The Headache Under-Response to Treatment (HURT) Questionnaire

DEFF Research Database (Denmark)

Westergaard, Maria Ls; Steiner, Timothy J; Macgregor, E Anne

2013-01-01

The HURT Questionnaire consists of eight questions which the patient answers as a measure of effectiveness of intervention against headache. This first assessment of clinical utility was conducted in headache specialist centres in three countries in order to demonstrate that HURT was responsive...... that the best possible outcome had been achieved in each patient. Questionnaires were also answered by 42 patients at initial and final visits to a centre in Italy. Internal consistency reliability was very good (α = 0.85) while test-retest reliability was fair to low (κ = 0.38-0.62 and r(s) = 0...

Urban planning after terrorism:The case of Oslo with focus on the impacts of the terrorist attack on the consideration of security, memorialisation and conservation in urban planning

OpenAIRE

Paizs, Franziska

2013-01-01

Terrorism is a targeted way to hurt a population but also to destroy and annihilate a part of the civilization by attacking the built environment, especially iconic and symbolic buildings with its values of collective memory and cultural heritage, which is at the latest created by the iconic act of destruction. The resilient city with its integrated plans and programs but also technical, personal or physical security aims to reduce the probability and the dimension of terrorist attacks. Howev...

Poe Dameron Hurts So Prettily: How Fandom Negotiates with Transmedia Characterization

Directory of Open Access Journals (Sweden)

Chera Kee

2017-12-01

Full Text Available Charismatic Poe Dameron is the “best pilot in the Resistance,” and while his depiction in Star Wars: The Force Awakens (TFA presents audiences with a confident, dashing Han Solo-type, that is not the end of the characterization. Transmedia TFA paratexts paint Dameron as not only dashing but also reckless and so devoted to the cause he’s willing to plunge headlong into danger for it. Furthermore, the film and these paratexutal tie-ins present Dameron as constantly in danger or in pain. In some fan works based on the film, particularly those in the hurt/comfort (h/c genre, Poe Dameron just keeps getting hurt. While this might seem to be the kink of one particular fandom community, I argue that hurting Poe in fan works not only fills in missing information from the film, it also challenges Disney's characterization.

Towards realistic threat modeling : attack commodification, irrelevant vulnerabilities, and unrealistic assumptions

NARCIS (Netherlands)

Allodi, L.; Etalle, S.

2017-01-01

Current threat models typically consider all possible ways an attacker can penetrate a system and assign probabilities to each path according to some metric (e.g. time-to-compromise). In this paper we discuss how this view hinders the realness of both technical (e.g. attack graphs) and strategic

Cyber Pearl Harbor - Strategic Setting [video

OpenAIRE

Center for Homeland Defense and Security Naval Postgraduate School

2017-01-01

Part 2: Strategic Setting. Strategic surprise attack allows the weaker opponent to achieve objectives that it realistically could not expect to secure if it faced a military superior. Because the weaker party recognizes its military inferiority, it seeks to develop ways to circumvent a stronger opponent’s military might and reduce the likelihood that it will act on its deterrent threats.

The attack navigator

DEFF Research Database (Denmark)

Probst, Christian W.; Willemson, Jan; Pieters, Wolter

2016-01-01

The need to assess security and take protection decisions is at least as old as our civilisation. However, the complexity and development speed of our interconnected technical systems have surpassed our capacity to imagine and evaluate risk scenarios. This holds in particular for risks...... that are caused by the strategic behaviour of adversaries. Therefore, technology-supported methods are needed to help us identify and manage these risks. In this paper, we describe the attack navigator: a graph-based approach to security risk assessment inspired by navigation systems. Based on maps of a socio...

Strategic Implications of the Battle of the Atlantic

National Research Council Canada - National Science Library

Kosich, Francis

2000-01-01

.... Although Hitler correctly identified Britain's economy as its center of gravity and had success in attacking it through 1943, he failed to demonstrate the strategic vision necessary to achieve...

Cyber Attacks: Emerging Threats to the 21st Century Critical Information Infrastructures

Directory of Open Access Journals (Sweden)

Cezar Vasilescu

2012-06-01

Full Text Available The paper explores the notion of cyber attack as a concept for understanding modern conflicts. It starts by elaborating a conceptual theoretical framework, observing that when it comes to cyber attacks, cyber war and cyber defense there are no internationally accepted definitions on the subject, mostly because of the relative recency of the terms. The second part analyzes the cyber realities of recent years, emphasizing the most advertised cyber attacks in the international mass media: Estonia (2007 and Georgia (2008, with a focus on two main lessons learned: how complicated is to define a cyber war and how difficult to defend against it. Crucial implications for world’s countries and the role of NATO in assuring an effective collective cyber defense are analyzed in the third part. The need for the development of strategic cyber defense documents (e.g. NATO Cyber Defense Policy, NATO Strategic Concept is further examined. It is suggested that particular attention should be paid to the development of a procedure for clearly discriminating between events (cyber attacks, cyber war, cyber crime, or cyber terrorism, and to a procedure for the conduct of nation’s legitimate military/civil cyber response operations.

Hurtful Cyber-Teasing and Violence: Who's Laughing out Loud?

Science.gov (United States)

Madlock, Paul E.; Westerman, David

2011-01-01

The current study sought to specifically examine the affect of teasing by way of technology (cyber-teasing) and the importance of the redressive component of a tease. A triangulated approach was used here to gain better insight into the concept of "hurtful" cyber-teasing between romantic partners. A pretheoretical model was developed…

Attacker-defender game from a network science perspective

Science.gov (United States)

Li, Ya-Peng; Tan, Suo-Yi; Deng, Ye; Wu, Jun

2018-05-01

Dealing with the protection of critical infrastructures, many game-theoretic methods have been developed to study the strategic interactions between defenders and attackers. However, most game models ignore the interrelationship between different components within a certain system. In this paper, we propose a simultaneous-move attacker-defender game model, which is a two-player zero-sum static game with complete information. The strategies and payoffs of this game are defined on the basis of the topology structure of the infrastructure system, which is represented by a complex network. Due to the complexity of strategies, the attack and defense strategies are confined by two typical strategies, namely, targeted strategy and random strategy. The simulation results indicate that in a scale-free network, the attacker virtually always attacks randomly in the Nash equilibrium. With a small cost-sensitive parameter, representing the degree to which costs increase with the importance of a target, the defender protects the hub targets with large degrees preferentially. When the cost-sensitive parameter exceeds a threshold, the defender switches to protecting nodes randomly. Our work provides a new theoretical framework to analyze the confrontations between the attacker and the defender on critical infrastructures and deserves further study.

Limited attacks on the United States and the Soviet Union

International Nuclear Information System (INIS)

Levi, B.; Hippel, F. von.

1987-01-01

This report is focused on calculations carried out at Princeton University of the consequences of so-called ''limited'' nuclear attacks by the USA and the USSR on one another - primarily because such scenarios seem to be motivating the acquisition of new nuclear weapons. The conclusions were: The use of only a fraction of the destructive capacity in USA and Soviet nuclear arsenals could have catastrophic consequences to human kind. Although the primary justification of the tens of thousands of nuclear warheads in USA and Soviet arsenals is their potential use against military targets, the most commonly discussed potential large-scale military uses of these weapons - in attacks against the nuclear weapons of the other side - would result in tens of millions of civilian casualties. Certainly, if a first strike resulted in such a huge civilian toll, there could be little assurance of restraint in the response of the country that was attacked. The use of even 1% of the strategic arsenals of the USSR or the USA against the population, military industry or strategic-nuclear targets of the other nation could result in tens of millions of casualties. 17 refs, 6 figs, 5 tabs

Alte Harfe. Vollständige Sammlung alter estnischer Volkslieder : Vorrede / Jakob Hurt

Index Scriptorium Estoniae

Hurt, Jakob, 1839-1907

2005-01-01

Eessõna rmt. : Hurt, Jakob. Vana kannel. 1. kogu : täieline kogu vanu eesti rahvalaulusid = Alte Harfe : vollständige Sammlung alter estnischen Volkslieder. Tartu, 1875-1886. - (Eesti Kirjameeste Seltsi toimetised ; 3)

Strategic Delusions - The Cold Start Doctrine: Proactive Strategy

Science.gov (United States)

2016-05-26

In a post 9/11 scenario, India finds it convenient to brand these insurgencies as terrorism and associate most of them with Pakistan. Given these...strategic and operational imperatives following the 2008 Mumbai terror attacks denied the Indian government the luxury of attaining her objectives

Adjustment among children with relatives who participated in the manhunt following the Boston Marathon attack.

Science.gov (United States)

Comer, Jonathan S; Kerns, Caroline E; Elkins, R Meredith; Edson, Aubrey L; Chou, Tommy; Dantowitz, Annie; Miguel, Elizabeth; Brown, Bonnie; Coxe, Stefany; Green, Jennifer Greif

2014-07-01

Following the Boston Marathon attack, the extraordinary interagency manhunt and shelter-in-place made for a truly unprecedented experience for area families. Although research on Boston youth has found robust associations between manhunt-related experiences and post-attack functioning, such work does little to identify the specific needs of a particularly vulnerable population--i.e., children with a relative who participated in the manhunt. Understanding the adjustment of these youth is critical for informing clinical efforts. Survey of Boston-area parents/caretakers (N = 460) reporting on their child's attack/manhunt-related experiences, as well as psychosocial functioning in the first six post-attack months; analyses compared youth with and without a relative in law enforcement or the armed services who participated in the manhunt. The proportion of youth with likely PTSD was 5.7 times higher among youth with relatives in the manhunt than among youth without. After accounting for child demographics, blast exposure, and children's own exposure to manhunt events (e.g., hearing/seeing gunfire/explosions, having officers enter/search home), having a relative in the manhunt significantly predicted child PTSD symptoms, emotional symptoms, and hyperactivity/inattention. Fear during the manhunt that a loved one could be hurt mediated relationships between having a relative in the manhunt and clinical outcomes; living within the zone of greatest manhunt activity did not moderate observed relationships. Children with relatives called upon to participate in the unprecedented interagency manhunt following the Boston Marathon attack carried a particularly heavy mental health burden. Continued research is needed to clarify the clinical needs of youth with relatives in high-risk occupations. © 2014 Wiley Periodicals, Inc.

Theorizing Strategic Communication in Parsimony from the U.S. Government Perspective

Directory of Open Access Journals (Sweden)

Young Joon Lim

2015-06-01

Full Text Available Although the term Strategic Communication seems to be a rising topic in communication studies, it is obvious that the term has been hardly visualized and explained from the U.S. government perspective in academic work. This paper theoretically visualizes strategic communication processes. The Department of State and the Department of Defense streamlined the use of strategic communication in different terms but they both focus on using soft power over hard power to gain support from foreign audiences through communication. Both departments especially after the 9/11attacks have developed programs to win hearts and minds of the target audience. This paper shows the salient process of strategic communication programs and conceptualizes principles of strategic communication from their perspectives. This paper after all illustrates the processes for theorizing strategic communication.

Strategic Decisions and Implications of the German Assault on Norway in 1940

National Research Council Canada - National Science Library

Amundsen, Steinar

2005-01-01

.... Dismissing one-dimensional theories on the decisions for and strategic implications of the German attack on Norway, this paper discusses underlying factors in the German decision-making process...

DEFENSE-ATTACK INTERACTION OVER OPTIMALLY DESIGNED DEFENSE SYSTEMS VIA GAMES AND RELIABILITY

Directory of Open Access Journals (Sweden)

Isis Didier Lins

2014-05-01

Full Text Available This paper analyzes defense systems taking into account the strategic interactions between two rational agents; one of them is interested in designing a defense system against purposeful attacks of the other. The interaction is characterized by a sequential game with perfect and complete information. Reliability plays a fundamental role in both defining agents' actions and in measuring performance of the defense system for which a series-parallel configuration is set up by the defender. The attacker, in turn, focuses on only one defense subsystem in order to maximize her efficiency in attacking. An algorithm involving backward induction is developed to determine the equilibrium paths of the game. Application examples are also provided.

Identifying and tracking attacks on networks: C3I displays and related technologies

Science.gov (United States)

Manes, Gavin W.; Dawkins, J.; Shenoi, Sujeet; Hale, John C.

2003-09-01

Converged network security is extremely challenging for several reasons; expanded system and technology perimeters, unexpected feature interaction, and complex interfaces all conspire to provide hackers with greater opportunities for compromising large networks. Preventive security services and architectures are essential, but in and of themselves do not eliminate all threat of compromise. Attack management systems mitigate this residual risk by facilitating incident detection, analysis and response. There are a wealth of attack detection and response tools for IP networks, but a dearth of such tools for wireless and public telephone networks. Moreover, methodologies and formalisms have yet to be identified that can yield a common model for vulnerabilities and attacks in converged networks. A comprehensive attack management system must coordinate detection tools for converged networks, derive fully-integrated attack and network models, perform vulnerability and multi-stage attack analysis, support large-scale attack visualization, and orchestrate strategic responses to cyber attacks that cross network boundaries. We present an architecture that embodies these principles for attack management. The attack management system described engages a suite of detection tools for various networking domains, feeding real-time attack data to a comprehensive modeling, analysis and visualization subsystem. The resulting early warning system not only provides network administrators with a heads-up cockpit display of their entire network, it also supports guided response and predictive capabilities for multi-stage attacks in converged networks.

Swords of armageddon: A decision of the strategic mystique

Energy Technology Data Exchange (ETDEWEB)

Myers, G.E.

1987-01-01

To most Americans, our military and civilian political leaders included, the concept of strategic bombardment brings to mind a myopic vision of nuclear horror; and the long-range delivery systems most commonly associated with strategic warfare--the bombers and intercontinental ballistic missiles--are not supported either by a review of the history of modern warfare or by current statements of air power doctrine, but they persist as a legacy of the destructiveness of the World War II strategic air campaigns and the enduring Soviet-American nuclear confrontation. This paper attempts to dispell these notions and advance a concept of flexibility in strategic force application and US strategic policy formulation. It suggests that individual strategic actions have relevance in large and small, nuclear or nonnuclear wars and that our bombers and even our intercontinental missiles can and should be considered as viable force options in a variety of scenarios. The discussion concludes that strategic attack has historically been and will continue to be an active military mission that can be accomplished in numerous ways by a wide variety of weapons and delivery systems despite a continuing mystique of nuclear holocaust.

Effects of Prosocial, Neutral, and Violent Video Games on Children's Helpful and Hurtful Behaviors.

Science.gov (United States)

Saleem, Muniba; Anderson, Craig A; Gentile, Douglas A

2012-01-01

Recent research reveals that playing prosocial video games increases prosocial cognitions, positive affect, and helpful behaviors [Gentile et al., 2009; Greitemeyer and Osswald, 2009, 2010, 2011]. These results are consistent with the social-cognitive models of social behavior such as the general learning model [Buckley and Anderson, 2006]. However, no experimental studies have examined such effects on children. Previous research on violent video games suggests that short-term effects of video games are largely based on priming of existing behavioral scripts. Thus, it is unclear whether younger children will show similar effects. This research had 9-14 years olds play a prosocial, neutral, or violent video game, and assessed helpful and hurtful behaviors simultaneously through a new tangram measure. Prosocial games increased helpful and decreased hurtful behavior, whereas violent games had the opposite effects. © 2012 Wiley Periodicals, Inc.

Defense of Cyber Infrastructures Against Cyber-Physical Attacks Using Game-Theoretic Models.

Science.gov (United States)

Rao, Nageswara S V; Poole, Stephen W; Ma, Chris Y T; He, Fei; Zhuang, Jun; Yau, David K Y

2016-04-01

The operation of cyber infrastructures relies on both cyber and physical components, which are subject to incidental and intentional degradations of different kinds. Within the context of network and computing infrastructures, we study the strategic interactions between an attacker and a defender using game-theoretic models that take into account both cyber and physical components. The attacker and defender optimize their individual utilities, expressed as sums of cost and system terms. First, we consider a Boolean attack-defense model, wherein the cyber and physical subinfrastructures may be attacked and reinforced as individual units. Second, we consider a component attack-defense model wherein their components may be attacked and defended, and the infrastructure requires minimum numbers of both to function. We show that the Nash equilibrium under uniform costs in both cases is computable in polynomial time, and it provides high-level deterministic conditions for the infrastructure survival. When probabilities of successful attack and defense, and of incidental failures, are incorporated into the models, the results favor the attacker but otherwise remain qualitatively similar. This approach has been motivated and validated by our experiences with UltraScience Net infrastructure, which was built to support high-performance network experiments. The analytical results, however, are more general, and we apply them to simplified models of cloud and high-performance computing infrastructures. © 2015 Society for Risk Analysis.

For Whom Does Hate Crime Hurt More? A Comparison of Consequences of Victimization Across Motives and Crime Types.

Science.gov (United States)

Mellgren, Caroline; Andersson, Mika; Ivert, Anna-Karin

2017-12-01

Hate crimes have been found to have more severe consequences than other parallel crimes that were not motivated by the offenders' hostility toward someone because of their real or perceived difference. Many countries today have hate crime laws that make it possible to increase the penalties for such crimes. The main critique against hate crime laws is that they punish thoughts. Instead, proponents of hate crime laws argue that sentence enhancement is justified because hate crimes cause greater harm. This study compares consequences of victimization across groups of victims to test for whom hate crimes hurt more. We analyzed data that were collected through questionnaires distributed to almost 3,000 students at Malmö University, Sweden, during 2013. The survey focused on students' exposure to, and experiences of, hate crime. A series of separate logistic regression analyses were performed, which analyzed the likelihood for reporting consequences following a crime depending on crime type, perceived motive, repeat victimization, gender, and age. Analyzed as one victim group, victims of hate crime more often reported any of the consequences following a crime compared with victims of parallel non-hate-motivated crimes. And, overall victims of threat more often reported consequences compared with victims of sexual harassment and minor assault. However, all hate crime victim groups did not report more consequences than the non-hate crime victim group. The results provide grounds for questioning that hate crimes hurt the individual victim more. It seems that hate crimes do not hurt all more but hate crimes hurt some victims of some crimes more in some ways.

Strategic forces: Future requirements and options

Energy Technology Data Exchange (ETDEWEB)

Speed, R.D.

1990-11-01

In the wake of the collapse of the Warsaw Pact and the apparent ending of the Cold War, there have been renewed calls for radical cuts in US strategic forces to levels far below the 10,000 or so warheads allowed each side under the current START proposal. Since it now appears that NATO for the first time will have the capability to defeat a Soviet conventional attack without the necessity of threatening to resort to nuclear weapons, this should pave the way for the rethinking of US strategy and the reduction of US strategic weapons requirements. In this new environment, it seems plausible that, with a modification of the Flexible Response doctrine to forego attempts to disarm the Soviet Union, deterrence could be maintained with 1500 or so survivable strategic weapons. With a new strategy that confined US strategic weapons to the role of deterring the use of nuclear weapons by other countries, a survivable force of about 500 weapons would seem sufficient. With this premise, the implications for the US strategic force structure are examined for two cases: a treaty that allows each side 3000 warheads and one that allows each side 1000 warheads. In Part 1 of this paper, the weapons requirements for deterrence are examined in light of recent changes in the geopolitical environment. In Part 2, it is assumed that the President and Congress have decided that deep cuts in strategic forces are acceptable. 128 refs., 12 figs., 12 tabs. (JF)

Detecting and Mitigating Smart Insider Jamming Attacks in MANETs Using Reputation-Based Coalition Game

Directory of Open Access Journals (Sweden)

Ashraf Al Sharah

2016-01-01

Full Text Available Security in mobile ad hoc networks (MANETs is challenging due to the ability of adversaries to gather necessary intelligence to launch insider jamming attacks. The solutions to prevent external attacks on MANET are not applicable for defense against insider jamming attacks. There is a need for a formal framework to characterize the information required by adversaries to launch insider jamming attacks. In this paper, we propose a novel reputation-based coalition game in MANETs to detect and mitigate insider jamming attacks. Since there is no centralized controller in MANETs, the nodes rely heavily on availability of transmission rates and a reputation for each individual node in the coalition to detect the presence of internal jamming node. The nodes will form a stable grand coalition in order to make a strategic security defense decision, maintain the grand coalition based on node reputation, and exclude any malicious node based on reputation value. Simulation results show that our approach provides a framework to quantify information needed by adversaries to launch insider attacks. The proposed approach will improve MANET’s defense against insider attacks, while also reducing incorrect classification of legitimate nodes as jammers.

Strong Artificial Intelligence and National Security: Operational and Strategic Implications

Science.gov (United States)

2015-05-18

Directed by Steven Spielberg , Performed by Haley Joel Osment, Jude Law, William Hurt, Frances O’Connor and Sam Robards. 16 well-structured, and ill...Artificial Intelligence. Directed by Steven Spielberg . Performed by Haley Joel Osment, Jude Law, William Hurt, Frances O’Connor and Sam Robards

Strategic Planing to Develop Good Dairy Farming Practices in Smallholder Dairy Farms in Batu City, East Java

Directory of Open Access Journals (Sweden)

Reni Indarwati

2015-09-01

Full Text Available Some of the objectives to be achieved in this research is to describe the attack profile of subclinical mastitis on Etawah Crossbreed Goats (ECG in some smallholder farms, to identify risk factors that contribute to subclinical mastitis attacks and to compile a strategic plan to develop Good Dairy Farming Parctices (GDFP in Batu. The data were gathered by interviewing smallholder farmer and direct observation in the three farms goats in Batu (Bumiaji, Pesanggrahan, Temas  and Beji village. California Mastitis Test (CMT is used to detect subclinical mastitis on 51 ECG lactation belonging to farmer. Risk factors Identification of subclinical mastitis conducted by Spearman correlation analysis. All of smallholder compared with GDFP concept using gap analysis. Meanwhile, the strategic development plan of GDFP in Batu was done by the Root Caused analysis. The results showed that 100% subclinical mastitis attacks occurred on three dairy goats farms in Batu City  with the level 31-80% percentage of attacks. This subclinical mastitis attacks positively correlated with milk production (p <0.01. The risk factors of subclinical mastitis partly because of the environment (p<0.01, milking procedure (p <0.01 and health management (p <0.01 were not right. The strategic plan to develop GDFP in Batu City are Increase knowledge and awareness of farmers about how to implement good dairy farming practices on Etawah Crossbreed farm, particularly in the benefits of clean environmental, handling and using goat manure, the benefits of sanitation and disinfection of udder, the effect of milking frequency on udder health and the urgency of separation between healthy and sick goats. Keywords:  Good dairy farming practices, risk factors, subclinical mastitis

More attention when speaking: does it help or does it hurt?

OpenAIRE

Nozari, Nazbanou; Thompson-Schill, Sharon L.

2013-01-01

Paying selective attention to a word in a multi-word utterance results in a decreased probability of error on that word (benefit), but an increased probability of error on the other words (cost). We ask whether excitation of the prefrontal cortex helps or hurts this cost. One hypothesis (the resource hypothesis) predicts a decrease in the cost due to the deployment of more attentional resources, while another (the focus hypothesis) predicts even greater costs due to further fine-tuning of sel...

Strategic Defense Initiative Organization adaptive structures program overview

Science.gov (United States)

Obal, Michael; Sater, Janet M.

In the currently envisioned architecture none of the Strategic Defense System (SDS) elements to be deployed will receive scheduled maintenance. Assessments of performance capability due to changes caused by the uncertain effects of environments will be difficult, at best. In addition, the system will have limited ability to adjust in order to maintain its required performance levels. The Materials and Structures Office of the Strategic Defense Initiative Organization (SDIO) has begun to address solutions to these potential difficulties via an adaptive structures technology program that combines health and environment monitoring with static and dynamic structural control. Conceivable system benefits include improved target tracking and hit-to-kill performance, on-orbit system health monitoring and reporting, and threat attack warning and assessment.

US foreign policy towards West Africa after September 11 attacks

OpenAIRE

Akinwande, FO

2014-01-01

The United States foreign policy towards West Africa experienced a significant shift after the terrorist attacks of US strategic institutions in September 11, 2001. This was marked by the securitization of US foreign policy beyond the military-security context of security into other aspects of US security strategy after the Cold War. In that context, political, economic and environmental sectors became part of US security agenda, as reflected in the post-9/11 US\\ud War on Terror in global reg...

Exploration in American Archaeology: Essays in Honor of Wesley R. Hurt. edited by Mark G. Plew, University Press of America, Lanham, 1999

Directory of Open Access Journals (Sweden)

David L. Browman

2000-05-01

Full Text Available This volume contains a short 6 page history of the contributions ofWesley Robert Hurt, Jr., to Americanist archaeology,along with a 4 page 'selected' list of his publications. The review starts with his career in the Southwest, traces the shift in his research to the Plains, and especially South Dakota, and then turns to his later change of interest to South America (especially Colombia, Brazil and Uru­guay. Hurt was born September 20, 1 9 1 7 in New Mexico, and got into archaeology through his cousin, Reginald Fisher, who was working for Dr. Edgar L. Heweu. Hurt started out taking Heweu's Chaco Canyon Field School, and began working on the Jemez Archaeological project as a high school student in the 1930s. After graduating from the University of New Mexico in 1938, he worked from 1938 to 1940 as a WPAArchaeology Project supervisor on Southwest projects, and in 1941 served as the Na­tional Park Service archaeologist at Canyon de Chelly National Monument.

Who will attack the competitors? How political parties resolve strategic and collective action dilemmas in negative campaigning.

Science.gov (United States)

Dolezal, Martin; Ennser-Jedenastik, Laurenz; Müller, Wolfgang C

2017-11-01

Negative campaigning presents parties with a collective action problem. While parties would prefer to have their competitors attacked, potential backlash effects from negative messages mean that individual politicians typically lack the incentives to carry out such attacks. We theorize that parties solve this problem by implementing a division of labour that takes into account the incentives of individual office holders, their availability for campaign activity, and media relevance. Drawing on these arguments we expect that holders of high public office and party leaders are less likely to issue attacks, leaving the bulk of the 'dirty work' to be carried out by party floor leaders and general secretaries. Examining almost 8000 press releases issued by over 600 individual politicians during four election campaigns in Austria, we find strong support for our theoretical expectations.

The headache under-response to treatment (HURT) questionnaire, an outcome measure to guide follow-up in primary care: development, psychometric evaluation and assessment of utility.

Science.gov (United States)

Steiner, T J; Buse, D C; Al Jumah, M; Westergaard, M L; Jensen, R H; Reed, M L; Prilipko, L; Mennini, F S; Láinez, M J A; Ravishankar, K; Sakai, F; Yu, S-Y; Fontebasso, M; Al Khathami, A; MacGregor, E A; Antonaci, F; Tassorelli, C; Lipton, R B

2018-02-14

Headache disorders are both common and burdensome but, given the many people affected, provision of health care to all is challenging. Structured headache services based in primary care are the most efficient, equitable and cost-effective solution but place responsibility for managing most patients on health-care providers with limited training in headache care. The development of practical management aids for primary care is therefore a purpose of the Global Campaign against Headache. This manuscript presents an outcome measure, the Headache Under-Response to Treatment (HURT) questionnaire, describing its purpose, development, psychometric evaluation and assessment for clinical utility. The objective was a simple-to-use instrument that would both assess outcome and provide guidance to improving outcome, having utility across the range of headache disorders, across clinical settings and across countries and cultures. After literature review, an expert consensus group drawn from all six world regions formulated HURT through item development and item reduction using item-response theory. Using the American Migraine Prevalence and Prevention Study's general-population respondent panel, two mailed surveys assessed the psychometric properties of HURT, comparing it with other instruments as external validators. Reliability was assessed in patients in two culturally-contrasting clinical settings: headache specialist centres in Europe (n = 159) and primary-care centres in Saudi Arabia (n = 40). Clinical utility was assessed in similar settings (Europe n = 201; Saudi Arabia n = 342). The final instrument, an 8-item self-administered questionnaire, addressed headache frequency, disability, medication use and effect, patients' perceptions of headache "control" and their understanding of their diagnoses. Psychometric evaluation revealed a two-factor model (headache frequency, disability and medication use; and medication efficacy and headache control), with

Managing Complex Battlespace Environments Using Attack the Network Methodologies

DEFF Research Database (Denmark)

Mitchell, Dr. William L.

This paper examines the last 8 years of development and application of Attack the Network (AtN) intelligence methodologies for creating shared situational understanding of complex battlespace environment and the development of deliberate targeting frameworks. It will present a short history...... of their development, how they are integrated into operational planning through strategies of deliberate targeting for modern operations. The paper will draw experience and case studies from Iraq, Syria, and Afghanistan and will offer some lessons learned as well as insight into the future of these methodologies....... Including their possible application on a national security level for managing longer strategic endeavors....

Vulnerabilities of the security of nuclear material due to cyber attacks

International Nuclear Information System (INIS)

Daschil, F.

2002-01-01

Full text: The spread of new communication and computer technologies is now the potential for a dedicated, sophisticated adversary to conduct coordinated strikes against the computers, communications systems, and databases of nuclear material security systems. All weapons of cyber war, like viruses, Trojans, access to computer systems are potential risks for the security of nuclear material. New forms of destruction of electronic devices, e.g. Transient Electromagnetic Devices (TED), that could, in the hands of enemies, criminals, or terrorist pose a significant threat to nuclear safety infrastructure components that are based on micro-circuits and computer or micro-processor control. These examples shows the necessity to clearly identify possible risks as: information and communication based disorders and other disruptions and attacks; partial or complete failure of systems causing the risk of unexpected reaction or unmanageable situations; cracking of access codes and elimination of alarm equipment could give easy access to nuclear material; computer manipulation or complete computer and system takeover due to brute force attacks, viruses, Trojans and worms could lead to malfunctions, disruptions and nuclear disasters; computer spying and brute force attacks could give detailed information about technical, organizational and organizational data; combined actions of physical, electronic and computer attacks. The paper gives an overview of potential computer and communication safety gaps and points out strategic implications as the identification of the critical infrastructure, surveillance of computer systems, data access and communication paths. The basic necessity of the development of computer and communication breakdown backup systems as well as measures of precaution against cyber attacks is shown in the paper. (author)

Unlocking India’s Strategic Potential in Central Asia

Science.gov (United States)

2015-10-01

war. Nearly 4 decades since, Islamabad has struggled to ensure do- mestic security amid militant attacks, some of which bear the hallmarks of...see Huasheng, pp. 131-138. 79. Jagannath P. Panda , “India’s New Look at Central Asia Policy: A Strategic Review,” in Laruelle, Huchet, et al., pp...Central Asia,” in Dash, p. 8. 99. Peyrouse, Monsoon, p. 197. 100. Stobdan, pp. 48-54. 101. Panda , p. 116. 102. Kavalski, pp. 102-103. 98 103. Peyrouse

Lying for Strategic Advantage: Rational and Boundedly Rational Misrepresentation of Intentions

OpenAIRE

Crawford, Vincent P.

2001-01-01

Starting from Hendricks and McAfee's (2000) example of the Allies' decision to feint at Calais and attack at Normandy on D-Day, this paper models misrepresentation of intentions to competitors or enemies. Allowing for the possibility of bounded strategic rationality and rational players' responses to it yields a sensible account of lying via costless, noiseless messages. In many cases the model has generically unique pure-strategy sequential equilibria, in which rational players exploit bound...

Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers

NARCIS (Netherlands)

Pieters, Wolter; Davarynejad, Mohsen

2015-01-01

Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in

Bluetooth security attacks comparative analysis, attacks, and countermeasures

CERN Document Server

Haataja, Keijo; Pasanen, Sanna; Toivanen, Pekka

2013-01-01

This overview of Bluetooth security examines network vulnerabilities and offers a comparative analysis of recent security attacks. It also examines related countermeasures and proposes a novel attack that works against all existing Bluetooth versions.

China's Use of Cyber Warfare: Espionage Meets Strategic Deterrence

Directory of Open Access Journals (Sweden)

Magnus Hjortdal

2011-01-01

Full Text Available This article presents three reasons for states to use cyber warfare and shows that cyberspace is—and will continue to be—a decisive element in China's strategy to ascend in the international system. The three reasons are: deterrence through infiltration of critical infrastructure; military technological espionage to gain military knowledge; and industrial espionage to gain economic advantage. China has a greater interest in using cyberspace offensively than other actors, such as the United States, since it has more to gain from spying on and deterring the United States than the other way around. The article also documents China's progress in cyber warfare and shows how it works as an extension of its traditional strategic thinking and the current debate within the country. Several examples of cyber attacks traceable to China are also presented. This includes cyber intrusions on a nuclear arms laboratory, attacks on defense ministries (including the Joint Strike Fighter and an airbase and the U.S. electric grid, as well as the current Google affair, which has proved to be a small part of a broader attack that also targeted the U.S. Government. There are, however, certain constraints that qualify the image of China as an aggressive actor in cyberspace. Some believe that China itself is the victim of just as many attacks from other states. Furthermore, certain actors in the United States and the West have an interest in overestimating China's capabilities in cyberspace in order to maintain their budgets.

