyst loading. Due to the high cost of gold, these reactions are unlikely to be applicable in medium or large scale applications. Here we disclose a novel ligand design based on the privileged biphenyl-2-phosphine framework that offers a potentially general approach to dramatically lowering catalyst loading. In this design, an amide group at the 3’ position of the ligand framework directs and promotes nucleophilic attack at the ligand gold complex-activated alkyne, which is unprecedented in homogeneous gold catalysis considering the spatial challenge of using ligand to reach antiapproaching nucleophile in a linear P-Au-alkyne centroid structure. With such a ligand, the gold(I) complex becomes highly efficient in catalyzing acid addition to alkynes, with a turnover number up to 99,000. Density functional theory calculations support the role of the amide moiety in directing the attack of carboxylic acid via hydrogen bonding. PMID:24704803

  16. A Targeted Attack For Enhancing Resiliency of Intelligent Intrusion Detection Modules in Energy Cyber Physical Systems

    Energy Technology Data Exchange (ETDEWEB)

    Youssef, Tarek [Florida Intl Univ., Miami, FL (United States); El Hariri, Mohammad [Florida Intl Univ., Miami, FL (United States); Habib, Hani [Florida Intl Univ., Miami, FL (United States); Mohammed, Osama [Florida Intl Univ., Miami, FL (United States); Harmon, E [Florida Intl Univ., Miami, FL (United States)

    2017-02-28

    Abstract— Secure high-speed communication is required to ensure proper operation of complex power grid systems and prevent malicious tampering activities. In this paper, artificial neural networks with temporal dependency are introduced for false data identification and mitigation for broadcasted IEC 61850 SMV messages. The fast responses of such intelligent modules in intrusion detection make them suitable for time- critical applications, such as protection. However, care must be taken in selecting the appropriate intelligence model and decision criteria. As such, this paper presents a customizable malware script to sniff and manipulate SMV messages and demonstrates the ability of the malware to trigger false positives in the neural network’s response. The malware developed is intended to be as a vaccine to harden the intrusion detection system against data manipulation attacks by enhancing the neural network’s ability to learn and adapt to these attacks.

  17. A Cyber-Attack Detection Model Based on Multivariate Analyses

    Science.gov (United States)

    Sakai, Yuto; Rinsaka, Koichiro; Dohi, Tadashi

    In the present paper, we propose a novel cyber-attack detection model based on two multivariate-analysis methods to the audit data observed on a host machine. The statistical techniques used here are the well-known Hayashi's quantification method IV and cluster analysis method. We quantify the observed qualitative audit event sequence via the quantification method IV, and collect similar audit event sequence in the same groups based on the cluster analysis. It is shown in simulation experiments that our model can improve the cyber-attack detection accuracy in some realistic cases where both normal and attack activities are intermingled.

  18. Improving Wojcik's eavesdropping attack on the ping-pong protocol

    International Nuclear Information System (INIS)

    Zhang Zhanjun; Man Zhongxiao; Li Yong

    2004-01-01

    The eavesdropping scheme proposed by Wojcik [Phys. Rev. Lett. 90 (2003) 157901] on the ping-pong protocol [Phys. Rev. Lett. 89 (2002) 187902] is improved by constituting a new set of attack operations. The improved scheme only induces half of the eavesdropping-induced channel loss in Wojcik's scheme, therefore, in a larger domain of the quantum channel transmission efficiency η, i.e., [0,75%], the eavesdropper Eve can attack all the transmitted bits. The improvement of the ping-pong protocol security produced by Wojcik's is also suitable for our eavesdropping attack

  19. Establishing an Effective Combat Strategy for Prevalent Cyber- Attacks

    OpenAIRE

    Vivian Ogochukwu Nwaocha; Inyiama H.C.

    2011-01-01

    As organisations continue to incorporate the Internet as a key component of their operations, the global cyber-threat level is increasing. One of the most common types of cyber-threats is known as the Distributed Denial of Service (DDoS) attack – an attack preventing users from accessing a system for a period of time. Recent DDoS attacks have left large corporate and government networks inaccessible to customers, partners and users for hours or days, resulting in significant financial, reputa...

  20. Securing SQL server protecting your database from attackers

    CERN Document Server

    Cherry, Denny

    2015-01-01

    SQL server is the most widely-used database platform in the world, and a large percentage of these databases are not properly secured, exposing sensitive customer and business data to attack. In Securing SQL Server, Third Edition, you will learn about the potential attack vectors that can be used to break into SQL server databases as well as how to protect databases from these attacks. In this book, Denny Cherry - a Microsoft SQL MVP and one of the biggest names in SQL server - will teach you how to properly secure an SQL server database from internal and external threats using best practic

  1. Cascading Denial of Service Attacks on Wi-Fi Networks

    OpenAIRE

    Xin, Liangxiao; Starobinski, David; Noubir, Guevara

    2016-01-01

    We unveil the existence of a vulnerability in Wi-Fi, which allows an adversary to remotely launch a Denial-of-Service (DoS) attack that propagates both in time and space. This vulnerability stems from a coupling effect induced by hidden nodes. Cascading DoS attacks can congest an entire network and do not require the adversary to violate any protocol. We demonstrate the feasibility of such attacks through experiments with real Wi-Fi cards, extensive ns-3 simulations, and theoretical analysis....

  2. [Therapy costs of adult patients admitting to emergency unit of a university hospital with asthma acute attack].

    Science.gov (United States)

    Serinken, Mustafa; Dursunoğlu, Neşe; Cimrin, Arif H

    2009-01-01

    In the present study, hospital costs of patients who admitted to the emergency department with asthma attack and several variables that could effect this cost were analyzed and data were collected in order to reduce economical burden of that disease was aimed. Between September 2005 and February 2007 patients with acute asthma attack, admitted to Pamukkale University Hospital Emergency Department were retrospectively evaluated. Totally 108 patients who met the inclusion criteria admitted to the emergency department with asthma acute attack. Of those 97 were women (89.8%). Forty mild, 51 moderate, 15 severe and 2 life-threatening attacks were detected. Severe and life-threatening attacks were more frequent in patients graduated from primary school compared with the other groups. Mean therapy costs of the patients who were hospitalized and treated in the emergency department were 836.60 +/- 324.30 TL (Turkish Lira) and 170.66 +/- 86.71 TL respectively. Treatment procedures consisted of 45.8% of and 38.5% hospital costs for patients treated in the emergency department and for patients hospitalized respectively. There was a statistically significant difference in the comparison of costs according to the attack severity (p= 0.0001). Education level of the patients had a significant effect on hospital costs (p= 0.025). Comorbidities were found a significant increasing factor of treatment costs (p= 0.017). There were no effects of sex, age, medical insurance or duration of asthma disease on the hospital costs. The relation between low-education level, living in the rural area and admissions with severe attacks of asthma to emergency department show the importance of treatment success with patient compliance. Positive and negative factors effecting disease control should be detected by evaluating larger populations to reduce economical burden of asthma.

  3. Ubiquitous positioning

    CERN Document Server

    Mannings, Robin

    2008-01-01

    This groundbreaking resource offers a practical, in-depth understanding of Ubiquitous Positioning - positioning systems that identify the location and position of people, vehicles and objects in time and space in the digitized networked economy. The future and growth of ubiquitous positioning will be fueled by the convergence of many other areas of technology, from mobile telematics, Internet technology, and location systems, to sensing systems, geographic information systems, and the semantic web. This first-of-its-kind volume explores ubiquitous positioning from a convergence perspective, of

  4. Survey on Ranging Sensors and Cooperative Techniques for Relative Positioning of Vehicles

    Directory of Open Access Journals (Sweden)

    Fabian de Ponte Müller

    2017-01-01

    Full Text Available Future driver assistance systems will rely on accurate, reliable and continuous knowledge on the position of other road participants, including pedestrians, bicycles and other vehicles. The usual approach to tackle this requirement is to use on-board ranging sensors inside the vehicle. Radar, laser scanners or vision-based systems are able to detect objects in their line-of-sight. In contrast to these non-cooperative ranging sensors, cooperative approaches follow a strategy in which other road participants actively support the estimation of the relative position. The limitations of on-board ranging sensors regarding their detection range and angle of view and the facility of blockage can be approached by using a cooperative approach based on vehicle-to-vehicle communication. The fusion of both, cooperative and non-cooperative strategies, seems to offer the largest benefits regarding accuracy, availability and robustness. This survey offers the reader a comprehensive review on different techniques for vehicle relative positioning. The reader will learn the important performance indicators when it comes to relative positioning of vehicles, the different technologies that are both commercially available and currently under research, their expected performance and their intrinsic limitations. Moreover, the latest research in the area of vision-based systems for vehicle detection, as well as the latest work on GNSS-based vehicle localization and vehicular communication for relative positioning of vehicles, are reviewed. The survey also includes the research work on the fusion of cooperative and non-cooperative approaches to increase the reliability and the availability.

  5. A Computationally Intelligent Approach to the Detection of Wormhole Attacks in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Mohammad Nurul Afsar Shaon

    2017-05-01

    Full Text Available A wormhole attack is one of the most critical and challenging security threats for wireless sensor networks because of its nature and ability to perform concealed malicious activities. This paper proposes an innovative wormhole detection scheme to detect wormhole attacks using computational intelligence and an artificial neural network (ANN. Most wormhole detection schemes reported in the literature assume the sensors are uniformly distributed in a network, and, furthermore, they use statistical and topological information and special hardware for their detection. However, these schemes may perform poorly in non-uniformly distributed networks, and, moreover, they may fail to defend against “out of band” and “in band” wormhole attacks. The aim of the proposed research is to develop a detection scheme that is able to detect all kinds of wormhole attacks in both uniformly and non-uniformly distributed sensor networks. Furthermore, the proposed research does not require any special hardware and causes no significant network overhead throughout the network. Most importantly, the probable location of the malicious nodes can be identified by the proposed ANN based detection scheme. We evaluate the efficacy of the proposed detection scheme in terms of detection accuracy, false positive rate, and false negative rate. The performance of the proposed algorithm is also compared with other machine learning techniques (i.e. SVM and regularized nonlinear logistic regression (LR based detection models. The simulation results show that proposed ANN based algorithm outperforms the SVM or LR based detection schemes in terms of detection accuracy, false positive rate, and false negative rates.

  6. Positioning consumption

    DEFF Research Database (Denmark)

    Halkier, Bente; Keller, Margit

    2014-01-01

    positionings emerges based on empirical examples of research in parent–children consumption. Positionings are flexible discursive fixations of the relationship between the performances of the practitioner, other practitioners, media discourse and consumption activities. The basic positioning types...... are the practice maintenance and the practice change position, with different sorts of adapting in between. Media discourse can become a resource for a resistant position against social control or for an appropriating position in favour of space for action. Regardless of the current relation to a particular media......This article analyses the ways in which media discourses become a part of contested consumption activities. We apply a positioning perspective with practice theory to focus on how practitioners relate to media discourse as a symbolic resource in their everyday practices. A typology of performance...

  7. An Annotated Review of Past Papers on Attack Graphs

    National Research Council Canada - National Science Library

    Lippmann, Richard; Ingols, K. W

    2005-01-01

    This report reviews past research papers that describe how to construct attack graphs, how to use them to improve security of computer networks, and how to use them to analyze alerts from intrusion detection systems...

  8. Controlling sulfate attack in Mississippi Department of Transportation structures.

    Science.gov (United States)

    2010-08-01

    At some construction sites in Mississippi, deterioration of concrete in contact with the surrounding soil could be related to the high sulfate content of the adjacent soils. Studies dating to 1966 have documented sulfate attack associated with specif...

  9. Counting equations in algebraic attacks on block ciphers

    DEFF Research Database (Denmark)

    Knudsen, Lars Ramkilde; Miolane, Charlotte Vikkelsø

    2010-01-01

    This paper is about counting linearly independent equations for so-called algebraic attacks on block ciphers. The basic idea behind many of these approaches, e.g., XL, is to generate a large set of equations from an initial set of equations by multiplication of existing equations by the variables...... in the system. One of the most difficult tasks is to determine the exact number of linearly independent equations one obtain in the attacks. In this paper, it is shown that by splitting the equations defined over a block cipher (an SP-network) into two sets, one can determine the exact number of linearly...... independent equations which can be generated in algebraic attacks within each of these sets of a certain degree. While this does not give us a direct formula for the success of algebraic attacks on block ciphers, it gives some interesting bounds on the number of equations one can obtain from a given block...

  10. Computer Network Attack Versus Operational Maneuver from the Sea

    National Research Council Canada - National Science Library

    Herdegen, Dale

    2000-01-01

    ...) vulnerable to computer network attack (CNA). Mission command and control can reduce the impact of the loss of command and control, but it can not overcome the vast and complex array of threats...

  11. Reducing an attack surface of an operating system

    OpenAIRE

    VALKONEN, VILLE

    2012-01-01

    Certain security choices done on the operating system level can mitigate harm done by an malicious attacker or a program. The main focus in the thesis is on open source operating systems. Asiasanat: software security, operating system security

  12. Chess therapy: A new approach to curing panic attack.

    Science.gov (United States)

    Barzegar, Kazem; Barzegar, Somayeh

    2017-12-01

    To study the effect of playing cell phone chess game on treating panic attack. The chess game on an android cell phone was played by the researcher who was affected by panic attack as a post-traumatic disorder immediately after or before feeling of the start of symptoms. The right level of difficulty, i.e., levels 2-4, was selected for optimal results. Playing chess game on the android cell phone prevented the manifestation of panic attack and led to the cure of this traumatic condition. Chess therapy with the right level of difficulty can be recommended as a very effective non-pharmaceutical method for the successful treatment of panic attacks. Copyright © 2017 Elsevier B.V. All rights reserved.

  13. Personality characteristics of victims of illegal attacks on the Internet

    Directory of Open Access Journals (Sweden)

    Safuanov F.S.

    2016-01-01

    Full Text Available The article examines the personality characteristics of victims of illegal attacks on the Internet. We used methods as follow: 16 factors Cattell personality questionnaire, subjective control level, life-style index, Buss-Perry questionnaire, Spielberger State-Trait Anxiety Inventory, a COPE inventory. 78 internet users were divided into two groups of 38 persons: the main group included people falling victim to illegal attacks on the Internet, the control group participants were not attacked on the internet. We identified specific aggregated symptoms of individual psychological characteristics of internet attack victims and show that victims of "non-forced" and "forced" offenses have different levels of situational and personal anxiety, aggression and locus of control.

  14. Biometric Authentication Systems Attacks: Liveness Detection to the ...

    African Journals Online (AJOL)

    AFRICAN JOURNALS ONLINE (AJOL) · Journals · Advanced Search · USING AJOL · RESOURCES ... access control, sensitive data protection and on-line tracking systems. ... This paper has identified such vulnerabilities and threats, particularly ... Systems, Authentication, Verification, Vulnerabilities, attacks, Threats.

  15. Warning Signs of Heart Attack, Stroke and Cardiac Arrest

    Science.gov (United States)

    ... for Heart.org CPR & ECC for Heart.org Shop for Heart.org Causes for Heart.org Advocate ... SIGNS may include breaking out in a cold sweat, nausea or lightheadedness. Learn more about heart attack ...

  16. Fusion of Heterogeneous Intrusion Detection Systems for Network Attack Detection

    Directory of Open Access Journals (Sweden)

    Jayakumar Kaliappan

    2015-01-01

    Full Text Available An intrusion detection system (IDS helps to identify different types of attacks in general, and the detection rate will be higher for some specific category of attacks. This paper is designed on the idea that each IDS is efficient in detecting a specific type of attack. In proposed Multiple IDS Unit (MIU, there are five IDS units, and each IDS follows a unique algorithm to detect attacks. The feature selection is done with the help of genetic algorithm. The selected features of the input traffic are passed on to the MIU for processing. The decision from each IDS is termed as local decision. The fusion unit inside the MIU processes all the local decisions with the help of majority voting rule and makes the final decision. The proposed system shows a very good improvement in detection rate and reduces the false alarm rate.

  17. Securing Cloud Computing from Different Attacks Using Intrusion Detection Systems

    Directory of Open Access Journals (Sweden)

    Omar Achbarou

    2017-03-01

    Full Text Available Cloud computing is a new way of integrating a set of old technologies to implement a new paradigm that creates an avenue for users to have access to shared and configurable resources through internet on-demand. This system has many common characteristics with distributed systems, hence, the cloud computing also uses the features of networking. Thus the security is the biggest issue of this system, because the services of cloud computing is based on the sharing. Thus, a cloud computing environment requires some intrusion detection systems (IDSs for protecting each machine against attacks. The aim of this work is to present a classification of attacks threatening the availability, confidentiality and integrity of cloud resources and services. Furthermore, we provide literature review of attacks related to the identified categories. Additionally, this paper also introduces related intrusion detection models to identify and prevent these types of attacks.

  18. Bound Maxima as a Traffic Feature under DDOS Flood Attacks

    Directory of Open Access Journals (Sweden)

    Jie Xue

    2012-01-01

    Full Text Available This paper gives a novel traffic feature for identifying abnormal variation of traffic under DDOS flood attacks. It is the histogram of the maxima of the bounded traffic rate on an interval-by-interval basis. We use it to experiment on the traffic data provided by MIT Lincoln Laboratory under Defense Advanced Research Projects Agency (DARPA in 1999. The experimental results profitably enhance the evidences that traffic rate under DDOS attacks is statistically higher than that of normal traffic considerably. They show that the pattern of the histogram of the maxima of bounded rate of attack-contained traffic greatly differs from that of attack-free traffic. Besides, the present traffic feature is simple in mathematics and easy to use in practice.

  19. Resilience of LTE networks against smart jamming attacks

    KAUST Repository

    Aziz, Farhan M.; Shamma, Jeff S.; Stuber, Gordon L.

    2014-01-01

    Commercial LTE networks are being studied for mission-critical applications, such as public safety and smart grid communications. In this paper, LTE networks are shown vulnerable to Denial-of-Service (DOS) and loss of service attacks from smart

  20. An efficient attack identification and risk prediction algorithm for ...

    African Journals Online (AJOL)

    The social media is highly utilized cloud for storing huge amount of data. ... However, the adversarial scenario did not design properly to maintain the privacy of the ... Information Retrieval, Security Evaluation, Efficient Attack Identification and ...

  1. Trojan-horse attacks on quantum-key-distribution systems

    International Nuclear Information System (INIS)

    Gisin, N.; Fasel, S.; Kraus, B.; Zbinden, H.; Ribordy, G.

    2006-01-01

    General Trojan-horse attacks on quantum-key-distribution systems, i.e., attacks on Alice or Bob's system via the quantum channel, are analyzed. We illustrate the power of such attacks with today's technology and conclude that all systems must implement active counter measures. In particular, all systems must include an auxiliary detector that monitors any incoming light. We show that such counter measures can be efficient, provided that enough additional privacy amplification is applied to the data. We present a practical way to reduce the maximal information gain that an adversary can gain using Trojan-horse attacks. This does reduce the security analysis of the two-way plug-and-play implementation to those of the standard one-way systems

  2. [Acute asthma attacks introduced by anesthesia before nasal endoscopic surgery].

    Science.gov (United States)

    Lü, Xiaofei; Han, Demin; Zhou, Bing; Ding, Bin

    2004-05-01

    In order to pay our attention to the perioperative treatment before nasal endoscopic surgery. Three patients with asthma accompanied chronic sinusitis were analyzed systemically, who had undergone acute attacks of asthma introduced by anesthesia. Anesthetic drugs and instruments can lead to acute attacks of asthma, because sinusitis with asthma means allergic airway inflammation, broncho-hyperreactivity and lower compensatory pulmonary function. Then all of the 3 cases had missed the preoperative treatment. Anesthetic drugs and instruments can lead to acute attacks of asthma. The perioperative treatment before nasal endoscopic surgery is very important for the prevention of the occurrences of this severe complication. Except emergency, the operation should be can celled for avoiding the acute attack of asthma introduced by anesthesia.

  3. Controlling sulfate attack in Mississippi Department of Transportation structures

    Science.gov (United States)

    2010-08-01

    At some construction sites in Mississippi, deterioration of concrete in contact with the surrounding soil could be related to the high sulfate content of the adjacent soils. Studies dating to 1966 have documented sulfate attack associated with sp...

  4. Defense Against Rocket Attacks in the Presence of False Cues

    National Research Council Canada - National Science Library

    Harari, Lior

    2008-01-01

    Rocket attacks on civilian and military targets, from both Hezbollah (South Lebanon) and Hamas (Gaza strip) have been causing a major operational problem for the Israeli Defense Force for over two decades...

  5. Lowering virus attack with improved yield and fiber quality in ...

    African Journals Online (AJOL)

    Jane

    2011-07-25

    Jul 25, 2011 ... genotypes on seed cotton yield, fiber quality and virus attack was conducted at the Cotton Research ... even more vital than sowing time in any cropping system for cotton ... theless, minimum information is available regarding.

  6. Distributed Secure Coordinated Control for Multiagent Systems Under Strategic Attacks.

    Science.gov (United States)

    Feng, Zhi; Wen, Guanghui; Hu, Guoqiang

    2017-05-01

    This paper studies a distributed secure consensus tracking control problem for multiagent systems subject to strategic cyber attacks modeled by a random Markov process. A hybrid stochastic secure control framework is established for designing a distributed secure control law such that mean-square exponential consensus tracking is achieved. A connectivity restoration mechanism is considered and the properties on attack frequency and attack length rate are investigated, respectively. Based on the solutions of an algebraic Riccati equation and an algebraic Riccati inequality, a procedure to select the control gains is provided and stability analysis is studied by using Lyapunov's method.. The effect of strategic attacks on discrete-time systems is also investigated. Finally, numerical examples are provided to illustrate the effectiveness of theoretical analysis.

  7. Anti-discrimination Analysis Using Privacy Attack Strategies

    KAUST Repository

    Ruggieri, Salvatore; Hajian, Sara; Kamiran, Faisal; Zhang, Xiangliang

    2014-01-01

    Social discrimination discovery from data is an important task to identify illegal and unethical discriminatory patterns towards protected-by-law groups, e.g., ethnic minorities. We deploy privacy attack strategies as tools for discrimination

  8. After-gate attack on a quantum cryptosystem

    International Nuclear Information System (INIS)

    Wiechers, C; Wittmann, C; Elser, D; Marquardt, Ch; Leuchs, G; Lydersen, L; Skaar, J; Makarov, V

    2011-01-01

    We present a method to control the detection events in quantum key distribution systems that use gated single-photon detectors. We employ bright pulses as faked states, timed to arrive at the avalanche photodiodes outside the activation time. The attack can remain unnoticed, since the faked states do not increase the error rate per se. This allows for an intercept-resend attack, where an eavesdropper transfers her detection events to the legitimate receiver without causing any errors. As a side effect, afterpulses, originating from accumulated charge carriers in the detectors, increase the error rate. We have experimentally tested detectors of the system id3110 (Clavis2) from ID Quantique. We identify the parameter regime in which the attack is feasible despite the side effect. Furthermore, we outline how simple modifications in the implementation can make the device immune to this attack.

  9. Attacks on Mobile Devices Using Wi-Fi Technology

    Directory of Open Access Journals (Sweden)

    A. A. Sheptunov

    2012-09-01

    Full Text Available The article presents an overview of wireless technology Wi-Fi, as well as its vulnerabilities. Examples of attacks that exploit these vulnerabilities are provided. The methods of protection against such threats are suggested.

  10. Game Theoretic Solutions to Cyber Attack and Network Defense Problems

    National Research Council Canada - National Science Library

    Shen, Dan; Chen, Genshe; Cruz, Jr., , Jose B; Blasch, Erik; Kruger, Martin

    2007-01-01

    .... The protection and defense against cyber attacks to computer network is becoming inadequate as the hacker knowledge sophisticates and as the network and each computer system become more complex...

  11. An ontological knowledge base for cyber network attack planning

    CSIR Research Space (South Africa)

    Chan, P

    2015-03-01

    Full Text Available In modern warfare it is no longer sufficient to only focus on physical attacks and counter-measures; the threat against cyber networks is becoming increasingly significant. Modern military forces have to provide counter measures against...

  12. Computer Attack and Cyberterrorism: Vulnerabilities and Policy Issues for Congress

    National Research Council Canada - National Science Library

    Wilson, Clay

    2005-01-01

    Many international terrorist groups now actively use computers and the Internet to communicate, and several may develop or acquire the necessary technical skills to direct a coordinated attack against...

  13. VTAC: virtual terrain assisted impact assessment for cyber attacks

    Science.gov (United States)

    Argauer, Brian J.; Yang, Shanchieh J.

    2008-03-01

    Overwhelming intrusion alerts have made timely response to network security breaches a difficult task. Correlating alerts to produce a higher level view of intrusion state of a network, thus, becomes an essential element in network defense. This work proposes to analyze correlated or grouped alerts and determine their 'impact' to services and users of the network. A network is modeled as 'virtual terrain' where cyber attacks maneuver. Overlaying correlated attack tracks on virtual terrain exhibits the vulnerabilities exploited by each track and the relationships between them and different network entities. The proposed impact assessment algorithm utilizes the graph-based virtual terrain model and combines assessments of damages caused by the attacks. The combined impact scores allow to identify severely damaged network services and affected users. Several scenarios are examined to demonstrate the uses of the proposed Virtual Terrain Assisted Impact Assessment for Cyber Attacks (VTAC).

  14. Countermeasures Against Blinding Attack on Superconducting Nanowire Detectors for QKD

    Directory of Open Access Journals (Sweden)

    Elezov M.S.

    2015-01-01

    Full Text Available Nowadays, the superconducting single-photon detectors (SSPDs are used in Quantum Key Distribution (QKD instead of single-photon avalanche photodiodes. Recently bright-light control of the SSPD has been demonstrated. This attack employed a “backdoor” in the detector biasing technique. We developed the autoreset system which returns the SSPD to superconducting state when it is latched. We investigate latched state of the SSPD and define limit conditions for effective blinding attack. Peculiarity of the blinding attack is a long nonsingle photon response of the SSPD. It is much longer than usual single photon response. Besides, we need follow up response duration of the SSPD. These countermeasures allow us to prevent blind attack on SSPDs for Quantum Key Distribution.

  15. Detection System of HTTP DDoS Attacks in a Cloud Environment Based on Information Theoretic Entropy and Random Forest

    Directory of Open Access Journals (Sweden)

    Mohamed Idhammad

    2018-01-01

    Full Text Available Cloud Computing services are often delivered through HTTP protocol. This facilitates access to services and reduces costs for both providers and end-users. However, this increases the vulnerabilities of the Cloud services face to HTTP DDoS attacks. HTTP request methods are often used to address web servers’ vulnerabilities and create multiple scenarios of HTTP DDoS attack such as Low and Slow or Flooding attacks. Existing HTTP DDoS detection systems are challenged by the big amounts of network traffic generated by these attacks, low detection accuracy, and high false positive rates. In this paper we present a detection system of HTTP DDoS attacks in a Cloud environment based on Information Theoretic Entropy and Random Forest ensemble learning algorithm. A time-based sliding window algorithm is used to estimate the entropy of the network header features of the incoming network traffic. When the estimated entropy exceeds its normal range the preprocessing and the classification tasks are triggered. To assess the proposed approach various experiments were performed on the CIDDS-001 public dataset. The proposed approach achieves satisfactory results with an accuracy of 99.54%, a FPR of 0.4%, and a running time of 18.5s.

  16. Security solution against denial of service attacks in BESIP system

    Science.gov (United States)

    Rezac, Filip; Voznak, Miroslav; Safarik, Jakub; Partila, Pavol; Tomala, Karel

    2013-05-01

    This article deals about embedded SIP communication server with an easy integration into the computer network based on open source solutions and its effective defense against the most frequent attack in the present - Denial of Service. The article contains brief introduction into the Bright Embedded Solution for IP Telephony - BESIP and describes the most common types of DoS attacks, which are applied on SIP elements of the VoIP infrastructure including the results of defensive mechanism that has been designed.

  17. Three cases giant panda attack on human at Beijing Zoo

    OpenAIRE

    Zhang, Peixun; Wang, Tianbing; Xiong, Jian; Xue, Feng; Xu, Hailin; Chen, Jianhai; Zhang, Dianying; Fu, Zhongguo; Jiang, Baoguo

    2014-01-01

    Panda is regarded as Chinese national treasure. Most people always thought they were cute and just ate bamboo and had never imagined a panda could be vicious. Giant panda attacks on human are rare. There, we present three cases of giant panda attacks on humans at the Panda House at Beijing Zoo from September 2006 to June 2009 to warn people of the giant panda’s potentially dangerous behavior.