Distinguishing attack and second-preimage attack on encrypted message authentication codes (EMAC)

Science.gov (United States)

Ariwibowo, Sigit; Windarta, Susila

2016-02-01

In this paper we show that distinguisher on CBC-MAC can be applied to Encrypted Message Authentication Code (EMAC) scheme. EMAC scheme in general is vulnerable to distinguishing attack and second preimage attack. Distinguishing attack simulation on AES-EMAC using 225 message modifications, no collision have been found. According to second preimage attack simulation on AES-EMAC no collision found between EMAC value of S1 and S2, i.e. no second preimage found for messages that have been tested. Based on distinguishing attack simulation on truncated AES-EMAC we found collision in every message therefore we cannot distinguish truncated AES-EMAC with random function. Second-preimage attack is successfully performed on truncated AES-EMAC.

Timing of birth: Parsimony favors strategic over dysregulated parturition.

Science.gov (United States)

Catalano, Ralph; Goodman, Julia; Margerison-Zilko, Claire; Falconi, April; Gemmill, Alison; Karasek, Deborah; Anderson, Elizabeth

2016-01-01

The "dysregulated parturition" narrative posits that the human stress response includes a cascade of hormones that "dysregulates" and accelerates parturition but provides questionable utility as a guide to understand or prevent preterm birth. We offer and test a "strategic parturition" narrative that not only predicts the excess preterm births that dysregulated parturition predicts but also makes testable, sex-specific predictions of the effect of stressful environments on the timing of birth among term pregnancies. We use interrupted time-series modeling of cohorts conceived over 101 months to test for lengthening of early term male gestations in stressed population. We use an event widely reported to have stressed Americans and to have increased the incidence of low birth weight and fetal death across the country-the terrorist attacks of September 2001. We tested the hypothesis that the odds of male infants conceived in December 2000 (i.e., at term in September 2001) being born early as opposed to full term fell below the value expected from those conceived in the 50 prior and 50 following months. We found that term male gestations exposed to the terrorist attacks exhibited 4% lower likelihood of early, as opposed to full or late, term birth. Strategic parturition explains observed data for which the dysregulated parturition narrative offers no prediction-the timing of birth among gestations stressed at term. Our narrative may help explain why findings from studies examining associations between population- and/or individual-level stressors and preterm birth are generally mixed. © 2015 Wiley Periodicals, Inc.

Quarantine after an international biological weapons attack: medical and public health requirements for containment.

Science.gov (United States)

Oren, Meir

2004-11-01

The world now faces the dreadful possibility of biological weapons attacks by terrorists. Healthcare systems would have to cope with such emergencies should all preemptive measures fail. Information gained from the Global Mercury exercise and the SARS outbreak has shown that containing an outbreak at the start is more effective than reacting to it once it has spread and that containment should be treated both nationally and internationally. On the national level this entails developing rapid and effective methods to detect and identify infected cases, and implementing isolation and control measures to lower the risk of further transmission of the disease while assuring the safety of medical teams and laboratory workers. Strategic contingency plans should incorporate well-defined procedures for hospitalization and isolation of patients, providing regional backup of medical personnel and equipment and maintaining close cooperation between the various bodies in the healthcare system. Quarantine is an effective containment measure, especially if voluntarily imposed. Modern communication systems can help by sending professional teams timely instructions and providing the public with information to reduce panic and stress during quarantine procedures. Informing the public poses a dilemma: finding a balance between giving advance warning of an imminent epidemic outbreak and ascertaining the likelihood of its occurrence. Containment of international bioterrorist attacks depends entirely on close international cooperation to implement national and international strategic contingency plans with free exchange of information and recognition of procedures.

Cooperating attackers in neural cryptography.

Science.gov (United States)

Shacham, Lanir N; Klein, Einat; Mislovaty, Rachel; Kanter, Ido; Kinzel, Wolfgang

2004-06-01

A successful attack strategy in neural cryptography is presented. The neural cryptosystem, based on synchronization of neural networks by mutual learning, has been recently shown to be secure under different attack strategies. The success of the advanced attacker presented here, called the "majority-flipping attacker," does not decay with the parameters of the model. This attacker's outstanding success is due to its using a group of attackers which cooperate throughout the synchronization process, unlike any other attack strategy known. An analytical description of this attack is also presented, and fits the results of simulations.

Factors in the doctor-patient relationship that accentuate physicians' hurt feelings when patients terminate the relationship with them.

Science.gov (United States)

Hareli, Shlomo; Karnieli-Miller, Orit; Hermoni, Doron; Eidelman, Shmuel

2007-07-01

The present study explores the emotional effect of the injury experienced by physician's, as a consequence of a patient's termination of their relationship. A vignette study using different scenarios describing a patient who switched to another doctor was distributed to 119 family physicians. A three-way ANCOVA analysis was employed. Additionally, physicians' answered an open question asking of situations that elicited negative emotions. The quantitative results indicated that termination of the relationship by a "high status" patient and/or after a long duration is more emotionally hurtful than termination by a "lower status" patient after a brief relationship. The results of the open question provided an additional insight into the emotional impact of the doctor's hurt feelings on the doctor-patient relationship. The severity and consequences of the emotional injury experienced by physicians when patients decide to transfer to another physician are influenced by factors related to the patient, physician and the relationship between them. We discuss the implications of our results on the understanding of the emotional injury and consequent impaired function and possible "burn-out" in physicians and explore the possibility of educating doctors to heightened awareness and consequently enhanced ability to cope with such situations.

Cognitive Characteristics of Strategic and Non-strategic Gamblers.

Science.gov (United States)

Mouneyrac, Aurélie; Lemercier, Céline; Le Floch, Valérie; Challet-Bouju, Gaëlle; Moreau, Axelle; Jacques, Christian; Giroux, Isabelle

2018-03-01

Participation in strategic and non-strategic games is mostly explained in the literature by gender: men gamble on strategic games, while women gamble on non-strategic games. However, little is known about the underlying cognitive factors that could also distinguish strategic and non-strategic gamblers. We suggest that cognitive style and need for cognition also explain participation in gambling subtypes. From a dual-process perspective, cognitive style is the tendency to reject or accept the fast, automatic answer that comes immediately in response to a problem. Individuals that preferentially reject the automatic response use an analytic style, which suggest processing information in a slow way, with deep treatment. The intuitive style supposes a reliance on fast, automatic answers. The need for cognition provides a motivation to engage in effortful activities. One hundred and forty-nine gamblers (53 strategic and 96 non-strategic) answered the Cognitive Reflection Test, Need For Cognition Scale, and socio-demographic questions. A logistic regression was conducted to evaluate the influence of gender, cognitive style and need for cognition on participation in strategic and non-strategic games. Our results show that a model with both gender and cognitive variables is more accurate than a model with gender alone. Analytic (vs. intuitive) style, high (vs. low) need for cognition and being male (vs. female) are characteristics of strategic gamblers (vs. non-strategic gamblers). This study highlights the importance of considering the cognitive characteristics of strategic and non-strategic gamblers in order to develop preventive campaigns and treatments that fit the best profiles for gamblers.

Composite Dos Attack Model

Directory of Open Access Journals (Sweden)

Simona Ramanauskaitė

2012-04-01

Full Text Available Preparation for potential threats is one of the most important phases ensuring system security. It allows evaluating possible losses, changes in the attack process, the effectiveness of used countermeasures, optimal system settings, etc. In cyber-attack cases, executing real experiments can be difficult for many reasons. However, mathematical or programming models can be used instead of conducting experiments in a real environment. This work proposes a composite denial of service attack model that combines bandwidth exhaustion, filtering and memory depletion models for a more real representation of similar cyber-attacks. On the basis of the introduced model, different experiments were done. They showed the main dependencies of the influence of attacker and victim’s properties on the success probability of denial of service attack. In the future, this model can be used for the denial of service attack or countermeasure optimization.

Strategic Industry Attack.

Science.gov (United States)

1980-01-15

processing functions; it has mines, smelters, elec- trolytic refining plants, and fabrication plants such as wire -producing plants. Copper also has a...In Cont. In R Monchegorsk 20,000 100 20,000 100 20,000 100 20,000 S Monchegorsk 5,000 100 5,000 95 5,260 15 35,070 S Nikel 15,000 100 15,000 95...times. Full indust!", destruction will also produce problems associated with obtaining copper ar,,i wire for use in generating, transmitting, and

Strategic Missile Defense & Nuclear Deterrence

Science.gov (United States)

Grego, Laura

The United States has pursued defenses against nuclear-armed long-range ballistic missiles since at least the 1950s. At the same time, concerns that missile defenses could undermine nuclear deterrence and potentially spark an arms race led the United States and Soviet Union to negotiate limits on these systems. The 1972 Anti-Ballistic Missile Treaty constrained strategic missile defenses for thirty years. After abandoning the treaty in 2002, President George W. Bush began fielding the Ground-based Midcourse Defense (GMD) homeland missile defense system on an extremely aggressive schedule, nominally to respond to threats from North Korea and Iran. Today, nearly fifteen years after its initial deployment, the potential and the limits of this homeland missile defense are apparent. Its test record is poor and it has no demonstrated ability to stop an incoming missile under real-world conditions. No credible strategy is in place to solve the issue of discriminating countermeasures. Insufficient oversight has not only exacerbated the GMD system's problems, but has obscured their full extent, which could encourage politicians and military leaders to make decisions that actually increase the risk of a missile attack against the United States. These are not the only costs. Both Russia and China have repeatedly expressed concerns that U.S. missile defenses adversely affect their own strategic capabilities and interests, particularly taken in light of the substantial US nuclear forces. This in turn affects these countries' nuclear modernization priorities. This talk will provide a technical overview of the US strategic missile defense system, and how it relates to deterrence against non-peer adversaries as well as how it affects deterrence with Russia and China and the long-term prospects for nuclear reductions

Heart Attack Recovery FAQs

Science.gov (United States)

... recommendations to make a full recovery. View an animation of a heart attack . Heart Attack Recovery Questions ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

Seven Deadliest Wireless Technologies Attacks

CERN Document Server

Haines, Brad

2010-01-01

How can an information security professional keep up with all of the hacks, attacks, and exploits? One way to find out what the worst of the worst are is to read the seven books in our Seven Deadliest Attacks Series. Not only do we let you in on the anatomy of these attacks but we also tell you how to get rid of them and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve. Attacks featured in this book include:Bluetooth AttacksCredit Card, Access Card, and Passport AttacksBad Encryption

Blocking of Brute Force Attack

OpenAIRE

M.Venkata Krishna Reddy

2012-01-01

A common threat Web developers face is a password-guessing attack known as a brute-force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. If your Web site requires user authentication, you are a good target for a brute-force attack. An attacker can always discover a password through a brute-force attack, but the downside is that it co...

Propagating Mixed Uncertainties in Cyber Attacker Payoffs: Exploration of Two-Phase Monte Carlo Sampling and Probability Bounds Analysis

Energy Technology Data Exchange (ETDEWEB)

Chatterjee, Samrat; Tipireddy, Ramakrishna; Oster, Matthew R.; Halappanavar, Mahantesh

2016-09-16

Securing cyber-systems on a continual basis against a multitude of adverse events is a challenging undertaking. Game-theoretic approaches, that model actions of strategic decision-makers, are increasingly being applied to address cybersecurity resource allocation challenges. Such game-based models account for multiple player actions and represent cyber attacker payoffs mostly as point utility estimates. Since a cyber-attacker’s payoff generation mechanism is largely unknown, appropriate representation and propagation of uncertainty is a critical task. In this paper we expand on prior work and focus on operationalizing the probabilistic uncertainty quantification framework, for a notional cyber system, through: 1) representation of uncertain attacker and system-related modeling variables as probability distributions and mathematical intervals, and 2) exploration of uncertainty propagation techniques including two-phase Monte Carlo sampling and probability bounds analysis.

Strategic Adaptation

DEFF Research Database (Denmark)

Andersen, Torben Juul

2015-01-01

This article provides an overview of theoretical contributions that have influenced the discourse around strategic adaptation including contingency perspectives, strategic fit reasoning, decision structure, information processing, corporate entrepreneurship, and strategy process. The related...... concepts of strategic renewal, dynamic managerial capabilities, dynamic capabilities, and strategic response capabilities are discussed and contextualized against strategic responsiveness. The insights derived from this article are used to outline the contours of a dynamic process of strategic adaptation....... This model incorporates elements of central strategizing, autonomous entrepreneurial behavior, interactive information processing, and open communication systems that enhance the organization's ability to observe exogenous changes and respond effectively to them....

Strategic irrigation against apple scab (Venturia inaequalis)

DEFF Research Database (Denmark)

Korsgaard, Maren

2012-01-01

the orchard floor, to force the ascospores to be released. We irrigated with at least 0.2 mm of water in dry periods, at least 12 hours before rain forecast. The idea was to empty the stock of ascospores during dry spells, so they would dry out without infecting the leaves. To find the best strategic times......, that the irrigation did result in ascospore-release, but the effect on the scab-attack was not significant. We also experienced, that the fruit growers found this way of preventing scab very interesting and easy to carry out. The pilot-trial was financed by “Fonden for Oekologisk Jordbrug” and in 2011...

Solidarity under Attack

DEFF Research Database (Denmark)

Meret, Susi; Goffredo, Sergio

2017-01-01

https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack......https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack...

Attack surfaces

DEFF Research Database (Denmark)

Gruschka, Nils; Jensen, Meiko

2010-01-01

The new paradigm of cloud computing poses severe security risks to its adopters. In order to cope with these risks, appropriate taxonomies and classification criteria for attacks on cloud computing are required. In this work-in-progress paper we present one such taxonomy based on the notion...... of attack surfaces of the cloud computing scenario participants....

Towards a strategic approach to special events management in the post-9/11 world

OpenAIRE

Jones, G. B.

2005-01-01

CHDS State/Local This thesis reviews background related to counterterrorism and law enforcement planning for major special events and it identifies some of the strategic issues that have emerged in special events management since the terrorist attacks of September 11, 2001. It focuses on the subjective and objective components of the systems currently used by DHS and the FBI to categorize and resource special events, and it evaluates whether the current approach to major event planning ...

Seven Deadliest Microsoft Attacks

CERN Document Server

Kraus, Rob; Borkin, Mike; Alpern, Naomi

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting Microsoft products? Then you need Seven Deadliest Microsoft Attacks. This book pinpoints the most dangerous hacks and exploits specific to Microsoft applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Windows Operating System-Password AttacksActive Directory-Escalat

Strategic Entrepreneurship

DEFF Research Database (Denmark)

Klein, Peter G.; Barney, Jay B.; Foss, Nicolai Juul

Strategic entrepreneurship is a newly recognized field that draws, not surprisingly, from the fields of strategic management and entrepreneurship. The field emerged officially with the 2001 special issue of the Strategic Management Journal on “strategic entrepreneurship”; the first dedicated...... periodical, the Strategic Entrepreneurship Journal, appeared in 2007. Strategic entrepreneurship is built around two core ideas. (1) Strategy formulation and execution involves attributes that are fundamentally entrepreneurial, such as alertness, creativity, and judgment, and entrepreneurs try to create...... and capture value through resource acquisition and competitive posi-tioning. (2) Opportunity-seeking and advantage-seeking—the former the central subject of the entrepreneurship field, the latter the central subject of the strategic management field—are pro-cesses that should be considered jointly. This entry...

Whispering through DDoS attack

OpenAIRE

Miralem Mehic; Jiri Slachta; Miroslav Voznak

2016-01-01

Denial of service (DoS) attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS) attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes o...

Protecting Cryptographic Memory against Tampering Attack

DEFF Research Database (Denmark)

Mukherjee, Pratyay

In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks. In prac......In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks....... In practice such attacks can be executed easily, e.g. by heating the device, as substantiated by numerous works in the past decade. Tampering attacks are a class of such physical attacks where the attacker can change the memory/computation, gains additional (non-black-box) knowledge by interacting...... with the faulty device and then tries to break the security. Prior works show that generically approaching such problem is notoriously difficult. So, in this dissertation we attempt to solve an easier question, known as memory-tampering, where the attacker is allowed tamper only with the memory of the device...

Defending and attacking a network of two arcs subject to traffic congestion

International Nuclear Information System (INIS)

Bier, Vicki M.; Hausken, Kjell

2013-01-01

To study the effects of intentional attacks on transportation systems, we consider drivers who choose the more time-efficient of two arcs (possibly of different lengths). Both arcs are subjected to traffic congestion, and also to interdiction or blockage (e.g., by a terrorist attack). The model has three types of strategic actors: the government; the terrorist; and potential drivers. The government protects travel, while the terrorist interdicts travel, along the two arcs. Drivers choose the arc that gives the shortest travel time, and cannot choose an interdicted arc. The drivers have reservation travel times, such that if the actual travel time will exceed an individual driver's reservation travel time, that driver would prefer not to travel; the reservation travel times are allowed to vary among drivers. The objective function of the master problem, which the government minimizes and the terrorist maximizes, is the sum of the total travel time plus the reservation travel times of the non-travelers. Each potential driver decides endogenously whether to travel, according to whether the actual travel time is greater or lesser than that driver's reservation travel time

Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

Directory of Open Access Journals (Sweden)

Apostolos P. Fournaris

2017-07-01

Full Text Available Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT and Operational Technology (OT systems that are meant to operate harmonically under a security critical framework. As security IT countermeasures are gradually been installed in many embedded system nodes, thus securing them from many well-know cyber attacks there is a lurking danger that is still overlooked. Apart from the software vulnerabilities that typical malicious programs use, there are some very interesting hardware vulnerabilities that can be exploited in order to mount devastating software or hardware attacks (typically undetected by software countermeasures capable of fully compromising any embedded system device. Real-time microarchitecture attacks such as the cache side-channel attacks are such case but also the newly discovered Rowhammer fault injection attack that can be mounted even remotely to gain full access to a device DRAM (Dynamic Random Access Memory. Under the light of the above dangers that are focused on the device hardware structure, in this paper, an overview of this attack field is provided including attacks, threat directives and countermeasures. The goal of this paper is not to exhaustively overview attacks and countermeasures but rather to survey the various, possible, existing attack directions and highlight the security risks that they can pose to security critical embedded systems as well as indicate their strength on compromising the Quality of Service (QoS such systems are designed to provide.

Seven deadliest USB attacks

CERN Document Server

Anderson, Brian

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting USB technology? Then you need Seven Deadliest USB Attacks. This book pinpoints the most dangerous hacks and exploits specific to USB, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: USB Hacksaw USB Switchblade USB Based Virus/Malicous Code Launch USB Device Overflow RAMdum

Seven Deadliest Unified Communications Attacks

CERN Document Server

York, Dan

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting Unified Communications technology? Then you need Seven Deadliest Unified Communication Attacks. This book pinpoints the most dangerous hacks and exploits specific to Unified Communications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks featured in this book include: UC Ecosystem Attacks Insecure Endpo

Invisible Trojan-horse attack.

Science.gov (United States)

Sajeed, Shihan; Minshull, Carter; Jain, Nitin; Makarov, Vadim

2017-08-21

We demonstrate the experimental feasibility of a Trojan-horse attack that remains nearly invisible to the single-photon detectors employed in practical quantum key distribution (QKD) systems, such as Clavis2 from ID Quantique. We perform a detailed numerical comparison of the attack performance against Scarani-Ac´ın-Ribordy-Gisin (SARG04) QKD protocol at 1924 nm versus that at 1536 nm. The attack strategy was proposed earlier but found to be unsuccessful at the latter wavelength, as reported in N. Jain et al., New J. Phys. 16, 123030 (2014). However at 1924 nm, we show experimentally that the noise response of the detectors to bright pulses is greatly reduced, and show by modeling that the same attack will succeed. The invisible nature of the attack poses a threat to the security of practical QKD if proper countermeasures are not adopted.

Strategic Planning: What's so Strategic about It?

Science.gov (United States)

Strong, Bart

2005-01-01

The words "strategic" and "planning" used together can lead to confusion unless one spent the early years of his career in never-ending, team-oriented, corporate training sessions. Doesn't "strategic" have something to do with extremely accurate bombing or a defensive missile system or Star Wars or something? Don't "strategic" and "planning" both…

Whispering through DDoS attack

Directory of Open Access Journals (Sweden)

Miralem Mehic

2016-03-01

Full Text Available Denial of service (DoS attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes of hiding data or concealing the existing covert channel. In addition, in this paper we analyzed the possibility of detection of such covert communication with the well-known statistical method. Also, we proposed the coordination mechanisms of the attack which may be used. A lot of research has been done in order to describe and prevent DDoS attacks, yet research on steganography on this field is still scarce.

Heart attack - discharge

Science.gov (United States)

... and lifestyle Cholesterol - drug treatment Controlling your high blood pressure Deep vein thrombosis - discharge Dietary fats explained Fast food tips Heart attack - discharge Heart attack - what to ask your doctor Heart bypass ... pacemaker - discharge High blood pressure - what to ask your doctor How to read ...

How Strategic are Strategic Information Systems?

Directory of Open Access Journals (Sweden)

Alan Eardley

1996-11-01

Full Text Available There are many examples of information systems which are claimed to have created and sustained competitive advantage, allowed beneficial collaboration or simply ensured the continued survival of the organisations which used them These systems are often referred to as being 'strategic'. This paper argues that many of the examples of strategic information systems as reported in the literature are not sufficiently critical in determining whether the systems meet the generally accepted definition of the term 'strategic' - that of achieving sustainable competitive advantage. Eight of the information systems considered to be strategic are examined here from the standpoint of one widely-accepted 'competition' framework- Porter's model of industry competition . The framework is then used to question the linkage between the information systems and the mechanisms which are required for the enactment of strategic business objectives based on competition. Conclusions indicate that the systems are compatible with Porter's framework. Finally, some limitations of the framework are discussed and aspects of the systems which extend beyond the framework are highlighted

Attack Trees for Practical Security Assessment: Ranking of Attack Scenarios with ADTool 2.0

NARCIS (Netherlands)

Gadyatskaya, Olga; Jhawar, Ravi; Kordy, P.T.; Lounis, Karim; Mauw, Sjouke; Trujillo-Rasua, Rolando

2016-01-01

In this tool demonstration paper we present the ADTool2.0: an open-source software tool for design, manipulation and analysis of attack trees. The tool supports ranking of attack scenarios based on quantitative attributes entered by the user; it is scriptable; and it incorporates attack trees with

Shady strategic behavior : Recognizing strategic behavior of Dark Triad followers

NARCIS (Netherlands)

Schyns, Birgit; Wisse, Barbara; Sanders, Stacey

2018-01-01

The importance of strategic behavior in organizations has long been recognized. However, so far the literature has primarily focused on leaders’ strategic behavior, largely ignoring followers’ strategic behavior. In the present paper, we take a follower trait perspective to strategic follower

The work-averse cyber attacker model : theory and evidence from two million attack signatures

NARCIS (Netherlands)

Allodi, L.; Massacci, F.; Williams, J.

The typical cyber attacker is assumed to be all powerful and to exploit all possible vulnerabilities. In this paper we present, and empirically validate, a novel and more realistic attacker model. The intuition of our model is that an attacker will optimally choose whether to act and weaponize a new

Web server attack analyzer

OpenAIRE

Mižišin, Michal

2013-01-01

Web server attack analyzer - Abstract The goal of this work was to create prototype of analyzer of injection flaws attacks on web server. Proposed solution combines capabilities of web application firewall and web server log analyzer. Analysis is based on configurable signatures defined by regular expressions. This paper begins with summary of web attacks, followed by detection techniques analysis on web servers, description and justification of selected implementation. In the end are charact...

Network Protection Against DDoS Attacks

Directory of Open Access Journals (Sweden)

Petr Dzurenda

2015-03-01

Full Text Available The paper deals with possibilities of the network protection against Distributed Denial of Service attacks (DDoS. The basic types of DDoS attacks and their impact on the protected network are presented here. Furthermore, we present basic detection and defense techniques thanks to which it is possible to increase resistance of the protected network or device against DDoS attacks. Moreover, we tested the ability of current commercial Intrusion Prevention Systems (IPS, especially Radware DefensePro 6.10.00 product against the most common types of DDoS attacks. We create five scenarios that are varied in type and strength of the DDoS attacks. The attacks intensity was much greater than the normal intensity of the current DDoS attacks.

Attack Tree Generation by Policy Invalidation

DEFF Research Database (Denmark)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

2015-01-01

through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based......Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified...... on invalidating policies in the system model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps....

Neurocognitive dysfunction in strategic and non-strategic gamblers.

Science.gov (United States)

Grant, Jon E; Odlaug, Brian L; Chamberlain, Samuel R; Schreiber, Liana R N

2012-08-07

It has been theorized that there may be subtypes of pathological gambling, particularly in relation to the main type of gambling activities undertaken. Whether or not putative pathological gambling subtypes differ in terms of their clinical and cognitive profiles has received little attention. Subjects meeting DSM-IV criteria for pathological gambling were grouped into two categories of preferred forms of gambling - strategic (e.g., cards, dice, sports betting, stock market) and non-strategic (e.g., slots, video poker, pull tabs). Groups were compared on clinical characteristics (gambling severity, and time and money spent gambling), psychiatric comorbidity, and neurocognitive tests assessing motor impulsivity and cognitive flexibility. Seventy-seven subjects were included in this sample (45.5% females; mean age: 42.7±14.9) which consisted of the following groups: strategic (n=22; 28.6%) and non-strategic (n=55; 71.4%). Non-strategic gamblers were significantly more likely to be older, female, and divorced. Money spent gambling did not differ significantly between groups although one measure of gambling severity reflected more severe problems for strategic gamblers. Strategic and non-strategic gamblers did not differ in terms of cognitive function; both groups showed impairments in cognitive flexibility and inhibitory control relative to matched healthy volunteers. These preliminary results suggest that preferred form of gambling may be associated with specific clinical characteristics but are not dissociable in terms of cognitive inflexibility and motor impulsivity. Copyright © 2012 Elsevier Inc. All rights reserved.

Terrorists and Suicide Attacks

National Research Council Canada - National Science Library

Cronin, Audrey K

2003-01-01

Suicide attacks by terrorist organizations have become more prevalent globally, and assessing the threat of suicide attacks against the United States and its interests at home and abroad has therefore...

Strategic cycling: shaking complacency in healthcare strategic planning.

Science.gov (United States)

Begun, J; Heatwole, K B

1999-01-01

As the conditions affecting business and healthcare organizations in the United States have become more turbulent and uncertain, strategic planning has decreased in popularity. Strategic planning is criticized for stiffling creative responses to the new marketplace and for fostering compartmentalized organizations, adherence to outmoded strategies, tunnel vision in strategy formulation, and overemphasis on planning to the detriment of implementation. However, effective strategic planning can be a force for mobilizing all the constituents of an organization, creating discipline in pursuit of a goal, broadening an organization's perspective, improving communication among disciplines, and motivating the organization's workforce. It is worthwhile for healthcare organizations to preserve these benefits of strategic planning at the same time recognizing the many sources of turbulence and uncertainty in the healthcare environment. A model of "strategic cycling" is presented to address the perceived shortcomings of traditional strategic planning in a dynamic environment. The cycling model facilitates continuous assessment of the organization's mission/values/vision and primary strategies based on feedback from benchmark analysis, shareholder impact, and progress in strategy implementation. Multiple scenarios and contingency plans are developed in recognition of the uncertain future. The model represents a compromise between abandoning strategic planning and the traditional, linear model of planning based on progress through predetermined stages to a masterpiece plan.

Stochastic Model of TCP SYN Attacks

Directory of Open Access Journals (Sweden)

Simona Ramanauskaitė

2011-08-01

Full Text Available A great proportion of essential services are moving into internet space making the threat of DoS attacks even more actual. To estimate the real risk of some kind of denial of service (DoS attack in real world is difficult, but mathematical and software models make this task easier. In this paper we overview the ways of implementing DoS attack models and offer a stochastic model of SYN flooding attack. It allows evaluating the potential threat of SYN flooding attacks, taking into account both the legitimate system flow as well as the possible attack power. At the same time we can assess the effect of such parameters as buffer capacity, open connection storage in the buffer or filte­ring efficiency on the success of different SYN flooding attacks. This model can be used for other type of memory depletion denial of service attacks.Article in Lithuanian

Attack Trees with Sequential Conjunction

NARCIS (Netherlands)

Jhawar, Ravi; Kordy, Barbara; Mauw, Sjouke; Radomirović, Sasa; Trujillo-Rasua, Rolando

2015-01-01

We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND at- tack tree formalism increases the expressivity of attack trees by intro- ducing the sequential conjunctive operator SAND. This operator enables the modeling of

Strategic Leadership as Determinant of Strategic Change: A Theoretical Review and Propositions

OpenAIRE

Ahadiat, Ayi

2009-01-01

The strategic change is an issue that closely related to strategic leadership. As this paper elaborates how strategic leadership determines the strategic change, the elaboration of both concept and their relationship are presented through propositions that are developed from the modified Hambrick’s model. Strategic leadership that causes strategic change in terms of strategic process and content within environmental and organizational context will lead to organizational performance as an ulti...

Heart attack first aid

Science.gov (United States)

First aid - heart attack; First aid - cardiopulmonary arrest; First aid - cardiac arrest ... A heart attack occurs when the blood flow that carries oxygen to the heart is blocked. The heart muscle ...

Investigating the Possibility to Individualize Asthma Attack Therapy Based on Attack Severity and Patient Characteristics

Directory of Open Access Journals (Sweden)

Sárkány Zoltán

2016-03-01

Full Text Available Introduction: The objective of this study was to investigate with the help of a computerized simulation model whether the treatment of an acute asthma attack can be individualized based on the severity of the attack and the characteristics of the patient. Material and Method: A stochastic lung model was used to simulate the deposition of 1 nm - 10 μm particles during a mild and a moderate asthma attack. Breathing parameters were varied to maximize deposition, and simulation results were compared with those obtained in the case of a severe asthma attack. In order to investigate the effect of height on the deposition of inhaled particles, another series of simulations was carried out with identical breathing parameters, comparing patient heights of 155 cm, 175 cm and 195 cm. Results: The optimization process yielded an increase in the maximum deposition values of around 6-7% for each type of investigated asthma attack, and the difference between attacks of different degree of severity was around 5% for both the initial and the optimized values, a higher degree of obstruction increasing the amount of deposited particles. Conclusions: Our results suggest that the individualization of asthma attack treatment cannot be based on particles of different size, as the highest deposited fraction in all three types of attacks can be obtained using 0.01 μm particles. The use of a specific set of breathing parameters yields a difference between a mild and a moderate, as well as a moderate and a severe asthma attack of around 5%.

Analytical Characterization of Internet Security Attacks

Science.gov (United States)

Sellke, Sarah H.

2010-01-01

Internet security attacks have drawn significant attention due to their enormously adverse impact. These attacks includes Malware (Viruses, Worms, Trojan Horse), Denial of Service, Packet Sniffer, and Password Attacks. There is an increasing need to provide adequate defense mechanisms against these attacks. My thesis proposal deals with analytical…

Wartime Women Rape: A Means of Moral Attack and Emasculation in Lynn Nottage’s Ruined

Directory of Open Access Journals (Sweden)

Elaff Ganim Salih

2016-05-01

Full Text Available Women rape at warfare was considered a consequence of war in the social, literary and political world for a long period of time. Some criminals of rape escaped justice and others were persecuted on the basis that they were involved in mass rape because it was a natural consequence of war. But, women are targeted with rape in time of war because they are the symbolic representation of a culture, ethnicity, and the unifying fabric of their people and nation. The objective of this paper is to show that war rape is not a result of war; instead it is a means of human destruction through moral attack and emasculation. It aims to show that women rape in warfare is neither a misogynist act nor a sexual violence but it is a pre-planned weapon used strategically and systematically to fulfill certain political and military agenda. The study focuses on the sexual abuse of women in the Democratic Republic of Congo in time of war in Lynn Nottage’s Pulitzer Prize play, Ruined (2007. The study applies Jonathan Gottschall’s Strategic Rape theory, which highlights war rape as a pre-planned military strategy. The enemy emasculates men and attacks them morally by raping their women. Consequently, men’s failure to protect their women causes them to give up resistance, leave their lands and families because of shame and humiliation. The study concludes that women rape in time of war is a tactic followed by conquerors intentionally to facilitate and guarantee the achievement of certain pre-planned goals as was the case of mass rape in the DRC.

Characteristics of the socio-geographical factors in the Drina-Velika Morava strategic direction zone

Directory of Open Access Journals (Sweden)

Dejan Radivoj Inđić

2013-06-01

Full Text Available This paper presents the assessment of the operational – geographic features of the Drina–Velikamorava strategic direction. Due to the scope of the article, a variant of the assessment of the strategic direction is presented through its socio–geographic factors, while the mathematical–geographical and physical–geographic factors, as well as the operating lines of action are not discussed. Within the socio–geographic factors, the characteristics of the population, economy and communication networks are considered. The geographic area of the direction is nationally compact and provides war mobilization of units with no particular strain. The transportation network is not fully developed which makes combat operations difficult to attackers and facilitates them for the deffenders.. There are significant technical and technological potentials in the direction of the zone, but they are not evenly distributed. After the consideration of the complex socio – geographical factors, it is  concluded that the shown strategic direction enables, without any special restrictions, a successful execution of combat operations in the long run.   Introduction The Drina–Velikamorava strategic direction of action consists of two operational lines: Semberija–Šumadija and Glasinac–Zapadnamorava. This paper presents a variant of a complex evaluation of the socio–geographic factors in the area of strategic direction. Within the socio–geographic factors in the strategic direction, the characteristics of the population, economy and communication networks are discussed.   Characteristics of the population and settlements In the geographic strategic direction, there is about 30% of the population of the Republic of Serbia. The highest population density is in major cities (Belgrade, Novi Sad, Šabac, Čačak, etc.. The space is nationally compact, and over 95% of the population are Serbs. In terms of building methods,there are the following types of

Seven Deadliest Social Network Attacks

CERN Document Server

Timm, Carl

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting social networks? Then you need Seven Deadliest Social Network Attacks. This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: Social Networking Infrastruct

Pericarditis - after heart attack

Science.gov (United States)

... include: A previous heart attack Open heart surgery Chest trauma A heart attack that has affected the thickness of your heart muscle Symptoms Symptoms include: Anxiety Chest pain from the swollen pericardium rubbing on the ...

WILD PIG ATTACKS ON HUMANS

Energy Technology Data Exchange (ETDEWEB)

Mayer, J.

2013-04-12

Attacks on humans by wild pigs (Sus scrofa) have been documented since ancient times. However, studies characterizing these incidents are lacking. In an effort to better understand this phenomenon, information was collected from 412 wild pig attacks on humans. Similar to studies of large predator attacks on humans, data came from a variety of sources. The various attacks compiled occurred in seven zoogeographic realms. Most attacks occurred within the species native range, and specifically in rural areas. The occurrence was highest during the winter months and daylight hours. Most happened under non-hunting circumstances and appeared to be unprovoked. Wounded animals were the chief cause of these attacks in hunting situations. The animals involved were typically solitary, male and large in size. The fate of the wild pigs involved in these attacks varied depending upon the circumstances, however, most escaped uninjured. Most human victims were adult males traveling on foot and alone. The most frequent outcome for these victims was physical contact/mauling. The severity of resulting injuries ranged from minor to fatal. Most of the mauled victims had injuries to only one part of their bodies, with legs/feet being the most frequent body part injured. Injuries were primarily in the form of lacerations and punctures. Fatalities were typically due to blood loss. In some cases, serious infections or toxemia resulted from the injuries. Other species (i.e., pets and livestock) were also accompanying some of the humans during these attacks. The fates of these animals varied from escaping uninjured to being killed. Frequency data on both non-hunting and hunting incidents of wild pig attacks on humans at the Savannah River Site, South Carolina, showed quantitatively that such incidents are rare.

Cache timing attacks on recent microarchitectures

DEFF Research Database (Denmark)

Andreou, Alexandres; Bogdanov, Andrey; Tischhauser, Elmar Wolfgang

2017-01-01

Cache timing attacks have been known for a long time, however since the rise of cloud computing and shared hardware resources, such attacks found new potentially devastating applications. One prominent example is S$A (presented by Irazoqui et al at S&P 2015) which is a cache timing attack against...... AES or similar algorithms in virtualized environments. This paper applies variants of this cache timing attack to Intel's latest generation of microprocessors. It enables a spy-process to recover cryptographic keys, interacting with the victim processes only over TCP. The threat model is a logically...... separated but CPU co-located attacker with root privileges. We report successful and practically verified applications of this attack against a wide range of microarchitectures, from a two-core Nehalem processor (i5-650) to two-core Haswell (i7-4600M) and four-core Skylake processors (i7-6700). The attack...

Guide for mass prophylaxis of hospital employees in preparation for a bioterrorist attack.

Science.gov (United States)

Lee, Jeremy John; Johnson, Shannon John; Sohmer, Michael J

2009-03-15

The key elements required for the health-system pharmacist to prepare and implement a hospital-based mass prophylaxis distribution effort for hospital employees are described. A bioterrorist attack may involve multiple jurisdictions which would necessitate a regional response. Pharmacists should collaborate not only with colleagues in their immediate areas, but also with pharmacists and emergency-management planners in neighboring counties and jurisdictions. Pharmacists must also develop antibiotic drug selection protocols and define the quantity needed to maintain hospital operations after a bioterrorist attack. Once the desired antibiotics have been selected and the number of employees has been determined, along with the length of prophylaxis therapy, it should be determined how much money will be needed to purchase and store enough medications to meet the need. Next, provisions must be made to acquire and store the antibiotic cache, with attention paid to cache rotation and packaging and repackaging recommendations. A detailed procedure for the deployment of an antibiotic cache must be developed. This procedure should include job descriptions and job action sheets for deployment team members and plans for receiving and dispensing antibiotics from the Strategic National Stockpile. Once the employee prophylaxis procedure is developed, staff must be educated about it, and exercises should be conducted to identify possible weaknesses in the procedure. Health-system pharmacists should play an active role in designing and implementing an antibiotic prophylaxis plan for employees for a potential bioterrorist attack. Understanding and following procedures provided in the tool kit are critical to their successful readiness.

The Cyber-Physical Attacker

DEFF Research Database (Denmark)

Vigo, Roberto

2012-01-01

The world of Cyber-Physical Systems ranges from industrial to national interest applications. Even though these systems are pervading our everyday life, we are still far from fully understanding their security properties. Devising a suitable attacker model is a crucial element when studying...... the security properties of CPSs, as a system cannot be secured without defining the threats it is subject to. In this work an attacker scenario is presented which addresses the peculiarities of a cyber-physical adversary, and we discuss how this scenario relates to other attacker models popular in the security...

Forensics Investigation of Web Application Security Attacks

OpenAIRE

Amor Lazzez; Thabet Slimani

2015-01-01

Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the sec...

Adaptive cyber-attack modeling system

Science.gov (United States)

Gonsalves, Paul G.; Dougherty, Edward T.

2006-05-01

The pervasiveness of software and networked information systems is evident across a broad spectrum of business and government sectors. Such reliance provides an ample opportunity not only for the nefarious exploits of lone wolf computer hackers, but for more systematic software attacks from organized entities. Much effort and focus has been placed on preventing and ameliorating network and OS attacks, a concomitant emphasis is required to address protection of mission critical software. Typical software protection technique and methodology evaluation and verification and validation (V&V) involves the use of a team of subject matter experts (SMEs) to mimic potential attackers or hackers. This manpower intensive, time-consuming, and potentially cost-prohibitive approach is not amenable to performing the necessary multiple non-subjective analyses required to support quantifying software protection levels. To facilitate the evaluation and V&V of software protection solutions, we have designed and developed a prototype adaptive cyber attack modeling system. Our approach integrates an off-line mechanism for rapid construction of Bayesian belief network (BN) attack models with an on-line model instantiation, adaptation and knowledge acquisition scheme. Off-line model construction is supported via a knowledge elicitation approach for identifying key domain requirements and a process for translating these requirements into a library of BN-based cyber-attack models. On-line attack modeling and knowledge acquisition is supported via BN evidence propagation and model parameter learning.

Predicting Factors of Zone 4 Attack in Volleyball.

Science.gov (United States)

Costa, Gustavo C; Castro, Henrique O; Evangelista, Breno F; Malheiros, Laura M; Greco, Pablo J; Ugrinowitsch, Herbert

2017-06-01

This study examined 142 volleyball games of the Men's Super League 2014/2015 seasons in Brazil from which we analyzed 24-26 games of each participating team, identifying 5,267 Zone 4 attacks for further analysis. Within these Zone 4 attacks, we analyzed the association between the effect of the attack carried out and the separate effects of serve reception, tempo and type of attack. We found that the reception, tempo of attack, second tempo of attack, and power of diagonal attack were predictors of the attack effect in Zone 4. Moreover, placed attacks showed a tendency to not yield a score. In conclusion, winning points in high-level men's volleyball requires excellent receptions, a fast attack tempo and powerfully executed of attacks.

Attack Potential Evaluation in Desktop and Smartphone Fingerprint Sensors: Can They Be Attacked by Anyone?

Directory of Open Access Journals (Sweden)

Ines Goicoechea-Telleria

2018-01-01

Full Text Available The use of biometrics keeps growing. Every day, we use biometric recognition to unlock our phones or to have access to places such as the gym or the office, so we rely on the security manufacturers offer when protecting our privileges and private life. It is well known that it is possible to hack into a fingerprint sensor using fake fingers made of Play-Doh and other easy-to-obtain materials but to what extent? Is this true for all users or only for specialists with a deep knowledge on biometrics? Are smartphone fingerprint sensors as reliable as desktop sensors? To answer these questions, we performed 3 separate evaluations. First, we evaluated 4 desktop fingerprint sensors of different technologies by attacking them with 7 different fake finger materials. All of them were successfully attacked by an experienced attacker. Secondly, we carried out a similar test on 5 smartphones with embedded sensors using the most successful materials, which also hacked the 5 sensors. Lastly, we gathered 15 simulated attackers with no background in biometrics to create fake fingers of several materials, and they had one week to attack the fingerprint sensors of the same 5 smartphones, with the starting point of a short video with the techniques to create them. All 5 smartphones were successfully attacked by an inexperienced attacker. This paper will provide the results achieved, as well as an analysis on the attack potential of every case. All results are given following the metrics of the standard ISO/IEC 30107-3.

Managing burn victims of suicide bombing attacks: outcomes, lessons learnt, and changes made from three attacks in Indonesia.

Science.gov (United States)

Chim, Harvey; Yew, Woon Si; Song, Colin

2007-01-01

Terror attacks in Southeast Asia were almost nonexistent until the 2002 Bali bomb blast, considered the deadliest attack in Indonesian history. Further attacks in 2003 (Jakarta), 2004 (Jakarta), and 2005 (Bali) have turned terrorist attacks into an ever-present reality. The authors reviewed medical charts of victims evacuated to the Singapore General Hospital (SGH) Burns Centre during three suicide attacks involving Bali (2002 and 2005) and the Jakarta Marriott hotel (2003). Problems faced, lessons learnt, and costs incurred are discussed. A burns disaster plan drawing on lessons learnt from these attacks is presented. Thirty-one patients were treated at the SGH Burns Centre in three attacks (2002 Bali attack [n = 15], 2003 Jakarta attack [n = 14], and 2005 Bali attack [n = 2]). For the 2002 Bali attack, median age was 29 years (range 20 to 50 years), median percentage of total burn surface area (TBSA) was 29% (range 5% to 55%), and median abbreviated burn severity index (ABSI) was 6 (range 3 to 10). Eight of 15 patients were admitted to the intensive care unit. For the 2003 Jakarta attack, median age was 35 years (range 24 to 56 years), median percentage of TBSA was 10% (range 2% to 46%), and median ABSI was 4 (range 3 to 9). A large number of patients had other injuries. Problems faced included manpower issues, lack of bed space, shortage of blood products, and lack of cadaver skin. The changing nature of terror attacks mandates continued vigilance and disaster preparedness. The multidimensional burns patient, complicated by other injuries, is likely to become increasingly common. A burns disaster plan with emphasis on effective command, control, and communication as well as organisation of health care personnel following a 'team concept' will do much to ensure that the sudden onset of a crisis situation at an unexpected time does not overwhelm hospital manpower and resources.

Overview of DOS attacks on wireless sensor networks and experimental results for simulation of interference attacks

Directory of Open Access Journals (Sweden)

Željko Gavrić

2018-01-01

Full Text Available Wireless sensor networks are now used in various fields. The information transmitted in the wireless sensor networks is very sensitive, so the security issue is very important. DOS (denial of service attacks are a fundamental threat to the functioning of wireless sensor networks. This paper describes some of the most common DOS attacks and potential methods of protection against them. The case study shows one of the most frequent attacks on wireless sensor networks – the interference attack. In the introduction of this paper authors assume that the attack interference can cause significant obstruction of wireless sensor networks. This assumption has been proved in the case study through simulation scenario and simulation results.

Securing internet by eliminating DDOS attacks

Science.gov (United States)

Niranchana, R.; Gayathri Devi, N.; Santhi, H.; Gayathri, P.

2017-11-01

The major threat caused to the authorised usage of Internet is Distributed Denial of Service attack. The mechanisms used to prevent the DDoS attacks are said to overcome the attack’s ability in spoofing the IP packets source addresses. By utilising Internet Protocol spoofing, the attackers cause a consequential load over the networks destination for policing attack packets. To overcome the IP Spoofing level on the Internet, We propose an Inter domain Packet Filter (IPF) architecture. The proposed scheme is not based on global routing information. The packets with reliable source addresses are not rejected, the IPF frame work works in such a manner. The spoofing capability of attackers is confined by IPF, and also the filter identifies the source of an attack packet by minimal number of candidate network.

Plants under dual attack

NARCIS (Netherlands)

Ponzio, C.A.M.

2016-01-01

Though immobile, plants are members of complex environments, and are under constant threat from a wide range of attackers, which includes organisms such as insect herbivores or plant pathogens. Plants have developed sophisticated defenses against these attackers, and include chemical responses

New attacks on Wi-Fi Protected Setup

OpenAIRE

Hamed Mohtadi; Alireza Rahimi

2015-01-01

Wi-Fi Protected Setup (WPS) is a network security standard that is used to secure networks in home and office, introduced in 2006 by the Wi-Fi Alliance. It provides easier configuration setup and is used in almost all recent Wi-Fi devices. In this paper we propose two attacks on this standard. The first attack is an offline brute force attack that uses imbalance on registration protocol. This attack needs user action, but it is more efficient than previous attacks. The second attack uses weak...

Strategizing Communication

DEFF Research Database (Denmark)

Gulbrandsen, Ib Tunby; Just, Sine Nørholm

beyond, but not past instrumental, rational plans in order to become better able to understand and manage the concrete, incremental practices and contexts in which communication becomes strategic. Thus, we argue that although strategic communicators do (and should) make plans, a plan in itself does...... of the specific communicative disciplines and practices employed by the organization and/or its individual members, be they marketing, public relations, corporate communication, branding, public affairs or social advocacy. In all cases, strategic communicators do well to focus more on the process of communicating...... for understanding and managing strategic communication processes....

Invisible Trojan-horse attack

DEFF Research Database (Denmark)

Sajeed, Shihan; Minshull, Carter; Jain, Nitin

2017-01-01

We demonstrate the experimental feasibility of a Trojan-horse attack that remains nearly invisible to the single-photon detectors employed in practical quantum key distribution (QKD) systems, such as Clavis2 from ID Quantique. We perform a detailed numerical comparison of the attack performance...

Radiological attacks and accidents. Medical consequences

International Nuclear Information System (INIS)

Sakuta, Hidenari

2007-01-01

Probability of the occurrence of radiological attacks appears to be elevated after the terrorist attacks against the United States on September 11 in 2001. There are a lot of scenarios of radiological attack: simple radiological device, radiological disperse device (RDD or dirty bomb), attacks against nuclear reactor, improvised nuclear device, and nuclear weapons. Of these, RDD attack is the most probable scenario, because it can be easily made and can generate enormous psychological and economic damages. Radiological incidents are occurring to and fro in the world, including several cases of theft to nuclear facilities and unsuccessful terrorist attacks against them. Recently, a former Russian spy has allegedly been killed using polonium-210. In addition, serious radiological accidents have occurred in Chernobyl, Goiania, and Tokai-mura. Planning, preparation, education, and training exercise appear to be essential factors to cope with radiological attacks and accidents effectively without feeling much anxiety. Triage and psychological first aid are prerequisite to manage and provide effective medial care for mass casualties without inducing panic. (author)

Script-viruses Attacks on UNIX OS

Directory of Open Access Journals (Sweden)

D. M. Mikhaylov

2010-06-01

Full Text Available In this article attacks on UNIX OS are considered. Currently antivirus developers are concentrated on protecting systems from viruses that are most common and attack popular operating systems. If the system or its components are not often attacked then the antivirus products are not protecting these components as it is not profitable. The same situation is with script-viruses for UNIX OS as most experts consider that it is impossible for such viruses to get enough rights to attack. Nevertheless the main conclusion of this article is the fact that such viruses can be very powerful and can attack systems and get enough rights.

Strategic financial analysis: the CFO's role in strategic planning.

Science.gov (United States)

Litos, D M

1985-03-01

Strategic financial analysis, the financial information support system for the strategic planning process, provides information vital to maintaining a healthy bottom line. This article, the third in HCSM's series on the organizational components of strategic planning, reviews the role of the chief financial officer in determining which programs and services will best meet the future needs of the institution.

Mapping strategic diversity: strategic thinking from a variety of perspectives

NARCIS (Netherlands)

Jacobs, D.

2010-01-01

In his influential work, Strategy Safari, Henry Mintzberg and his colleagues presented ten schools of strategic thought. In this impressive book, Dany Jacobs demonstrates that the real world of strategic management is much wider and richer. In Mapping Strategic Diversity, Jacobs distinguishes

Strategic Leadership Primer (Third Edition)

Science.gov (United States)

2010-01-01

decision making � STRATEGIC DECISION MAKING Strategic Change There are several strategic decisions that involved...The Ontology of Strategic Decision Making Strategic decisions are non-routine and involve both the art of leadership and the science of management...building consensus,”5 implicitly requires the capacity for strategic decision making� The Complexity of Strategic Decision Making Strategic

Hybrid attacks on model-based social recommender systems

Science.gov (United States)

Yu, Junliang; Gao, Min; Rong, Wenge; Li, Wentao; Xiong, Qingyu; Wen, Junhao

2017-10-01

With the growing popularity of the online social platform, the social network based approaches to recommendation emerged. However, because of the open nature of rating systems and social networks, the social recommender systems are susceptible to malicious attacks. In this paper, we present a certain novel attack, which inherits characteristics of the rating attack and the relation attack, and term it hybrid attack. Furtherly, we explore the impact of the hybrid attack on model-based social recommender systems in multiple aspects. The experimental results show that, the hybrid attack is more destructive than the rating attack in most cases. In addition, users and items with fewer ratings will be influenced more when attacked. Last but not the least, the findings suggest that spammers do not depend on the feedback links from normal users to become more powerful, the unilateral links can make the hybrid attack effective enough. Since unilateral links are much cheaper, the hybrid attack will be a great threat to model-based social recommender systems.

The strategic use of inserts in the Brazilian presidential elections

Directory of Open Access Journals (Sweden)

Felipe Borba

2012-01-01

Full Text Available The aim of this article is to analyze the communication strategies of presidential candidates during the elections held in 2006 and 2010. The focus is on the strategic component of electoral inserts and the methodology consists of investigating how candidates choose to distribute these inserts in the programming of television networks. The results indicate that the candidates pursue different strategies influenced basically by three variables: electoral legislation, their standing in polls and the difference of resources available. In parallel, the article debates the role of the regulation of electoral advertising and how this set of rules influences the level of information of campaigns, the occurrence of attacks, and party strategies. Overall, 2,993 electoral inserts were examined.

A new attack on smoking using an old-time remedy.

Science.gov (United States)

Moore, M C; Mikhail, C J

1996-01-01

This article first will explain the reasons behind and goals of state recoupment actions against the major cigarette manufacturers, their lobbying arm and trade association, and their public relations firms (collectively referred to as the "tobacco industry") for the recovery of Medicaid and other indigent care expenditures on smoking-related illnesses. These are, primarily, to relieve the heavy financial burden on state treasuries and to stop the tobacco industry from targeting children in advertising and promotions. To put this new legal approach in perspective, the article presents a brief historical background to the tobacco industry's litigation strategy: to wear down opponents through delay and intimidation, to cast doubt on science, and to wrongfully invoke the attorney-client privilege against disclosure of incriminating evidence. Next authors discuss the states' strategy: each filing one suit seeking equitable remedies under theories of restitution/unjust enrichment, indemnity, public nuisance, and injunctive relief to protect the interests of minors, instead of maintaining thousands of product liability claims on behalf of individual smokers. This will be followed by a critique of the industry's response to state actions: political attacks against attorneys general and trial lawyers and charges that the lawsuits would hurt business as well as a variety of legal challenges, including an imaginative but risky defense that if smoking indeed causes disease and attendant health care expenditures, then the tobacco industry ought to be given a credit against those expenditures for the taxes generated by its business and the "savings" which inure to the states from the premature deaths of smokers (the cost of geriatric care, for example). The article will wrap up by impressing on health officials and other readers what is at stake in these actions and what their success or failure will mean for the Medicaid program.

An Analysis of Attacks on Blockchain Consensus

OpenAIRE

Bissias, George; Levine, Brian Neil; Ozisik, A. Pinar; Andresen, Gavin

2016-01-01

We present and validate a novel mathematical model of the blockchain mining process and use it to conduct an economic evaluation of the double-spend attack, which is fundamental to all blockchain systems. Our analysis focuses on the value of transactions that can be secured under a conventional double-spend attack, both with and without a concurrent eclipse attack. Our model quantifies the importance of several factors that determine the attack's success, including confirmation depth, attacke...

Automated classification of computer network attacks

CSIR Research Space (South Africa)

Van Heerden, R

2013-11-01

Full Text Available according to the relevant types of attack scenarios depicted in the ontology. The two network attack instances are the Distributed Denial of Service attack on SpamHaus in 2013 and the theft of 42 million Rand ($6.7 million) from South African Postbank...

Cyber Attacks and Combat Behavior

Directory of Open Access Journals (Sweden)

Carataș Maria Alina

2017-01-01

Full Text Available Cyber terrorism is an intangible danger, a real over the corner threat in the life of individuals,organizations, and governments and is getting harder to deal with its damages. The motivations forthe cyber-attacks are different, depending on the terrorist group, from cybercrime to hacktivism,attacks over the authorities’ servers. Organizations constantly need to find new ways ofstrengthening protection against cyber-attacks, assess their cyber readiness, expand the resiliencecapacity and adopts international security regulations.

Attacks on public telephone networks: technologies and challenges

Science.gov (United States)

Kosloff, T.; Moore, Tyler; Keller, J.; Manes, Gavin W.; Shenoi, Sujeet

2003-09-01

Signaling System 7 (SS7) is vital to signaling and control in America's public telephone networks. This paper describes a class of attacks on SS7 networks involving the insertion of malicious signaling messages via compromised SS7 network components. Three attacks are discussed in detail: IAM flood attacks, redirection attacks and point code spoofing attacks. Depending on their scale of execution, these attacks can produce effects ranging from network congestion to service disruption. Methods for detecting these denial-of-service attacks and mitigating their effects are also presented.

Strategic cost management as the main component of strategic management accounting

OpenAIRE

Ходзицька, Валентина Василівна

2013-01-01

The influence of cost management on making management decisions and functioning of the system of strategic management accounting was analyzed in the paper. The main aspects of the influence of strategic management accounting on making effective management decisions in the system of integrated management of business entities were highlighted. The scope of the organizational activity, covered by the strategic management accounting was described.The paper shows the orientation of strategic manag...

Automated Generation of Attack Trees

DEFF Research Database (Denmark)

Vigo, Roberto; Nielson, Flemming; Nielson, Hanne Riis

2014-01-01

Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impractica......Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error......-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees...... are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase...

Pareto Efficient Solutions of Attack-Defence Trees

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming

2015-01-01

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as proba......Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes......, such as probability or cost of attacks and defences. In case of multiple parameters most analytical methods optimise one parameter at a time, e.g., minimise cost or maximise probability of an attack. Such methods may lead to sub-optimal solutions when optimising conflicting parameters, e.g., minimising cost while...... maximising probability. In order to tackle this challenge, we devise automated techniques that optimise all parameters at once. Moreover, in the case of conflicting parameters our techniques compute the set of all optimal solutions, defined in terms of Pareto efficiency. The developments are carried out...

Speculative attacks, openness and crises

Directory of Open Access Journals (Sweden)

Aloisio Araujo

2012-06-01

Full Text Available We extended the Cole and Kehoe model (1996 by adding trade and debt denominated in national currency. We then evaluated some external debt defaults and steep national currency devaluations occurred during last decades. Although default is unlikely, steep devaluation has been repeatedly triggered during financial distresses. It helps to overcome financial crisis as it improves trade balance and reduces national debt level. On the other hand, expected devaluation hurts welfare through both higher national debt cost and reductions in the investment level. We modeled such trade-offs and showed that trade openness, by and large, improves the expected welfare as it allows for a better devaluation-response technology. We ran model simulations based on past 48 crises occurred in 32 middle-income countries, reasonably fitting devaluation and default responses observed as from 1971.

Strategic marketing research

NARCIS (Netherlands)

Bijmolt, Tammo H.A.; Frambach, Ruud T.; Verhallen, Theo M.M.

1996-01-01

This article introduces the term “strategic marketing research” for the collection and analysis of data in support of strategic marketing management. In particular, strategic marketing research plays an important role in defining the market, analysis of the environment, and the formulation of

Islamic State’s English-language Magazines, 2014-2017: Trends & Implications for CT-CVE Strategic Communications

Directory of Open Access Journals (Sweden)

Haroro J. Ingram

2018-03-01

Full Text Available Islamic State (IS has used English-language magazines as a crucial component of its propaganda strategy, particularly targeting Muslims living in the West. This paper provides a quick reference guide to IS’s English-language magazines released between June 2014 and September 2017 examining key themes and propaganda strategies deployed across three issues of Islamic State News, four issues of Islamic State Report, fifteen issues of Dabiq and thirteen issues of Rumiyah. It concludes by highlighting four trends and their implications for CT-CVE strategic communications practitioners. First, IS use a mix of rational- and identity-choice appeals to provide its various target audiences with a ‘competitive system of meaning’ which CT-CVE strategic communication efforts must seek to dismantle with careful campaign and message design. Second, over the period of 2014-17 IS appears to have deployed a thematic ‘hedging’ strategy characterised by certain messaging themes being prioritised over others during periods of boom versus bust. By identifying the signatures of IS’s use of propaganda ‘hedging’, CT-CVE practitioners can be better prepared to confront current and future challenges from IS propagandists. Third, IS’s English-language magazines must be understood within the context of trends across its broader propaganda effort. To effectively address this multifaceted threat, CT-CVE practitioners would benefit from applying the KISMI (Keep It Simple Maximise Impact principle of rolling-out a strategic communications campaign. Finally, the appearance of instructional material in IS propaganda highlights the need for post-incident CT-CVE strategic communication plans to undermine the strategic logic of so-called “inspired” attacks.

Strategic information security

CERN Document Server

Wylder, John

2003-01-01

Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

Strategic Responsiveness

DEFF Research Database (Denmark)

Pedersen, Carsten; Juul Andersen, Torben

decision making is often conceived as ‘standing on the two feet’ of deliberate or intended strategic decisions by top management and emergent strategic decisions pursued by lower-level managers and employees. In this view, the paper proposes that bottom-up initiatives have a hard time surfacing...... in hierarchical organizations and that lowerlevel managers and employees, therefore, pursue various strategies to bypass the official strategy processes to act on emerging strategic issues and adapt to changing environmental conditions.......The analysis of major resource committing decisions is central focus in the strategy field, but despite decades of rich conceptual and empirical research we still seem distant from a level of understanding that can guide corporate practices under dynamic and unpredictable conditions. Strategic...

Cross-site scripting attacks procedure and Prevention Strategies

Directory of Open Access Journals (Sweden)

Wang Xijun

2016-01-01

Full Text Available Cross-site scripting attacks and defense has been the site of attack and defense is an important issue, this paper, the definition of cross-site scripting attacks, according to the current understanding of the chaos on the cross-site scripting, analyzes the causes and harm cross-site scripting attacks formation of attacks XXS complete process XSS attacks made a comprehensive analysis, and then for the web program includes Mobility there are cross-site scripting filter laxity given from ordinary users browse the web and web application developers two the defense cross-site scripting attacks effective strategy.

Heart Attack Symptoms in Women

Science.gov (United States)

... fat, cholesterol and other substances (plaque). Watch an animation of a heart attack . Many women think the ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

On the anatomy of social engineering attacks : A literature-based dissection of successful attacks

NARCIS (Netherlands)

Bullee, Jan-Willem; Montoya, L.; Pieters, Wolter; Junger, Marianne; Hartel, Pieter H.

The aim of this studywas to explore the extent towhich persuasion principles are used in successful social engineering attacks. Seventy-four scenarioswere extracted from 4 books on social engineering (written by social engineers) and analysed. Each scenariowas split into attack steps, containing

“Change is constant in today’s business for competitive advantage. Strategic leadership is vital for effective strategic change management - roles & responsibilities and strategic capability of strategic leadership.”

OpenAIRE

Chia, Grace Hui Yen

2009-01-01

The aim of this paper is to seek to understand the reachange is constant in today’s business for competitive advantage. And to make the strategic change happen in order to achieve the desired outcome, what will be the right strategic process flow. What are the key challenges that will be encountered throughout the process of strategic change management? This paper will also learn whether strategic leadership is vital to make the strategic change happen in the effective way since many literatu...

Strategic growth options

NARCIS (Netherlands)

Kulatilaka, N.; Perotti, E.C.

1998-01-01

We provide a strategic rationale for growth options under uncertainty and imperfect corn-petition. In a market with strategic competition, investment confers a greater capability to take advantage of future growth opportunities. This strategic advantage leads to the capture of a greater share of the

11. Strategic planning.

Science.gov (United States)

2014-05-01

There are several types of planning processes and plans, including strategic, operational, tactical, and contingency. For this document, operational planning includes tactical planning. This chapter examines the strategic planning process and includes an introduction into disaster response plans. "A strategic plan is an outline of steps designed with the goals of the entire organisation as a whole in mind, rather than with the goals of specific divisions or departments". Strategic planning includes all measures taken to provide a broad picture of what must be achieved and in which order, including how to organise a system capable of achieving the overall goals. Strategic planning often is done pre-event, based on previous experience and expertise. The strategic planning for disasters converts needs into a strategic plan of action. Strategic plans detail the goals that must be achieved. The process of converting needs into plans has been deconstructed into its components and includes consideration of: (1) disaster response plans; (2) interventions underway or planned; (3) available resources; (4) current status vs. pre-event status; (5) history and experience of the planners; and (6) access to the affected population. These factors are tempered by the local: (a) geography; (b) climate; (c) culture; (d) safety; and (e) practicality. The planning process consumes resources (costs). All plans must be adapted to the actual conditions--things never happen exactly as planned.

DDOS ATTACK DETECTION SIMULATION AND HANDLING MECHANISM

Directory of Open Access Journals (Sweden)

Ahmad Sanmorino

2013-11-01

Full Text Available In this study we discuss how to handle DDoS attack that coming from the attacker by using detection method and handling mechanism. Detection perform by comparing number of packets and number of flow. Whereas handling mechanism perform by limiting or drop the packets that detected as a DDoS attack. The study begins with simulation on real network, which aims to get the real traffic data. Then, dump traffic data obtained from the simulation used for detection method on our prototype system called DASHM (DDoS Attack Simulation and Handling Mechanism. From the result of experiment that has been conducted, the proposed method successfully detect DDoS attack and handle the incoming packet sent by attacker.

Model checking exact cost for attack scenarios

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming

2017-01-01

Attack trees constitute a powerful tool for modelling security threats. Many security analyses of attack trees can be seamlessly expressed as model checking of Markov Decision Processes obtained from the attack trees, thus reaping the benefits of a coherent framework and a mature tool support....... However, current model checking does not encompass the exact cost analysis of an attack, which is standard for attack trees. Our first contribution is the logic erPCTL with cost-related operators. The extended logic allows to analyse the probability of an event satisfying given cost bounds and to compute...... the exact cost of an event. Our second contribution is the model checking algorithm for erPCTL. Finally, we apply our framework to the analysis of attack trees....