  18. Three cases giant panda attack on human at Beijing Zoo.

    Science.gov (United States)

    Zhang, Peixun; Wang, Tianbing; Xiong, Jian; Xue, Feng; Xu, Hailin; Chen, Jianhai; Zhang, Dianying; Fu, Zhongguo; Jiang, Baoguo

    2014-01-01

    Panda is regarded as Chinese national treasure. Most people always thought they were cute and just ate bamboo and had never imagined a panda could be vicious. Giant panda attacks on human are rare. There, we present three cases of giant panda attacks on humans at the Panda House at Beijing Zoo from September 2006 to June 2009 to warn people of the giant panda's potentially dangerous behavior.

  19. Simulating Cyber-Attacks for Fun and Profit

    OpenAIRE

    Futoransky, Ariel; Miranda, Fernando; Orlicki, Jose; Sarraute, Carlos

    2010-01-01

    We introduce a new simulation platform called Insight, created to design and simulate cyber-attacks against large arbitrary target scenarios. Insight has surprisingly low hardware and configuration requirements, while making the simulation a realistic experience from the attacker's standpoint. The scenarios include a crowd of simulated actors: network devices, hardware devices, software applications, protocols, users, etc. A novel characteristic of this tool is to simulate vulnerabilities (in...

  20. Mass casualty response in the 2008 Mumbai terrorist attacks.

    Science.gov (United States)

    Roy, Nobhojit; Kapil, Vikas; Subbarao, Italo; Ashkenazi, Isaac

    2011-12-01

    The November 26-29, 2008, terrorist attacks on Mumbai were unique in its international media attention, multiple strategies of attack, and the disproportionate national fear they triggered. Everyone was a target: random members of the general population, iconic targets, and foreigners alike were under attack by the terrorists. A retrospective, descriptive study of the distribution of terror victims to various city hospitals, critical radius, surge capacity, and the nature of specialized medical interventions was gathered through police, legal reports, and interviews with key informants. Among the 172 killed and 304 injured people, about four-fifths were men (average age, 33 years) and 12% were foreign nationals. The case-fatality ratio for this event was 2.75:1, and the mortality rate among those who were critically injured was 12%. A total of 38.5% of patients arriving at the hospitals required major surgical intervention. Emergency surgical operations were mainly orthopedic (external fixation for compound fractures) and general surgical interventions (abdominal explorations for penetrating bullet/shrapnel injuries). The use of heavy-duty automatic weapons, explosives, hostages, and arson in these terrorist attacks alerts us to new challenges to medical counterterrorism response. The need for building central medical control for a coordinated response and for strengthening public hospital capacity are lessons learned for future attacks. These particular terrorist attacks had global consequences, in terms of increased security checks and alerts for and fears of further similar "Mumbai-style" attacks. The resilience of the citizens of Mumbai is a critical measure of the long-term effects of terror attacks.

  1. Successful attack on permutation-parity-machine-based neural cryptography.

    Science.gov (United States)

    Seoane, Luís F; Ruttor, Andreas

    2012-02-01

    An algorithm is presented which implements a probabilistic attack on the key-exchange protocol based on permutation parity machines. Instead of imitating the synchronization of the communicating partners, the strategy consists of a Monte Carlo method to sample the space of possible weights during inner rounds and an analytic approach to convey the extracted information from one outer round to the next one. The results show that the protocol under attack fails to synchronize faster than an eavesdropper using this algorithm.

  2. Patrol Detection for Replica Attacks on Wireless Sensor Networks

    OpenAIRE

    Wang, Liang-Min; Shi, Yang

    2011-01-01

    Replica attack is a critical concern in the security of wireless sensor networks. We employ mobile nodes as patrollers to detect replicas distributed in different zones in a network, in which a basic patrol detection protocol and two detection algorithms for stationary and mobile modes are presented. Then we perform security analysis to discuss the defense strategies against the possible attacks on the proposed detection protocol. Moreover, we show the advantages of the proposed protocol by d...

  3. Developing a Proportionate Response to a Cyber Attack

    OpenAIRE

    Limnéll, Jarno

    2016-01-01

    The debate on both the impacts of cyber attacks and how to response to attacks is active but precedents are only a few. Strategies and political speeches are always (at least partially) declaratory and vague by nature, and beyond these declarations the practical reality of cyber security as a matter of national security issue is challenging. At the same time cyber issues have catapulted into the highest of the high politics, cyberpolitics, and the line of digital and physical is blurring in m...

  4. AMC Model for Denial of Sleep Attack Detection

    OpenAIRE

    Bhattasali, Tapalina; Chaki, Rituparna

    2012-01-01

    Due to deployment in hostile environment, wireless sensor network is vulnerable to various attacks. Exhausted sensor nodes in sensor network become a challenging issue because it disrupts the normal connectivity of the network. Affected nodes give rise to denial of service that resists to get the objective of sensor network in real life. A mathematical model based on Absorbing Markov Chain (AMC)is proposed for Denial of Sleep attack detection in sensor network. In this mechanism, whether sens...

  5. WAIS differences between murderers and attackers referred for evaluation.

    Science.gov (United States)

    Wagner, E E; Klein, I

    1977-02-01

    12 first and second degree murderers were matched on sex and age with subjects who had perpetrated aggressive interpersonal attacks short of homicide. Both groups had been referred for psychological testing by courts and social agencies. A substantial and significant difference in IQ was found in favor of the attackers over the murderers. Results were interpreted as lending credence to the hypothesis that differences in IQ exist among important sub-populations of murderers.

  6. British media attacks on homeopathy: are they justified?

    Science.gov (United States)

    Vithoulkas, George

    2008-04-01

    Homeopathy is being attacked by the British media. These attacks draw support from irresponsible and unjustified claims by certain teachers of homeopathy. Such claims include the use of 'dream' and 'imaginative' methods for provings. For prescribing some such teachers attempt to replace the laborious process of matching symptom picture and remedy with spurious theories based on 'signatures', sensations and other methods. Other irresponsible claims have also been made. These "new ideas" risk destroying the principles, theory, and practice of homeopathy.

  7. Developing Simulated Cyber Attack Scenarios Against Virtualized Adversary Networks

    Science.gov (United States)

    2017-03-01

    enclave, as shown in Figure 11, is a common design for many secure networks. Different variations of a cyber-attack scenario can be rehearsed based...achieved a greater degree of success against multiple variations of an enemy network. E. ATTACK TYPES A primary goal of this thesis is to define and...2013. [33] R. Goldberg , “Architectural principles for virtual computer systems,” Ph.D. dissertation, Dept. of Comp. Sci., Harvard Univ., Cambridge

  8. On Node Replication Attack in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Mumtaz Qabulio

    2016-04-01

    Full Text Available WSNs (Wireless Sensor Networks comprise a large number of small, inexpensive, low power and memory constrained sensing devices (called sensor nodes that are densely deployed to measure a given physical phenomenon. Since WSNs are commonly deployed in a hostile and unattended environment, it is easy for an adversary to physically capture one or more legitimate sensor nodes, re-program and redeploy them in the network. As a result, the adversary becomes able to deploy several identical copies of physically captured nodes in the network in order to perform illegitimate activities. This type of attack is referred to as Node Replication Attack or Clone Node Attack. By launching node replication attack, an adversary can easily get control on the network which consequently is the biggest threat to confidentiality, integrity and availability of data and services. Thus, detection and prevention of node replication attack in WSNs has become an active area of research and to date more than two dozen schemes have been proposed, which address this issue. In this paper, we present a comprehensive review, classification and comparative analysis of twenty five of these schemes which help to detect and/or prevent node replication attack in WSNs

  9. Understanding public confidence in government to prevent terrorist attacks.

    Energy Technology Data Exchange (ETDEWEB)

    Baldwin, T. E.; Ramaprasad, A,; Samsa, M. E.; Decision and Information Sciences; Univ. of Illinois at Chicago

    2008-04-02

    A primary goal of terrorism is to instill a sense of fear and vulnerability in a population and to erode its confidence in government and law enforcement agencies to protect citizens against future attacks. In recognition of its importance, the Department of Homeland Security includes public confidence as one of the principal metrics used to assess the consequences of terrorist attacks. Hence, a detailed understanding of the variations in public confidence among individuals, terrorist event types, and as a function of time is critical to developing this metric. In this exploratory study, a questionnaire was designed, tested, and administered to small groups of individuals to measure public confidence in the ability of federal, state, and local governments and their public safety agencies to prevent acts of terrorism. Data was collected from three groups before and after they watched mock television news broadcasts portraying a smallpox attack, a series of suicide bomber attacks, a refinery explosion attack, and cyber intrusions on financial institutions, resulting in identity theft. Our findings are: (a) although the aggregate confidence level is low, there are optimists and pessimists; (b) the subjects are discriminating in interpreting the nature of a terrorist attack, the time horizon, and its impact; (c) confidence recovery after a terrorist event has an incubation period; and (d) the patterns of recovery of confidence of the optimists and the pessimists are different. These findings can affect the strategy and policies to manage public confidence after a terrorist event.

  10. Blood flow velocity in migraine attacks - a transcranial Doppler study

    International Nuclear Information System (INIS)

    Zwetsloot, C.P.; Caekebeke, J.F.V.; Jansen, J.C.; Odink, J.; Ferrari, M.D.

    1991-01-01

    A pulsed Doppler device was used to measure blood flow velocities in the common carotid artery, the extracranial part of the internal carotid artery, the external carotid artery, the middle cerebral artery, and the anterior cerebral artery in 31 migraneurs without aura (n=27) and with aura (n=4), both during and ouside an attack. The aims were to compare blood flow velocity during and between migraine attacks and to study asymmetries of the blood flow velocity. Compared with blood flow velocity values obtained in the attack-free interval, blood flow velocity was lower during attacks without aura in both common carotid arteries, but not in the other extra- and intracranial vessels which were examined. However, during attacks of migraine with aura, blood flow velocity tended to be lower in all examined vessels. There were no asymmetries of the blood flow velocity. It is suggested that during migraine attacks without aura there is a dissociation in blood flow regulation in the common carotid and middle cerebral arteries. 20 refs., 2 tabs

  11. Modeling attacker-defender interactions in information networks.

    Energy Technology Data Exchange (ETDEWEB)

    Collins, Michael Joseph

    2010-09-01

    The simplest conceptual model of cybersecurity implicitly views attackers and defenders as acting in isolation from one another: an attacker seeks to penetrate or disrupt a system that has been protected to a given level, while a defender attempts to thwart particular attacks. Such a model also views all non-malicious parties as having the same goal of preventing all attacks. But in fact, attackers and defenders are interacting parts of the same system, and different defenders have their own individual interests: defenders may be willing to accept some risk of successful attack if the cost of defense is too high. We have used game theory to develop models of how non-cooperative but non-malicious players in a network interact when there is a substantial cost associated with effective defensive measures. Although game theory has been applied in this area before, we have introduced some novel aspects of player behavior in our work, including: (1) A model of how players attempt to avoid the costs of defense and force others to assume these costs; (2) A model of how players interact when the cost of defending one node can be shared by other nodes; and (3) A model of the incentives for a defender to choose less expensive, but less effective, defensive actions.

  12. On node replication attack in wireless sensor networks

    International Nuclear Information System (INIS)

    Qabulio, M.; Malkani, Y.A.

    2015-01-01

    WSNs (Wireless Sensor Networks) comprise a large number of small, inexpensive, low power and memory constrained sensing devices (called sensor nodes) that are densely deployed to measure a given physical phenomenon. Since WSNs are commonly deployed in a hostile and unattended environment, it is easy for an adversary to physically capture one or more legitimate sensor nodes, re-program and redeploy them in the network. As a result, the adversary becomes able to deploy several identical copies of physically captured nodes in the network in order to perform illegitimate activities. This type of attack is referred to as Node Replication Attack or Clone Node Attack. By launching node replication attack, an adversary can easily get control on the network which consequently is the biggest threat to confidentiality, integrity and availability of data and services. Thus, detection and prevention of node replication attack in WSNs has become an active area of research and to date more than two dozen schemes have been proposed, which address this issue. In this paper, we present a comprehensive review, classification and comparative analysis of twenty five of these schemes which help to detect and/or prevent node replication attack in WSNs. (author)

  13. Attacker-defender game from a network science perspective

    Science.gov (United States)

    Li, Ya-Peng; Tan, Suo-Yi; Deng, Ye; Wu, Jun

    2018-05-01

    Dealing with the protection of critical infrastructures, many game-theoretic methods have been developed to study the strategic interactions between defenders and attackers. However, most game models ignore the interrelationship between different components within a certain system. In this paper, we propose a simultaneous-move attacker-defender game model, which is a two-player zero-sum static game with complete information. The strategies and payoffs of this game are defined on the basis of the topology structure of the infrastructure system, which is represented by a complex network. Due to the complexity of strategies, the attack and defense strategies are confined by two typical strategies, namely, targeted strategy and random strategy. The simulation results indicate that in a scale-free network, the attacker virtually always attacks randomly in the Nash equilibrium. With a small cost-sensitive parameter, representing the degree to which costs increase with the importance of a target, the defender protects the hub targets with large degrees preferentially. When the cost-sensitive parameter exceeds a threshold, the defender switches to protecting nodes randomly. Our work provides a new theoretical framework to analyze the confrontations between the attacker and the defender on critical infrastructures and deserves further study.

  14. Human behaviour can trigger large carnivore attacks in developed countries.

    Science.gov (United States)

    Penteriani, Vincenzo; Delgado, María del Mar; Pinchera, Francesco; Naves, Javier; Fernández-Gil, Alberto; Kojola, Ilpo; Härkönen, Sauli; Norberg, Harri; Frank, Jens; Fedriani, José María; Sahlén, Veronica; Støen, Ole-Gunnar; Swenson, Jon E; Wabakken, Petter; Pellegrini, Mario; Herrero, Stephen; López-Bao, José Vicente

    2016-02-03

    The media and scientific literature are increasingly reporting an escalation of large carnivore attacks on humans in North America and Europe. Although rare compared to human fatalities by other wildlife, the media often overplay large carnivore attacks on humans, causing increased fear and negative attitudes towards coexisting with and conserving these species. Although large carnivore populations are generally increasing in developed countries, increased numbers are not solely responsible for the observed rise in the number of attacks by large carnivores. Here we show that an increasing number of people are involved in outdoor activities and, when doing so, some people engage in risk-enhancing behaviour that can increase the probability of a risky encounter and a potential attack. About half of the well-documented reported attacks have involved risk-enhancing human behaviours, the most common of which is leaving children unattended. Our study provides unique insight into the causes, and as a result the prevention, of large carnivore attacks on people. Prevention and information that can encourage appropriate human behaviour when sharing the landscape with large carnivores are of paramount importance to reduce both potentially fatal human-carnivore encounters and their consequences to large carnivores.