Implementation Of Strategic Management

African Journals Online (AJOL)

Administrator

Creativity and innovation is the new game plan inherent in strategic .... The diagram below is a simplified operational model of strategic management, ..... Bryson (1995) outlines four benefits of strategic (planning) Management in his ... champions, good strategic planning teams, enough slack to handle potentially disruptive.

NETWORK SECURITY ATTACKS. ARP POISONING CASE STUDY

Directory of Open Access Journals (Sweden)

Luminiţa DEFTA

2010-12-01

Full Text Available Arp poisoning is one of the most common attacks in a switched network. A switch is a network device that limits the ability of attackers that use a packet sniffer to gain access to information from internal network traffic. However, using ARP poisoning the traffic between two computers can be intercepted even in a network that uses switches. This method is known as man in the middle attack. With this type of attack the affected stations from a network will have invalid entries in the ARP table. Thus, it will contain only the correspondence between the IP addresses of the stations from the same network and a single MAC address (the station that initiated the attack. In this paper we present step by step the initiation of such an attack in a network with three computers. We will intercept the traffic between two stations using the third one (the attacker.

Understanding How Components of Organisations Contribute to Attacks

DEFF Research Database (Denmark)

Gu, Min; Aslanyan, Zaruhi; Probst, Christian W.

2016-01-01

Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors is diffi......Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors...... is difficult. Recently, system models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However......, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, understanding the relations between several model...

Attack Graph Construction for Security Events Analysis

Directory of Open Access Journals (Sweden)

Andrey Alexeevich Chechulin

2014-09-01

Full Text Available The paper is devoted to investigation of the attack graphs construction and analysis task for a network security evaluation and real-time security event processing. Main object of this research is the attack modeling process. The paper contains the description of attack graphs building, modifying and analysis technique as well as overview of implemented prototype for network security analysis based on attack graph approach.

1 küsimus noorele juhile : Kuidas on kõige parem tähtsad põhimõtted töötajateni viia? / Kaarel Oja, Reet Roos, Martin Hurt... [jt.

Index Scriptorium Estoniae

2010-01-01

Küsimusele vastavad Teater NO99 tegevjuht Kaarel Oja, meediaagentuuri Inspired, tööõigusbüroo ja trükikoja Digiprint omanik Reet Roos, kaitseministeeriumi asekantsler Martin Hurt, SOL Eesti personalijuht Evely Ellert ning investeerimis- ja varahalduslahendusi pakkuva Sampo Life juhatuse liige Erkki Sadam

Automated Discovery of Mimicry Attacks

National Research Council Canada - National Science Library

Giffin, Jonathon T; Jha, Somesh; Miller, Barton P

2006-01-01

.... These systems are useful only if they detect actual attacks. Previous research developed manually-constructed mimicry and evasion attacks that avoided detection by hiding a malicious series of system calls within a valid sequence allowed by the model...

Transforming Graphical System Models to Graphical Attack Models

DEFF Research Database (Denmark)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

2016-01-01

Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations...... approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset....

When Sinuses Attack! (For Kids)

Science.gov (United States)

... First Aid & Safety Doctors & Hospitals Videos Recipes for Kids Kids site Sitio para niños How the Body Works ... Search English Español When Sinuses Attack! KidsHealth / For Kids / When Sinuses Attack! What's in this article? What ...

When it hurts (and helps to try: the role of effort in language learning.

Directory of Open Access Journals (Sweden)

Amy S Finn

Full Text Available Compared to children, adults are bad at learning language. This is counterintuitive; adults outperform children on most measures of cognition, especially those that involve effort (which continue to mature into early adulthood. The present study asks whether these mature effortful abilities interfere with language learning in adults and further, whether interference occurs equally for aspects of language that adults are good (word-segmentation versus bad (grammar at learning. Learners were exposed to an artificial language comprised of statistically defined words that belong to phonologically defined categories (grammar. Exposure occurred under passive or effortful conditions. Passive learners were told to listen while effortful learners were instructed to try to 1 learn the words, 2 learn the categories, or 3 learn the category-order. Effortful learners showed an advantage for learning words while passive learners showed an advantage for learning the categories. Effort can therefore hurt the learning of categories.

When It Hurts (and Helps) to Try: The Role of Effort in Language Learning

Science.gov (United States)

Finn, Amy S.; Lee, Taraz; Kraus, Allison; Hudson Kam, Carla L.

2014-01-01

Compared to children, adults are bad at learning language. This is counterintuitive; adults outperform children on most measures of cognition, especially those that involve effort (which continue to mature into early adulthood). The present study asks whether these mature effortful abilities interfere with language learning in adults and further, whether interference occurs equally for aspects of language that adults are good (word-segmentation) versus bad (grammar) at learning. Learners were exposed to an artificial language comprised of statistically defined words that belong to phonologically defined categories (grammar). Exposure occurred under passive or effortful conditions. Passive learners were told to listen while effortful learners were instructed to try to 1) learn the words, 2) learn the categories, or 3) learn the category-order. Effortful learners showed an advantage for learning words while passive learners showed an advantage for learning the categories. Effort can therefore hurt the learning of categories. PMID:25047901

Heart Attack

Science.gov (United States)

... properly causes your body's blood sugar levels to rise, increasing your risk of heart attack. Metabolic syndrome. This occurs when you have obesity, high blood pressure and high blood sugar. Having metabolic ...

Software-based Microarchitectural Attacks

OpenAIRE

Gruss, Daniel

2017-01-01

Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Software-based microarchitectural attacks exploit effects of these optimizations. Microarchitectural side-channel attacks leak secrets from cryptographic computations, from general purpose computations, or from the kernel. This leakage even persists across all common isolation boundaries, such as processes, containers, and virtual ...

Integrating cyber attacks within fault trees

International Nuclear Information System (INIS)

Nai Fovino, Igor; Masera, Marcelo; De Cian, Alessio

2009-01-01

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Integrating cyber attacks within fault trees

Energy Technology Data Exchange (ETDEWEB)

Nai Fovino, Igor [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy)], E-mail: igor.nai@jrc.it; Masera, Marcelo [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy); De Cian, Alessio [Department of Electrical Engineering, University di Genova, Genoa (Italy)

2009-09-15

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Attack and Vulnerability Penetration Testing: FreeBSD

Directory of Open Access Journals (Sweden)

Abdul Hanan Abdullah

2013-07-01

Full Text Available Computer system security has become a major concern over the past few years. Attacks, threasts or intrusions, against computer system and network have become commonplace events. However, there are some system devices and other tools that are available to overcome the threat of these attacks. Currently, cyber attack is a major research and inevitable. This paper presents some steps of penetration in FreeBSD operating system, some tools and new steps to attack used in this experiment, probes for reconnaissance, guessing password via brute force, gaining privilege access and flooding victim machine to decrease availability. All these attacks were executed and infiltrate within the environment of Intrusion Threat Detection Universiti Teknologi Malaysia (ITD UTM data set. This work is expected to be a reference for practitioners to prepare their systems from Internet attacks.

Strategic Forecasting

DEFF Research Database (Denmark)

Duus, Henrik Johannsen

2016-01-01

Purpose: The purpose of this article is to present an overview of the area of strategic forecasting and its research directions and to put forward some ideas for improving management decisions. Design/methodology/approach: This article is conceptual but also informed by the author’s long contact...... and collaboration with various business firms. It starts by presenting an overview of the area and argues that the area is as much a way of thinking as a toolbox of theories and methodologies. It then spells out a number of research directions and ideas for management. Findings: Strategic forecasting is seen...... as a rebirth of long range planning, albeit with new methods and theories. Firms should make the building of strategic forecasting capability a priority. Research limitations/implications: The article subdivides strategic forecasting into three research avenues and suggests avenues for further research efforts...

Strategic market segmentation

Directory of Open Access Journals (Sweden)

Maričić Branko R.

2015-01-01

Full Text Available Strategic planning of marketing activities is the basis of business success in modern business environment. Customers are not homogenous in their preferences and expectations. Formulating an adequate marketing strategy, focused on realization of company's strategic objectives, requires segmented approach to the market that appreciates differences in expectations and preferences of customers. One of significant activities in strategic planning of marketing activities is market segmentation. Strategic planning imposes a need to plan marketing activities according to strategically important segments on the long term basis. At the same time, there is a need to revise and adapt marketing activities on the short term basis. There are number of criteria based on which market segmentation is performed. The paper will consider effectiveness and efficiency of different market segmentation criteria based on empirical research of customer expectations and preferences. The analysis will include traditional criteria and criteria based on behavioral model. The research implications will be analyzed from the perspective of selection of the most adequate market segmentation criteria in strategic planning of marketing activities.

Superposition Attacks on Cryptographic Protocols

DEFF Research Database (Denmark)

Damgård, Ivan Bjerre; Funder, Jakob Løvstad; Nielsen, Jesper Buus

2011-01-01

of information. In this paper, we introduce a fundamentally new model of quantum attacks on classical cryptographic protocols, where the adversary is allowed to ask several classical queries in quantum superposition. This is a strictly stronger attack than the standard one, and we consider the security......Attacks on classical cryptographic protocols are usually modeled by allowing an adversary to ask queries from an oracle. Security is then defined by requiring that as long as the queries satisfy some constraint, there is some problem the adversary cannot solve, such as compute a certain piece...... of several primitives in this model. We show that a secret-sharing scheme that is secure with threshold $t$ in the standard model is secure against superposition attacks if and only if the threshold is lowered to $t/2$. We use this result to give zero-knowledge proofs for all of NP in the common reference...

Strategic serendipity

DEFF Research Database (Denmark)

Knudsen, Gry Høngsmark; Lemmergaard, Jeanette

2014-01-01

This paper contributes to critical voices on the issue of strategic communication. It does so by exploring how an organisation can seize the moment of serendipity based on careful preparation of its issues management and communication channels. The focus of the study is the media coverage......-of-the-art knowledge and in-depth understanding of the affordances of different communication channels, we discuss the importance of establishing opportunities for serendipity in strategic communication planning. The contribution of the paper is to develop the concept of strategic serendipity and show how...

Recurrent spontaneous attacks of dizziness.

Science.gov (United States)

Lempert, Thomas

2012-10-01

This article describes the common causes of recurrent vertigo and dizziness that can be diagnosed largely on the basis of history. Ninety percent of spontaneous recurrent vertigo and dizziness can be explained by six disorders: (1) Ménière disease is characterized by vertigo attacks, lasting 20 minutes to several hours, with concomitant hearing loss, tinnitus, and aural fullness. Aural symptoms become permanent during the course of the disease. (2) Attacks of vestibular migraine may last anywhere from minutes to days. Most patients have a previous history of migraine headaches, and many experience migraine symptoms during the attack. (3) Vertebrobasilar TIAs affect older adults with vascular risk factors. Most attacks last less than 1 hour and are accompanied by other symptoms from the posterior circulation territory. (4) Vestibular paroxysmia is caused by vascular compression of the eighth cranial nerve. It manifests itself with brief attacks of vertigo that recur many times per day, sometimes with concomitant cochlear symptoms. (5) Orthostatic hypotension causes brief episodes of dizziness lasting seconds to a few minutes after standing up and is relieved by sitting or lying down. In older adults, it may be accompanied by supine hypertension. (6) Panic attacks usually last minutes, occur in specific situations, and are accompanied by choking, palpitations, tremor, heat, and anxiety. Less common causes of spontaneous recurrent vertigo and dizziness include perilymph fistula, superior canal dehiscence, autoimmune inner ear disease, otosclerosis, cardiac arrhythmia, and medication side effects. Neurologists need to venture into otolaryngology, internal medicine, and psychiatry to master the differential diagnosis of recurrent dizziness.

Emporium Luggage

Science.gov (United States)

Bailey, Bruce C.; Levin, Michael A.

2014-01-01

In October 2010, Phil Wein, president of Emporium Luggage, was looking for ways to expand his retail luggage operation. Like many firms in the luggage industry, his leisure travel segment had been hurt by the 9/11 terrorist attacks, which forced several luggage retailers to retrench. More recently, the U.S. recession that started in 2008, and the…

Shark Attack Project - Marine Attack at Towed Hydrophone Arrays

National Research Council Canada - National Science Library

Kalmijn, Adrianus J

2005-01-01

The original objective of the SIO Marine Attack project was to identify the electric and magnetic fields causing sharks to inflict serious damage upon the towed hydrophone arrays of US Navy submarines...

Strategic Innovation Capacity: A Mixed Method Study on Deliberate Strategic Learning Mechanisms

OpenAIRE

Berghman, Liselore

2006-01-01

textabstractSeveral management scholars have come to propound strategic innovation as an effective means to create new and substantially superior customer value, and to combat firms’ inclination towards strategic convergence. Research on strategic innovation is however still in its infancy, tends to lack scientific rigor and has so far proven unable to provide managers with well-founded insights into the specifics of strategic innovation creation. This research therefore aims to study mechani...

Novel Method For Low-Rate Ddos Attack Detection

Science.gov (United States)

Chistokhodova, A. A.; Sidorov, I. D.

2018-05-01

The relevance of the work is associated with an increasing number of advanced types of DDoS attacks, in particular, low-rate HTTP-flood. Last year, the power and complexity of such attacks increased significantly. The article is devoted to the analysis of DDoS attacks detecting methods and their modifications with the purpose of increasing the accuracy of DDoS attack detection. The article details low-rate attacks features in comparison with conventional DDoS attacks. During the analysis, significant shortcomings of the available method for detecting low-rate DDoS attacks were found. Thus, the result of the study is an informal description of a new method for detecting low-rate denial-of-service attacks. The architecture of the stand for approbation of the method is developed. At the current stage of the study, it is possible to improve the efficiency of an already existing method by using a classifier with memory, as well as additional information.

Heart Attack

Science.gov (United States)

... family history of heart attack race – African Americans, Mexican Americans, Native Americans, and native Hawaiians are at ... Your doctor will prescribe the medicines that are right for you. If you have had a heart ...

Automatic Classification of Attacks on IP Telephony

Directory of Open Access Journals (Sweden)

Jakub Safarik

2013-01-01

Full Text Available This article proposes an algorithm for automatic analysis of attack data in IP telephony network with a neural network. Data for the analysis is gathered from variable monitoring application running in the network. These monitoring systems are a typical part of nowadays network. Information from them is usually used after attack. It is possible to use an automatic classification of IP telephony attacks for nearly real-time classification and counter attack or mitigation of potential attacks. The classification use proposed neural network, and the article covers design of a neural network and its practical implementation. It contains also methods for neural network learning and data gathering functions from honeypot application.

Further attacks on Yeung-Mintzer fragile watermarking scheme

Science.gov (United States)

Fridrich, Jessica; Goljan, Miroslav; Memon, Nasir D.

2000-05-01

In this paper, we describe new and improved attacks on the authentication scheme previously proposed by Yeung and Mintzer. Previous attacks assumed that the binary watermark logo inserted in an image for the purposes of authentication was known. Here we remove that assumption and show how the scheme is still vulnerable, even if the binary logo is not known but the attacker has access to multiple images that have been watermarked with the same secret key and contain the same (but unknown) logo. We present two attacks. The first attack infers the secret watermark insertion function and the binary logo, given multiple images authenticated with the same key and containing the same logo. We show that a very good approximation to the logo and watermark insertion function can be constructed using as few as two images. With color images, one needs many more images, nevertheless the attack is still feasible. The second attack we present, which we call the 'collage-attack' is a variation of the Holliman-Memon counterfeiting attack. The proposed variation does not require knowledge of the watermark logo and produces counterfeits of superior quality by means of a suitable dithering process that we develop.

Pareto Efficient Solution of Attack-Defence Trees

NARCIS (Netherlands)

Aslanyan, Zaruhi; Nielson, Flemming

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as

Strategic management thinking and practice in the public sector: A strategic planning for all seasons?

OpenAIRE

Johnsen, Åge

2014-01-01

This paper explores how strategic management thinking manifests itself in strategic management practice in the public sector. Mintzberg’s framework of 10 strategic management schools of thought is chosen for mapping strategic management thinking. The paper analyses a convenience sample of 35 strategic management processes, observation of an agency’s strategy reformulation process and interviews of managers in the public sector in Norway for informing the discussion. Strategic planning is heav...

Genetic attack on neural cryptography.

Science.gov (United States)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-03-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

Genetic attack on neural cryptography

International Nuclear Information System (INIS)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-01-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size

Genetic attack on neural cryptography

Science.gov (United States)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-03-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

Strategic Innovation Capacity: A Mixed Method Study on Deliberate Strategic Learning Mechanisms

NARCIS (Netherlands)

L.A. Berghman (Liselore)

2006-01-01

textabstractSeveral management scholars have come to propound strategic innovation as an effective means to create new and substantially superior customer value, and to combat firms’ inclination towards strategic convergence. Research on strategic innovation is however still in its infancy, tends to

Attacks on the AJPS Mersenne-based cryptosystem

NARCIS (Netherlands)

K. de Boer (Koen); L. Ducas (Léo); S. Jeffery (Stacey); R. M. de Wolf (Ronald)

2018-01-01

textabstractAggarwal, Joux, Prakash and Santha recently introduced a new potentially quantum-safe public-key cryptosystem, and suggested that a brute-force attack is essentially optimal against it. They consider but then dismiss both Meet-in-the-Middle attacks and LLL-based attacks. Very soon after

The political attack ad

Directory of Open Access Journals (Sweden)

Palma Peña-Jiménez, Ph.D.

2011-01-01

Full Text Available During election campaigns the political spot has a clear objective: to win votes. This message is communicated to the electorate through television and Internet, and usually presents a negative approach, which includes a direct critical message against the opponent, rather than an exposition of proposals. This article is focused on the analysis of the campaign attack video ad purposely created to encourage the disapproval of the political opponent among voters. These ads focus on discrediting the opponent, many times, through the transmission of ad hominem messages, instead of disseminating the potential of the political party and the virtues and manifesto of its candidate. The article reviews the development of the attack ad since its first appearance, which in Spain dates back to 1996, when the famous Doberman ad was broadcast, and examines the most memorable campaign attack ads.

Robust Detection of Stepping-Stone Attacks

National Research Council Canada - National Science Library

He, Ting; Tong, Lang

2006-01-01

The detection of encrypted stepping-stone attack is considered. Besides encryption and padding, the attacker is capable of inserting chaff packets and perturbing packet timing and transmission order...

A Framework for Attack-Resilient Industrial Control Systems : Attack Detection and Controller Reconfiguration

OpenAIRE

Paridari, Kaveh; O'Mahony, Niamh; Mady, Alie El-Din; Chabukswar, Rohan; Boubekeur, Menouer; Sandberg, Henrik

2017-01-01

Most existing industrial control systems (ICSs), such as building energy management systems (EMSs), were installed when potential security threats were only physical. With advances in connectivity, ICSs are now, typically, connected to communications networks and, as a result, can be accessed remotely. This extends the attack surface to include the potential for sophisticated cyber attacks, which can adversely impact ICS operation, resulting in service interruption, equipment damage, safety c...

Strategic Belief Management

DEFF Research Database (Denmark)

Foss, Nicolai Juul

While (managerial) beliefs are central to many aspects of strategic organization, interactive beliefs are almost entirely neglected, save for some game theory treatments. In an increasingly connected and networked economy, firms confront coordination problems that arise because of network effects....... The capability to manage beliefs will increasingly be a strategic one, a key source of wealth creation, and a key research area for strategic organization scholars.......While (managerial) beliefs are central to many aspects of strategic organization, interactive beliefs are almost entirely neglected, save for some game theory treatments. In an increasingly connected and networked economy, firms confront coordination problems that arise because of network effects...

Determining success factors for effective strategic change: Role of middle managers' strategic involvement

Directory of Open Access Journals (Sweden)

Minhajul Islam Ukil

2017-05-01

Full Text Available Middle managers are believed to play most crucial part in strategic change that in consequence leads to organizational success. The present study seeks to identify the underlying success factors for effective strategic change and, to investigate the relationship between middle management strategic involvement and effective strategic change. Data were collected following a survey administered among a group of mid-level managers (N=144 serving in twenty different private commercial banks in Bangladesh, and analyzed using various statistical tests including descriptive analysis, Pearson correlation, and simple and multiple regressions in STATA. Results uncovers that factors like relation with top management, strategy, role and skills are essential for effective strategic change. This study also reveals significant relationship between middle management strategic involvement and effective strategic change. Findings of this research suggest that organizations shall involve mid-level managers to formulate and implement strategy since middle mangers work as a bridge between top management and ground level workers.

An Adaptive Approach for Defending against DDoS Attacks

Directory of Open Access Journals (Sweden)

Muhai Li

2010-01-01

Full Text Available In various network attacks, the Distributed Denial-of-Service (DDoS attack is a severe threat. In order to deal with this kind of attack in time, it is necessary to establish a special type of defense system to change strategy dynamically against attacks. In this paper, we introduce an adaptive approach, which is used for defending against DDoS attacks, based on normal traffic analysis. The approach can check DDoS attacks and adaptively adjust its configurations according to the network condition and attack severity. In order to insure the common users to visit the victim server that is being attacked, we provide a nonlinear traffic control formula for the system. Our simulation test indicates that the nonlinear control approach can prevent the malicious attack packets effectively while making legitimate traffic flows arrive at the victim.

Countermeasures for unintentional and intentional video watermarking attacks

Science.gov (United States)

Deguillaume, Frederic; Csurka, Gabriela; Pun, Thierry

2000-05-01

These last years, the rapidly growing digital multimedia market has revealed an urgent need for effective copyright protection mechanisms. Therefore, digital audio, image and video watermarking has recently become a very active area of research, as a solution to this problem. Many important issues have been pointed out, one of them being the robustness to non-intentional and intentional attacks. This paper studies some attacks and proposes countermeasures applied to videos. General attacks are lossy copying/transcoding such as MPEG compression and digital/analog (D/A) conversion, changes of frame-rate, changes of display format, and geometrical distortions. More specific attacks are sequence edition, and statistical attacks such as averaging or collusion. Averaging attack consists of averaging locally consecutive frames to cancel the watermark. This attack works well for schemes which embed random independent marks into frames. In the collusion attack the watermark is estimated from single frames (based on image denoising), and averaged over different scenes for better accuracy. The estimated watermark is then subtracted from each frame. Collusion requires that the same mark is embedded into all frames. The proposed countermeasures first ensures robustness to general attacks by spread spectrum encoding in the frequency domain and by the use of an additional template. Secondly, a Bayesian criterion, evaluating the probability of a correctly decoded watermark, is used for rejection of outliers, and to implement an algorithm against statistical attacks. The idea is to embed randomly chosen marks among a finite set of marks, into subsequences of videos which are long enough to resist averaging attacks, but short enough to avoid collusion attacks. The Bayesian criterion is needed to select the correct mark at the decoding step. Finally, the paper presents experimental results showing the robustness of the proposed method.

Link-layer Jamming Attacks on S-MAC

NARCIS (Netherlands)

Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

2004-01-01

We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

Link-layer jamming attacks on S-MAC

NARCIS (Netherlands)

Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

A computer network attack taxonomy and ontology

CSIR Research Space (South Africa)

Van Heerden, RP

2012-01-01

Full Text Available of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example, after the launch of a DDOS (Distributed Denial of Service) attack, zombie computers may still connect to the target...-scrap- value-of-a-hacked-pc-revisited/ . Lancor, L., & Workman, R. (2007). Using Google Hacking to Enhance Defense Strategies. ACM SIGCSE Bulletin, 39 (1), 491-495. Lau, F., Rubin, S. H., Smith, M. H., & Trajkovic, L. (2000). Distributed Denial of Service...

Strategic management for university hospitals

Directory of Open Access Journals (Sweden)

Martha Isabel Riaño-Casallas

2016-10-01

Full Text Available Introduction: There are several approaches and schools that support strategic management processes. University hospitals require the implementation of a strategic approach to their management, since they are a particular type of organization with the triple mission of providing health care, education and research. Objective: To propose a strategic profile for a university hospital. Materials and methods: The theoretical framework of strategic management was analyzed and some particular components of hospital management were studied; based on these criteria, the strategic management process in three high complexity hospitals of Bogotá, D.C. was examined and a profile of both the objectives and the functional strategies for the hospital was proposed. Results: The main strategic thinking schools are presented; the processes and components of strategic management are described, and a strategic management profile for a university hospital is proposed. Conclusion: The strategic orientation of management for an institution with the characteristics of a university hospital facilitates achieving organizational objectives.

Unified communications forensics anatomy of common UC attacks

CERN Document Server

Grant, Nicholas Mr

2013-01-01

Unified Communications Forensics: Anatomy of Common UC Attacks is the first book to explain the issues and vulnerabilities and demonstrate the attacks, forensic artifacts, and countermeasures required to establish a secure (UC) environment. This book is written by leading UC experts Nicholas Grant and Joseph W. Shaw II and provides material never before found on the market, including: analysis of forensic artifacts in common UC attacks an in-depth look at established UC technologies and attack exploits hands-on understanding of UC attack vectors and associated countermeasures

More attention when speaking: does it help or does it hurt?

Science.gov (United States)

Nozari, Nazbanou; Thompson-Schill, Sharon L

2013-11-01

Paying selective attention to a word in a multi-word utterance results in a decreased probability of error on that word (benefit), but an increased probability of error on the other words (cost). We ask whether excitation of the prefrontal cortex helps or hurts this cost. One hypothesis (the resource hypothesis) predicts a decrease in the cost due to the deployment of more attentional resources, while another (the focus hypothesis) predicts even greater costs due to further fine-tuning of selective attention. Our results are more consistent with the focus hypothesis: prefrontal stimulation caused a reliable increase in the benefit and a marginal increase in the cost of selective attention. To ensure that the effects are due to changes to the prefrontal cortex, we provide two checks: We show that the pattern of results is quite different if, instead, the primary motor cortex is stimulated. We also show that the stimulation-related benefits in the verbal task correlate with the stimulation-related benefits in an N-back task, which is known to tap into a prefrontal function. Our results shed light on how selective attention affects language production, and more generally, on how selective attention affects production of a sequence over time. Copyright © 2013 Elsevier Ltd. All rights reserved.

Attacks and countermeasures on AES and ECC

DEFF Research Database (Denmark)

Tange, Henrik; Andersen, Birger

2013-01-01

AES (Advanced Encryption Standard) is widely used in LTE and Wi-Fi communication systems. AES has recently been exposed to new attacks which have questioned the overall security of AES. The newest attack is a so called biclique attack, which is using the fact that the content of the state array...

Classifying network attack scenarios using an ontology

CSIR Research Space (South Africa)

Van Heerden, RP

2012-03-01

Full Text Available ) or to the target?s reputation. The Residue sub-phase refers to damage or artefacts of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example after the launch of a DDOS..., A. (1995). Hacking theft of $10 million from citibank revealed. Retrieved 10/10, 2011, from http://articles.latimes.com/1995-08-19/business/fi-36656_1_citibank-system Hurley, E. (2004). SCO site succumbs to DDoS attack. Retrieved 10/10, 2011, from...

Modelling Social-Technical Attacks with Timed Automata

DEFF Research Database (Denmark)

David, Nicolas; David, Alexandre; Hansen, Rene Rydhof

2015-01-01

. In this paper we develop an approach towards modelling socio-technical systems in general and socio-technical attacks in particular, using timed automata and illustrate its application by a complex case study. Thanks to automated model checking and automata theory, we can automatically generate possible attacks...... in our model and perform analysis and simulation of both model and attack, revealing details about the specific interaction between attacker and victim. Using timed automata also allows for intuitive modelling of systems, in which quantities like time and cost can be easily added and analysed....

76 FR 14950 - Closed Meeting of the U.S. Strategic Command Strategic Advisory Group

Science.gov (United States)

2011-03-18

... DEPARTMENT OF DEFENSE Office of the Secretary Closed Meeting of the U.S. Strategic Command Strategic Advisory Group AGENCY: Department of Defense. ACTION: Notice of advisory committee closed meeting.... Strategic Command Strategic Advisory Group. DATES: April 7, 2011, from 8 a.m. to 5 p.m. and April 8, 2011...

Learning to think strategically.

Science.gov (United States)

1994-01-01

Strategic thinking focuses on issues that directly affect the ability of a family planning program to attract and retain clients. This issue of "The Family Planning Manager" outlines the five steps of strategic thinking in family planning administration: 1) define the organization's mission and strategic goals; 2) identify opportunities for improving quality, expanding access, and increasing demand; 3) evaluate each option in terms of its compatibility with the organization's goals; 4) select an option; and 5) transform strategies into action. Also included in this issue is a 20-question test designed to permit readers to assess their "strategic thinking quotient" and a list of sample questions to guide a strategic analysis.

Quantitative Verification and Synthesis of Attack-Defence Scenarios

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming; Parker, David

2016-01-01

analysis of quantitative properties of complex attack-defence scenarios, using an extension of attack-defence trees which models temporal ordering of actions and allows explicit dependencies in the strategies adopted by attackers and defenders. We adopt a game-theoretic approach, translating attack...... which guarantee or optimise some quantitative property, such as the probability of a successful attack, the expected cost incurred, or some multi-objective trade-off between the two. We implement our approach, building upon the PRISM-games model checker, and apply it to a case study of an RFID goods...

Situational awareness of a coordinated cyber attack

Science.gov (United States)

Sudit, Moises; Stotz, Adam; Holender, Michael

2005-03-01

As technology continues to advance, services and capabilities become computerized, and an ever increasing amount of business is conducted electronically the threat of cyber attacks gets compounded by the complexity of such attacks and the criticality of the information which must be secured. A new age of virtual warfare has dawned in which seconds can differentiate between the protection of vital information and/or services and a malicious attacker attaining their goal. In this paper we present a novel approach in the real-time detection of multistage coordinated cyber attacks and the promising initial testing results we have obtained. We introduce INFERD (INformation Fusion Engine for Real-time Decision-making), an adaptable information fusion engine which performs fusion at levels zero, one, and two to provide real-time situational assessment and its application to the cyber domain in the ECCARS (Event Correlation for Cyber Attack Recognition System) system. The advantages to our approach are fourfold: (1) The complexity of the attacks which we consider, (2) the level of abstraction in which the analyst interacts with the attack scenarios, (3) the speed at which the information fusion is presented and performed, and (4) our disregard for ad-hoc rules or a priori parameters.

Does media multitasking always hurt? A positive correlation between multitasking and multisensory integration.

Science.gov (United States)

Lui, Kelvin F H; Wong, Alan C-N

2012-08-01

Heavy media multitaskers have been found to perform poorly in certain cognitive tasks involving task switching, selective attention, and working memory. An account for this is that with a breadth-biased style of cognitive control, multitaskers tend to pay attention to various information available in the environment, without sufficient focus on the information most relevant to the task at hand. This cognitive style, however, may not cause a general deficit in all kinds of tasks. We tested the hypothesis that heavy media multitaskers would perform better in a multisensory integration task than would others, due to their extensive experience in integrating information from different modalities. Sixty-three participants filled out a questionnaire about their media usage and completed a visual search task with and without synchronous tones (pip-and-pop paradigm). It was found that a higher degree of media multitasking was correlated with better multisensory integration. The fact that heavy media multitaskers are not deficient in all kinds of cognitive tasks suggests that media multitasking does not always hurt.

Anti-discrimination Analysis Using Privacy Attack Strategies

KAUST Repository

Ruggieri, Salvatore

2014-09-15

Social discrimination discovery from data is an important task to identify illegal and unethical discriminatory patterns towards protected-by-law groups, e.g., ethnic minorities. We deploy privacy attack strategies as tools for discrimination discovery under hard assumptions which have rarely tackled in the literature: indirect discrimination discovery, privacy-aware discrimination discovery, and discrimination data recovery. The intuition comes from the intriguing parallel between the role of the anti-discrimination authority in the three scenarios above and the role of an attacker in private data publishing. We design strategies and algorithms inspired/based on Frèchet bounds attacks, attribute inference attacks, and minimality attacks to the purpose of unveiling hidden discriminatory practices. Experimental results show that they can be effective tools in the hands of anti-discrimination authorities.

Processing of intended and unintended strategic issues and integration into the strategic agenda.

Science.gov (United States)

Ridder, Hans-Gerd; Schrader, Jan Simon

2017-11-01

Strategic change is needed in hospitals due to external and internal pressures. However, research on strategic change, as a combination of management and medical expertise in hospitals, remains scarce. We analyze how intended strategic issues are processed into deliberate strategies and how unintended strategic issues are processed into emergent strategies in the management of strategy formation in hospitals. This study empirically investigates the integration of medical and management expertise in strategy formation. The longitudinal character of the case study enabled us to track patterns of intended and unintended strategic issues over 2 years. We triangulated data from interviews, observations, and documents. In accordance with the quality standards of qualitative research procedures, we analyzed the data by pattern matching and provided analytical generalization regarding strategy formation in hospitals. Our findings suggest that strategic issues are particularly successful within the strategy formation process if interest groups are concerned with the strategic issue, prospective profits are estimated, and relevant decisions makers are involved early on. Structure and interaction processes require clear criteria and transparent procedures for effective strategy formation. There is systematic neglect of medical expertise in processes of generating strategies. Our study reveals that the decentralized structure of medical centers is an adequate template for both the operationalization of intended strategic issues and the development of unintended strategic issues. However, tasks, roles, responsibility, resources, and administrative support are necessary for effective management of strategy formation. Similarly, criteria, procedures, and decision-making are prerequisites for effective strategy formation.

Cyberprints: Identifying Cyber Attackers by Feature Analysis

Science.gov (United States)

Blakely, Benjamin A.

2012-01-01

The problem of attributing cyber attacks is one of increasing importance. Without a solid method of demonstrating the origin of a cyber attack, any attempts to deter would-be cyber attackers are wasted. Existing methods of attribution make unfounded assumptions about the environment in which they will operate: omniscience (the ability to gather,…

Simulation of Attacks for Security in Wireless Sensor Network.

Science.gov (United States)

Diaz, Alvaro; Sanchez, Pablo

2016-11-18

The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node's software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work.

Simulation of Attacks for Security in Wireless Sensor Network

Science.gov (United States)

Diaz, Alvaro; Sanchez, Pablo

2016-01-01

The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node’s software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work. PMID:27869710

Improving performance of HVAC systems to reduce exposure to aerosolized infectious agents in buildings; recommendations to reduce risks posed by biological attacks.

Science.gov (United States)

Hitchcock, Penny J; Mair, Michael; Inglesby, Thomas V; Gross, Jonathan; Henderson, D A; O'Toole, Tara; Ahern-Seronde, Joa; Bahnfleth, William P; Brennan, Terry; Burroughs, H E Barney; Davidson, Cliff; Delp, William; Ensor, David S; Gomory, Ralph; Olsiewski, Paula; Samet, Jonathan M; Smith, William M; Streifel, Andrew J; White, Ronald H; Woods, James E

2006-01-01

The prospect of biological attacks is a growing strategic threat. Covert aerosol attacks inside a building are of particular concern. In the summer of 2005, the Center for Biosecurity of the University of Pittsburgh Medical Center convened a Working Group to determine what steps could be taken to reduce the risk of exposure of building occupants after an aerosol release of a biological weapon. The Working Group was composed of subject matter experts in air filtration, building ventilation and pressurization, air conditioning and air distribution, biosecurity, building design and operation, building decontamination and restoration, economics, medicine, public health, and public policy. The group focused on functions of the heating, ventilation, and air conditioning systems in commercial or public buildings that could reduce the risk of exposure to deleterious aerosols following biological attacks. The Working Group's recommendations for building owners are based on the use of currently available, off-the-shelf technologies. These recommendations are modest in expense and could be implemented immediately. It is also the Working Group's judgment that the commitment and stewardship of a lead government agency is essential to secure the necessary financial and human resources and to plan and build a comprehensive, effective program to reduce exposure to aerosolized infectious agents in buildings.

Using agility to combat cyber attacks.

Science.gov (United States)

Anderson, Kerry

2017-06-01

Some incident response practitioners feel that they have been locked in a battle with cyber criminals since the popular adoption of the internet. Initially, organisations made great inroads in preventing and containing cyber attacks. In the last few years, however, cyber criminals have become adept at eluding defence security technologies and rapidly modifying their exploit strategies for financial or political gains. Similar to changes in military combat tactics, cyber criminals utilise distributed attack cells, real-time communications, and rapidly mutating exploits to minimise the potential for detection. Cyber criminals have changed their attack paradigm. This paper describes a new incident response paradigm aimed at combating the new model of cyber attacks with an emphasis on agility to increase the organisation's ability to respond rapidly to these new challenges.

Women's Heart Disease: Heart Attack Symptoms

Science.gov (United States)

... of this page please turn JavaScript on. Feature: Women's Heart Disease Heart Attack Symptoms Past Issues / Winter ... most common heart attack symptom in men and women is chest pain or discomfort. However, women also ...

A novel proposed network security management approach for cyber attacks

International Nuclear Information System (INIS)

Ahmed, Z.; Nazir, B.; Zafar, M.F.; Anwar, M.M.; Azam, K.; Asar, A.U.

2007-01-01

Network security is a discipline that focuses on securing networks from unauthorized access. Given the Escalating threats of malicious cyber attacks, modern enterprises employ multiple lines of defense. A comprehensive defense strategy against such attacks should include (I) an attack detection component that deter- mines the fact that a program is compromised, (2) an attack identification and prevention component that identifies attack packets so that one can block such packets in the future and prevents the attack from further propagation. Over the last decade, a significant amount of research has been vested in the systems that can detect cyber attacks either statically at compile time or dynamically at run time, However, not much effort is spent on automated attack packet identification or attack prevention. In this paper we present a unified solution to the problems mentioned above. We implemented this solution after the forward engineering of Open Source Security Information Management (OSSIM) system called Preventive Information Security management (PrISM) system that correlates input from different sensors so that the resulting product can automatically detect any cyber attack against it and prevents by identifying the actual attack packet(s). The PrISM was always able to detect the attacks, identify the attack packets and most often prevent by blocking the attacker's IP address to continue normal execution. There is no additional run-time performance overhead for attack prevention. (author)

Strategic planning in transition

DEFF Research Database (Denmark)

Olesen, Kristian; Richardson, Tim

2012-01-01

In this paper, we analyse how contested transitions in planning rationalities and spatial logics have shaped the processes and outputs of recent episodes of Danish ‘strategic spatial planning’. The practice of ‘strategic spatial planning’ in Denmark has undergone a concerted reorientation...... style of ‘strategic spatial planning’ with its associated spatial logics is continuously challenged by a persistent regulatory, top-down rationality of ‘strategic spatial planning’, rooted in spatial Keynesianism, which has long characterised the Danish approach. The findings reveal the emergence...... of a particularly Danish approach, retaining strong regulatory aspects. However this approach does not sit easily within the current neoliberal political climate, raising concerns of an emerging crisis of ‘strategic spatial planning’....

Adaptive optimisation-offline cyber attack on remote state estimator

Science.gov (United States)

Huang, Xin; Dong, Jiuxiang

2017-10-01

Security issues of cyber-physical systems have received increasing attentions in recent years. In this paper, deception attacks on the remote state estimator equipped with the chi-squared failure detector are considered, and it is assumed that the attacker can monitor and modify all the sensor data. A novel adaptive optimisation-offline cyber attack strategy is proposed, where using the current and previous sensor data, the attack can yield the largest estimation error covariance while ensuring to be undetected by the chi-squared monitor. From the attacker's perspective, the attack is better than the existing linear deception attacks to degrade the system performance. Finally, some numerical examples are provided to demonstrate theoretical results.

Cyber-physical attacks a growing invisible threat

CERN Document Server

Loukas, George

2015-01-01

Cyber-Physical Attacks: A Growing Invisible Threat presents the growing list of harmful uses of computers and their ability to disable cameras, turn off a building's lights, make a car veer off the road,  or a drone land in enemy hands. In essence, it details the ways cyber-physical attacks are replacing physical attacks in crime, warfare, and terrorism. The book explores how attacks using computers affect the physical world in ways that were previously only possible through physical means. Perpetrators can now cause damage without the same risk, and without the political, social, or moral

Use of Attack Graphs in Security Systems

Directory of Open Access Journals (Sweden)

Vivek Shandilya

2014-01-01

Full Text Available Attack graphs have been used to model the vulnerabilities of the systems and their potential exploits. The successful exploits leading to the partial/total failure of the systems are subject of keen security interest. Considerable effort has been expended in exhaustive modeling, analyses, detection, and mitigation of attacks. One prominent methodology involves constructing attack graphs of the pertinent system for analysis and response strategies. This not only gives the simplified representation of the system, but also allows prioritizing the security properties whose violations are of greater concern, for both detection and repair. We present a survey and critical study of state-of-the-art technologies in attack graph generation and use in security system. Based on our research, we identify the potential, challenges, and direction of the current research in using attack graphs.

A fatal elephant attack.

Science.gov (United States)

Hejna, Petr; Zátopková, Lenka; Safr, Miroslav

2012-01-01

A rare case of an elephant attack is presented. A 44-year-old man working as an elephant keeper was attacked by a cow elephant when he tripped over a foot chain while the animal was being medically treated. The man fell down and was consequently repeatedly attacked with elephant tusks. The man sustained multiple stab injuries to both groin regions, a penetrating injury to the abdominal wall with traumatic prolapse of the loops of the small bowel, multiple defects of the mesentery, and incomplete laceration of the abdominal aorta with massive bleeding into the abdominal cavity. In addition to the penetrating injuries, the man sustained multiple rib fractures with contusion of both lungs and laceration of the right lobe of the liver, and comminuted fractures of the pelvic arch and left femoral body. The man died shortly after he had been received at the hospital. The cause of death was attributed to traumatic shock. © 2011 American Academy of Forensic Sciences.

Cyber Attacks, Information Attacks, and Postmodern Warfare

Directory of Open Access Journals (Sweden)

Valuch Jozef

2017-06-01

Full Text Available The aim of this paper is to evaluate and differentiate between the phenomena of cyberwarfare and information warfare, as manifestations of what we perceive as postmodern warfare. We describe and analyse the current examples of the use the postmodern warfare and the reactions of states and international bodies to these phenomena. The subject matter of this paper is the relationship between new types of postmodern conflicts and the law of armed conflicts (law of war. Based on ICJ case law, it is clear that under current legal rules of international law of war, cyber attacks as well as information attacks (often performed in the cyberspace as well can only be perceived as “war” if executed in addition to classical kinetic warfare, which is often not the case. In most cases perceived “only” as a non-linear warfare (postmodern conflict, this practice nevertheless must be condemned as conduct contrary to the principles of international law and (possibly a crime under national laws, unless this type of conduct will be recognized by the international community as a “war” proper, in its new, postmodern sense.

False Positive and False Negative Effects on Network Attacks

Science.gov (United States)

Shang, Yilun

2018-01-01

Robustness against attacks serves as evidence for complex network structures and failure mechanisms that lie behind them. Most often, due to detection capability limitation or good disguises, attacks on networks are subject to false positives and false negatives, meaning that functional nodes may be falsely regarded as compromised by the attacker and vice versa. In this work, we initiate a study of false positive/negative effects on network robustness against three fundamental types of attack strategies, namely, random attacks (RA), localized attacks (LA), and targeted attack (TA). By developing a general mathematical framework based upon the percolation model, we investigate analytically and by numerical simulations of attack robustness with false positive/negative rate (FPR/FNR) on three benchmark models including Erdős-Rényi (ER) networks, random regular (RR) networks, and scale-free (SF) networks. We show that ER networks are equivalently robust against RA and LA only when FPR equals zero or the initial network is intact. We find several interesting crossovers in RR and SF networks when FPR is taken into consideration. By defining the cost of attack, we observe diminishing marginal attack efficiency for RA, LA, and TA. Our finding highlights the potential risk of underestimating or ignoring FPR in understanding attack robustness. The results may provide insights into ways of enhancing robustness of network architecture and improve the level of protection of critical infrastructures.

Machine Learning Methods for Attack Detection in the Smart Grid.

Science.gov (United States)

Ozay, Mete; Esnaola, Inaki; Yarman Vural, Fatos Tunay; Kulkarni, Sanjeev R; Poor, H Vincent

2016-08-01

Attack detection problems in the smart grid are posed as statistical learning problems for different attack scenarios in which the measurements are observed in batch or online settings. In this approach, machine learning algorithms are used to classify measurements as being either secure or attacked. An attack detection framework is provided to exploit any available prior knowledge about the system and surmount constraints arising from the sparse structure of the problem in the proposed approach. Well-known batch and online learning algorithms (supervised and semisupervised) are employed with decision- and feature-level fusion to model the attack detection problem. The relationships between statistical and geometric properties of attack vectors employed in the attack scenarios and learning algorithms are analyzed to detect unobservable attacks using statistical learning methods. The proposed algorithms are examined on various IEEE test systems. Experimental analyses show that machine learning algorithms can detect attacks with performances higher than attack detection algorithms that employ state vector estimation methods in the proposed attack detection framework.

Transient Ischemic Attack

Medline Plus

Full Text Available ... stroke symptoms. Popular Topics TIA Cardiac Catheter Cholesterol Heart Attack Stent © 2018, American Heart Association, Inc. All rights reserved. Unauthorized use prohibited. ...

Strategic Alliance Poker: Demonstrating the Importance of Complementary Resources and Trust in Strategic Alliance Management

Science.gov (United States)

Reutzel, Christopher R.; Worthington, William J.; Collins, Jamie D.

2012-01-01

Strategic Alliance Poker (SAP) provides instructors with an opportunity to integrate the resource based view with their discussion of strategic alliances in undergraduate Strategic Management courses. Specifically, SAP provides Strategic Management instructors with an experiential exercise that can be used to illustrate the value creation…

Application distribution model and related security attacks in VANET

Science.gov (United States)

Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

2013-03-01

In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

Nonepileptic attack disorder among married women.

Science.gov (United States)

Dhanaraj, M; Rangaraj, R; Arulmozhi, T; Vengatesan, A

2005-06-01

To study the clinical features, precipitating stressful life events and prognosis of nonepileptic attack disorder (NEAD) among married women. Prospective cohort study with 1-year follow-up. A tertiary care teaching hospital. Of the 1020 patients with epilepsy referred to the epilepsy clinic during 2002-2003, 30 were married women with NEAD. The diagnostic criteria for NEAD included normal EEG during ictal and post-ictal phase of the generalized 'attack.' The data collected included clinical characteristics, semiology of the attacks, precipitating stressful events, and co-morbid psychiatric disorders. The control group included 30 age-matched married women with generalized tonic-clonic seizures. The long-term outcome and factors influencing the outcomes were analyzed. The mean duration of illness was 18 months, and the pattern of the attack was 'fall and lying still' in 53% and 'fall with generalized motor movements' in 47%. The frequency was one or more per week in 57% and occasionally in 43%. The important stressful events were matrimonial discord following illegal relationship of the husband with another woman (chi2 = 9.02, P = 0.003) and constant quarrel with other family members (chi2 = 5.19, P = 0.02). The prevalence of sexual abuse was low (7%). Co-morbid psychiatric disorder was observed in 70%. At the end of 1 year, 39% were free from the attack. Resolution of the stressful life events (chi2 = 4.52, P = 0.03) and lower frequency of attack at the time of reporting (chi2 = 3.88, P = 0.05) correlated with good outcomes. Among patients with NEAD in India, the major precipitating factors were matrimonial discord following illegal relationship of the husband with another woman and constant quarrel with other family members and not sexual abuse. Women with low frequency of attack at the time of reporting and the remission of the stressful events had better outcomes.

Subclinical endophthalmitis following a rooster attack.

Science.gov (United States)

Lekse Kovach, Jaclyn; Maguluri, Srilakshmi; Recchia, Franco M

2006-12-01

Ocular injury resulting from rooster attacks is rarely reported in the literature. Sadly, the target of these attacks is most often children younger than 3 years old, whose naiveté of the aggressive, territorial behavior of birds can place them at risk. Acute sequelae of these attacks can result in a lifetime of visual impairment. The possibility of a subacute or occult infection is an unusual occurrence that must always be considered. In an effort to prevent future attacks and ocular casualties, we present a case of a 12-month-old boy who suffered an open globe following a rooster attack. The open globe was emergently repaired. One week later, a white cataract was noticed on examination in the absence of systemic or ocular signs of inflammation. Traumatic endophthalmitis and lenticular abscess were suspected during examination under anesthesia. Vitrectomy, lensectomy, and injection of intravitreal antibiotics were performed. Culture of lenticular and vitreous aspirates grew alpha-streptococcus. Alpha-streptococcal endophthalmitis can result from ocular injuries caused by rooster pecking. The infection may present insidiously and without typical ocular or systemic symptoms or signs. Management is challenging and may require surgery.

Strategic agility for nursing leadership.

Science.gov (United States)

Shirey, Maria R

2015-06-01

This department highlights change management strategies that may be successful in strategically planning and executing organizational change. In this article, the author discusses strategic agility as an important leadership competency and offers approaches for incorporating strategic agility in healthcare systems. A strategic agility checklist and infrastructure-building approach are presented.

Robustness analysis of interdependent networks under multiple-attacking strategies

Science.gov (United States)

Gao, Yan-Li; Chen, Shi-Ming; Nie, Sen; Ma, Fei; Guan, Jun-Jie

2018-04-01

The robustness of complex networks under attacks largely depends on the structure of a network and the nature of the attacks. Previous research on interdependent networks has focused on two types of initial attack: random attack and degree-based targeted attack. In this paper, a deliberate attack function is proposed, where six kinds of deliberate attacking strategies can be derived by adjusting the tunable parameters. Moreover, the robustness of four types of interdependent networks (BA-BA, ER-ER, BA-ER and ER-BA) with different coupling modes (random, positive and negative correlation) is evaluated under different attacking strategies. Interesting conclusions could be obtained. It can be found that the positive coupling mode can make the vulnerability of the interdependent network to be absolutely dependent on the most vulnerable sub-network under deliberate attacks, whereas random and negative coupling modes make the vulnerability of interdependent network to be mainly dependent on the being attacked sub-network. The robustness of interdependent network will be enhanced with the degree-degree correlation coefficient varying from positive to negative. Therefore, The negative coupling mode is relatively more optimal than others, which can substantially improve the robustness of the ER-ER network and ER-BA network. In terms of the attacking strategies on interdependent networks, the degree information of node is more valuable than the betweenness. In addition, we found a more efficient attacking strategy for each coupled interdependent network and proposed the corresponding protection strategy for suppressing cascading failure. Our results can be very useful for safety design and protection of interdependent networks.

Nuclear deterrence: Inherent escalation?

International Nuclear Information System (INIS)

Bergbauer, J.R. Jr.

1993-01-01

Despite 40 years of peace between the super powers, there is increasing clamor to the effect that nuclear war between the super powers is imminent; or could occur through escalation from a minor conflict; or could result from harsh rhetoric (but only on the part of the U.S.) in the super power dialogue. The factor that is ignored is that a massive nuclear attack would be rational ONLY if that attack could inflict such damage that the other super power could not launch a significant retaliatory nuclear attack. ONLY in this circumstance would there be any profit in launching an initial Strategic Nuclear Attack. This First Strike capability is not now possessed nor projected to be developed by either super power. As long as ANY possible Strategic Nuclear Attack against the national territory of one super power would be insufficient to prevent an equally destructive retaliatory attack, then a Strategic Nuclear Attack would inevitably result in the destruction of both and would be profitless, hence, pointless. This situation describes Mutually Assured Destruction (MAD), the governing conflict paradigm applicable to both super powers. The only convential attack that would even remotely rival the national-destruction potential of a Strategic Nuclear Attack and could cause the attacked power to consider launching a retaliatory Strategic Nuclear Attack would be a massive land-air invasion/occupation of one super power by the other. Since neither super power can successfully execute such a conventional invasion/occupation, this situation is moot. The geo-political environments of the two super powers are so asymmetrical and their military positions so symmetrical that the probability of ANY forseeable situation resulting in their resorting to a Strategic Nuclear Exchange is vanishingly small. It is possible escape the Chicken-Little syndrome and, instead, devote energy to ensuring the maintenance of this favorable, but fragile, world system

Optimizing power system investments and resilience against attacks

International Nuclear Information System (INIS)

Fang, Yiping; Sansavini, Giovanni

2017-01-01

This paper studies the combination of capacity expansion and switch installation in electric systems that ensures optimum performance under nominal operations and attacks. The planner–attacker–defender model is adopted to develop decisions that minimize investment and operating costs, and functionality loss after attacks. The model bridges long-term system planning for transmission expansion and short-term switching operations in reaction to attacks. The mixed-integer optimization is solved by decomposition via two-layer cutting plane algorithm. Numerical results on an IEEE system shows that small investments in transmission line switching enhance resilience by responding to disruptions via system reconfiguration. Sensitivity analyses show that transmission planning under the assumption of small-scale attacks provides the most robust strategy, i.e. the minimum-regret planning, if many constraints and limited investment budget affect the planning. On the other hand, the assumption of large-scale attacks provides the most robust strategy if the planning process involves large flexibility and budget. - Highlights: • Investment optimization in power systems under attacks is presented. • Capacity expansion and switch installation for system reconfiguration are combined. • The problem is solved by decomposition via two-layer cutting plane algorithm. • Small investments in switch installation enhance resilience by response to attacks. • Sensitivity analyses identify robust planning against different attack scenarios.

Attacker Modelling in Ubiquitous Computing Systems

DEFF Research Database (Denmark)

Papini, Davide

in with our everyday life. This future is visible to everyone nowadays: terms like smartphone, cloud, sensor, network etc. are widely known and used in our everyday life. But what about the security of such systems. Ubiquitous computing devices can be limited in terms of energy, computing power and memory...... attacker remain somehow undened and still under extensive investigation. This Thesis explores the nature of the ubiquitous attacker with a focus on how she interacts with the physical world and it denes a model that captures the abilities of the attacker. Furthermore a quantitative implementation...

Peacetime Use of Computer Network Attack

National Research Council Canada - National Science Library

Busby, Daniel

2000-01-01

.... PDD-63 alerts the nation to prepare for impending cyber attacks. This paper examines the nature, scale, and likelihood of cyber attacks posited in PDD-63 and finds that the country does not face an imminent "electronic Pearl Harbor...

Complex Strategic Choices Applying Systemic Planning for Strategic Decision Making

CERN Document Server

Leleur, Steen

2012-01-01

Effective decision making requires a clear methodology, particularly in a complex world of globalisation. Institutions and companies in all disciplines and sectors are faced with increasingly multi-faceted areas of uncertainty which cannot always be effectively handled by traditional strategies. Complex Strategic Choices provides clear principles and methods which can guide and support strategic decision making to face the many current challenges. By considering ways in which planning practices can be renewed and exploring the possibilities for acquiring awareness and tools to add value to strategic decision making, Complex Strategic Choices presents a methodology which is further illustrated by a number of case studies and example applications. Dr. Techn. Steen Leleur has adapted previously established research based on feedback and input from various conferences, journals and students resulting in new material stemming from and focusing on practical application of a systemic approach. The outcome is a coher...

Denial of Service Attack Techniques: Analysis, Implementation and Comparison

Directory of Open Access Journals (Sweden)

Khaled Elleithy

2005-02-01

Full Text Available A denial of service attack (DOS is any type of attack on a networking structure to disable a server from servicing its clients. Attacks range from sending millions of requests to a server in an attempt to slow it down, flooding a server with large packets of invalid data, to sending requests with an invalid or spoofed IP address. In this paper we show the implementation and analysis of three main types of attack: Ping of Death, TCP SYN Flood, and Distributed DOS. The Ping of Death attack will be simulated against a Microsoft Windows 95 computer. The TCP SYN Flood attack will be simulated against a Microsoft Windows 2000 IIS FTP Server. Distributed DOS will be demonstrated by simulating a distribution zombie program that will carry the Ping of Death attack. This paper will demonstrate the potential damage from DOS attacks and analyze the ramifications of the damage.

Attacks on IEEE 802.11 wireless networks

Directory of Open Access Journals (Sweden)

Dejan Milan Tepšić

2013-06-01

Full Text Available Security of wireless computer networks was initially secured with the WEP security protocol, which relies on the RC4 encryption algorithm and the CRC algorithm to check the integrity. The basic problems of the WEP are a short initialization vector, unsafe data integrity checking, using a common key, the lack of mechanisms for management and exchange of keys, the lack of protection from the endless insertion of the same package into the network, the lack of authentication of access points and the like. The consequences of these failures are easy attacks against the WEP network, namely their complete insecurity. Therefore, the work began on the IEEE 802.11i protocol, which should radically improve the security of wireless networks. Since the development of a protocol lasted, the WPA standard was released to offset the security gap caused by the WEP. The WPA also relies on RC4 and CRC algorithms, but brings temporary keys and the MIC algorithm for data integrity. The 802.1X authentication was introduced and common keys are no longer needed, since it is possible to use an authentication server. The length of the initialization vector was increased and the vector is obtained based on the packet serial number, in order to prevent the insertion of the same packet into the network. The weakness of the WPA security mechanism is the use of a common key. WPA2 (802.11i later appeared. Unlike the WPA mechanism that worked on old devices with the replacement of software, WPA2 requires new network devices that can perform AES encryption. AES replaces the RC4 algorithm and delivers much greater security. Data integrity is protected by encryption. Despite progress, there are still weaknesses in wireless networks. Attacks for denial of service are possible as well as spoofing package headers attacks. For now, it is not advisable to use wireless networks in environments where unreliability and unavailability are not tolerated. Introduction In the entire history of

Strategic planning for neuroradiologists.

Science.gov (United States)

Berlin, Jonathan W; Lexa, Frank J

2012-08-01

Strategic planning is becoming essential to neuroradiology as the health care environment continues to emphasize cost efficiency, teamwork and collaboration. A strategic plan begins with a mission statement and vision of where the neuroradiology division would like to be in the near future. Formalized strategic planning frameworks, such as the strengths, weaknesses, opportunities and threats (SWOT), and the Balanced Scorecard frameworks, can help neuroradiology divisions determine their current position in the marketplace. Communication, delegation, and accountability in neuroradiology is essential in executing an effective strategic plan. Copyright © 2012 Elsevier Inc. All rights reserved.

Temporal Cyber Attack Detection.

Energy Technology Data Exchange (ETDEWEB)

Ingram, Joey Burton [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Draelos, Timothy J. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Galiardi, Meghan [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Doak, Justin E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2017-11-01

Rigorous characterization of the performance and generalization ability of cyber defense systems is extremely difficult, making it hard to gauge uncertainty, and thus, confidence. This difficulty largely stems from a lack of labeled attack data that fully explores the potential adversarial space. Currently, performance of cyber defense systems is typically evaluated in a qualitative manner by manually inspecting the results of the system on live data and adjusting as needed. Additionally, machine learning has shown promise in deriving models that automatically learn indicators of compromise that are more robust than analyst-derived detectors. However, to generate these models, most algorithms require large amounts of labeled data (i.e., examples of attacks). Algorithms that do not require annotated data to derive models are similarly at a disadvantage, because labeled data is still necessary when evaluating performance. In this work, we explore the use of temporal generative models to learn cyber attack graph representations and automatically generate data for experimentation and evaluation. Training and evaluating cyber systems and machine learning models requires significant, annotated data, which is typically collected and labeled by hand for one-off experiments. Automatically generating such data helps derive/evaluate detection models and ensures reproducibility of results. Experimentally, we demonstrate the efficacy of generative sequence analysis techniques on learning the structure of attack graphs, based on a realistic example. These derived models can then be used to generate more data. Additionally, we provide a roadmap for future research efforts in this area.

STRATEGIC MANAGEMENT ACCOUNTING: DEFINITION AND TOOLS

Directory of Open Access Journals (Sweden)

Nadiia Pylypiv

2017-08-01

Full Text Available The article is dedicated to learning the essence of the definition of “strategic management accounting” in domestic and foreign literature. Strategic management accounting tools has been studied and identified constraints that affect its choice. The result of the study is that the understanding of strategic management accounting was formed by authors. The tools which are common for both traditional managerial accounting and strategic and the specific tools necessary for efficient implementation of strategic management accounting have been defined. Keywords: strategic management accounting, definition, tools, strategic management decisions.

12 CFR 263.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 3 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in... shall be excused based on the pendency before any court of any interlocutory appeal or collateral attack. ...

12 CFR 509.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding....17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is... shall be excused based on the pendency before any court of any interlocutory appeal or collateral attack. ...

Detection of complex cyber attacks

Science.gov (United States)

Gregorio-de Souza, Ian; Berk, Vincent H.; Giani, Annarita; Bakos, George; Bates, Marion; Cybenko, George; Madory, Doug

2006-05-01

One significant drawback to currently available security products is their inabilty to correlate diverse sensor input. For instance, by only using network intrusion detection data, a root kit installed through a weak username-password combination may go unnoticed. Similarly, an administrator may never make the link between deteriorating response times from the database server and an attacker exfiltrating trusted data, if these facts aren't presented together. Current Security Information Management Systems (SIMS) can collect and represent diverse data but lack sufficient correlation algorithms. By using a Process Query System, we were able to quickly bring together data flowing from many sources, including NIDS, HIDS, server logs, CPU load and memory usage, etc. We constructed PQS models that describe dynamic behavior of complicated attacks and failures, allowing us to detect and differentiate simultaneous sophisticated attacks on a target network. In this paper, we discuss the benefits of implementing such a multistage cyber attack detection system using PQS. We focus on how data from multiple sources can be combined and used to detect and track comprehensive network security events that go unnoticed using conventional tools.

Vulnerability Assessment by Learning Attack Specifications in Graphs

NARCIS (Netherlands)

Nunes Leal Franqueira, V.; Lopes, Raul H.C.

This paper presents an evolutionary approach for learning attack specifications that describe attack scenarios. The objective is to find vulnerabilities in computer networks which minimise the cost of an attack with maximum impact. Although we focus on Insider Threat, the proposed approach applies

Attack Tree Generation by Policy Invalidation

NARCIS (Netherlands)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, René Rydhof; Kammüller, Florian; Naeem Akram, R.; Jajodia, S.

2015-01-01

Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identi﬿cation. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identi﬿ed

Biological and chemical terrorism: strategic plan for preparedness and response. Recommendations of the CDC Strategic Planning Workgroup.

Science.gov (United States)

2000-04-21

The U.S. national civilian vulnerability to the deliberate use of biological and chemical agents has been highlighted by recognition of substantial biological weapons development programs and arsenals in foreign countries, attempts to acquire or possess biological agents by militants, and high-profile terrorist attacks. Evaluation of this vulnerability has focused on the role public health will have detecting and managing the probable covert biological terrorist incident with the realization that the U.S. local, state, and federal infrastructure is already strained as a result of other important public health problems. In partnership with representatives for local and state health departments, other federal agencies, and medical and public health professional associations, CDC has developed a strategic plan to address the deliberate dissemination of biological or chemical agents. The plan contains recommendations to reduce U.S. vulnerability to biological and chemical terrorism--preparedness planning, detection and surveillance, laboratory analysis, emergency response, and communication systems. Training and research are integral components for achieving these recommendations. Success of the plan hinges on strengthening the relationships between medical and public health professionals and on building new partnerships with emergency management, the military, and law enforcement professionals.

Strategic Aspirations

DEFF Research Database (Denmark)

Christensen, Lars Thøger; Morsing, Mette; Thyssen, Ole

2016-01-01

are often encouraged by social norms, regulations, and institutions—for example, institutionalized standards for corporate social responsibility (CSR) reporting—they live through local articulations and enactments that allow organizations to discover who they are and who they might become. Strategic......Strategic aspirations are public announcements designed to inspire, motivate, and create expectations about the future. Vision statements or value declarations are examples of such talk, through which organizations announce their ideal selves and declare what they (intend to) do. While aspirations...... aspirations, in other words, have exploratory and inspirational potential—two features that are highly essential in complex areas such as sustainability and CSR. This entry takes a communicative focus on strategic aspirations, highlighting the value of aspirational talk, understood as ideals and intentions...