  15. Blood flow velocity in migraine attacks - a transcranial Doppler study

    Energy Technology Data Exchange (ETDEWEB)

    Zwetsloot, C.P.; Caekebeke, J.F.V.; Jansen, J.C.; Odink, J.; Ferrari, M.D. (Rijksuniversiteit Leiden (Netherlands))

    1991-05-01

    A pulsed Doppler device was used to measure blood flow velocities in the common carotid artery, the extracranial part of the internal carotid artery, the external carotid artery, the middle cerebral artery, and the anterior cerebral artery in 31 migraneurs without aura (n=27) and with aura (n=4), both during and ouside an attack. The aims were to compare blood flow velocity during and between migraine attacks and to study asymmetries of the blood flow velocity. Compared with blood flow velocity values obtained in the attack-free interval, blood flow velocity was lower during attacks without aura in both common carotid arteries, but not in the other extra- and intracranial vessels which were examined. However, during attacks of migraine with aura, blood flow velocity tended to be lower in all examined vessels. There were no asymmetries of the blood flow velocity. It is suggested that during migraine attacks without aura there is a dissociation in blood flow regulation in the common carotid and middle cerebral arteries. 20 refs., 2 tabs.

  16. Vulnerability of water supply systems to cyber-physical attacks

    Science.gov (United States)

    Galelli, Stefano; Taormina, Riccardo; Tippenhauer, Nils; Salomons, Elad; Ostfeld, Avi

    2016-04-01

    The adoption of smart meters, distributed sensor networks and industrial control systems has largely improved the level of service provided by modern water supply systems. Yet, the progressive computerization exposes these critical infrastructures to cyber-physical attacks, which are generally aimed at stealing critical information (cyber-espionage) or causing service disruption (denial-of-service). Recent statistics show that water and power utilities are undergoing frequent attacks - such as the December power outage in Ukraine - , attracting the interest of operators and security agencies. Taking the security of Water Distribution Networks (WDNs) as domain of study, our work seeks to characterize the vulnerability of WDNs to cyber-physical attacks, so as to conceive adequate defense mechanisms. We extend the functionality of EPANET, which models hydraulic and water quality processes in pressurized pipe networks, to include a cyber layer vulnerable to repeated attacks. Simulation results on a medium-scale network show that several hydraulic actuators (valves and pumps, for example) can be easily attacked, causing both service disruption - i.e., water spillage and loss of pressure - and structural damages - e.g., pipes burst. Our work highlights the need for adequate countermeasures, such as attacks detection and reactive control systems.

  17. Modeling cascading failures in interdependent infrastructures under terrorist attacks

    International Nuclear Information System (INIS)

    Wu, Baichao; Tang, Aiping; Wu, Jie

    2016-01-01

    An attack strength degradation model has been introduced to further capture the interdependencies among infrastructures and model cascading failures across infrastructures when terrorist attacks occur. A medium-sized energy system including oil network and power network is selected for exploring the vulnerabilities from independent networks to interdependent networks, considering the structural vulnerability and the functional vulnerability. Two types of interdependencies among critical infrastructures are involved in this paper: physical interdependencies and geographical interdependencies, shown by tunable parameters based on the probabilities of failures of nodes in the networks. In this paper, a tolerance parameter α is used to evaluation of the overloads of the substations based on power flow redistribution in power transmission systems under the attack. The results of simulation show that the independent networks or interdependent networks will be collapsed when only a small fraction of nodes are attacked under the attack strength degradation model, especially for the interdependent networks. The methodology introduced in this paper with physical interdependencies and geographical interdependencies involved in can be applied to analyze the vulnerability of the interdependent infrastructures further, and provides the insights of vulnerability of interdependent infrastructures to mitigation actions for critical infrastructure protections. - Highlights: • An attack strength degradation model based on the specified locations has been introduced. • Interdependencies considering both physical and geographical have been analyzed. • The structural vulnerability and the functional vulnerability have been considered.

  18. Risk Due to Radiological Terror Attacks With Natural Radionuclides

    Science.gov (United States)

    Friedrich, Steinhäusler; Stan, Rydell; Lyudmila, Zaitseva

    2008-08-01

    The naturally occurring radionuclides radium (Ra-226) and polonium (Po-210) have the potential to be used for criminal acts. Analysis of international incident data contained in the Database on Nuclear Smuggling, Theft and Orphan Radiation Sources (CSTO), operated at the University of Salzburg, shows that several acts of murder and terrorism with natural radionuclides have already been carried out in Europe and Russia. Five different modes of attack (T) are possible: (1) Covert irradiation of an individual in order to deliver a high individual dose; (2) Covert irradiation of a group of persons delivering a large collective dose; (3) Contamination of food or drink; (4) Generation of radioactive aerosols or solutions; (5) Combination of Ra-226 with conventional explosives (Dirty Bomb). This paper assesses the risk (R) of such criminal acts in terms of: (a) Probability of terrorist motivation deploying a certain attack mode T; (b) Probability of success by the terrorists for the selected attack mode T; (c) Primary damage consequence (C) to the attacked target (activity, dose); (d) Secondary damage consequence (C') to the attacked target (psychological and socio-economic effects); (e) Probability that the consequences (C, C') cannot be brought under control, resulting in a failure to manage successfully the emergency situation due to logistical and/or technical deficits in implementing adequate countermeasures. Extensive computer modelling is used to determine the potential impact of such a criminal attack on directly affected victims and on the environment.

  19. Impact modeling and prediction of attacks on cyber targets

    Science.gov (United States)

    Khalili, Aram; Michalk, Brian; Alford, Lee; Henney, Chris; Gilbert, Logan

    2010-04-01

    In most organizations, IT (information technology) infrastructure exists to support the organization's mission. The threat of cyber attacks poses risks to this mission. Current network security research focuses on the threat of cyber attacks to the organization's IT infrastructure; however, the risks to the overall mission are rarely analyzed or formalized. This connection of IT infrastructure to the organization's mission is often neglected or carried out ad-hoc. Our work bridges this gap and introduces analyses and formalisms to help organizations understand the mission risks they face from cyber attacks. Modeling an organization's mission vulnerability to cyber attacks requires a description of the IT infrastructure (network model), the organization mission (business model), and how the mission relies on IT resources (correlation model). With this information, proper analysis can show which cyber resources are of tactical importance in a cyber attack, i.e., controlling them enables a large range of cyber attacks. Such analysis also reveals which IT resources contribute most to the organization's mission, i.e., lack of control over them gravely affects the mission. These results can then be used to formulate IT security strategies and explore their trade-offs, which leads to better incident response. This paper presents our methodology for encoding IT infrastructure, organization mission and correlations, our analysis framework, as well as initial experimental results and conclusions.

  20. Risk Due to Radiological Terror Attacks With Natural Radionuclides

    International Nuclear Information System (INIS)

    Friedrich, Steinhaeusler; Lyudmila, Zaitseva; Stan, Rydell

    2008-01-01

    The naturally occurring radionuclides radium (Ra-226) and polonium (Po-210) have the potential to be used for criminal acts. Analysis of international incident data contained in the Database on Nuclear Smuggling, Theft and Orphan Radiation Sources (CSTO), operated at the University of Salzburg, shows that several acts of murder and terrorism with natural radionuclides have already been carried out in Europe and Russia. Five different modes of attack (T) are possible: (1) Covert irradiation of an individual in order to deliver a high individual dose; (2) Covert irradiation of a group of persons delivering a large collective dose; (3) Contamination of food or drink; (4) Generation of radioactive aerosols or solutions; (5) Combination of Ra-226 with conventional explosives (Dirty Bomb).This paper assesses the risk (R) of such criminal acts in terms of: (a) Probability of terrorist motivation deploying a certain attack mode T; (b) Probability of success by the terrorists for the selected attack mode T; (c) Primary damage consequence (C) to the attacked target (activity, dose); (d) Secondary damage consequence (C') to the attacked target (psychological and socio-economic effects); (e) Probability that the consequences (C, C') cannot be brought under control, resulting in a failure to manage successfully the emergency situation due to logistical and/or technical deficits in implementing adequate countermeasures. Extensive computer modelling is used to determine the potential impact of such a criminal attack on directly affected victims and on the environment

  1. Security Measurement for Unknown Threats Based on Attack Preferences

    Directory of Open Access Journals (Sweden)

    Lihua Yin

    2018-01-01

    Full Text Available Security measurement matters to every stakeholder in network security. It provides security practitioners the exact security awareness. However, most of the works are not applicable to the unknown threat. What is more, existing efforts on security metric mainly focus on the ease of certain attack from a theoretical point of view, ignoring the “likelihood of exploitation.” To help administrator have a better understanding, we analyze the behavior of attackers who exploit the zero-day vulnerabilities and predict their attack timing. Based on the prediction, we propose a method of security measurement. In detail, we compute the optimal attack timing from the perspective of attacker, using a long-term game to estimate the risk of being found and then choose the optimal timing based on the risk and profit. We design a learning strategy to model the information sharing mechanism among multiattackers and use spatial structure to model the long-term process. After calculating the Nash equilibrium for each subgame, we consider the likelihood of being attacked for each node as the security metric result. The experiment results show the efficiency of our approach.

  2. Attack methodology Analysis: SQL Injection Attacks and Their Applicability to Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Bri Rolston

    2005-09-01

    Database applications have become a core component in control systems and their associated record keeping utilities. Traditional security models attempt to secure systems by isolating core software components and concentrating security efforts against threats specific to those computers or software components. Database security within control systems follows these models by using generally independent systems that rely on one another for proper functionality. The high level of reliance between the two systems creates an expanded threat surface. To understand the scope of a threat surface, all segments of the control system, with an emphasis on entry points, must be examined. The communication link between data and decision layers is the primary attack surface for SQL injection. This paper facilitates understanding what SQL injection is and why it is a significant threat to control system environments.

  3. A Strategic Analysis of Information Sharing Among Cyber Attackers

    Directory of Open Access Journals (Sweden)

    Kjell Hausken

    2015-10-01

    Full Text Available We build a game theory model where the market design is such that one firm invests in security to defend against cyber attacks by two hackers. The firm has an asset, which is allocated between the three market participants dependent on their contest success. Each hacker chooses an optimal attack, and they share information with each other about the firm’s vulnerabilities. Each hacker prefers to receive information, but delivering information gives competitive advantage to the other hacker. We find that each hacker’s attack and information sharing are strategic complements while one hacker’s attack and the other hacker’s information sharing are strategic substitutes. As the firm’s unit defense cost increases, the attack is inverse U-shaped and reaches zero, while the firm’s defense and profit decrease, and the hackers’ information sharing and profit increase. The firm’s profit increases in the hackers’ unit cost of attack, while the hackers’ information sharing and profit decrease. Our analysis also reveals the interesting result that the cumulative attack level of the hackers is not affected by the effectiveness of information sharing between them and moreover, is also unaffected by the intensity of joint information sharing. We also find that as the effectiveness of information sharing between hackers increases relative to the investment in attack, the firm’s investment in cyber security defense and profit are constant, the hackers’ investments in attacks decrease, and information sharing levels and hacker profits increase. In contrast, as the intensity of joint information sharing increases, while the firm’s investment in cyber security defense and profit remain constant, the hackers’ investments in attacks increase, and the hackers’ information sharing levels and profits decrease. Increasing the firm’s asset causes all the variables to increase linearly, except information sharing which is constant. We extend

  4. Probabilistic interpretation of command and control signals: Bayesian updating of the probability of nuclear attack

    International Nuclear Information System (INIS)

    Pate-Cornell, M.Elisabeth; Fischbeck, Paul S.

    1995-01-01

    A warning system such as the Command, Control, Communication, and Intelligence system (C 3 I) for the United States nuclear forces operates on the basis of various sources of information among which are signals from sensors. A fundamental problem in the use of such signals is that these sensors provide only imperfect information. Bayesian probability, defined as a degree of belief in the possibility of each event, is therefore a key concept in the logical treatment of the signals. However, the base of evidence for estimation of these probabilities may be small and, therefore, the results of the updating (posterior probabilities of attack) may also be uncertain. In this paper, we examine the case where uncertainties hinge upon the existence of several possible underlying hypotheses (or models), and where the decision-maker attributes a different probability of attack to each of these fundamental hypotheses. We present a two-stage Bayesian updating process, first of the probabilities of the fundamental hypotheses, then of the probabilities of attack conditional on each hypothesis, given a positive signal from the C 3 I. We illustrate the method in the discrete case where there are only two possible fundamental hypotheses, and in the case of a continuous set of hypotheses. We discuss briefly the implications of the results for decision-making. The method can be generalized to other warning systems with imperfect signals, when the prior probability of the event of interest is uncertain

  5. Cultural Explanations of Sleep Paralysis in Italy: The Pandafeche Attack and Associated Supernatural Beliefs.

    Science.gov (United States)

    Jalal, Baland; Romanelli, Andrea; Hinton, Devon E

    2015-12-01

    The current study examines cultural explanations regarding sleep paralysis (SP) in Italy. The study explores (1) whether the phenomenology of SP generates culturally specific interpretations and causal explanations and (2) what are the beliefs and local traditions associated with such cultural explanations. The participants were Italian nationals from the general population (n = 68) recruited in the region of Abruzzo, Italy. All participants had experienced at least one lifetime episode of SP. The sleep paralysis experiences and phenomenology questionnaire were orally administered to participants. We found a multilayered cultural interpretation of SP, namely the Pandafeche attack, associated with various supernatural beliefs. Thirty-eight percent of participants believed that this supernatural being, the Pandafeche-often referred to as an evil witch, sometimes as a ghost-like spirit or a terrifying humanoid cat-might have caused their SP. Twenty-four percent of all participants sensed the Pandafeche was present during their SP. Strategies to prevent Pandafeche attack included sleeping in supine position, placing a broom by the bedroom door, or putting a pile of sand by the bed. Case studies are presented to illustrate the study findings. The Pandafeche attack thus constitutes a culturally specific, supernatural interpretation of the phenomenology of SP in the Abruzzo region of Italy.

  6. Importance of resin ducts in reducing ponderosa pine mortality from bark beetle attack.

    Science.gov (United States)

    Kane, Jeffrey M; Kolb, Thomas E

    2010-11-01

    The relative importance of growth and defense to tree mortality during drought and bark beetle attacks is poorly understood. We addressed this issue by comparing growth and defense characteristics between 25 pairs of ponderosa pine (Pinus ponderosa) trees that survived and trees that died from drought-associated bark beetle attacks in forests of northern Arizona, USA. The three major findings of our research were: (1) xylem resin ducts in live trees were >10% larger (diameter), >25% denser (no. of resin ducts mm(-2)), and composed >50% more area per unit ring growth than dead trees; (2) measures of defense, such as resin duct production (no. of resin ducts year(-1)) and the proportion of xylem ring area to resin ducts, not growth, were the best model parameters of ponderosa pine mortality; and (3) most correlations between annual variation in growth and resin duct characteristics were positive suggesting that conditions conducive to growth also increase resin duct production. Our results suggest that trees that survive drought and subsequent bark beetle attacks invest more carbon in resin defense than trees that die, and that carbon allocation to resin ducts is a more important determinant of tree mortality than allocation to radial growth.

  7. Researcher positioning

    DEFF Research Database (Denmark)

    Mørck, Line Lerche; Khawaja, Iram

    2009-01-01

    abstract  This article focuses on the complex and multi-layered process of researcher positioning, specifically in relation to the politically sensitive study of marginalised and ‘othered' groups such as Muslims living in Denmark. We discuss the impact of different ethnic, religious and racial...... political and personal involvement by the researcher, which challenges traditional perspectives on research and researcher positioning. A key point in this regard is the importance of constant awareness of and reflection on the multiple ways in which one's positioning as a researcher influences the research...

  8. How Commonly Is Stroke Found in Patients with Isolated Vertigo or Dizziness Attack?

    Science.gov (United States)

    Doijiri, Ryosuke; Uno, Hisakazu; Miyashita, Kotaro; Ihara, Masafumi; Nagatsuka, Kazuyuki

    2016-10-01

    The sudden development of vertigo or dizziness without focal neurological symptoms is generally attributable to vestibular diseases such as benign paroxysmal positional vertigo. Isolated vertigo or dizziness attack needs more attention than vestibular diseases. This retrospective study was performed to elucidate the frequency of strokes in patients with isolated vertigo or dizziness attack. We enrolled 221 patients (men, 119; women, 102; mean age, 68.4 ± 10.3 years) who were admitted to our hospital over the last 10 years because of sudden isolated vertigo or dizziness attack without other neurological symptoms except for nystagmus, deafness, or tinnitus. We investigated the clinical features, final diagnosis, neuroimaging findings, and short- or long-term outcome of these patients. One hundred eighteen patients had vertigo whereas the other 103 had dizziness. Brain computed tomography or magnetic resonance imaging revealed recent stroke lesions in 25 patients (11.3%) (ischemic, 21; hemorrhagic, 4).The lesions were generally small and localized in the cerebellum (n = 21), pons (n = 1), medulla oblongata (n = 1), or corona radiata (n = 1). Of the 25 patients, 19 (76%) had dizzy-type spells; none had neurological dysfunction at the time of discharge. In the remaining 196 patients, no stroke was detected on computed tomography or magnetic resonance imaging. Stroke was found in 11% of patients with isolated vertigo or dizziness attack. The posterior inferior cerebellar artery area was the most frequently implicated for isolated vertigo or dizziness. Copyright © 2016 National Stroke Association. Published by Elsevier Inc. All rights reserved.

  9. Attacks, applications, and evaluation of known watermarking algorithms with Checkmark

    Science.gov (United States)

    Meerwald, Peter; Pereira, Shelby

    2002-04-01

    The Checkmark benchmarking tool was introduced to provide a framework for application-oriented evaluation of watermarking schemes. In this article we introduce new attacks and applications into the existing Checkmark framework. In addition to describing new attacks and applications, we also compare the performance of some well-known watermarking algorithms (proposed by Bruyndonckx,Cox, Fridrich, Dugad, Kim, Wang, Xia, Xie, Zhu and Pereira) with respect to the Checkmark benchmark. In particular, we consider the non-geometric application which contains tests that do not change the geometry of image. This attack constraint is artificial, but yet important for research purposes since a number of algorithms may be interesting, but would score poorly with respect to specific applications simply because geometric compensation has not been incorporated. We note, however, that with the help of image registration, even research algorithms that do not have counter-measures against geometric distortion -- such as a template or reference watermark -- can be evaluated. In the first version of the Checkmark benchmarking program, application-oriented evaluation was introduced, along with many new attacks not already considered in the literature. A second goal of this paper is to introduce new attacks and new applications into the Checkmark framework. In particular, we introduce the following new applications: video frame watermarking, medical imaging and watermarking of logos. Video frame watermarking includes low compression attacks and distortions which warp the edges of the video as well as general projective transformations which may result from someone filming the screen at a cinema. With respect to medical imaging, only small distortions are considered and furthermore it is essential that no distortions are present at embedding. Finally for logos, we consider images of small sizes and particularly compression, scaling, aspect ratio and other small distortions. The challenge

  10. Determination of 2D equivalent angles of attack for a non-rotating wind turbine rotor blade

    Energy Technology Data Exchange (ETDEWEB)

    Maassen, W.H.

    1993-11-01

    For the investigation into models to compute the title subject use has been made of the Lanchester-Prandtl lifting line model. The inflow conditions are given by a uniform inflow velocity and the geometrical angles of attack at every spanwise position. A model using pressure measurements at the instrumented sections and a model using 2-dimensional C{sub L}-{alpha} data at certain spanwise positions were investigated. In section two the experimental setups of the experiments at ECN (Netherlands Energy Research Foundation) and FFA (the Aeronautical Research Institute of Sweden) are presented. In section three the theoretical background and the different methods to compute the 2D equivalent angles of attack are outlined. In section four the results of the computations of the downwash and the 2D equivalent angles of attack for the considered FFA wind tunnel experiment is presented. Finally, in section five the most important conclusions are summarized and a recommendation for the computation of the 2D equivalent angles of attack for the non-rotating blade experiments at ECN is formulated. 59 figs., 2 tabs., 3 appendices, 30 refs.

  11. Radiographic positioning

    International Nuclear Information System (INIS)

    Eisenberg, R.L.; Dennis, C.A.; May, C.

    1989-01-01

    This book concentrates on the routine radiographic examinations commonly performed. It details the wide variety of examinations possible and their place in initial learning and in the radiology department as references for those occasions when an unusual examination is requested. This book provides information ranging from basic terminology to skeletal positioning to special procedures. Positions are discussed and supplemented with a picture of a patient, the resulting radiograph, and a labeled diagram. Immobilization and proper shielding of the patient are also shown

  12. Position encoder

    International Nuclear Information System (INIS)

    Goursky, Vsevolod

    1975-01-01

    A circuitry for deriving the quotient of signal delivered by position-sensitive detectors is described. Digital output is obtained in the form of 10- to 12-bit words. Impact position may be determined with 0.25% accuracy when the dynamic range of the energy signal is less 1:10, and 0.5% accuracy when the dynamic range is 1:20. The division requires an average time of 5μs for 10-bit words

  13. Position encoder

    International Nuclear Information System (INIS)

    Goursky, V.

    1975-05-01

    This paper describes circuitry for deriving the quotient of signals delivered by position-sensitive detectors. Digital output is obtained in the form of 10 to 12 bit words. Impact position may be determined with 0.25% accuracy when the dynamic range of the energy signal is less than 1:10, and 0.5% accuracy when the dynamic range is 1:20. The division requires an average time of 5μs for 10-bit words [fr

  14. Capacity and optimal collusion attack channels for Gaussian fingerprinting games

    Science.gov (United States)

    Wang, Ying; Moulin, Pierre

    2007-02-01

    In content fingerprinting, the same media covertext - image, video, audio, or text - is distributed to many users. A fingerprint, a mark unique to each user, is embedded into each copy of the distributed covertext. In a collusion attack, two or more users may combine their copies in an attempt to "remove" their fingerprints and forge a pirated copy. To trace the forgery back to members of the coalition, we need fingerprinting codes that can reliably identify the fingerprints of those members. Researchers have been focusing on designing or testing fingerprints for Gaussian host signals and the mean square error (MSE) distortion under some classes of collusion attacks, in terms of the detector's error probability in detecting collusion members. For example, under the assumptions of Gaussian fingerprints and Gaussian attacks (the fingerprinted signals are averaged and then the result is passed through a Gaussian test channel), Moulin and Briassouli1 derived optimal strategies in a game-theoretic framework that uses the detector's error probability as the performance measure for a binary decision problem (whether a user participates in the collusion attack or not); Stone2 and Zhao et al. 3 studied average and other non-linear collusion attacks for Gaussian-like fingerprints; Wang et al. 4 stated that the average collusion attack is the most efficient one for orthogonal fingerprints; Kiyavash and Moulin 5 derived a mathematical proof of the optimality of the average collusion attack under some assumptions. In this paper, we also consider Gaussian cover signals, the MSE distortion, and memoryless collusion attacks. We do not make any assumption about the fingerprinting codes used other than an embedding distortion constraint. Also, our only assumptions about the attack channel are an expected distortion constraint, a memoryless constraint, and a fairness constraint. That is, the colluders are allowed to use any arbitrary nonlinear strategy subject to the above

  15. Constructing APT Attack Scenarios Based on Intrusion Kill Chain and Fuzzy Clustering

    Directory of Open Access Journals (Sweden)

    Ru Zhang

    2017-01-01

    Full Text Available The APT attack on the Internet is becoming more serious, and most of intrusion detection systems can only generate alarms to some steps of APT attack and cannot identify the pattern of the APT attack. To detect APT attack, many researchers established attack models and then correlated IDS logs with the attack models. However, the accuracy of detection deeply relied on the integrity of models. In this paper, we propose a new method to construct APT attack scenarios by mining IDS security logs. These APT attack scenarios can be further used for the APT detection. First, we classify all the attack events by purpose of phase of the intrusion kill chain. Then we add the attack event dimension to fuzzy clustering, correlate IDS alarm logs with fuzzy clustering, and generate the attack sequence set. Next, we delete the bug attack sequences to clean the set. Finally, we use the nonaftereffect property of probability transfer matrix to construct attack scenarios by mining the attack sequence set. Experiments show that the proposed method can construct the APT attack scenarios by mining IDS alarm logs, and the constructed scenarios match the actual situation so that they can be used for APT attack detection.

  16. On the potential of IPv6 open resolvers for DDoS attacks

    NARCIS (Netherlands)

    Hendriks, Luuk; de Oliveira Schmidt, Ricardo; van Rijswijk-Deij, Roland; Pras, Aiko; Kaafar, Mohamed Ali; Uhlig, Steve; Amann, Johanna

    2017-01-01

    Distributed Denial of Service (DDoS) attacks have become a daily problem in today’s Internet. These attacks aim at overwhelm- ing online services or network infrastrucure. Some DDoS attacks explore open services to perform reflected and amplified attacks; and the DNS is one of the most (mis)used

  17. Robustness of non-interdependent and interdependent networks against dependent and adaptive attacks

    Science.gov (United States)

    Tyra, Adam; Li, Jingtao; Shang, Yilun; Jiang, Shuo; Zhao, Yanjun; Xu, Shouhuai

    2017-09-01

    Robustness of complex networks has been extensively studied via the notion of site percolation, which typically models independent and non-adaptive attacks (or disruptions). However, real-life attacks are often dependent and/or adaptive. This motivates us to characterize the robustness of complex networks, including non-interdependent and interdependent ones, against dependent and adaptive attacks. For this purpose, dependent attacks are accommodated by L-hop percolation where the nodes within some L-hop (L ≥ 0) distance of a chosen node are all deleted during one attack (with L = 0 degenerating to site percolation). Whereas, adaptive attacks are launched by attackers who can make node-selection decisions based on the network state in the beginning of each attack. The resulting characterization enriches the body of knowledge with new insights, such as: (i) the Achilles' Heel phenomenon is only valid for independent attacks, but not for dependent attacks; (ii) powerful attack strategies (e.g., targeted attacks and dependent attacks, dependent attacks and adaptive attacks) are not compatible and cannot help the attacker when used collectively. Our results shed some light on the design of robust complex networks.

  18. Defending majority voting systems against a strategic attacker

    International Nuclear Information System (INIS)

    Levitin, Gregory; Hausken, Kjell; Ben Haim, Hanoch

    2013-01-01

    Voting systems used in technical and tactical decision making in pattern recognition and target detection, data handling, signal processing, distributed and secure computing etc. are considered. A maxmin two period game is analyzed where the defender first protects and chooses units for participation in voting. The attacker thereafter attacks a subset of units. It is shown that when the defender protects all the voting units, the optimal number of units chosen for voting is either one or the maximal possible odd number. When the defender protects only the units chosen for voting, the optimal number of chosen units increases with the defender resource superiority (i.e., more resources than the attacker) and with probability of providing correct output by any unit. The system success probability always increases in the total number of voting units, the defender–attacker resource ratio, and the probability that each voting unit produces a correct output. The system success probability increases in the attacker–defender contest intensity if the defender achieves per-unit resource superiority, and otherwise decreases in the contest intensity. The presented model and enumerative algorithm allow obtaining optimal voting system defense strategy for any combination of parameters: total number of units, attack and defense resources, unit success probability and contest intensity.

  19. Antioxidant status in acute asthmatic attack in children

    International Nuclear Information System (INIS)

    Al-Abdulla, N.O.; Al-Naama, L.M.; Hassan, M.K.