Neural network classifier of attacks in IP telephony

Science.gov (United States)

Safarik, Jakub; Voznak, Miroslav; Mehic, Miralem; Partila, Pavol; Mikulec, Martin

2014-05-01

Various types of monitoring mechanism allow us to detect and monitor behavior of attackers in VoIP networks. Analysis of detected malicious traffic is crucial for further investigation and hardening the network. This analysis is typically based on statistical methods and the article brings a solution based on neural network. The proposed algorithm is used as a classifier of attacks in a distributed monitoring network of independent honeypot probes. Information about attacks on these honeypots is collected on a centralized server and then classified. This classification is based on different mechanisms. One of them is based on the multilayer perceptron neural network. The article describes inner structure of used neural network and also information about implementation of this network. The learning set for this neural network is based on real attack data collected from IP telephony honeypot called Dionaea. We prepare the learning set from real attack data after collecting, cleaning and aggregation of this information. After proper learning is the neural network capable to classify 6 types of most commonly used VoIP attacks. Using neural network classifier brings more accurate attack classification in a distributed system of honeypots. With this approach is possible to detect malicious behavior in a different part of networks, which are logically or geographically divided and use the information from one network to harden security in other networks. Centralized server for distributed set of nodes serves not only as a collector and classifier of attack data, but also as a mechanism for generating a precaution steps against attacks.

[Treatment strategies for mass casualty incidents and terrorist attacks in trauma and vascular surgery : Presentation of a treatment concept].

Science.gov (United States)

Friemert, B; Franke, A; Bieler, D; Achatz, A; Hinck, D; Engelhardt, M

2017-10-01

The treatment of patients in the context of mass casualty incidents (MCI) represents a great challenge for the participating rescue workers and clinics. Due to the increase in terrorist activities it is necessary to become familiar with this new kind of threat to civilization with respect to the medical treatment of victims of terrorist attacks. There are substantial differences between a "normal" MCI and a terrorist MCI with respect to injury patterns (blunt trauma vs. penetrating/perforating trauma), the type and form of the incident (MCI=static situation vs. terrorist attack MCI= dynamic situation) and the different security positions (rescue services vs. police services). This article is concerned with question of which changes in the surgical treatment of patients are made necessary by these new challenges. In this case it is necessary that physicians are familiar with the different injury patterns, whereby priority must be given to gunshot and explosion (blast) injuries. Furthermore, altered strategic and tactical approaches (damage control surgery vs. tactical abbreviated surgical care) are necessary to ensure survival for as many victims of terrorist attacks as possible and also to achieve the best possible functional results. It is only possible to successfully counter these new challenges by changing the mindset in the treatment of terrorist MCI compared to MCI incidents. An essential component of this mindset is the acquisition of a maximum of flexibility. This article would like to make a contribution to this problem.

SCADA system vulnerabilities to cyber attack

Energy Technology Data Exchange (ETDEWEB)

Shaw, W. T. [Cyber Security Consulting (Canada)

2004-10-01

The susceptibility to terrorist attacks of computer-based supervisory control (SCADA) systems that are used to monitor and control water distribution systems, oil and gas pipelines and the electrical grid, is discussed. The discussion includes ways in which SCADA systems may be attacked and remedial actions that may be taken to reduce or eliminate the possibility of such attacks. Attacks may take the form of causing the system to generate false data to divert attention from impending system disasters, or commandeer the system to seriously disable it, or cause damage to the process or equipment being controlled by sending improper control commands. SCADA systems are also vulnerable to internal threats, either from an accidental action that results in damage, or an intentional action, as for example by a disgruntled employee, or ex-employee, usually by way of reprogramming an RTU or PLC by accessing the polling/communications circuit. Recent SCADA systems are much more susceptible to concerted cyber attacks because of the adoption of IT technologies and standards into the design of such systems. (Older systems are more likely to be unique designs, hence less susceptible to attack). As far as protection of SCADA systems is concerned, there are no technologies that would prevent a technologically sophisticated terrorist or disgruntled employee from doing major damage to the system, however, the IT world has developed a range of technologies for the protection of IT assets, and many of these same technologies can also be used to safeguard modern SCADA systems.

Combating Memory Corruption Attacks On Scada Devices

Science.gov (United States)

Bellettini, Carlo; Rrushi, Julian

Memory corruption attacks on SCADA devices can cause significant disruptions to control systems and the industrial processes they operate. However, despite the presence of numerous memory corruption vulnerabilities, few, if any, techniques have been proposed for addressing the vulnerabilities or for combating memory corruption attacks. This paper describes a technique for defending against memory corruption attacks by enforcing logical boundaries between potentially hostile data and safe data in protected processes. The technique encrypts all input data using random keys; the encrypted data is stored in main memory and is decrypted according to the principle of least privilege just before it is processed by the CPU. The defensive technique affects the precision with which attackers can corrupt control data and pure data, protecting against code injection and arc injection attacks, and alleviating problems posed by the incomparability of mitigation techniques. An experimental evaluation involving the popular Modbus protocol demonstrates the feasibility and efficiency of the defensive technique.

The neoliberalisation of strategic spatial planning

DEFF Research Database (Denmark)

Olesen, Kristian

2014-01-01

scales, and partly through the normalisation of neoliberal discourses in strategic spatial planning processes. This paper analyses the complex relationship, partly of unease and partly of coevolution, between neoliberalism and strategic spatial planning. Furthermore, the paper discusses the key......Strategic spatial planning practices have recently taken a neoliberal turn in many northwestern European countries. This neoliberalisation of strategic spatial planning has materialised partly in governance reforms aiming to reduce or abolish strategic spatial planning at national and regional...... challenges for strategic spatial planning in the face of neoliberalism and argues for a need to strengthen strategic spatial planning’s critical dimension....

Attack Methodology Analysis: Emerging Trends in Computer-Based Attack Methodologies and Their Applicability to Control System Networks

Energy Technology Data Exchange (ETDEWEB)

Bri Rolston

2005-06-01

Threat characterization is a key component in evaluating the threat faced by control systems. Without a thorough understanding of the threat faced by critical infrastructure networks, adequate resources cannot be allocated or directed effectively to the defense of these systems. Traditional methods of threat analysis focus on identifying the capabilities and motivations of a specific attacker, assessing the value the adversary would place on targeted systems, and deploying defenses according to the threat posed by the potential adversary. Too many effective exploits and tools exist and are easily accessible to anyone with access to an Internet connection, minimal technical skills, and a significantly reduced motivational threshold to be able to narrow the field of potential adversaries effectively. Understanding how hackers evaluate new IT security research and incorporate significant new ideas into their own tools provides a means of anticipating how IT systems are most likely to be attacked in the future. This research, Attack Methodology Analysis (AMA), could supply pertinent information on how to detect and stop new types of attacks. Since the exploit methodologies and attack vectors developed in the general Information Technology (IT) arena can be converted for use against control system environments, assessing areas in which cutting edge exploit development and remediation techniques are occurring can provide significance intelligence for control system network exploitation, defense, and a means of assessing threat without identifying specific capabilities of individual opponents. Attack Methodology Analysis begins with the study of what exploit technology and attack methodologies are being developed in the Information Technology (IT) security research community within the black and white hat community. Once a solid understanding of the cutting edge security research is established, emerging trends in attack methodology can be identified and the gap between

Trace Attack against Biometric Mobile Applications

Directory of Open Access Journals (Sweden)

Sanaa Ghouzali

2016-01-01

Full Text Available With the exponential increase in the dependence on mobile devices in everyday life, there is a growing concern related to privacy and security issues in the Gulf countries; therefore, it is imperative that security threats should be analyzed in detail. Mobile devices store enormous amounts of personal and financial information, unfortunately without any security. In order to secure mobile devices against different threats, biometrics has been applied and shown to be effective. However, biometric mobile applications are also vulnerable to several types of attacks that can decrease their security. Biometric information itself is considered sensitive data; for example, fingerprints can leave traces in touched objects and facial images can be captured everywhere or accessed by the attacker if the facial image is stored in the mobile device (lost or stolen. Hence, an attacker can easily forge the identity of a legitimate user and access data on a device. In this paper, the effects of a trace attack on the sensitivity of biometric mobile applications are investigated in terms of security and user privacy. Experimental results carried out on facial and fingerprint mobile authentication applications using different databases have shown that these mobile applications are vulnerable to the proposed attack, which poses a serious threat to the overall system security and user privacy.

The Hurt of Judgment in Excessive Weight Women: A Hermeneutic Study.

Science.gov (United States)

Mehrdad, Neda; Hossein Abbasi, Nahid; Nikbakht Nasrabadi, Alireza

2015-04-23

Excess weight is one of the increasing problems of the present society and one of the threatening health conditions around the world. Despite many efforts for prevention and treatment or even surgery, the process of excess weight is not decreased in the world. While most of the studies conducted on excess weight concentrated on the issues why people get excess weight or how the prevention and treatment of excess weight must be performed, there is lake of knowledge about what excessive weight people really experience in their daily life. Understanding the lived experience of excess weight in women is linked with their health and society's health while it indirectly develops the nursing knowledge to improve the quality and access to holistic health care in excessive weight women. The aim of study was to describe with a deeper understanding, the lived experience of excess weight in women. Using a hermeneutic phenomenological approach and a van-manen analysis methods, in depth semi- structured interviews were conducted with twelve women who had lived experience of excess weight. The hurt of Judgment was the main theme that emerged in the process of data analysis. This theme was derived from three sub-themes including social judgment, being different and being seen. These findings can prove helpful in promoting the nursing knowledge concerning a holistic approach in communicating to excessive weight people.

Strategic Communication Institutionalized

DEFF Research Database (Denmark)

Kjeldsen, Anna Karina

2013-01-01

of institutionalization when strategic communication is not yet visible as organizational practice, and how can such detections provide explanation for the later outcome of the process? (2) How can studies of strategic communication benefit from an institutional perspective? How can the virus metaphor generate a deeper...... understanding of the mechanisms that interact from the time an organization is exposed to a new organizational idea such as strategic communication until it surfaces in the form of symptoms such as mission and vision statements, communication manuals and communication positions? The first part of the article...... focuses on a discussion of the virus metaphor as an alternative to the widespread fashion metaphor for processes of institutionalization. The second part of the article provides empirical examples of the virus metaphor employed, examples that are drawn from a study of the institutionalization of strategic...

Limit Asthma Attacks Caused by Colds or Flu

Science.gov (United States)

Asthma: Limit asthma attacks caused by colds or flu A cold or the flu can trigger an asthma attack. Here's why — and how to keep your sneeze ... plan. If you notice warning signs of an asthma attack — such as coughing, wheezing, chest tightness or shortness ...

Quantitative Attack Tree Analysis via Priced Timed Automata

NARCIS (Netherlands)

Kumar, Rajesh; Ruijters, Enno Jozef Johannes; Stoelinga, Mariëlle Ida Antoinette; Sankaranarayanan, Sriram; Vicario, Enrico

The success of a security attack crucially depends on the resources available to an attacker: time, budget, skill level, and risk appetite. Insight in these dependencies and the most vulnerable system parts is key to providing effective counter measures. This paper considers attack trees, one of the

Finite Energy and Bounded Actuator Attacks on Cyber-Physical Systems

Energy Technology Data Exchange (ETDEWEB)

Djouadi, Seddik M [ORNL; Melin, Alexander M [ORNL; Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Dong, Jin [ORNL; Drira, Anis [ORNL

2015-01-01

As control system networks are being connected to enterprise level networks for remote monitoring, operation, and system-wide performance optimization, these same connections are providing vulnerabilities that can be exploited by malicious actors for attack, financial gain, and theft of intellectual property. Much effort in cyber-physical system (CPS) protection has focused on protecting the borders of the system through traditional information security techniques. Less effort has been applied to the protection of cyber-physical systems from intelligent attacks launched after an attacker has defeated the information security protections to gain access to the control system. In this paper, attacks on actuator signals are analyzed from a system theoretic context. The threat surface is classified into finite energy and bounded attacks. These two broad classes encompass a large range of potential attacks. The effect of theses attacks on a linear quadratic (LQ) control are analyzed, and the optimal actuator attacks for both finite and infinite horizon LQ control are derived, therefore the worst case attack signals are obtained. The closed-loop system under the optimal attack signals is given and a numerical example illustrating the effect of an optimal bounded attack is provided.

Modeling attacker-defender interactions in information networks.

Energy Technology Data Exchange (ETDEWEB)

Collins, Michael Joseph

2010-09-01

The simplest conceptual model of cybersecurity implicitly views attackers and defenders as acting in isolation from one another: an attacker seeks to penetrate or disrupt a system that has been protected to a given level, while a defender attempts to thwart particular attacks. Such a model also views all non-malicious parties as having the same goal of preventing all attacks. But in fact, attackers and defenders are interacting parts of the same system, and different defenders have their own individual interests: defenders may be willing to accept some risk of successful attack if the cost of defense is too high. We have used game theory to develop models of how non-cooperative but non-malicious players in a network interact when there is a substantial cost associated with effective defensive measures. Although game theory has been applied in this area before, we have introduced some novel aspects of player behavior in our work, including: (1) A model of how players attempt to avoid the costs of defense and force others to assume these costs; (2) A model of how players interact when the cost of defending one node can be shared by other nodes; and (3) A model of the incentives for a defender to choose less expensive, but less effective, defensive actions.

On strategic spatial planning

Directory of Open Access Journals (Sweden)

Tošić Branka

2014-01-01

Full Text Available The goal of this paper is to explain the origin and development of strategic spatial planning, to show complex features and highlight the differences and/or advantages over traditional, physical spatial planning. Strategic spatial planning is seen as one of approaches in legally defined planning documents, and throughout the display of properties of sectoral national strategies, as well as issues of strategic planning at the local level in Serbia. The strategic approach is clearly recognized at the national and sub-national level of spatial planning in European countries and in our country. It has been confirmed by the goals outlined in documents of the European Union and Serbia that promote the grounds of territorial cohesion and strategic integrated planning, emphasizing cooperation and the principles of sustainable spatial development. [Projekat Ministarstva nauke Republike Srbije, br. 176017

Activity Modelling and Comparative Evaluation of WSN MAC Security Attacks

DEFF Research Database (Denmark)

Pawar, Pranav M.; Nielsen, Rasmus Hjorth; Prasad, Neeli R.

2012-01-01

and initiate security attacks that disturb the normal functioning of the network in a severe manner. Such attacks affect the performance of the network by increasing the energy consumption, by reducing throughput and by inducing long delays. Of all existing WSN attacks, MAC layer attacks are considered...... the most harmful as they directly affect the available resources and thus the nodes’ energy consumption. The first endeavour of this paper is to model the activities of MAC layer security attacks to understand the flow of activities taking place when mounting the attack and when actually executing it....... The second aim of the paper is to simulate these attacks on hybrid MAC mechanisms, which shows the performance degradation of aWSN under the considered attacks. The modelling and implementation of the security attacks give an actual view of the network which can be useful in further investigating secure...

Algebraic Side-Channel Attack on Twofish

Directory of Open Access Journals (Sweden)

Chujiao Ma

2017-05-01

Full Text Available While algebraic side-channel attack (ASCA has been successful in breaking simple cryptographic algorithms, it has never been done on larger or more complex algorithms such as Twofish. Compared to other algorithms that ASCA has been used on, Twofish is more difficult to attack due to the key-dependent S-boxes as well as the complex key scheduling. In this paper, we propose the first algebraic side-channel attack on Twofish, and examine the importance of side-channel information in getting past the key-dependent S-boxes and the complex key scheduling. The cryptographic algorithm and side-channel information are both expressed as boolean equations and a SAT solver is used to recover the key. While algebraic attack by itself is not sufficient to break the algorithm, with the help of side-channel information such as Hamming weights, we are able to correctly solve for 96 bits of the 128 bits key in under 2 hours with known plaintext/ciphertext.

On localization attacks against cloud infrastructure

Science.gov (United States)

Ge, Linqiang; Yu, Wei; Sistani, Mohammad Ali

2013-05-01

One of the key characteristics of cloud computing is the device and location independence that enables the user to access systems regardless of their location. Because cloud computing is heavily based on sharing resource, it is vulnerable to cyber attacks. In this paper, we investigate a localization attack that enables the adversary to leverage central processing unit (CPU) resources to localize the physical location of server used by victims. By increasing and reducing CPU usage through the malicious virtual machine (VM), the response time from the victim VM will increase and decrease correspondingly. In this way, by embedding the probing signal into the CPU usage and correlating the same pattern in the response time from the victim VM, the adversary can find the location of victim VM. To determine attack accuracy, we investigate features in both the time and frequency domains. We conduct both theoretical and experimental study to demonstrate the effectiveness of such an attack.

Network attacks and defenses a hands-on approach

CERN Document Server

Trabelsi, Zouheir; Al Braiki, Arwa; Mathew, Sujith Samuel

2012-01-01

The attacks on computers and business networks are growing daily, and the need for security professionals who understand how malfeasants perform attacks and compromise networks is a growing requirement to counter the threat. Network security education generally lacks appropriate textbooks with detailed, hands-on exercises that include both offensive and defensive techniques. Using step-by-step processes to build and generate attacks using offensive techniques, Network Attacks and Defenses: A Hands-on Approach enables students to implement appropriate network security solutions within a laborat

SDN-Based Double Hopping Communication against Sniffer Attack

Directory of Open Access Journals (Sweden)

Zheng Zhao

2016-01-01

Full Text Available Sniffer attack has been a severe threat to network communication security. Traditional network usually uses static network configuration, which provides convenience to sniffer attack. In this paper, an SDN-based double hopping communication (DHC approach is proposed to solve this problem. In DHC, ends in communication packets as well as the routing paths are changed dynamically. Therefore, the traffic will be distributed to multiple flows and transmitted along different paths. Moreover, the data from multiple users will be mixed, bringing difficulty for attackers in obtaining and recovering the communication data, so that sniffer attack will be prevented effectively. It is concluded that DHC is able to increase the overhead of sniffer attack, as well as the difficulty of communication data recovery.

Attacks on Bluetooth Security Architecture and Its Countermeasures

Science.gov (United States)

Iqbal, Mian Muhammad Waseem; Kausar, Firdous; Wahla, Muhammad Arif

WPANs compliment the traditional IEEE 802.11 wireless networks by facilitating the clients with flexibility in network topologies, higher mobility and relaxed configuration/hardware requirements. Bluetooth, a WPAN technology, is an open standard for short-range radio frequency (RF) communication. However, it is also susceptible to typical security threats found in wireless LANs. This paper discuses some of the attack scenarios against the bluetooth network such as hostile intrusion, active Man-in-the-Middle (MITM) attack using unit key and various forms of denial of service (DoS) attacks. These threats and attacks compromise the confidentiality and availability of bluetooth data and services. This paper proposes an improved security architecture for bluetooth device which provides protection against the above mentioned attacks.

The efficiency and the effectiveness of strategic management: from strategic planning to organizational change

Directory of Open Access Journals (Sweden)

Rolando Juan Soliz Estrada

2007-09-01

Full Text Available Strategic management is a technique which has as structuring basis the Strategic Administration and the Strategic Planning, adding to its improvement the administrative perspective of organization changes. However, the organization change models developed in the last years have been elaborated aiming the managing of general organization changes, and do not have a specific approach to the managing and improvement of Strategic Planning and the Changes caused by them, it means they are not models which focus directly on the Strategic Management. This work had as objectives to develop a Model of Strategic Administration and a Model of Organizational Change, which associated turn efficient and effective the Organizations’ Administration. In order to develop this work were used concepts and approaches preconized by qualitative research. As results, the two Models are presented, as well as their validation in an organization with lucrative objectives.

The strategic entrepreneurial thinking imperative

OpenAIRE

S. Dhliwayo; J. J. Van Vuuren

2007-01-01

Purpose: The aim of this paper is to demonstrate that strategic entrepreneurial thinking is a unitary concept which should be viewed as a standalone construct. Design/Methodology/Approach: The concept strategic entrepreneurial thinking is modelled from an analysis of strategic thinking and entrepreneurial thinking from available literature. The strategic entrepreneurial mindset imperative is then emphasised and confirmed. Findings: This paper's finding is that there is no diff...

76 FR 52642 - Notice of Advisory Committee Closed Meeting; U.S. Strategic Command Strategic Advisory Group

Science.gov (United States)

2011-08-23

... DEPARTMENT OF DEFENSE Notice of Advisory Committee Closed Meeting; U.S. Strategic Command Strategic Advisory Group AGENCY: Department of Defense. ACTION: Notice of Advisory Committee closed meeting.... Strategic Command Strategic Advisory Group. DATES: November 1, 2011, from 8 a.m. to 5 p.m. and November 2...

An SDN-Based Fingerprint Hopping Method to Prevent Fingerprinting Attacks

Directory of Open Access Journals (Sweden)

Zheng Zhao

2017-01-01

Full Text Available Fingerprinting attacks are one of the most severe threats to the security of networks. Fingerprinting attack aims to obtain the operating system information of target hosts to make preparations for future attacks. In this paper, a fingerprint hopping method (FPH is proposed based on software-defined networks to defend against fingerprinting attacks. FPH introduces the idea of moving target defense to show a hopping fingerprint toward the fingerprinting attackers. The interaction of the fingerprinting attack and its defense is modeled as a signal game, and the equilibriums of the game are analyzed to develop an optimal defense strategy. Experiments show that FPH can resist fingerprinting attacks effectively.

A Handbook for Strategic Planning

Science.gov (United States)

1994-01-01

Total Quality Leadership, 48 mtrategic direction, strategic intent , organizational planning, 11tinaiCMc MIisiing.mysteusth nking, gap analysis 17 1CUPMtlI...Department of the Nawy vision, guiding principles, and strategic goals. Washington, DC: Author. Hamel, G., & Prahalad , C. K. (May-June 1989). Strategic ...professoional oirgani/atioins. strategic planning. Adv;ice mInav also take .,V resouirces, perimt, thet [QI 0 )fice, the form of recoiln~inedatioins onl

Strategic Talk in Film.

Science.gov (United States)

Payr, Sabine; Skowron, Marcin; Dobrosovestnova, Anna; Trapp, Martin; Trappl, Robert

2017-01-01

Conversational robots and agents are being designed for educational and/or persuasive tasks, e.g., health or fitness coaching. To pursue such tasks over a long time, they will need a complex model of the strategic goal, a variety of strategies to implement it in interaction, and the capability of strategic talk. Strategic talk is incipient ongoing conversation in which at least one participant has the objective of changing the other participant's attitudes or goals. The paper is based on the observation that strategic talk can stretch over considerable periods of time and a number of conversational segments. Film dialogues are taken as a source to develop a model of the strategic talk of mentor characters. A corpus of film mentor utterances is annotated on the basis of the model, and the data are interpreted to arrive at insights into mentor behavior, especially into the realization and sequencing of strategies.

Data-plane Defenses against Routing Attacks on Tor

Directory of Open Access Journals (Sweden)

Tan Henry

2016-10-01

Full Text Available Tor is susceptible to traffic correlation attacks in which an adversary who observes flows entering and leaving the anonymity network can apply statistical techniques to correlate flows and de-anonymize their endpoints. While an adversary may not be naturally positioned to conduct such attacks, a recent study shows that the Internet’s control-plane can be manipulated to increase an adversary’s view of the network, and consequently, improve its ability to perform traffic correlation. This paper explores, in-depth, the effects of control-plane attacks on the security of the Tor network. Using accurate models of the live Tor network, we quantify Tor’s susceptibility to these attacks by measuring the fraction of the Tor network that is vulnerable and the advantage to the adversary of performing the attacks. We further propose defense mechanisms that protect Tor users from manipulations at the control-plane. Perhaps surprisingly, we show that by leveraging existing trust anchors in Tor, defenses deployed only in the data-plane are sufficient to detect most control-plane attacks. Our defenses do not assume the active participation of Internet Service Providers, and require only very small changes to Tor. We show that our defenses result in a more than tenfold decrease in the effectiveness of certain control-plane attacks.

Information report on Proliferation geo-strategic stakes

International Nuclear Information System (INIS)

2009-11-01

This large report, notably based on interviews of many representatives of international institutions and politicians, ambassadors and researchers of different countries, all involved or specialized in nuclear and defence issues, starts with a description of the evolution of the international and geo-strategic context from the Cold War to a period of a new nuclear proliferation, with, in between, a period of stabilisation between the USA and the USSR. It also questions the various forms of proliferation which could be ballistic, biological, chemical, and cybernetic. Then, it analyses the role which mass destruction weapons have in international relationships, making a distinction between countries possessing such weapons (USA, Russia, China, France, Great-Britain), Israel which has been a newcomer for thirty years, the new actors (India, Pakistan, Iran, North Korea) with their own and different motivations, and the possible new actors (Libya, Syria). It comments the meaning of the ballistic threat and of the anti-missile defence. The third part of this report deals with the dissemination of proliferating technologies, describing the proliferation networks and the failure of actions against state-based proliferations, questioning the reality of the associated risks (discussion about the impact of September 11 attacks, about a chemical and biological terrorist threat which is realistic as well as difficult to be implemented, and about cybernetic attacks). The fourth part comments the impact of the international community on proliferation, outlining the different efficiencies of the international agreements and institutions (Chemical Weapons Convention, IAEA, Non Proliferation Treaty, Biological Weapons Convention, The Hague Code of Conduct), commenting the opportunities associated with other texts (those about nuclear free areas, or those produced by exporter groups), and discussing the attitude of the international community with respect to proliferation, and the

Rotational Rebound Attacks on Reduced Skein

DEFF Research Database (Denmark)

Khovratovich, Dmitry; Nikolic, Ivica; Rechberger, Christian

2010-01-01

In this paper we combine a recent rotational cryptanalysis with the rebound attack, which results in the best cryptanalysis of Skein, a candidate for the SHA-3 competition. The rebound attack approach was so far only applied to AES-like constructions. For the first time, we show that this approach...

Cultivating strategic thinking skills.

Science.gov (United States)

Shirey, Maria R

2012-06-01

This department highlights change management strategies that may be successful in strategically planning and executing organizational change initiatives. With the goal of presenting practical approaches helpful to nurse leaders advancing organizational change, content includes evidence-based projects, tools, and resources that mobilize and sustain organizational change initiatives. In this article, the author presents an overview of strategic leadership and offers approaches for cultivating strategic thinking skills.

Step to improve neural cryptography against flipping attacks.

Science.gov (United States)

Zhou, Jiantao; Xu, Qinzhen; Pei, Wenjiang; He, Zhenya; Szu, Harold

2004-12-01

Synchronization of neural networks by mutual learning has been demonstrated to be possible for constructing key exchange protocol over public channel. However, the neural cryptography schemes presented so far are not the securest under regular flipping attack (RFA) and are completely insecure under majority flipping attack (MFA). We propose a scheme by splitting the mutual information and the training process to improve the security of neural cryptosystem against flipping attacks. Both analytical and simulation results show that the success probability of RFA on the proposed scheme can be decreased to the level of brute force attack (BFA) and the success probability of MFA still decays exponentially with the weights' level L. The synchronization time of the parties also remains polynomial with L. Moreover, we analyze the security under an advanced flipping attack.

Improved Impossible Differential Attacks on Large-Block Rijndael

DEFF Research Database (Denmark)

Wang, Qingju; Gu, Dawu; Rijmen, Vincent

2012-01-01

. The improvement can lead to 10-round attack on Rijndael-256 as well. With 2198.1 chosen plaintexts, an attack is demonstrated on 9-round Rijndael-224 with 2 195.2 encryptions and 2140.4 bytes memory. Increasing the data complexity to 2216 plaintexts, the time complexity can be reduced to 2130 encryptions...... and the memory requirements to 2 93.6 bytes. For 9-round Rijndael-256, we provide an attack requiring 2229.3 chosen plaintexts, 2194 encryptions, and 2 139.6 bytes memory. Alternatively, with 2245.3 plaintexts, an attack with a reduced time of 2127.1 encryptions and a memory complexity of 290.9 bytes can...... be mounted. With 2244.2 chosen plaintexts, we can attack 10-round Rijndael-256 with 2253.9 encryptions and 2186.8 bytes of memory....

RAPTOR: Ransomware Attack PredicTOR

OpenAIRE

Quinkert, Florian; Holz, Thorsten; Hossain, KSM Tozammel; Ferrara, Emilio; Lerman, Kristina

2018-01-01

Ransomware, a type of malicious software that encrypts a victim's files and only releases the cryptographic key once a ransom is paid, has emerged as a potentially devastating class of cybercrimes in the past few years. In this paper, we present RAPTOR, a promising line of defense against ransomware attacks. RAPTOR fingerprints attackers' operations to forecast ransomware activity. More specifically, our method learns features of malicious domains by looking at examples of domains involved in...

Shark attack-related injuries: Epidemiology and implications for plastic surgeons.

Science.gov (United States)

Ricci, Joseph A; Vargas, Christina R; Singhal, Dhruv; Lee, Bernard T

2016-01-01

The increased media attention to shark attacks has led to a heightened fear and public awareness. Although few sharks are considered dangerous, attacks on humans can result in large soft tissue defects necessitating the intervention of reconstructive surgeons. This study aims to evaluate and describe the characteristics of shark-related injuries in order to improve treatment. The Global Shark Accident File, maintained by the Shark Research Institute (Princeton, NJ, USA), is a compilation of all known worldwide shark attacks. Database records since the 1900s were reviewed to identify differences between fatal and nonfatal attacks, including: geography, injury pattern, shark species, and victim activity. Since the 1900s, there have been 5034 reported shark attacks, of which 1205 (22.7%) were fatal. Although the incidence of attacks per decade has increased, the percentage of fatalities has decreased. Characteristics of fatal attacks included swimming (p = 0.001), boating (p = 0.001), three or more bite sites (p = 0.03), limb loss (p = 0.001), or tiger shark attack (p = 0.002). The most common attacks were bites to the legs (41.8%) or arms (18.4%), with limb loss occurring in 7% of attacks. Geographically, the majority of attacks occurred in North America (36.7%) and Australia (26.5%). Most attacks in the USA occurred in Florida (49.1%) and California (13.6%). Although rare, shark attacks result in devastating injuries to patients. As these injuries often involve multiple sites and limb loss, this creates a significant challenge for reconstructive surgeons. Proper identification of the characteristics of the attack can aid in providing optimal care for those affected. Copyright © 2015 British Association of Plastic, Reconstructive and Aesthetic Surgeons. Published by Elsevier Ltd. All rights reserved.

Privacy Leaks through Data Hijacking Attack on Mobile Systems

Directory of Open Access Journals (Sweden)

Zhang Daojuan

2017-01-01

Full Text Available To persistently eavesdrop on the mobile devices, attackers may obtain the elevated privilege and inject malicious modules into the user devices. Unfortunately, the attackers may not be able to obtain the privilege for a long period of time since the exploitable vulnerabilities may be fixed or the malware may be removed. In this paper, we propose a new data hijacking attack for the mobile apps. By employing the proposed method, the attackers are only required to obtain the root privilege of the user devices once, and they can persistently eavesdrop without any change to the original device. Specifically, we design a new approach to construct a shadow system by hijacking user data files. In the shadow system, attackers possess the identical abilities to the victims. For instance, if a victim has logged into the email app, the attacker can also access the email server in the shadow system without authentication in a long period of time. Without reauthentication of the app, it is difficult for victims to notice the intrusion since the whole eavesdropping is performed on other devices (rather than the user devices. In our experiments, we evaluate the effectiveness of the proposed attack and the result demonstrates that even the Android apps released by the top developers cannot resist this attack. Finally, we discuss some approaches to defend the proposed attack.

What Can We Learn?--The Algonquin Bear Attack.

Science.gov (United States)

Strickland, Dan

1992-01-01

Describes a bear attack in Algonquin Park in Lake Opeongo (Canada) in which a man and woman were killed. Hypothesizes that the bear deliberately preyed on its victims and concludes that the bear was physically normal. Despite this isolated attack, the chance of being attacked by a black bear when camping is virtually nonexistent. (KS)

Combined Heuristic Attack Strategy on Complex Networks

Directory of Open Access Journals (Sweden)

Marek Šimon

2017-01-01

Full Text Available Usually, the existence of a complex network is considered an advantage feature and efforts are made to increase its robustness against an attack. However, there exist also harmful and/or malicious networks, from social ones like spreading hoax, corruption, phishing, extremist ideology, and terrorist support up to computer networks spreading computer viruses or DDoS attack software or even biological networks of carriers or transport centers spreading disease among the population. New attack strategy can be therefore used against malicious networks, as well as in a worst-case scenario test for robustness of a useful network. A common measure of robustness of networks is their disintegration level after removal of a fraction of nodes. This robustness can be calculated as a ratio of the number of nodes of the greatest remaining network component against the number of nodes in the original network. Our paper presents a combination of heuristics optimized for an attack on a complex network to achieve its greatest disintegration. Nodes are deleted sequentially based on a heuristic criterion. Efficiency of classical attack approaches is compared to the proposed approach on Barabási-Albert, scale-free with tunable power-law exponent, and Erdős-Rényi models of complex networks and on real-world networks. Our attack strategy results in a faster disintegration, which is counterbalanced by its slightly increased computational demands.

Studies on sulfate attack: Mechanisms, test methods, and modeling

Science.gov (United States)

Santhanam, Manu

The objective of this research study was to investigate various issues pertaining to the mechanism, testing methods, and modeling of sulfate attack in concrete. The study was divided into the following segments: (1) effect of gypsum formation on the expansion of mortars, (2) attack by the magnesium ion, (3) sulfate attack in the presence of chloride ions---differentiating seawater and groundwater attack, (4) use of admixtures to mitigate sulfate attack---entrained air, sodium citrate, silica fume, and metakaolin, (5) effects of temperature and concentration of the attack solution, (6) development of new test methods using concrete specimens, and (7) modeling of the sulfate attack phenomenon. Mortar specimens using portland cement (PC) and tricalcium silicate (C 3S), with or without mineral admixtures, were prepared and immersed in different sulfate solutions. In addition to this, portland cement concrete specimens were also prepared and subjected to complete and partial immersion in sulfate solutions. Physical measurements, chemical analyses and microstructural studies were performed periodically on the specimens. Gypsum formation was seen to cause expansion of the C3S mortar specimens. Statistical analyses of the data also indicated that the quantity of gypsum was the most significant factor controlling the expansion of mortar bars. The attack by magnesium ion was found to drive the reaction towards the formation of brucite. Decalcification of the C-S-H and its subsequent conversion to the non-cementitious M-S-H was identified as the mechanism of destruction in magnesium sulfate attack. Mineral admixtures were beneficial in combating sodium sulfate attack, while reducing the resistance to magnesium sulfate attack. Air entrainment did not change the measured physical properties, but reduced the visible distress of the mortars. Sodium citrate caused a substantial reduction in the rate of damage of the mortars due to its retarding effect. Temperature and

Impact of Cyber Attacks on High Voltage DC Transmission Damping Control

Directory of Open Access Journals (Sweden)

Rui Fan

2018-04-01

Full Text Available Hybrid AC/HVDC (AC-HVDC grids have evolved to become huge cyber-physical systems that are vulnerable to cyber attacks because of the wide attack surface and increasing dependence on intelligent electronic devices, computing resources and communication networks. This paper, for the first time, studies the impact of cyber attacks on HVDC transmission oscillation damping control.Three kinds of cyber attack models are considered: timing attack, replay attack and false data injection attack. Followed by a brief introduction of the HVDC model and conventional oscillation damping control method, the design of three attack models is described in the paper. These attacks are tested on a modified IEEE New England 39-Bus AC-HVDC system. Simulation results have shown that all three kinds of attacks are capable of driving the AC-HVDC system into large oscillations or even unstable conditions.

FY17 Strategic Themes.

Energy Technology Data Exchange (ETDEWEB)

Leland, Robert W. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2017-03-01

I am pleased to present this summary of the FY17 Division 1000 Science and Technology Strategic Plan. As this plan represents a continuation of the work we started last year, the four strategic themes (Mission Engagement, Bold Outcomes, Collaborative Environment, and Safety Imperative) remain the same, along with many of the goals. You will see most of the changes in the actions listed for each goal: We completed some actions, modified others, and added a few new ones. As I’ve stated previously, this is not a strategy to be pursued in tension with the Laboratory strategic plan. The Division 1000 strategic plan is intended to chart our course as we strive to contribute our very best in service of the greater Laboratory strategy. I welcome your feedback and look forward to our dialogue about these strategic themes. Please join me as we move forward to implement the plan in the coming months.

FY16 Strategic Themes.

Energy Technology Data Exchange (ETDEWEB)

Leland, Robert W. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2017-03-01

I am pleased to present this summary of the Division 1000 Science and Technology Strategic Plan. This plan was created with considerable participation from all levels of management in Division 1000, and is intended to chart our course as we strive to contribute our very best in service of the greater Laboratory strategy. The plan is characterized by four strategic themes: Mission Engagement, Bold Outcomes, Collaborative Environment, and the Safety Imperative. Each theme is accompanied by a brief vision statement, several goals, and planned actions to support those goals throughout FY16. I want to be clear that this is not a strategy to be pursued in tension with the Laboratory strategic plan. Rather, it is intended to describe “how” we intend to show up for the “what” described in Sandia’s Strategic Plan. I welcome your feedback and look forward to our dialogue about these strategic themes. Please join me as we move forward to implement the plan in the coming year.

Antecedents to strategic flexibility : Management cognition, firm resources and strategic options

NARCIS (Netherlands)

Combe, I.; Rudd, J.M.; Leeflang, P.S.H.; Greenley, G.E.

2012-01-01

Purpose - Current conceptualisations of strategic flexibility and its antecedents are theory-driven, which has resulted in a lack of consensus. To summarise this domain the paper aims to develop and present an a priori conceptual model of the antecedents and outcomes of strategic flexibility.

The strategic security officer.

Science.gov (United States)

Hodges, Charles

2014-01-01

This article discusses the concept of the strategic security officer, and the potential that it brings to the healthcare security operational environment. The author believes that training and development, along with strict hiring practices, can enable a security department to reach a new level of professionalism, proficiency and efficiency. The strategic officer for healthcare security is adapted from the "strategic corporal" concept of US Marine Corps General Charles C. Krulak which focuses on understanding the total force implications of the decisions made by the lowest level leaders within the Corps (Krulak, 1999). This article focuses on the strategic organizational implications of every security officer's decisions in the constantly changing and increasingly volatile operational environment of healthcare security.

ABSTRACTS Preliminary Study of Strategic Inner Cores

Institute of Scientific and Technical Information of China (English)

2012-01-01

When a strategic entity attempts to make a dicision, first the project must be m accoroance wlm its strategic framework as well as make the strategic inner cores prominent. The existing theories of development strategy indicate that the formation of the framework can be divided into the following parts： inside and outside environments, purpose, goal, key points, and countermeasures. The strategic inner cores that put forward by this paper is the intensification and advancement for the theory of strategic framework, strategic orientation, strategic vision and main line are inciuded. Appearance of these ideas have improved the theory and enhanced strategic practice.

OPERATION COBRA. Deliberate Attack, Exploitation

Science.gov (United States)

1984-05-25

to attack Sens, then continue to Troyes , on the Seine River. CCA was in the north, crossing the Loing River at Souppes against light resistance and...advanced from Troyes and prepared positions close to Sens. Under strong artillery support, a task force from CCA (TF Oden) attacked the enemy frontally...movement towards the Seine River on 24 August with an advance toward Troyes . Facing the combat command were what remained of the 51st SS Brigade, light

Robustness of non-interdependent and interdependent networks against dependent and adaptive attacks

Science.gov (United States)

Tyra, Adam; Li, Jingtao; Shang, Yilun; Jiang, Shuo; Zhao, Yanjun; Xu, Shouhuai

2017-09-01

Robustness of complex networks has been extensively studied via the notion of site percolation, which typically models independent and non-adaptive attacks (or disruptions). However, real-life attacks are often dependent and/or adaptive. This motivates us to characterize the robustness of complex networks, including non-interdependent and interdependent ones, against dependent and adaptive attacks. For this purpose, dependent attacks are accommodated by L-hop percolation where the nodes within some L-hop (L ≥ 0) distance of a chosen node are all deleted during one attack (with L = 0 degenerating to site percolation). Whereas, adaptive attacks are launched by attackers who can make node-selection decisions based on the network state in the beginning of each attack. The resulting characterization enriches the body of knowledge with new insights, such as: (i) the Achilles' Heel phenomenon is only valid for independent attacks, but not for dependent attacks; (ii) powerful attack strategies (e.g., targeted attacks and dependent attacks, dependent attacks and adaptive attacks) are not compatible and cannot help the attacker when used collectively. Our results shed some light on the design of robust complex networks.

Strategic Risk Assessment

Science.gov (United States)

Derleth, Jason; Lobia, Marcus

2009-01-01

This slide presentation provides an overview of the attempt to develop and demonstrate a methodology for the comparative assessment of risks across the entire portfolio of NASA projects and assets. It includes information about strategic risk identification, normalizing strategic risks, calculation of relative risk score, and implementation options.

Command Disaggregation Attack and Mitigation in Industrial Internet of Things

Directory of Open Access Journals (Sweden)

Peng Xun

2017-10-01

Full Text Available A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1 the command sequence is disordered and (2 disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework.

Command Disaggregation Attack and Mitigation in Industrial Internet of Things.

Science.gov (United States)

Xun, Peng; Zhu, Pei-Dong; Hu, Yi-Fan; Cui, Peng-Shuai; Zhang, Yan

2017-10-21

A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1) the command sequence is disordered and (2) disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework.

Counteracting Power Analysis Attacks by Masking

Science.gov (United States)

Oswald, Elisabeth; Mangard, Stefan

The publication of power analysis attacks [12] has triggered a lot of research activities. On the one hand these activities have been dedicated toward the development of secure and efficient countermeasures. On the other hand also new and improved attacks have been developed. In fact, there has been a continuous arms race between designers of countermeasures and attackers. This chapter provides a brief overview of the state-of-the art in the arms race in the context of a countermeasure called masking. Masking is a popular countermeasure that has been extensively discussed in the scientific community. Numerous articles have been published that explain different types of masking and that analyze weaknesses of this countermeasure.

Metrics for Assessment of Smart Grid Data Integrity Attacks

Energy Technology Data Exchange (ETDEWEB)

Annarita Giani; Miles McQueen; Russell Bent; Kameshwar Poolla; Mark Hinrichs

2012-07-01

There is an emerging consensus that the nation’s electricity grid is vulnerable to cyber attacks. This vulnerability arises from the increasing reliance on using remote measurements, transmitting them over legacy data networks to system operators who make critical decisions based on available data. Data integrity attacks are a class of cyber attacks that involve a compromise of information that is processed by the grid operator. This information can include meter readings of injected power at remote generators, power flows on transmission lines, and relay states. These data integrity attacks have consequences only when the system operator responds to compromised data by redispatching generation under normal or contingency protocols. These consequences include (a) financial losses from sub-optimal economic dispatch to service loads, (b) robustness/resiliency losses from placing the grid at operating points that are at greater risk from contingencies, and (c) systemic losses resulting from cascading failures induced by poor operational choices. This paper is focused on understanding the connections between grid operational procedures and cyber attacks. We first offer two examples to illustrate how data integrity attacks can cause economic and physical damage by misleading operators into taking inappropriate decisions. We then focus on unobservable data integrity attacks involving power meter data. These are coordinated attacks where the compromised data are consistent with the physics of power flow, and are therefore passed by any bad data detection algorithm. We develop metrics to assess the economic impact of these attacks under re-dispatch decisions using optimal power flow methods. These metrics can be use to prioritize the adoption of appropriate countermeasures including PMU placement, encryption, hardware upgrades, and advance attack detection algorithms.

Microfoundations of strategic decision effectiveness

NARCIS (Netherlands)

Jansen, R.J.G.; Van Santen, Sarah

2017-01-01

How do organizations make effective strategic decisions? In this study we build on research on the microfoundations of strategy and strategic decision-making to study the underpinnings of strategic decision effectiveness. We argue that the process-effectiveness link can be more fully understood if

A taxonomy of distributed denial of service attacks

DEFF Research Database (Denmark)

De Donno, Michele; Giaretta, Alberto; Dragoni, Nicola

2017-01-01

Distributed Denial of Service (DDoS) attacks which are now even more powerful and easier to achieve than the past. Understanding how these attacks work, in all their different forms, represents a first crucial step to tackle this urgent issue. To this end, in this paper we propose a new up-to-date taxonomy...... and a comprehensive classification of current DDoS attacks....

An Explanation of Nakamoto's Analysis of Double-spend Attacks

OpenAIRE

Ozisik, A. Pinar; Levine, Brian Neil

2017-01-01

The fundamental attack against blockchain systems is the double-spend attack. In this tutorial, we provide a very detailed explanation of just one section of Satoshi Nakamoto's original paper where the attack's probability of success is stated. We show the derivation of the mathematics relied upon by Nakamoto to create a model of the attack. We also validate the model with a Monte Carlo simulation, and we determine which model component is not perfect.

Crowdnursing - Strategizing Shitstorms

DEFF Research Database (Denmark)

Christensen, Lars Holmgaard

2018-01-01

This paper will introduce a framework for distinguishing between shitstorm types and social media crises. In need of strategies for handling social media crowds the paper suggests a strategic approach that focus on the cultivation of social media crowds and offers a valuable conceptual...... understanding of crowdnursing as a strategic tool....

Modeling and Analysis of Information Attack in Computer Networks

National Research Council Canada - National Science Library

Pepyne, David

2003-01-01

... (as opposed to physical and other forms of attack) . Information based attacks are attacks that can be carried out from anywhere in the world, while sipping cappuccino at an Internet cafe' or while enjoying the comfort of a living room armchair...

Strategic Planning and Financial Management

Science.gov (United States)

Conneely, James F.

2010-01-01

Strong financial management is a strategy for strategic planning success in student affairs. It is crucial that student affairs professionals understand the necessity of linking their strategic planning with their financial management processes. An effective strategic planner needs strong financial management skills to implement the plan over…

Strategic Partnerships in Higher Education

Science.gov (United States)

Ortega, Janet L.

2013-01-01

The purpose of this study was to investigate the impacts of strategic partnerships between community colleges and key stakeholders; to specifically examine strategic partnerships; leadership decision-making; criteria to evaluate strategic partnerships that added value to the institution, value to the students, faculty, staff, and the local…

The Possibilities of Strategic Finance

Science.gov (United States)

Chaffee, Ellen

2010-01-01

Strategic finance is aligning financial decisions--regarding revenues, creating and maintaining institutional assets, and using those assets--with the institution's mission and strategic plan. The concept known as "strategic finance" increasingly is being seen as a useful perspective for helping boards and presidents develop a sustainable…

Using an ontology for network attack planning

CSIR Research Space (South Africa)

Van Heerden, R

2016-09-01

Full Text Available The modern complexity of network attacks and their counter-measures (cyber operations) requires detailed planning. This paper presents a Network Attack Planning ontology which is aimed at providing support for planning such network operations within...

Protecting infrastructure networks from cost-based attacks

International Nuclear Information System (INIS)

Wang Xingang; Guan Shuguang; Lai, Choy Heng

2009-01-01

It is well known that heterogeneous networks are vulnerable to the intentional removal of a small fraction of highly connected or loaded nodes, implying that to protect the network effectively, the important nodes should be allocated more defense resource than the others. However, if too much resource is allocated to the few important nodes, the numerous less-important nodes will be less protected, which if attacked together can still lead to devastating damage. A natural question is therefore how to efficiently distribute the limited defense resource among the network nodes such that the network damage is minimized against any attack strategy. In this paper, taking into account the factor of attack cost, the problem of network security is reconsidered in terms of efficient network defense against cost-based attacks. The results show that, for a general complex network, there exists an optimal distribution of the defense resource with which the network is best protected from cost-based attacks. Furthermore, it is found that the configuration of the optimal defense is dependent on the network parameters. Specifically, networks of larger size, sparser connection and more heterogeneous structure will more likely benefit from the defense optimization.

Strategic and non-strategic problem gamblers differ on decision-making under risk and ambiguity.

Science.gov (United States)

Lorains, Felicity K; Dowling, Nicki A; Enticott, Peter G; Bradshaw, John L; Trueblood, Jennifer S; Stout, Julie C

2014-07-01

To analyse problem gamblers' decision-making under conditions of risk and ambiguity, investigate underlying psychological factors associated with their choice behaviour and examine whether decision-making differed in strategic (e.g., sports betting) and non-strategic (e.g., electronic gaming machine) problem gamblers. Cross-sectional study. Out-patient treatment centres and university testing facilities in Victoria, Australia. Thirty-nine problem gamblers and 41 age, gender and estimated IQ-matched controls. Decision-making tasks included the Iowa Gambling Task (IGT) and a loss aversion task. The Prospect Valence Learning (PVL) model was used to provide an explanation of cognitive, motivational and response style factors involved in IGT performance. Overall, problem gamblers performed more poorly than controls on both the IGT (P = 0.04) and the loss aversion task (P = 0.01), and their IGT decisions were associated with heightened attention to gains (P = 0.003) and less consistency (P = 0.002). Strategic problem gamblers did not differ from matched controls on either decision-making task, but non-strategic problem gamblers performed worse on both the IGT (P = 0.006) and the loss aversion task (P = 0.02). Furthermore, we found differences in the PVL model parameters underlying strategic and non-strategic problem gamblers' choices on the IGT. Problem gamblers demonstrated poor decision-making under conditions of risk and ambiguity. Strategic (e.g. sports betting, poker) and non-strategic (e.g. electronic gaming machines) problem gamblers differed in decision-making and the underlying psychological processes associated with their decisions. © 2014 Society for the Study of Addiction.

Constructing APT Attack Scenarios Based on Intrusion Kill Chain and Fuzzy Clustering

Directory of Open Access Journals (Sweden)

Ru Zhang

2017-01-01

Full Text Available The APT attack on the Internet is becoming more serious, and most of intrusion detection systems can only generate alarms to some steps of APT attack and cannot identify the pattern of the APT attack. To detect APT attack, many researchers established attack models and then correlated IDS logs with the attack models. However, the accuracy of detection deeply relied on the integrity of models. In this paper, we propose a new method to construct APT attack scenarios by mining IDS security logs. These APT attack scenarios can be further used for the APT detection. First, we classify all the attack events by purpose of phase of the intrusion kill chain. Then we add the attack event dimension to fuzzy clustering, correlate IDS alarm logs with fuzzy clustering, and generate the attack sequence set. Next, we delete the bug attack sequences to clean the set. Finally, we use the nonaftereffect property of probability transfer matrix to construct attack scenarios by mining the attack sequence set. Experiments show that the proposed method can construct the APT attack scenarios by mining IDS alarm logs, and the constructed scenarios match the actual situation so that they can be used for APT attack detection.

On node replication attack in wireless sensor networks

International Nuclear Information System (INIS)

Qabulio, M.; Malkani, Y.A.

2015-01-01

WSNs (Wireless Sensor Networks) comprise a large number of small, inexpensive, low power and memory constrained sensing devices (called sensor nodes) that are densely deployed to measure a given physical phenomenon. Since WSNs are commonly deployed in a hostile and unattended environment, it is easy for an adversary to physically capture one or more legitimate sensor nodes, re-program and redeploy them in the network. As a result, the adversary becomes able to deploy several identical copies of physically captured nodes in the network in order to perform illegitimate activities. This type of attack is referred to as Node Replication Attack or Clone Node Attack. By launching node replication attack, an adversary can easily get control on the network which consequently is the biggest threat to confidentiality, integrity and availability of data and services. Thus, detection and prevention of node replication attack in WSNs has become an active area of research and to date more than two dozen schemes have been proposed, which address this issue. In this paper, we present a comprehensive review, classification and comparative analysis of twenty five of these schemes which help to detect and/or prevent node replication attack in WSNs. (author)

On Node Replication Attack in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Mumtaz Qabulio

2016-04-01

Full Text Available WSNs (Wireless Sensor Networks comprise a large number of small, inexpensive, low power and memory constrained sensing devices (called sensor nodes that are densely deployed to measure a given physical phenomenon. Since WSNs are commonly deployed in a hostile and unattended environment, it is easy for an adversary to physically capture one or more legitimate sensor nodes, re-program and redeploy them in the network. As a result, the adversary becomes able to deploy several identical copies of physically captured nodes in the network in order to perform illegitimate activities. This type of attack is referred to as Node Replication Attack or Clone Node Attack. By launching node replication attack, an adversary can easily get control on the network which consequently is the biggest threat to confidentiality, integrity and availability of data and services. Thus, detection and prevention of node replication attack in WSNs has become an active area of research and to date more than two dozen schemes have been proposed, which address this issue. In this paper, we present a comprehensive review, classification and comparative analysis of twenty five of these schemes which help to detect and/or prevent node replication attack in WSNs

Are the rules for the right to self-defense outdated to address current conflicts like attacks from non-state actors and cyber-attacks?

Directory of Open Access Journals (Sweden)

Gonzalo J. Arias

2017-06-01

Full Text Available The latest US-led coalition’s attacks against ISIS in Syria raised the question whether states can use defensive force against non-state actors. Two critical incidents had previously triggered the discussion on the importance and consequences of cyber-attacks as a new form armed attacks. The first one occurred in Estonia in 2007, when the country experienced extensive computer hacking attacks that lasted several weeks. The second incident happened in 2008, during the Georgia–Russia conflict over South Ossetia, when Georgia experienced cyber-attacks similar to those suffered by Estonia in the previous year. Furthermore, on June 21, 2016, the central banks of Indonesia and South Korea were hit by cyber-attacks on their public websites since activist hacking group Anonymous pledged last month to target banks across the world. The previous incidents have created, once again, public questioning if the rules on the use of force and the right of self-defense established in the United Nations Charter are sufficient and efficient to address these new forms of attacks.

After-gate attack on a quantum cryptosystem

International Nuclear Information System (INIS)

Wiechers, C; Wittmann, C; Elser, D; Marquardt, Ch; Leuchs, G; Lydersen, L; Skaar, J; Makarov, V

2011-01-01

We present a method to control the detection events in quantum key distribution systems that use gated single-photon detectors. We employ bright pulses as faked states, timed to arrive at the avalanche photodiodes outside the activation time. The attack can remain unnoticed, since the faked states do not increase the error rate per se. This allows for an intercept-resend attack, where an eavesdropper transfers her detection events to the legitimate receiver without causing any errors. As a side effect, afterpulses, originating from accumulated charge carriers in the detectors, increase the error rate. We have experimentally tested detectors of the system id3110 (Clavis2) from ID Quantique. We identify the parameter regime in which the attack is feasible despite the side effect. Furthermore, we outline how simple modifications in the implementation can make the device immune to this attack.

Compiling symbolic attacks to protocol implementation tests

Directory of Open Access Journals (Sweden)

Michael Rusinowitch

2013-07-01

Full Text Available Recently efficient model-checking tools have been developed to find flaws in security protocols specifications. These flaws can be interpreted as potential attacks scenarios but the feasability of these scenarios need to be confirmed at the implementation level. However, bridging the gap between an abstract attack scenario derived from a specification and a penetration test on real implementations of a protocol is still an open issue. This work investigates an architecture for automatically generating abstract attacks and converting them to concrete tests on protocol implementations. In particular we aim to improve previously proposed blackbox testing methods in order to discover automatically new attacks and vulnerabilities. As a proof of concept we have experimented our proposed architecture to detect a renegotiation vulnerability on some implementations of SSL/TLS, a protocol widely used for securing electronic transactions.

An Analysis of Cyber-Attack on NPP Considering Physical Impact

Energy Technology Data Exchange (ETDEWEB)

Lee, In Hyo; Kang, Hyun Gook [KAIST, Daejeon (Korea, Republic of); Son, Han Seong [Joonbu University, Geumsan (Korea, Republic of)

2016-05-15

Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans.

An Analysis of Cyber-Attack on NPP Considering Physical Impact

International Nuclear Information System (INIS)

Lee, In Hyo; Kang, Hyun Gook; Son, Han Seong

2016-01-01

Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans

Classification of cyber attacks in South Africa

CSIR Research Space (South Africa)

Van Heerden, R

2016-05-01

Full Text Available various ATM's throughout South Africa. Two criminals, Motsoane and Masoleng, were arrested in February 2012 and both sentenced to 15 years in jail [36, 37]. 3.10 2013: IOL DDoS Anonymous Africa claimed responsibility for launching a Distributed Denial... of Service (DDoS) attack on the Independent Newspaper web site iol.co.za. The attack was in response to claims that the IOL group supports Zimbabwean president Robert Mugabe. The following taunt was sent to boast about the attack: “IOL bad boys bad boys...

A Review Of Recent Cyber-Attacks In Fiji

Directory of Open Access Journals (Sweden)

Neeraj A. Sharma

2015-08-01

Full Text Available Computing technology has evolved in such dramatic ways that a child can use such technology and their features. Internet is one such technology which allows peripheral devices to be connected to each other creating a network to share information. In the same way information can be attacked. In this paper we will be discussing the different types of cyber-attack that recently took place in Fiji. Common attacks discussed in this review paper are phishing email scams website defacement and skimming. Apart from common preventative methods some novel recommendations have been made. We believe the Fiji experiences and recommendations will assist technology users prepare better against such attacks.

7 CFR 25.202 - Strategic plan.

Science.gov (United States)

2010-01-01

... contributed to the planning process; (3) Identify the amount of State, local, and private resources that will... 7 Agriculture 1 2010-01-01 2010-01-01 false Strategic plan. 25.202 Section 25.202 Agriculture... Procedure § 25.202 Strategic plan. (a) Principles of strategic plan. The strategic plan included in the...

Research on high power intra-channel crosstalk attack in optical networks

Science.gov (United States)

Ren, Shuai; Zhang, Yinfa; Wang, Jingyu; Zhang, Jumei; Rao, Xuejun; Fang, Yuanyuan

2017-02-01

The mechanism of high power intra-channel crosstalk attack is analyzed theoretically and the conclusion that power of attack signal and crosstalk coefficient of optical switch are the main factors for which high power intra-channel have destructive effect on quality of legitimate signals is drawn. Effects of high power intra-channel crosstalk attack on quality of legitimate signals and its capability of attack propagation are investigated quantitatively by building the simulation system in VPI software. The results show that legitimate signals through the first and the second stage optical switch are affected by attack and legitimate signal through the third stage optical switch is almost unaffected by attack when power of original attack signal (OAS) is above 20dB more than that of legitimate signals and crosstalk coefficient of optical switch is -20dB at optical cross connect 1 (OXC1). High power intra-channel crosstalk attack has a certain capability of attack propagation. Attack capability of OAS can be propagated to OXC3 when power of OAS is 27dB more than that of legitimate signals and crosstalk coefficient of optical switch is -20dB. We also find that the secondary attack signal (SAS) does not have capability of attack propagation.

Evaluation of Crosstalk Attacks in Access Networks

DEFF Research Database (Denmark)

Wagner, Christoph; Eiselt, Michael; Grobe, Klaus

2016-01-01

WDM-PON systems regained interest as low-cost solution for metro and access networks. We present a comparative analysis of resilience of wavelength-selective and wavelength-routed architectures against crosstalk attackers. We compare the vulnerability of these architectures against attacks...

Optimal counterterrorism and the recruitment effect of large terrorist attacks

DEFF Research Database (Denmark)

Jensen, Thomas

2011-01-01

We analyze a simple dynamic model of the interaction between terrorists and authorities. Our primary aim is to study optimal counterterrorism and its consequences when large terrorist attacks lead to a temporary increase in terrorist recruitment. First, we show that an increase in counterterrorism...... makes it more likely that terrorist cells plan small rather than large attacks and therefore may increase the probability of a successful attack. Analyzing optimal counterterrorism we see that the recruitment effect makes authorities increase the level of counterterrorism after large attacks. Therefore......, in periods following large attacks a new attack is more likely to be small compared to other periods. Finally, we analyze the long-run consequences of the recruitment effect. We show that it leads to more counterterrorism, more small attacks, and a higher sum of terrorism damage and counterterrorism costs...

Peaceful Development and Strategic Opportunity

Institute of Scientific and Technical Information of China (English)

Yang Yi

2006-01-01

@@ The international strategic situation and environment China faces have changed dramatically since September 11. China has closely followed and adapted itself to the ever-changing situation, seized strategic opportunity, adjusted its global strategy, adhered to peaceful development and displayed diplomacy and strategic flexibility. These are manifested in the following four aspects:

Quantitative Verification and Synthesis of Attack-Defence Scenarios Conference

NARCIS (Netherlands)

Aslanyan, Zaruhi; Nielson, Flemming; Parker, David

Attack-defence trees are a powerful technique for formally evaluating attack-defence scenarios. They represent in an intuitive, graphical way the interaction between an attacker and a defender who compete in order to achieve conflicting objectives. We propose a novel framework for the formal

'Cryptogenic Drop Attacks' revisited: evidence of overlap with functional neurological disorder.

Science.gov (United States)

Hoeritzauer, Ingrid; Carson, Alan J; Stone, Jon

2018-02-07

In their 1973 BMJ paper 'Cryptogenic Drop Attacks', Stevens and Matthews described 40, mostly middle-aged, female patients with drop attacks of unknown cause. Although clinically common, there has been little on this topic since. We aimed to determine clinical features, comorbidity and outcome of patients with drop attacks. We carried out a retrospective review of patients with cryptogenic drop attacks seen consecutively by one clinician (JS) between 2006 and 2016. Demographics, phenomenology, duration and frequency of attacks, attack description and comorbid diagnoses were recorded. Patients were followed up with a notes review. 83 patients with cryptogenic drop attacks were predominantly female (89%, n=79), mean age 44  years. The majority (93%, n=77) could not remember the fall itself and almost half (43%, n=36) experienced prodromal dissociative symptoms. Mechanical trips or syncope preceded drop attacks, historically, in 24% (n=20) of cases. Persistent fatigue (73%, n=61), chronic pain (40%, n=33), functional limb weakness (31%,n=26) and dissociative (non-epileptic) attacks 28% (n=23) were common, with the latter usually preceding or emerging from drop attacks. At follow-up (88%, mean 38 months), 28% (n=23) had resolution of their drop attacks. Predisposing (but non-causative) disease comorbidity was found at baseline (n=12) and follow-up (n=5). Cryptogenic drop attacks are associated with high frequency of comorbid functional somatic and functional neurological disorders. Patients commonly have prodromal dissociative symptoms and in some there was a clear relationship with prior or subsequent dissociative (non-epileptic) attacks. Some cryptogenic drop attacks may be best understood as phenomena on the spectrum of dissociative attacks. © Article author(s) (or their employer(s) unless otherwise stated in the text of the article) 2018. All rights reserved. No commercial use is permitted unless otherwise expressly granted.

Detecting Distributed SQL Injection Attacks in a Eucalyptus Cloud Environment

Science.gov (United States)

Kebert, Alan; Barnejee, Bikramjit; Solano, Juan; Solano, Wanda

2013-01-01

The cloud computing environment offers malicious users the ability to spawn multiple instances of cloud nodes that are similar to virtual machines, except that they can have separate external IP addresses. In this paper we demonstrate how this ability can be exploited by an attacker to distribute his/her attack, in particular SQL injection attacks, in such a way that an intrusion detection system (IDS) could fail to identify this attack. To demonstrate this, we set up a small private cloud, established a vulnerable website in one instance, and placed an IDS within the cloud to monitor the network traffic. We found that an attacker could quite easily defeat the IDS by periodically altering its IP address. To detect such an attacker, we propose to use multi-agent plan recognition, where the multiple source IPs are considered as different agents who are mounting a collaborative attack. We show that such a formulation of this problem yields a more sophisticated approach to detecting SQL injection attacks within a cloud computing environment.

Can a Copycat Effect be Observed in Terrorist Suicide Attacks?

Directory of Open Access Journals (Sweden)

Nicholas Farnham

2017-03-01

Full Text Available The purpose of this paper is to explore how a copycat effect – established within the field of suicide studies – may manifest itself in terrorist suicide attacks, and takes an exploratory approach in evaluating the prospect of incorporating open-data resources in future counter-terrorism research. This paper explores a possible ‘copycat effect’ in cases of suicide terrorism, which entails a perpetrator being inspired by a preceding attack to carry out a similar attack not long after the original. In the wake of mounting risks of lone wolf terrorist attacks today and due to the general difficulties faced in preventing such attacks, in this paper we explore a potential area of future prevention in media reporting, security and anti-terrorism policies today. Using the START Global Terrorism Database (GTD, this paper investigates terrorist suicide-attack clusters and analyses the relationship between attacks found within the same cluster. Using a mixed-method approach, our analyses did not uncover clear evidence supporting a copycat effect among the studied attacks. These and other findings have numerous policy and future research implications.

Transient Ischemic Attack

Medline Plus

Full Text Available ... major stroke. It's important to call 9-1-1 immediately for any stroke symptoms. Popular Topics TIA Cardiac Catheter Cholesterol Heart Attack Stent © 2018, American Heart Association, Inc. All rights reserved. Unauthorized use prohibited. The content in this ...