    2010-01-01

    Objectives: To determine the oxidant - antioxidant imbalance in asthmatic children, by measuring the levels of malondialdehyde (MDA) as an oxidant marker of lipid peroxidation as well as antioxidant compounds like vitamin C, vitamin E and uric acid and to investigate whether their concentrations are associated with more severe asthma. Methods: This case controlled prospective study was conducted on 219 children aged 1-12 years, attending Basra Maternity and Children Hospital. Included were 98 asthmatic children during acute attack and 121 non asthmatic, apparently healthy children. Serum malondialdehyde (MDA) as an oxidant marker of lipid peroxidation, and vitamin C, vitamin E and uric acid (as antioxidants) were estimated in asthmatic children during acute attack and compared with non-asthmatic children. Results: Asthmatic children during exacerbation of their asthma have significant lower serum levels of antioxidant compounds like vitamin C, vitamin E and uric acid (p<0.001) and significantly high malondialdehyde as compared with the controls. MDA was significantly elevated (P< 0.001), while that of vitamin C, vitamin E and uric acid were significantly decreased with increasing severity of asthmatic attack (P<0.001). A significant negative correlation between MDA with vitamin C (P<0.05, r = - 0.44) was observed in severe asthmatic attacks. Conclusion: Asthmatic patients during acute attack suffer a high degree of reactive oxygen species formation causing considerable oxidative stress that is indicated by the high level of oxidants (MDA) and low level of antioxidants. (author)

  20. Automatic analysis of attack data from distributed honeypot network

    Science.gov (United States)

    Safarik, Jakub; Voznak, MIroslav; Rezac, Filip; Partila, Pavol; Tomala, Karel

    2013-05-01

    There are many ways of getting real data about malicious activity in a network. One of them relies on masquerading monitoring servers as a production one. These servers are called honeypots and data about attacks on them brings us valuable information about actual attacks and techniques used by hackers. The article describes distributed topology of honeypots, which was developed with a strong orientation on monitoring of IP telephony traffic. IP telephony servers can be easily exposed to various types of attacks, and without protection, this situation can lead to loss of money and other unpleasant consequences. Using a distributed topology with honeypots placed in different geological locations and networks provides more valuable and independent results. With automatic system of gathering information from all honeypots, it is possible to work with all information on one centralized point. Communication between honeypots and centralized data store use secure SSH tunnels and server communicates only with authorized honeypots. The centralized server also automatically analyses data from each honeypot. Results of this analysis and also other statistical data about malicious activity are simply accessible through a built-in web server. All statistical and analysis reports serve as information basis for an algorithm which classifies different types of used VoIP attacks. The web interface then brings a tool for quick comparison and evaluation of actual attacks in all monitored networks. The article describes both, the honeypots nodes in distributed architecture, which monitor suspicious activity, and also methods and algorithms used on the server side for analysis of gathered data.

  1. REAL-TIME INTELLIGENT MULTILAYER ATTACK CLASSIFICATION SYSTEM

    Directory of Open Access Journals (Sweden)

    T. Subbhulakshmi

    2014-01-01

    Full Text Available Intrusion Detection Systems (IDS takes the lion’s share of the current security infrastructure. Detection of intrusions is vital for initiating the defensive procedures. Intrusion detection was done by statistical and distance based methods. A threshold value is used in these methods to indicate the level of normalcy. When the network traffic crosses the level of normalcy then above which it is flagged as anomalous. When there are occurrences of new intrusion events which are increasingly a key part of system security, the statistical techniques cannot detect them. To overcome this issue, learning techniques are used which helps in identifying new intrusion activities in a computer system. The objective of the proposed system designed in this paper is to classify the intrusions using an Intelligent Multi Layered Attack Classification System (IMLACS which helps in detecting and classifying the intrusions with improved classification accuracy. The intelligent multi layered approach contains three intelligent layers. The first layer involves Binary Support Vector Machine classification for detecting the normal and attack. The second layer involves neural network classification to classify the attacks into classes of attacks. The third layer involves fuzzy inference system to classify the attacks into various subclasses. The proposed IMLACS can be able to detect an intrusion behavior of the networks since the system contains a three intelligent layer classification and better set of rules. Feature selection is also used to improve the time of detection. The experimental results show that the IMLACS achieves the Classification Rate of 97.31%.

  2. TAWS: TABLE ASSISTED WALK STRATEGY IN CLONE ATTACK DETECTION

    Directory of Open Access Journals (Sweden)

    J Sybi Cynthia

    2016-12-01

    Full Text Available Wireless Sensor Networks (WSNs deployed in the destructive atmosphere are susceptible to clone attacks. Clone attack in wireless sensor network is a complicated problem because it deployed in hostile environments, and also the nodes could be physically compromised by an adversary. For valuable clone attack detection, the selection criteria play an important role in the proposed work. In this paper, it has been classified the existing detection schemes regarding device type, detection methodologies, deployment strategies and detection ranges and far explore various proposals in deployment based selection criteria category. And also this paper provides a review of detection methodology based on various clone attack detection techniques. It is also widely agreed that clones should be detected quickly as possible with the best optional. Our work is exploratory in that the proposed algorithm concern with table assisted random walk with horizontal and vertical line, frequent level key change and revokes the duplicate node. Our simulation results show that it is more efficient than the detection criteria in terms of security feature, and in detection rate with high resiliency. Specifically, it concentrates on deployment strategy which includes grid based deployment technique. These all come under the selection criteria for better security performance. Our protocol analytically provides effective and clone attack detection capability of robustness.

  3. Effect of Angle of Attack on Slope Climbing Performance

    Science.gov (United States)

    Creager, Colin M.; Jones, Lucas; Smith, Lauren M.

    2017-01-01

    Ascending steep slopes is often a very difficult challenge for off-road vehicles, whether on Earth or on extraterrestrial bodies. This challenge is even greater if the surface consists of loose granular soil that does not provide much shear strength. This study investigated how the path at which a vehicle traverses a slope, specifically the angle that it is commanded to drive relative to the base of the hill (the angle of attack), can affect its performance. A vehicle was driven in loose sand at slope angles up to 15 degrees and angles of attack ranging from 10 to 90 degrees. A novel photogrammetry technique was implemented to both track vehicle motion and create a three-dimensional profile of the terrain. This allowed for true wheel sinkage measurements. The study showed that though low angles of attack result in lower wheel slip and sinkage, the efficiency of the vehicles uphill motion increased at higher angles of attack. For slopes up to 15 degrees, a 90 degree angle of attack provided the greatest likelihood of successful ascent.

  4. Gait biometrics under spoofing attacks: an experimental investigation

    Science.gov (United States)

    Hadid, Abdenour; Ghahramani, Mohammad; Kellokumpu, Vili; Feng, Xiaoyi; Bustard, John; Nixon, Mark

    2015-11-01

    Gait is a relatively biometric modality which has a precious advantage over other modalities, such as iris and voice, in that it can be easily captured from a distance. Although it has recently become a topic of great interest in biometric research, there has been little investigation into gait spoofing attacks where a person tries to imitate the clothing or walking style of someone else. We recently analyzed for the first time the effects of spoofing attacks on silhouette-based gait biometric systems and showed that it was indeed possible to spoof gait biometric systems by clothing impersonation and the deliberate selection of a target that has a similar build to the attacker. To gain deeper insight into the performance of current gait biometric systems under spoofing attacks, we provide a thorough investigation on how clothing can be used to spoof a target and evaluate the performance of two state-of-the-art recognition methods on a gait spoofing database recorded at the University of Southampton. Furthermore, we describe and evaluate an initial solution coping with gait spoofing attacks. The obtained results are very promising and point out interesting findings which can be used for future investigations.

  5. Assessing risk from intelligent attacks: A perspective on approaches

    International Nuclear Information System (INIS)

    Guikema, Seth D.; Aven, Terje

    2010-01-01

    Assessing the uncertainties in and severity of the consequences of intelligent attacks are fundamentally different from risk assessment for accidental events and other phenomena with inherently random failures. Intelligent attacks against a system involve adaptation on the part of the adversary. The probabilities of the initiating events depend on the risk management actions taken, and they may be more difficult to assess due to high degrees of epistemic uncertainty about the motivations and future actions of adversaries. Several fundamentally different frameworks have been proposed for assessing risk from intelligent attacks. These include basing risk assessment and management on game theoretic modelling of attacker actions, using a probabilistic risk analysis (PRA) approach based on eliciting probabilities of different initiating events from appropriate experts, assessing uncertainties beyond probabilities and expected values, and ignoring the probabilities of the attacks and choosing to protect highest valued targets. In this paper we discuss and compare the fundamental assumptions that underlie each of these approaches. We then suggest a new framework that makes the fundamental assumptions underlying the approaches clear to decision makers and presents them with a suite of results from conditional risk analysis methods. Each of the conditional methods presents the risk from a specified set of fundamental assumptions, allowing the decision maker to see the impacts of these assumptions on the risk management strategies considered and to weight the different conditional results with their assessments of the relative likelihood of the different sets of assumptions.

  6. Thwarting Nonintrusive Occupancy Detection Attacks from Smart Meters

    Directory of Open Access Journals (Sweden)

    Dapeng Man

    2017-01-01

    Full Text Available Occupancy information is one of the most important privacy issues of a home. Unfortunately, an attacker is able to detect occupancy from smart meter data. The current battery-based load hiding (BLH methods cannot solve this problem. To thwart occupancy detection attacks, we propose a framework of battery-based schemes to prevent occupancy detection (BPOD. BPOD monitors the power consumption of a home and detects the occupancy in real time. According to the detection result, BPOD modifies those statistical metrics of power consumption, which highly correlate with the occupancy by charging or discharging a battery, creating a delusion that the home is always occupied. We evaluate BPOD in a simulation using several real-world smart meter datasets. Our experiment results show that BPOD effectively prevents the threshold-based and classifier-based occupancy detection attacks. Furthermore, BPOD is also able to prevent nonintrusive appliance load monitoring attacks (NILM as a side-effect of thwarting detection attacks.

  7. Blind Cartography for Side Channel Attacks: Cross-Correlation Cartography

    Directory of Open Access Journals (Sweden)

    Laurent Sauvage

    2012-01-01

    Full Text Available Side channel and fault injection attacks are major threats to cryptographic applications of embedded systems. Best performances for these attacks are achieved by focusing sensors or injectors on the sensible parts of the application, by means of dedicated methods to localise them. Few methods have been proposed in the past, and all of them aim at pinpointing the cryptoprocessor. However it could be interesting to exploit the activity of other parts of the application, in order to increase the attack's efficiency or to bypass its countermeasures. In this paper, we present a localisation method based on cross-correlation, which issues a list of areas of interest within the attacked device. It realizes an exhaustive analysis, since it may localise any module of the device, and not only those which perform cryptographic operations. Moreover, it also does not require a preliminary knowledge about the implementation, whereas some previous cartography methods require that the attacker could choose the cryptoprocessor inputs, which is not always possible. The method is experimentally validated using observations of the electromagnetic near field distribution over a Xilinx Virtex 5 FPGA. The matching between areas of interest and the application layout in the FPGA floorplan is confirmed by correlation analysis.

  8. Protecting infrastructure networks from cost-based attacks

    International Nuclear Information System (INIS)

    Wang Xingang; Guan Shuguang; Lai, Choy Heng

    2009-01-01

    It is well known that heterogeneous networks are vulnerable to the intentional removal of a small fraction of highly connected or loaded nodes, implying that to protect the network effectively, the important nodes should be allocated more defense resource than the others. However, if too much resource is allocated to the few important nodes, the numerous less-important nodes will be less protected, which if attacked together can still lead to devastating damage. A natural question is therefore how to efficiently distribute the limited defense resource among the network nodes such that the network damage is minimized against any attack strategy. In this paper, taking into account the factor of attack cost, the problem of network security is reconsidered in terms of efficient network defense against cost-based attacks. The results show that, for a general complex network, there exists an optimal distribution of the defense resource with which the network is best protected from cost-based attacks. Furthermore, it is found that the configuration of the optimal defense is dependent on the network parameters. Specifically, networks of larger size, sparser connection and more heterogeneous structure will more likely benefit from the defense optimization.

  9. Interval forecasting of cyber-attacks on industrial control systems

    Science.gov (United States)

    Ivanyo, Y. M.; Krakovsky, Y. M.; Luzgin, A. N.

    2018-03-01

    At present, cyber-security issues of industrial control systems occupy one of the key niches in a state system of planning and management Functional disruption of these systems via cyber-attacks may lead to emergencies related to loss of life, environmental disasters, major financial and economic damage, or disrupted activities of cities and settlements. There is then an urgent need to develop protection methods against cyber-attacks. This paper studied the results of cyber-attack interval forecasting with a pre-set intensity level of cyber-attacks. Interval forecasting is the forecasting of one interval from two predetermined ones in which a future value of the indicator will be obtained. For this, probability estimates of these events were used. For interval forecasting, a probabilistic neural network with a dynamic updating value of the smoothing parameter was used. A dividing bound of these intervals was determined by a calculation method based on statistical characteristics of the indicator. The number of cyber-attacks per hour that were received through a honeypot from March to September 2013 for the group ‘zeppo-norcal’ was selected as the indicator.

  10. Investigation of impingement attack mechanism of copper alloy condenser tubes

    Energy Technology Data Exchange (ETDEWEB)

    Fukumura, Takuya; Nakajima, Nobuo; Arioka, Koji; Totsuka, Nobuo; Nakagawa, Tomokazu [Institute of Nuclear Safety System Inc., Mihama, Fukui (Japan)

    2001-09-01

    In order to investigate generation and growth mechanisms of impingement attacks of sea water against copper alloy condenser tubes used in condensers of nuclear power plants, we took out condenser tubes from actual condensers, cut them into several pieces and carried out several material tests mainly for impinged spots. In addition water flow inside of a pit was analyzed. From the results of the investigation, it was found that all of impingement attacks were found in the marks left by sessile organisms and none were found in downstream of the marks as frequently proposed so far. At the pits generated inside the marks, iron coating was striped and zinc content was deficient in some cases. Combining these data and the result of flow analysis, we considered the following mechanism of the impingement attacks: sessile organisms clinging to the surface of the condenser tube and growth, occlusion of the tube, extinction and decomposition of sessile organisms, pollution corrosion under the organisms and cavity formation, occlusion removal by the cleaning, generation of impingement attacks by flow collision inside the cavity, growth of the impingement attacks. (author)

  11. Transient Ischemic Attack Caused by Iron Deficiency Anemia

    Directory of Open Access Journals (Sweden)

    Ufuk Emre

    2006-02-01

    Full Text Available Transient Ischemic Attack Caused by Iron Deficiency Anemia Transient ischemic attacks are episodes of transient focal ischemia involving the brain or brainstem. They are commonly two to thirty minutes in duration and lasting less than 24 hours. Anemia of iron deficiency isn’t frequently cause for transient ischemic attack. It has been reported as a risk factor for childhood ischemic strokes. In the iron deficiency anemia, T‹A may develop as result of hypercoagulable state and increased viscosity that is caused by anemic hypoxia that is result of reduce hemoglobine level, seconder thrombosis and microcytose As iron deficiency anemia has been reported so rarely in adult patients with transient ischemic attacks as a cause, we aimed to discuss the clinical and outcome features of two cases with iron deficiency anemia and transient ischemic attacks in this study. Materials and methods: Routine neurologic examination, biochemical screen, serological tests, vasculitic markers, thyroid function tests, vitamin B 12 level, cranial imaging, vertebral carotid doppler USG examination was conducted in the two patients. Anemia of iron deficiency was found as the only risk factor for TIA and the two patients were treated with replacement of iron and antiagregan therapy. Neurological examination revealed no abnormality through the two years of follow-up. The iron deficiency anemia may be cause of many neurologic problems such a irritability, lethargy, headache, development retardation except from T‹A. In the iron deficiency anemia, early diagnosis and treatment is important

  12. Learning from history: The Glasgow Airport terrorist attack.

    Science.gov (United States)

    Crichton, Gillies

    Glasgow Airport was the target of a terrorist attack on 30th June, 2007. Many people within Scotland had come to believe that Scotland was immune from terrorism. This perception was in large part informed by Scotland's experience during the protracted Troubles in Northern Ireland, during which the Provisional Irish Republican Army's mainland bombing campaign focused on targets in England, sparing both Scotland and Wales. While Glasgow Airport did not expect such an attack to take place, meticulous planning, organising and testing of plans had taken place to mitigate the unlikely event of such an attack. The attack stands up as a shining example of robust business continuity management, where the airport reopened for business as usual in less than 24 hours from the time of the attack. Little is known about how the airport handled the situation in conjunction with other responding agencies as people tend to want to focus on high-profile disasters only. Yet countless such incidents are happening worldwide on a daily basis, in which there are excellent learning opportunities, and, taken in the spirit of converting hindsight into foresight, the likelihood of similar incidents could potentially be reduced in the future.

  13. Negative affect and smoking motives sequentially mediate the effect of panic attacks on tobacco-relevant processes.

    Science.gov (United States)

    Farris, Samantha G; Zvolensky, Michael J; Blalock, Janice A; Schmidt, Norman B

    2014-05-01

    Empirical work has documented a robust and consistent relation between panic attacks and smoking behavior. Theoretical models posit smokers with panic attacks may rely on smoking to help them manage chronically elevated negative affect due to uncomfortable bodily states, which may explain higher levels of nicotine dependence and quit problems. The current study examined the effects of panic attack history on nicotine dependence, perceived barriers for quitting, smoking inflexibility when emotionally distressed, and expired carbon monoxide among 461 treatment-seeking smokers. A multiple mediator path model was evaluated to examine the indirect effects of negative affect and negative affect reduction motives as mediators of the panic attack-smoking relations. Panic attack history was indirectly related to greater levels of nicotine dependence (b = 0.039, CI95% = 0.008, 0.097), perceived barriers to smoking cessation (b = 0.195, CI95% = 0.043, 0.479), smoking inflexibility/avoidance when emotionally distressed (b = 0.188, CI95% = 0.041, 0.445), and higher levels of expired carbon monoxide (b = 0.071, CI95% = 0.010, 0.230) through the sequential effects of negative affect and negative affect smoking motives. The present results provide empirical support for the sequential mediating role of negative affect and smoking motives for negative affect reduction in the relation between panic attacks and a variety of smoking variables in treatment-seeking smokers. These mediating variables are likely important processes to address in smoking cessation treatment, especially in panic-vulnerable smokers.

  14. Performance Improvement of Power Analysis Attacks on AES with Encryption-Related Signals

    Science.gov (United States)

    Lee, You-Seok; Lee, Young-Jun; Han, Dong-Guk; Kim, Ho-Won; Kim, Hyoung-Nam

    A power analysis attack is a well-known side-channel attack but the efficiency of the attack is frequently degraded by the existence of power components, irrelative to the encryption included in signals used for the attack. To enhance the performance of the power analysis attack, we propose a preprocessing method based on extracting encryption-related parts from the measured power signals. Experimental results show that the attacks with the preprocessed signals detect correct keys with much fewer signals, compared to the conventional power analysis attacks.

  15. An SDN-Based Fingerprint Hopping Method to Prevent Fingerprinting Attacks

    Directory of Open Access Journals (Sweden)

    Zheng Zhao

    2017-01-01

    Full Text Available Fingerprinting attacks are one of the most severe threats to the security of networks. Fingerprinting attack aims to obtain the operating system information of target hosts to make preparations for future attacks. In this paper, a fingerprint hopping method (FPH is proposed based on software-defined networks to defend against fingerprinting attacks. FPH introduces the idea of moving target defense to show a hopping fingerprint toward the fingerprinting attackers. The interaction of the fingerprinting attack and its defense is modeled as a signal game, and the equilibriums of the game are analyzed to develop an optimal defense strategy. Experiments show that FPH can resist fingerprinting attacks effectively.

  16. Study of attack in college volleyball

    Directory of Open Access Journals (Sweden)

    Yordan Portela Pozo

    2014-03-01

    This work is done in order to analyze the positive and negative aspects that affected the performance of the auction action in volleyball players performing this action (in this case male in the Provincial University Games in 2012 in Havana , for which I take as a case study to the players of the University of Information Sciences and its opponents in those games, completing a total of 268 shares auctions in 7 games with a total of 15 September analyzed taking account of changes in the sport of Volleyball university in Cuba, data recorded by an observation sheet previously completed by the authors. The main results in this paper show that the greatest amount of shots that were done in these games were diagonal and a good percentage of positive linear auctions however were few and with very poor results. The primary role of the auction for the game's success is fully confirmed in this work because this action is achieved through many points in the game of volleyball and thus leads to a better result.

  17. Irradiation position-control equipment for the HIMAC

    Energy Technology Data Exchange (ETDEWEB)

    Higashi, Seiichi; Kuma, Shoichiro [Mitsubishi Electric Corp., Tokyo (Japan); Nomura, Kazuaki; Endo, Masahiro; Minohara, Shin-ichi

    1995-02-01

    Use of heavy-ion beams to mount a pinpoint attack on unhealthy tissue requires that the target tissue be placed in the precise location specified by the therapy planning equipment. The article reports on the detailed specifications, positioning mechanism, position verification method and the interface with the therapy planning equipment. (author).

  18. Network resilience against intelligent attacks constrained by the degree-dependent node removal cost

    International Nuclear Information System (INIS)

    Annibale, A; Coolen, A C C; Bianconi, G

    2010-01-01

    We study the resilience of complex networks against attacks in which nodes are targeted intelligently, but where disabling a node has a cost to the attacker which depends on its degree. Attackers have to meet these costs with limited resources, which constrains their actions. A network's integrity is quantified in terms of the efficacy of the process that it supports. We calculate how the optimal attack strategy and the most attack-resistant network degree statistics depend on the node removal cost function and the attack resources. The resilience of networks against intelligent attacks is found to depend strongly on the node removal cost function faced by the attacker. In particular, if node removal costs increase sufficiently fast with the node degree, power law networks are found to be more resilient than Poissonian ones, even against optimized intelligent attacks. For cost functions increasing quadratically in the node degrees, intelligent attackers cannot damage the network more than random damages would.

  19. Impact of Cyber Attacks on High Voltage DC Transmission Damping Control

    Directory of Open Access Journals (Sweden)

    Rui Fan

    2018-04-01

    Full Text Available Hybrid AC/HVDC (AC-HVDC grids have evolved to become huge cyber-physical systems that are vulnerable to cyber attacks because of the wide attack surface and increasing dependence on intelligent electronic devices, computing resources and communication networks. This paper, for the first time, studies the impact of cyber attacks on HVDC transmission oscillation damping control.Three kinds of cyber attack models are considered: timing attack, replay attack and false data injection attack. Followed by a brief introduction of the HVDC model and conventional oscillation damping control method, the design of three attack models is described in the paper. These attacks are tested on a modified IEEE New England 39-Bus AC-HVDC system. Simulation results have shown that all three kinds of attacks are capable of driving the AC-HVDC system into large oscillations or even unstable conditions.

  20. Positional games

    CERN Document Server

    Hefetz, Dan; Stojaković, Miloš; Szabó, Tibor

    2014-01-01

    This text serves as a thorough introduction to the rapidly developing field of positional games. This area constitutes an important branch of combinatorics, whose aim it is to systematically develop an extensive mathematical basis for a variety of two-player perfect information games. These range from such popular games as Tic-Tac-Toe and Hex to purely abstract games played on graphs and hypergraphs. The subject of positional games is strongly related to several other branches of combinatorics such as Ramsey theory, extremal graph and set theory, and the probabilistic method. These notes cover a variety of topics in positional games, including both classical results and recent important developments. They are presented in an accessible way and are accompanied by exercises of varying difficulty, helping the reader to better understand the theory. The text will benefit both researchers and graduate students in combinatorics and adjacent fields.

  1. Gray Matter Is Targeted in First-Attack Multiple Sclerosis

    Energy Technology Data Exchange (ETDEWEB)

    Schutzer, Steven E.; Angel, Thomas E.; Liu, Tao; Schepmoes, Athena A.; Xie, Fang; Bergquist, Jonas P.; Vecsei, Lazlo' ; Zadori, Denes; Camp, David G.; Holland, Bart K.; Smith, Richard D.; Coyle, Patricia K.

    2013-09-10

    The cause of multiple sclerosis (MS), its driving pathogenesis at the earliest stages, and what factors allow the first clinical attack to manifest remain unknown. Some imaging studies suggest gray rather than white matter may be involved early, and some postulate this may be predictive of developing MS. Other imaging studies are in conflict. To determine if there was objective molecular evidence of gray matter involvement in early MS we used high-resolution mass spectrometry to identify proteins in the cerebrospinal fluid (CSF) of first-attack MS patients (two independent groups) compared to established relapsing remitting (RR) MS and controls. We found that the CSF proteins in first-attack patients were differentially enriched for gray matter components (axon, neuron, synapse). Myelin components did not distinguish these groups. The results support that gray matter dysfunction is involved early in MS, and also may be integral for the initial clinical presentation.

  2. Computing Preferred Extensions for Argumentation Systems with Sets of Attacking

    DEFF Research Database (Denmark)

    Nielsen, Søren Holbech; Parsons, Simon

    2006-01-01

    The hitherto most abstract, and hence general, argumentation system, is the one described by Dung in a paper from 1995. This framework does not allow for joint attacks on arguments, but in a recent paper we adapted it to support such attacks, and proved that this adapted framework enjoyed the same...... formal properties as that of Dung. One problem posed by Dung's original framework, which was neglected for some time, is how to compute preferred extensions of the argumentation systems. However, in 2001, in a paper by Doutre and Mengin, a procedure was given for enumerating preferred extensions...... for these systems. In this paper we propose a method for enumerating preferred extensions of the potentially more complex systems, where joint attacks are allowed. The method is inspired by the one given by Doutre and Mengin....

  3. A Model of Biological Attacks on a Realistic Population

    Science.gov (United States)

    Carley, Kathleen M.; Fridsma, Douglas; Casman, Elizabeth; Altman, Neal; Chen, Li-Chiou; Kaminsky, Boris; Nave, Demian; Yahja, Alex

    The capability to assess the impacts of large-scale biological attacks and the efficacy of containment policies is critical and requires knowledge-intensive reasoning about social response and disease transmission within a complex social system. There is a close linkage among social networks, transportation networks, disease spread, and early detection. Spatial dimensions related to public gathering places such as hospitals, nursing homes, and restaurants, can play a major role in epidemics [Klovdahl et. al. 2001]. Like natural epidemics, bioterrorist attacks unfold within spatially defined, complex social systems, and the societal and networked response can have profound effects on their outcome. This paper focuses on bioterrorist attacks, but the model has been applied to emergent and familiar diseases as well.

  4. A robust color image watermarking algorithm against rotation attacks

    Science.gov (United States)

    Han, Shao-cheng; Yang, Jin-feng; Wang, Rui; Jia, Gui-min

    2018-01-01

    A robust digital watermarking algorithm is proposed based on quaternion wavelet transform (QWT) and discrete cosine transform (DCT) for copyright protection of color images. The luminance component Y of a host color image in YIQ space is decomposed by QWT, and then the coefficients of four low-frequency subbands are transformed by DCT. An original binary watermark scrambled by Arnold map and iterated sine chaotic system is embedded into the mid-frequency DCT coefficients of the subbands. In order to improve the performance of the proposed algorithm against rotation attacks, a rotation detection scheme is implemented before watermark extracting. The experimental results demonstrate that the proposed watermarking scheme shows strong robustness not only against common image processing attacks but also against arbitrary rotation attacks.

  5. Trojan horse attacks on counterfactual quantum key distribution

    Energy Technology Data Exchange (ETDEWEB)

    Yang, Xiuqing, E-mail: xqqyang@163.com [School of Science, Beijing Jiaotong University, Beijing 100044 (China); College of Science, Inner Mongolia University of Technology, 010051 Hohhot (China); Wei, Kejin; Ma, Haiqiang [School of Science, Beijing University of Posts and Telecommunications, Beijing 100876 (China); Sun, Shihai, E-mail: shsun@nudt.edu.cn [Department of Physics, National University of Defense Technology, Changsha 410073 (China); Du, Yungang [College of Science, Inner Mongolia University of Technology, 010051 Hohhot (China); Wu, Lingan [Laboratory of Optical Physics, Institute of Physics, Chinese Academy of Sciences, Beijing 100080 (China)

    2016-04-22

    There has been much interest in “counterfactual quantum cryptography” (T.-G. Noh, 2009 [10]). It seems that the counterfactual quantum key distribution protocol without any photon carrier through the quantum channel provides practical security advantages. However, we show that it is easy to break counterfactual quantum key distribution systems in practical situations. We introduce the two types of Trojan horse attacks that are available for the two-way protocol and become possible for practical counterfactual systems with our eavesdropping schemes. - Highlights: • We find the attacks available for the two-way protocol become possible for the practical counterfactual systems. • It does not require the assumption that it works on the counterfactual systems only in a finite key scenario. • Compared to the other attack models, our scheme is relatively simple for an eavesdropper.

  6. A Case Of Transient Ischemic Attack Presenting As Hemichroea

    Directory of Open Access Journals (Sweden)

    Hasan Hüseyin Özdemir

    2013-12-01

    Full Text Available Chorea is defined as; involuntary movements of the distal parts of limbs which have arrhythmic, rapid, bouncing or smooth, simple or complex properties. Choreiform movements occur when putamen, globus pallidus and subthalamic nucleus are affected. Chorea can be observed during the course of metabolic and vascular diseases, neurodegenerative or hereditary diseases. Chorea may be a rare symptom of cerebral hypoperfusion. Transient ischemic attack is an event that occurs in short term characterized by a temporary ischemia of brain. A wide variety of symptoms can be seen depending on the localization of cerebral hypoperfusion. Hemichorea is a very rare finding observed during transient ischemic attacks. In this article hemichorea in a case of symptomatic transient ischemic attack is discussed with relevant literature.

  7. Conservation biology: lion attacks on humans in Tanzania.

    Science.gov (United States)

    Packer, Craig; Ikanda, Dennis; Kissui, Bernard; Kushnir, Hadas

    2005-08-18

    Large carnivores inspire opposition to conservation efforts owing to their impact on livestock and human safety. Here we analyse the pattern of lion attacks over the past 15 years on humans in Tanzania, which has the largest population of lions in Africa, and find that they have killed more than 563 Tanzanians since 1990 and injured at least 308. Attacks have increased dramatically during this time: they peak at harvest time each year and are most frequent in areas with few prey apart from bush pigs (Potamochoerus larvatus), the most common nocturnal crop pest. Our findings provide an important starting point for devising strategies to reduce the risk to rural Tanzanians of lion attacks.

  8. Detection of network attacks based on adaptive resonance theory

    Science.gov (United States)

    Bukhanov, D. G.; Polyakov, V. M.

    2018-05-01

    The paper considers an approach to intrusion detection systems using a neural network of adaptive resonant theory. It suggests the structure of an intrusion detection system consisting of two types of program modules. The first module manages connections of user applications by preventing the undesirable ones. The second analyzes the incoming network traffic parameters to check potential network attacks. After attack detection, it notifies the required stations using a secure transmission channel. The paper describes the experiment on the detection and recognition of network attacks using the test selection. It also compares the obtained results with similar experiments carried out by other authors. It gives findings and conclusions on the sufficiency of the proposed approach. The obtained information confirms the sufficiency of applying the neural networks of adaptive resonant theory to analyze network traffic within the intrusion detection system.

  9. Cyber Attacks and Terrorism: A Twenty-First Century Conundrum.

    Science.gov (United States)

    Albahar, Marwan

    2017-01-05

    In the recent years, an alarming rise in the incidence of cyber attacks has made cyber security a major concern for nations across the globe. Given the current volatile socio-political environment and the massive increase in the incidence of terrorism, it is imperative that government agencies rapidly realize the possibility of cyber space exploitation by terrorist organizations and state players to disrupt the normal way of life. The threat level of cyber terrorism has never been as high as it is today, and this has created a lot of insecurity and fear. This study has focused on different aspects of cyber attacks and explored the reasons behind their increasing popularity among the terrorist organizations and state players. This study proposes an empirical model that can be used to estimate the risk levels associated with different types of cyber attacks and thereby provide a road map to conceptualize and formulate highly effective counter measures and cyber security policies.

  10. Implementation of an attack scheme on a practical QKD system

    Science.gov (United States)

    Lamas-Linares, Antia; Liu, Qin; Gerhardt, Ilja; Makarov, Vadim; Kurtsiefer, Christian

    2010-03-01

    We report on an experimental implementation of an attack of a practical quantum key distribution system [1], based on a vulnerability of single photon detectors [2]. An intercept/resend-like attack has been carried out which revealed 100% of the raw key generated between the legitimate communication partners. No increase of the error ratio was observed, which is usually considered a reliable witness for any eavesdropping attempt. We also present an experiment which shows that this attack is not revealed by key distribution protocols probing for eavesdroppers by testing a Bell inequality [3], and discuss implications for practical quantum key distribution.[4pt] [1] I. Marcikic, A. Lamas-Linares, C. Kurtsiefer, Appl. Phys. Lett. 89, 101122 (2006); [2] V. Makarov, New J. Phys. 11, 065003 (2009); [3] A. Ling et al., Phys. Rev. A 78, 020301(R), (2008)

  11. Hydrogen attack evaluation of boiler tube using ultrasonic wave

    International Nuclear Information System (INIS)

    Won, Soon Ho; Hyun, Yang Ki; Lee, Jong O; Cho, Kyung Shik; Lee, Jae Do

    2001-01-01

    The presence of hydrogen in industrial plants is a source of damage. Hydrogen attack is one such form of degradation and often causing large tube ruptures that necessitate an immediate shutdown. Hydrogen attack may reduce the fracture toughness as well as the strength of steels. This reduction is caused partially by the presence of cavities and microcracks at the grain boundaries. In the past several techniques have been used with limited results. This paper describes the application of an ultrasonic velocity, attenuation and backscatter techniques for detecting the presence of hydrogen damage in utility boiler tubes. Ultrasonic tests showed a decrease in wave velocity and an increase in attenuation. Such results demonstrate the potential for ultrasonic nondestructive testing to quantify damage. Based on this study, recommendations are that both velocity and attenuation be used to detect hydrogen attack in steels.

  12. The radiographic diagnosis of early attacking congenital syphilis of bone

    International Nuclear Information System (INIS)

    Ji Yaping; Zhuge Moyi

    2005-01-01

    Objective: To explore the method of radiological diagnosis of early attacking congenital syphilis. Methods: Seven cases of early attacking congenital syphilis of bone were retrospectively analyzed, diagnosed serologically, and were taken X-rays of the long bones. Results: Bone radiographs abnormalities were identified in 6 of 7 cases. Five cases suffered periotities, six cases metaphysitis, and three cases combined with diaphysitis. Seven cases had swollen soft tissue. The vertebraes, craniums and epiphysitis were not found abnormal in 7 cases. Diffusion, multiple and symmetric metaphysitis, periosteitis and osteitis were the radiological characters of congenital syphilis of bone. Conclusion: Radiography can affirm the diagnose of early attacking congenital syphilis and definite the arrange and depth. Radiographs of the extremities should be routinely taken in suspected infants. (authors)

  13. Cyber attacks, countermeasures, and protection schemes — A state of the art survey

    OpenAIRE

    Shabut, Antesar M.; Lwin, K.T.; Hossain, M.A.

    2017-01-01

    Thousands of cyber-attacks (fraudulent online activities to acquire users’ sensitive information via email, during online transactions, live video streaming, online gaming and browsing) are launched every day against Internet users across the world. To prevent these attacks, researchers have responded with a number of protection systems. Currently, the methods which cyber-attackers use to conduct attacks is associated with exploiting humans. Such attacks are recorded more frequently than befo...

  14. Mapping the Most Significant Computer Hacking Events to a Temporal Computer Attack Model

    OpenAIRE

    Heerden , Renier ,; Pieterse , Heloise; Irwin , Barry

    2012-01-01

    Part 4: Section 3: ICT for Peace and War; International audience; This paper presents eight of the most significant computer hacking events (also known as computer attacks). These events were selected because of their unique impact, methodology, or other properties. A temporal computer attack model is presented that can be used to model computer based attacks. This model consists of the following stages: Target Identification, Reconnaissance, Attack, and Post-Attack Reconnaissance stages. The...

  15. Quick Reference: Cyber Attacks Awareness and Prevention Method for Home Users

    OpenAIRE

    Haydar Teymourlouei

    2015-01-01

    It is important to take security measures to protect your computer information, reduce identify theft, and prevent from malicious cyber-attacks. With cyber-attacks on the continuous rise, people need to understand and learn ways to prevent from these attacks. Cyber-attack is an important factor to be considered if one is to be able to protect oneself from malicious attacks. Without proper security measures, most computer technology would hinder home users more than such t...

  16. Depletion-of-Battery Attack: Specificity, Modelling and Analysis.

    Science.gov (United States)

    Shakhov, Vladimir; Koo, Insoo

    2018-06-06

    The emerging Internet of Things (IoT) has great potential; however, the societal costs of the IoT can outweigh its benefits. To unlock IoT potential, there needs to be improvement in the security of IoT applications. There are several standardization initiatives for sensor networks, which eventually converge with the Internet of Things. As sensor-based applications are deployed, security emerges as an essential requirement. One of the critical issues of wireless sensor technology is limited sensor resources, including sensor batteries. This creates a vulnerability to battery-exhausting attacks. Rapid exhaustion of sensor battery power is not only explained by intrusions, but can also be due to random failure of embedded sensor protocols. Thus, most wireless sensor applications, without tools to defend against rash battery exhausting, would be unable to function during prescribed times. In this paper, we consider a special type of threat, in which the harm is malicious depletion of sensor battery power. In contrast to the traditional denial-of-service attack, quality of service under the considered attack is not necessarily degraded. Moreover, the quality of service can increase up to the moment of the sensor set crashes. We argue that this is a distinguishing type of attack. Hence, the application of a traditional defense mechanism against this threat is not always possible. Therefore, effective methods should be developed to counter the threat. We first discuss the feasibility of rash depletion of battery power. Next, we propose a model for evaluation of energy consumption when under attack. Finally, a technique to counter the attack is discussed.

  17. Depletion-of-Battery Attack: Specificity, Modelling and Analysis

    Directory of Open Access Journals (Sweden)

    Vladimir Shakhov

    2018-06-01

    Full Text Available The emerging Internet of Things (IoT has great potential; however, the societal costs of the IoT can outweigh its benefits. To unlock IoT potential, there needs to be improvement in the security of IoT applications. There are several standardization initiatives for sensor networks, which eventually converge with the Internet of Things. As sensor-based applications are deployed, security emerges as an essential requirement. One of the critical issues of wireless sensor technology is limited sensor resources, including sensor batteries. This creates a vulnerability to battery-exhausting attacks. Rapid exhaustion of sensor battery power is not only explained by intrusions, but can also be due to random failure of embedded sensor protocols. Thus, most wireless sensor applications, without tools to defend against rash battery exhausting, would be unable to function during prescribed times. In this paper, we consider a special type of threat, in which the harm is malicious depletion of sensor battery power. In contrast to the traditional denial-of-service attack, quality of service under the considered attack is not necessarily degraded. Moreover, the quality of service can increase up to the moment of the sensor set crashes. We argue that this is a distinguishing type of attack. Hence, the application of a traditional defense mechanism against this threat is not always possible. Therefore, effective methods should be developed to counter the threat. We first discuss the feasibility of rash depletion of battery power. Next, we propose a model for evaluation of energy consumption when under attack. Finally, a technique to counter the attack is discussed.

  18. Psychological distress and prejudice following terror attacks in France.

    Science.gov (United States)

    Goodwin, Robin; Kaniasty, Krzysztof; Sun, Shaojing; Ben-Ezra, Menachem

    2017-08-01

    Terrorist attacks have the capacity to threaten our beliefs about the world, cause distress across populations and promote discrimination towards particular groups. We examined the impact of two different types of attacks in the same city and same year on psychological distress and probable posttraumatic stress symptoms, and the moderating effects of religion or media use on distress/posttraumatic symptoms and inter-group relations. Two panel surveys four weeks after the January 2015 Charlie Hebdo attack (N = 1981) and the November 2015 Bataclan concert hall/restaurant attacks (N = 1878), measured intrinsic religiosity, social and traditional media use, psychological distress (K6), probable posttraumatic stress symptoms (proposed ICD-11), symbolic racism and willingness to interact with Muslims by non-Muslims. Prevalence of serious mental illness (K6 score > 18) was higher after November 2015 attacks (7.0% after the first attack, 10.2% the second, χ2 (1) = 5.67, p < 0.02), as were probable posttraumatic stress symptoms (11.9% vs. 14.1%; χ2 (1) = 4.15, p < 0.04). In structural equation analyses, sex, age, geographic proximity, media use and religiosity were associated with distress, as was the interaction between event and religiosity. Distress was then associated with racism symbolism and willingness to interact with Muslims. Implications are considered for managing psychological trauma across populations, and protecting inter-group harmony. Copyright © 2017 Elsevier Ltd. All rights reserved.

  19. Lead exposure potentiates predatory attack behavior in the cat

    International Nuclear Information System (INIS)

    Li Wenjie; Han Shenggao; Gregg, T.R.; Kemp, F.W.Francis W.; Davidow, A.L.; Louria, D.B.; Siegel, Allan; Bogden, J.D.

    2003-01-01

    Epidemiologic studies have demonstrated that environmental lead exposure is associated with aggressive behavior in children; however, numerous confounding variables limit the ability of these studies to establish a causal relationship. The study of aggressive behavior using a validated animal model was used to test the hypothesis that there is a causal relationship between lead exposure and aggression in the absence of confounding variables. We studied the effects of lead exposure on a feline model of aggression: predatory (quiet biting) attack of an anesthetized rat. Five cats were stimulated with a precisely controlled electrical current via electrodes inserted into the lateral hypothalamus. The response measure was the predatory attack threshold current (i.e., the current required to elicit an attack response on 50% of the trials). Blocks of trials were administered in which predatory attack threshold currents were measured three times a week for a total of 6-10 weeks, including before, during, and after lead exposure. Lead was incorporated into cat food 'treats' at doses of 50-150 mg/kg/day. Two of the five cats received a second period of lead exposure. Blood lead concentrations were measured twice a week and were <1, 21-77, and <20 μg/dL prior to, during, and after lead exposure, respectively. The predatory attack threshold decreased significantly during initial lead exposure in three of five cats and increased after the cessation of lead exposure in four of the five cats (P<0.01). The predatory attack thresholds and blood lead concentrations for each cat were inversely correlated (r=-0.35 to -0.74). A random-effects mixed model demonstrated a significant (P=0.0019) negative association between threshold current and blood lead concentration. The data of this study demonstrate that lead exposure enhances predatory aggression in the cat and provide experimental support for a causal relationship between lead exposure and aggressive behavior in humans

  20. Researcher Positioning

    DEFF Research Database (Denmark)

    Khawaja, Iram; Mørck, Line Lerche

    2009-01-01

    involvement by the researcher, which challenges traditional perspectives onresearch and researcher positioning. A key point in this regard is the importance ofconstant awareness of and reflection on the multiple ways in which one's positioningas a researcher influences the research process. Studying the other...