THE REPRISAL ATTACKS BY AL-SHABAAB AGAINST KENYA

Directory of Open Access Journals (Sweden)

E.O.S.ODHIAMBO

2013-10-01

Full Text Available The incursion of Kenya Defence Forces (KDF into Somalia was met by a series of threats from the Al-Shabaab that it would increase the attacks against Kenya if the troops were not withdrawn. The capture of Kismayu by KDF has weakened the nerve of Al-Shabaab but has not eliminated the imminent danger of a substantive terror attack. Since the incursion by KDF, Kenya has succumbed to a sequence of grenade and Improvised Explosive Devices attacks, roadside bombs, landmines and raids by fighters using small arms and light weapons and Rocket Propelled Grenades against Kenyans mostly in North Eastern, Coastal and Nairobi counties, marking the resurgence of terrorism in the country. We argue that Kenya is more vulnerable to Al-Shabaab terrorists attack than before the KDF incursion by citing the frequencies of reprisal attacks from October 2011 to January 2013. Hence, our troops should be withdrawn and deployed within our boundary.

Thwarting Nonintrusive Occupancy Detection Attacks from Smart Meters

Directory of Open Access Journals (Sweden)

Dapeng Man

2017-01-01

Full Text Available Occupancy information is one of the most important privacy issues of a home. Unfortunately, an attacker is able to detect occupancy from smart meter data. The current battery-based load hiding (BLH methods cannot solve this problem. To thwart occupancy detection attacks, we propose a framework of battery-based schemes to prevent occupancy detection (BPOD. BPOD monitors the power consumption of a home and detects the occupancy in real time. According to the detection result, BPOD modifies those statistical metrics of power consumption, which highly correlate with the occupancy by charging or discharging a battery, creating a delusion that the home is always occupied. We evaluate BPOD in a simulation using several real-world smart meter datasets. Our experiment results show that BPOD effectively prevents the threshold-based and classifier-based occupancy detection attacks. Furthermore, BPOD is also able to prevent nonintrusive appliance load monitoring attacks (NILM as a side-effect of thwarting detection attacks.

Detecting peripheral-based attacks on the host memory

CERN Document Server

Stewin, Patrick

2015-01-01

This work addresses stealthy peripheral-based attacks on host computers and presents a new approach to detecting them. Peripherals can be regarded as separate systems that have a dedicated processor and dedicated runtime memory to handle their tasks. The book addresses the problem that peripherals generally communicate with the host via the host’s main memory, storing cryptographic keys, passwords, opened files and other sensitive data in the process – an aspect attackers are quick to exploit.  Here, stealthy malicious software based on isolated micro-controllers is implemented to conduct an attack analysis, the results of which provide the basis for developing a novel runtime detector. The detector reveals stealthy peripheral-based attacks on the host’s main memory by exploiting certain hardware properties, while a permanent and resource-efficient measurement strategy ensures that the detector is also capable of detecting transient attacks, which can otherwise succeed when the applied strategy only me...

Probability Assessment and Risk Management of Progressive Collapse in Strategic Buildings Facing Blast Loads

Directory of Open Access Journals (Sweden)

Gholamreza Abdollahzadeh

2016-12-01

Full Text Available Nowadays, as a result of increased terrorist and bomb attacks throughout the globe in the vicinity of strategic buildings, designing these structures against impact loads, particularly the blast-related ones, has been taken into more consideration. The current procedure for designing the structure against an explosion is a design against the local failure of the current elements in the first step and then, in the next step, against local damage as well as tactful thinking to prevent this damage from spreading to other parts of the structure. The present research investigates the impacts of explosives, derived from probable terror–stricken scenarios inside and outside a strategic four-story steel building with a special moment frame system. Then, the resistive capacity of the damaged building (due to blast has been evaluated against the progressive collapse, and finally, the rate of the collapse risk and the reliability of the structure have been obtained by presenting a probable method. Thus, the vulnerable parts inside and outside the building are identified and safety measures have been determined, so that in case of no safety or excessive collapse risk- access to dangerous parts of the building could be reinforced or limited. Results show that progressive collapse probability and reliability of the building are 57% and 43% respectively.

A Framework for Violence: Clarifying the Role of Motivation in Lone-Actor Terrorism

Science.gov (United States)

2017-03-01

percent), personal crises that might make a person receptive to violent thought or action (98 percent for school attackers and around 50 percent for...likely to verbalize intent to commit violence to friends/family/wider audience , have others aware of their grievance, express a desire to hurt others...Unabomber (Theodore Kaczynski) or Jared Loughner, is likely not receptive to moderate narratives that do not address the unique combination of personal

Why cryptography should not rely on physical attack complexity

CERN Document Server

Krämer, Juliane

2015-01-01

This book presents two practical physical attacks. It shows how attackers can reveal the secret key of symmetric as well as asymmetric cryptographic algorithms based on these attacks, and presents countermeasures on the software and the hardware level that can help to prevent them in the future. Though their theory has been known for several years now, since neither attack has yet been successfully implemented in practice, they have generally not been considered a serious threat. In short, their physical attack complexity has been overestimated and the implied security threat has been underestimated. First, the book introduces the photonic side channel, which offers not only temporal resolution, but also the highest possible spatial resolution. Due to the high cost of its initial implementation, it has not been taken seriously. The work shows both simple and differential photonic side channel analyses. Then, it presents a fault attack against pairing-based cryptography. Due to the need for at least two indepe...

Strategic management in company information centre

International Nuclear Information System (INIS)

Judita Kopacikova, J.

2004-01-01

The presentation deals with the necessity of strategic management in libraries and information centres, with the process of creation, realization and regulation of settlement of strategic objectives and plans. It analyzes two levels of strategic management - information support of strategic management towards the superior body, provider, top management of the enterprise and organisation and proper strategic management of the information workplace. Marginally it also interferes with the problems of the so-called functional strategies - personal, technical provision and marketing. The current political, economical, social and for librarians and informative workers even information environs are subject to review of continual changes and show the organisations, institutions, enterprises and libraries how to compete successfully in competition. Changes, which are typical for the current period, will continue constantly. Consequently we must try to get them under the control, respond to them elastically, to be ready for them and to expect and predict them. For their managing we keep the modern management tools and methods at disposal - strategic management, TQM, knowledge management, management of human sources, etc. Increasing intensity and change ranges in the environs around us effect exceeding of strategic management demand - strategy. The higher uncertainty of the future development and the more solution alternatives are, the more important demand for strategic thinking and strategic proceeding is. By the strategic management the strategic thinking is the supposition of success and increasing of the effectiveness, performance and quality of products and services are the target. The final outcome is a satisfied customer, reader, user and its purpose is a long-term success in the activity or in the business. (author)

Strategic management in company information centre

International Nuclear Information System (INIS)

Judita Kopacikova, J.

2004-01-01

The article deals with the necessity of strategic management in libraries and information centres, with the process of creation, realization and regulation of settlement of strategic objectives and plans. It analyzes two levels of strategic management - information support of strategic management towards the superior body, provider, top management of the enterprise and organisation and proper strategic management of the information workplace. Marginally it also interferes with the problems of the so-called functional strategies - personal, technical provision and marketing. The current political, economical, social and for librarians and informative workers even information environs are subject to review of continual changes and show the organisations, institutions, enterprises and libraries how to compete successfully in competition. Changes, which are typical for the current period, will continue constantly. Consequently we must try to get them under the control, respond to them elastically, to be ready for them and to expect and predict them. For their managing we keep the modern management tools and methods at disposal - strategic management, TQM, knowledge management, management of human sources, etc. Increasing intensity and change ranges in the environs around us effect exceeding of strategic management demand - strategy. The higher uncertainty of the future development and the more solution alternatives are, the more important demand for strategic thinking and strategic proceeding is. By the strategic management the strategic thinking is the supposition of success and increasing of the effectiveness, performance and quality of products and services are the target. The final outcome is a satisfied customer, reader, user and its purpose is a long-term success in the activity or in the business. (author)

Multi-Layer Approach for the Detection of Selective Forwarding Attacks.

Science.gov (United States)

Alajmi, Naser; Elleithy, Khaled

2015-11-19

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Multi-Layer Approach for the Detection of Selective Forwarding Attacks

Directory of Open Access Journals (Sweden)

Naser Alajmi

2015-11-01

Full Text Available Security breaches are a major threat in wireless sensor networks (WSNs. WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD. The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Using Model to Plan of Strategic Objectives

OpenAIRE

Terezie Bartusková; Jitka Baňařová; Zuzana Kusněřová

2012-01-01

Importance of strategic planning is unquestionable. However, the practical implementation of a strategic plan faces too many obstacles. The aim of the article is explained the importance of strategic planning and to find how companies in Moravian-Silesian Region deal with strategic planning, and to introduce the model, which helps to set strategic goals in financial indicators area. This model should be part of the whole process of strategic planning and can be use to predict the future value...

Adversarial Feature Selection Against Evasion Attacks.

Science.gov (United States)

Zhang, Fei; Chan, Patrick P K; Biggio, Battista; Yeung, Daniel S; Roli, Fabio

2016-03-01

Pattern recognition and machine learning techniques have been increasingly adopted in adversarial settings such as spam, intrusion, and malware detection, although their security against well-crafted attacks that aim to evade detection by manipulating data at test time has not yet been thoroughly assessed. While previous work has been mainly focused on devising adversary-aware classification algorithms to counter evasion attempts, only few authors have considered the impact of using reduced feature sets on classifier security against the same attacks. An interesting, preliminary result is that classifier security to evasion may be even worsened by the application of feature selection. In this paper, we provide a more detailed investigation of this aspect, shedding some light on the security properties of feature selection against evasion attacks. Inspired by previous work on adversary-aware classifiers, we propose a novel adversary-aware feature selection model that can improve classifier security against evasion attacks, by incorporating specific assumptions on the adversary's data manipulation strategy. We focus on an efficient, wrapper-based implementation of our approach, and experimentally validate its soundness on different application examples, including spam and malware detection.

Strategic versus financial investors: The role of strategic objectives in financial contracting

NARCIS (Netherlands)

Arping, S.; Falconieri, S.

2009-01-01

Strategic investors, such as corporate venture capitalists, engage in the financing of start-up firms to complement their core businesses and to facilitate the internalization of externalities. We argue that while strategic objectives make it more worthwhile for an investor to elicit high

Trojan-horse attacks on quantum-key-distribution systems

International Nuclear Information System (INIS)

Gisin, N.; Fasel, S.; Kraus, B.; Zbinden, H.; Ribordy, G.

2006-01-01

General Trojan-horse attacks on quantum-key-distribution systems, i.e., attacks on Alice or Bob's system via the quantum channel, are analyzed. We illustrate the power of such attacks with today's technology and conclude that all systems must implement active counter measures. In particular, all systems must include an auxiliary detector that monitors any incoming light. We show that such counter measures can be efficient, provided that enough additional privacy amplification is applied to the data. We present a practical way to reduce the maximal information gain that an adversary can gain using Trojan-horse attacks. This does reduce the security analysis of the two-way plug-and-play implementation to those of the standard one-way systems

Strategic Management of Large Projects

Institute of Scientific and Technical Information of China (English)

WangYingluo; LiuYi; LiYuan

2004-01-01

The strategic management of large projects is both theoretically and practically important. Some scholars have advanced flexible strategy theory in China. The difference of strategic flexibility and flexible strategy is pointed out. The supporting system and characteristics of flexible strategy are analyzed. The changes of flexible strategy and integration of strategic management are discussed.

12 CFR 308.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 4 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... PRACTICE RULES OF PRACTICE AND PROCEDURE Uniform Rules of Practice and Procedure § 308.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any...

12 CFR 19.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 1 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... OF PRACTICE AND PROCEDURE Uniform Rules of Practice and Procedure § 19.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any court concerning all...

Drammer : Deterministic Rowhammer attacks on mobile platforms

NARCIS (Netherlands)

Van Der Veen, Victor; Fratantonio, Yanick; Lindorfer, Martina; Gruss, Daniel; Maurice, Clémentine; Vigna, Giovanni; Bos, Herbert; Razavi, Kaveh; Giuffrida, Cristiano

2016-01-01

Recent work shows that the Rowhammer hardware bug can be used to craft powerful attacks and completely subvert a system. However, existing efforts either describe probabilistic (and thus unreliable) attacks or rely on special (and often unavailable) memory management features to place victim objects

A Comprehensive Taxonomy and Analysis of IEEE 802.15.4 Attacks

Directory of Open Access Journals (Sweden)

Yasmin M. Amin

2016-01-01

Full Text Available The IEEE 802.15.4 standard has been established as the dominant enabling technology for Wireless Sensor Networks (WSNs. With the proliferation of security-sensitive applications involving WSNs, WSN security has become a topic of great significance. In comparison with traditional wired and wireless networks, WSNs possess additional vulnerabilities which present opportunities for attackers to launch novel and more complicated attacks against such networks. For this reason, a thorough investigation of attacks against WSNs is required. This paper provides a single unified survey that dissects all IEEE 802.15.4 PHY and MAC layer attacks known to date. While the majority of existing references investigate the motive and behavior of each attack separately, this survey classifies the attacks according to clear metrics within the paper and addresses the interrelationships and differences between the attacks following their classification. The authors’ opinions and comments regarding the placement of the attacks within the defined classifications are also provided. A comparative analysis between the classified attacks is then performed with respect to a set of defined evaluation criteria. The first half of this paper addresses attacks on the IEEE 802.15.4 PHY layer, whereas the second half of the paper addresses IEEE 802.15.4 MAC layer attacks.

The accountability problem of flooding attacks in service-oriented architectures

DEFF Research Database (Denmark)

Jensen, Meiko; Schwenk, Jörg

2009-01-01

The threat of Denial of Service attacks poses a serious problem to the security of network-based services in general. For flooding attacks against service-oriented applications, this threat is dramatically amplified with potentially much higher impact and very little effort on the attacker's side....... Additionally, due to the high distribution of a SOA application's components, fending such attacks becomes a far more complex task. In this paper, we present the problem of accountability, referring to the issue of resolving the attacker in a highly distributed service-oriented application. Using a general...

Attack Helicopter Operations: Art or Science

Science.gov (United States)

1991-05-13

ATTACK HELICOPTER OPERATIONS: ART OR SCIENCE ? BY LIEUTENANT COLONEL JAN CALLEN United States Army DISTRIBUTION STATEMENT A: Approved for public release...TASK IWORK UNIT ELEMENT NO. NO. NO. ACCESSION NC 11. TITLE (Include Socurity Classification) Attack Helicopter Operations: Art or Science ? 12. PERSONAL...OPERATIONS: ART OR SCIENCE ? AN INDIVIDUAL STUDY PROJECT by Lieutenant Colonel Jan Callen United States Army Colonel Greg Snelgrove Project Adviser U.S

Attacker Model Lab

OpenAIRE

2006-01-01

tut quiz present Tutorial Quiz Presentation Interactive Media Element This interactive tutorial the two sub-classes of computer attackers: amateurs and professionals. It provides valuable insight into the nature of necessary protection measure for information assets. CS3600 Information Assurance: Introduction to Computer Security Course

Being Strategic in HE Management

Science.gov (United States)

West, Andrew

2008-01-01

The call to be strategic--and with it the concept of strategic management--can bring to mind a wide range of definitions, and there is now a huge array of academic literature supporting the different schools of thought. At a basic level, however, strategic thinking is probably most simply about focusing on the whole, rather than the part. In…

A Secure Localization Approach against Wormhole Attacks Using Distance Consistency

Directory of Open Access Journals (Sweden)

Lou Wei

2010-01-01

Full Text Available Wormhole attacks can negatively affect the localization in wireless sensor networks. A typical wormhole attack can be launched by two colluding attackers, one of which sniffs packets at one point in the network and tunnels them through a wired or wireless link to another point, and the other relays them within its vicinity. In this paper, we investigate the impact of the wormhole attack on the localization and propose a novel distance-consistency-based secure localization scheme against wormhole attacks, which includes three phases of wormhole attack detection, valid locators identification and self-localization. The theoretical model is further formulated to analyze the proposed secure localization scheme. The simulation results validate the theoretical results and also demonstrate the effectiveness of our proposed scheme.

Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication

Science.gov (United States)

Sasaki, Yu; Wang, Lei; Ohta, Kazuo; Kunihiro, Noboru

In this paper, we propose password recovery attacks against challenge-response authentication protocols. Our attacks use a message difference for a MD5 collision attack proposed in IEICE 2008. First, we show how to efficiently find a message pair that collides with the above message difference. Second, we show that a password used in authenticated post office protocol (APOP) can be recovered practically. We also show that the password recovery attack can be applied to a session initiation protocol (SIP) and digest authentication. Our attack can recover up to the first 31 password characters in a short time and up to the first 60 characters faster than the naive search method. We have implemented our attack and confirmed that 31 characters can be successfully recovered.

12 CFR 747.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... INVESTIGATIONS Uniform Rules of Practice and Procedure § 747.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any court concerning all or any part of an...

Phase-remapping attack in practical quantum-key-distribution systems

International Nuclear Information System (INIS)

Fung, Chi-Hang Fred; Qi, Bing; Lo, Hoi-Kwong; Tamaki, Kiyoshi

2007-01-01

Quantum key distribution (QKD) can be used to generate secret keys between two distant parties. Even though QKD has been proven unconditionally secure against eavesdroppers with unlimited computation power, practical implementations of QKD may contain loopholes that may lead to the generated secret keys being compromised. In this paper, we propose a phase-remapping attack targeting two practical bidirectional QKD systems (the 'plug-and-play' system and the Sagnac system). We showed that if the users of the systems are unaware of our attack, the final key shared between them can be compromised in some situations. Specifically, we showed that, in the case of the Bennett-Brassard 1984 (BB84) protocol with ideal single-photon sources, when the quantum bit error rate (QBER) is between 14.6% and 20%, our attack renders the final key insecure, whereas the same range of QBER values has been proved secure if the two users are unaware of our attack; also, we demonstrated three situations with realistic devices where positive key rates are obtained without the consideration of Trojan horse attacks but in fact no key can be distilled. We remark that our attack is feasible with only current technology. Therefore, it is very important to be aware of our attack in order to ensure absolute security. In finding our attack, we minimize the QBER over individual measurements described by a general POVM, which has some similarity with the standard quantum state discrimination problem

Effectiveness of the Call in Beach Volleyball Attacking Play

Directory of Open Access Journals (Sweden)

Künzell Stefan

2014-12-01

Full Text Available In beach volleyball the setter has the opportunity to give her or his hitter a “call”. The call intends that the setter suggests to her or his partner where to place the attack in the opponent’s court. The effectiveness of a call is still unknown. We investigated the women’s and men’s Swiss National Beach Volleyball Championships in 2011 and analyzed 2185 attacks. We found large differences between female and male players. While men called in only 38.4% of attacks, women used calls in 85.5% of attacks. If the male players followed a given call, 63% of the attacks were successful. The success rate of attacks without any call was 55.8% and 47.6% when the call was ignored. These differences were not significant (χ2(2 = 4.55, p = 0.103. In women’s beach volleyball, the rate of successful attacks was 61.5% when a call was followed, 35% for attacks without a call, and 42.6% when a call was ignored. The differences were highly significant (χ2(2 = 23.42, p < 0.0005. Taking into account the findings of the present study, we suggested that the call was effective in women’s beach volleyball, while its effect in men’s game was unclear. Considering the quality of calls we indicate that there is a significant potential to increase the effectiveness of a call.

Strategic Studies Quarterly- Spring 2016

Science.gov (United States)

2016-01-01

martial culture -is instructive of deterrence calculations in the present day. On the contrary, many foreign strategists now believe that weapons in the...the coast of the Indian city of Porbandar, Gujarat, prompting specula- tion that a Mumbai -style terrorist attack had been narrowly averted.3 Later...specialists is that the likely catalyst for a Cold Start offensive is a major terrorist attack similar to the parliament incident or Mumbai attack of 2008

Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis.

Science.gov (United States)

Zhou, Wei; Wen, Junhao; Koh, Yun Sing; Xiong, Qingyu; Gao, Min; Dobbie, Gillian; Alam, Shafiq

2015-01-01

Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis

Science.gov (United States)

Zhou, Wei; Wen, Junhao; Koh, Yun Sing; Xiong, Qingyu; Gao, Min; Dobbie, Gillian; Alam, Shafiq

2015-01-01

Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim’ based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks. PMID:26222882

Strategic management process in hospitals.

Science.gov (United States)

Zovko, V

2001-01-01

Strategic management is concerned with strategic choices and strategic implementation; it provides the means by which organizations meet their objectives. In the case of hospitals it helps executives and all employees to understand the real purpose and long term goals of the hospital. Also, it helps the hospital find its place in the health care service provision chain, and enables the hospital to coordinate its activities with other organizations in the health care system. Strategic management is a tool, rather than a solution, that helps executives to identify root causes of major problems in the hospital.

Collaborative Attack Mitigation and Response: A survey

NARCIS (Netherlands)

Steinberger, Jessica; Sperotto, Anna; Baier, Harald; Pras, Aiko

2015-01-01

Over recent years, network-based attacks have become to one of the top causes of network infrastructure and service outages. To counteract a network-based attack, an approach is to move mitigation from the target network to the networks of Internet Service Providers (ISP). However, it remains

A Unique Fatal Moose Attack Mimicking Homicide.

Science.gov (United States)

Gudmannsson, Petur; Berge, Johan; Druid, Henrik; Ericsson, Göran; Eriksson, Anders

2018-03-01

Fatalities caused by animal attacks are rare, but have the potential to mimic homicide. We present a case in which a moose attacked and killed a woman who was walking her dog in a forest. Autopsy showed widespread blunt trauma with a large laceration on one leg in which blades of grass were embedded. Flail chest was the cause of death. The case was initially conceived as homicide by means of a riding lawn mower. A review of the case by moose experts and analyses of biological trace material that proved to originate from moose, established the true source of injury. The dog probably provoked a moose, which, in response, stomped and gored the victim to death. The injuries resembled those previously reported from attacks by cattle and water buffalo. Fatal moose attacks constitute an extremely rare threat in boreal areas, but can be considered in traumatic deaths of unknown cause. © 2017 American Academy of Forensic Sciences.

The role of sleep in migraine attacks

Directory of Open Access Journals (Sweden)

Elaine Inamorato

1993-11-01

Full Text Available Migraine attacks may be precipitated by sleep deprivation or excessive sleep and sleep is also associated with relief of migraine attacks. In view of this variable relationship we studied the records of 159 consecutive outpatients of our Headache Unit. In 121 records there was reference to sleep involvement, in 55% by a single form and in 45% by more than one form. When only one form was related, relief was most common (70%. 30% of that group of patients had the migraine attack precipitated by sleep, 24% by deprivation and 6% by sleep excess. When the effects of sleep were multiple, these effects were as expected logically in 65%: «in accordance» group (e.g attack precipitated by sleep deprivation and relieved by sleep onset. In a second group, («conflicting» where the involvement was not logical, there were three different combinations of sleep involvement, possibly due to more than one pathophysiological mechanism.

When Math Hurts: Math Anxiety Predicts Pain Network Activation in Anticipation of Doing Math

Science.gov (United States)

Lyons, Ian M.; Beilock, Sian L.

2012-01-01

Math can be difficult, and for those with high levels of mathematics-anxiety (HMAs), math is associated with tension, apprehension, and fear. But what underlies the feelings of dread effected by math anxiety? Are HMAs’ feelings about math merely psychological epiphenomena, or is their anxiety grounded in simulation of a concrete, visceral sensation – such as pain – about which they have every right to feel anxious? We show that, when anticipating an upcoming math-task, the higher one’s math anxiety, the more one increases activity in regions associated with visceral threat detection, and often the experience of pain itself (bilateral dorso-posterior insula). Interestingly, this relation was not seen during math performance, suggesting that it is not that math itself hurts; rather, the anticipation of math is painful. Our data suggest that pain network activation underlies the intuition that simply anticipating a dreaded event can feel painful. These results may also provide a potential neural mechanism to explain why HMAs tend to avoid math and math-related situations, which in turn can bias HMAs away from taking math classes or even entire math-related career paths. PMID:23118929

When math hurts: math anxiety predicts pain network activation in anticipation of doing math.

Directory of Open Access Journals (Sweden)

Ian M Lyons

Full Text Available Math can be difficult, and for those with high levels of mathematics-anxiety (HMAs, math is associated with tension, apprehension, and fear. But what underlies the feelings of dread effected by math anxiety? Are HMAs' feelings about math merely psychological epiphenomena, or is their anxiety grounded in simulation of a concrete, visceral sensation - such as pain - about which they have every right to feel anxious? We show that, when anticipating an upcoming math-task, the higher one's math anxiety, the more one increases activity in regions associated with visceral threat detection, and often the experience of pain itself (bilateral dorso-posterior insula. Interestingly, this relation was not seen during math performance, suggesting that it is not that math itself hurts; rather, the anticipation of math is painful. Our data suggest that pain network activation underlies the intuition that simply anticipating a dreaded event can feel painful. These results may also provide a potential neural mechanism to explain why HMAs tend to avoid math and math-related situations, which in turn can bias HMAs away from taking math classes or even entire math-related career paths.

When math hurts: math anxiety predicts pain network activation in anticipation of doing math.

Science.gov (United States)

Lyons, Ian M; Beilock, Sian L

2012-01-01

Math can be difficult, and for those with high levels of mathematics-anxiety (HMAs), math is associated with tension, apprehension, and fear. But what underlies the feelings of dread effected by math anxiety? Are HMAs' feelings about math merely psychological epiphenomena, or is their anxiety grounded in simulation of a concrete, visceral sensation - such as pain - about which they have every right to feel anxious? We show that, when anticipating an upcoming math-task, the higher one's math anxiety, the more one increases activity in regions associated with visceral threat detection, and often the experience of pain itself (bilateral dorso-posterior insula). Interestingly, this relation was not seen during math performance, suggesting that it is not that math itself hurts; rather, the anticipation of math is painful. Our data suggest that pain network activation underlies the intuition that simply anticipating a dreaded event can feel painful. These results may also provide a potential neural mechanism to explain why HMAs tend to avoid math and math-related situations, which in turn can bias HMAs away from taking math classes or even entire math-related career paths.

Changes in vestibular evoked myogenic potentials after Meniere attacks.

Science.gov (United States)

Kuo, Shih-Wei; Yang, Ting-Hua; Young, Yi-Ho

2005-09-01

The aim of this study was to apply videonystagmography (VNG) and vestibular evoked myogenic potential (VEMP) tests to patients with Meniere attacks, to explore the mechanics of where saccular disorders may affect the semicircular canals. From January 2001 to December 2003, 12 consecutive patients with unilateral definite Meniere's disease with vertiginous attacks underwent VNG for recording spontaneous nystagmus, as well as VEMP tests. At the very beginning of the Meniere attack, the spontaneous nystagmus beat toward the lesion side in 5 patients (42%) and toward the healthy side in 7 patients (58%). Twenty-four hours later, only 6 patients (50%) showed spontaneous nystagmus beating toward the healthy side. Nevertheless, spontaneous nystagmus subsided in all patients within 48 hours. The VEMP test was performed within 24 hours of a Meniere attack; the VEMPs were normal in 4 patients and abnormal in 8 patients (67%). After 48 hours, 4 patients with initially abnormal VEMPs had resolution and return to normal VEMPs, and the other 4 patients still had absent VEMPs. Most patients (67%) with Meniere attacks revealed abnormal VEMPs, indicating that the saccule participates in a Meniere attack. This is an important idea that stimulates consideration of the mechanism of Meniere attacks.

Value oriented strategic marketing

Directory of Open Access Journals (Sweden)

Milisavljević Momčilo

2013-01-01

Full Text Available Changes in today's business environment require companies to orient to strategic marketing. The company accepting strategic marketing has a proactive approach and focus on continuous review and reappraisal of existing and seeking new strategic business areas. Difficulties in achieving target profit and growth require turning marketing from the dominant viewpoint of the tangible product to creating superior value and developing relationships with customers. Value orientation implies gaining competitive advantage through continuous research and understanding of what value represents to the consumers and discovering new ways to meet their required values. Strategic marketing investment requires that the investment in the creation of values should be regularly reviewed in order to ensure a focus on customers with high profit potential and environmental value. This increases customer satisfaction and retention and long-term return on investment of companies.

Efficiency audit for IT-systems of state management strategic objects

Directory of Open Access Journals (Sweden)

Abasov V.A.

2017-06-01

Full Text Available Hackers’ attacks at the end of 2016 and at the beginning of 2017 р. on governmental information and telecommunication systems, including Ministry of Finance in Ukraine, and State Treasury Department, caused vast delays in budgetary payments. They showed «sensitiveness» and insecurity of governmental institutions for cyber-attacks because of control absence of three main security measures, such as technical limitations for downloading programs, limited use of rights for local administrators, systematical software renewals. International experience shows these security measures of governmental IT-systems have to be the audit subject of state financial control authorities. The base of information technology audit was initiated in the studies of І.К. Drozd, S.V. Іvachnenkova, М.М. Benko, Ju.А. Кuxminskiy, А.V. Мamyshev. Simultaneously, the issue of IT-system state audit was examined in theoretical researches partially because there is no practice of such audit in Ukraine. That is why it is necessary to learn international practice of efficiency audit for IT-systems and world standards for establishments of state management sector. The research allowed to propose the methodology of efficiency audit for IT-systems for state institutions; the methodology provides planning and conducting the main procedures on the base of risk estimation of security threats for information systems. The author determines the peculiarities in security risk management for IT-systems by means of risk estimation of security components of IT-systems while conducting efficiency audit. The author sets the method of descending step-by-step detailing for audit estimation of IT-system risk management efficiency at strategic enterprises belonging to state management sector by means of adaptation of ISSAI standard norms. The paper proposes three possible options of management solution concerning IT-system risk management efficiency on the base of information about the

Messaging Attacks on Android: Vulnerabilities and Intrusion Detection

Directory of Open Access Journals (Sweden)

Khodor Hamandi

2015-01-01

Full Text Available Currently, Android is the leading mobile operating system in number of users worldwide. On the security side, Android has had significant challenges despite the efforts of the Android designers to provide a secure environment for apps. In this paper, we present numerous attacks targeting the messaging framework of the Android system. Our focus is on SMS, USSD, and the evolution of their associated security in Android and accordingly the development of related attacks. Also, we shed light on the Android elements that are responsible for these attacks. Furthermore, we present the architecture of an intrusion detection system (IDS that promises to thwart SMS messaging attacks. Our IDS shows a detection rate of 87.50% with zero false positives.

Defending networks against denial-of-service attacks

Science.gov (United States)

Gelenbe, Erol; Gellman, Michael; Loukas, George

2004-11-01

Denial of service attacks, viruses and worms are common tools for malicious adversarial behavior in networks. Experience shows that over the last few years several of these techniques have probably been used by governments to impair the Internet communications of various entities, and we can expect that these and other information warfare tools will be used increasingly as part of hostile behavior either independently, or in conjunction with other forms of attack in conventional or asymmetric warfare, as well as in other forms of malicious behavior. In this paper we concentrate on Distributed Denial of Service Attacks (DDoS) where one or more attackers generate flooding traffic and direct it from multiple sources towards a set of selected nodes or IP addresses in the Internet. We first briefly survey the literature on the subject, and discuss some examples of DDoS incidents. We then present a technique that can be used for DDoS protection based on creating islands of protection around a critical information infrastructure. This technique, that we call the CPN-DoS-DT (Cognitive Packet Networks DoS Defence Technique), creates a self-monitoring sub-network surrounding each critical infrastructure node. CPN-DoS-DT is triggered by a DDoS detection scheme, and generates control traffic from the objects of the DDoS attack to the islands of protection where DDOS packet flows are destroyed before they reach the critical infrastructure. We use mathematical modelling, simulation and experiments on our test-bed to show the positive and negative outcomes that may result from both the attack, and the CPN-DoS-DT protection mechanism, due to imperfect detection and false alarms.

Jesus the Strategic Leader

National Research Council Canada - National Science Library

Martin, Gregg

2000-01-01

Jesus was a great strategic leader who changed the world in many ways. Close study of what he did and how he did it reveals a pattern of behavior that is extremely useful and relevant to the modern strategic leader...

Strategic Alliance Development - A Process Model A Case Study Integrating Elements of Strategic Alliances

OpenAIRE

Mohd Yunos, Mohd Bulkiah

2007-01-01

There has been enormous increase in the formation of strategic alliance and the research efforts devoted to understanding alliance development process over the last few decades. However, the critical elements that influence the each stage of alliance development are yet unexplored. This dissertation aims to fill this gap and to supplement it by introducing an integrated process model of strategic alliance development and its critical elements. The process model for strategic alliance developm...

Performance Improvement of Power Analysis Attacks on AES with Encryption-Related Signals

Science.gov (United States)

Lee, You-Seok; Lee, Young-Jun; Han, Dong-Guk; Kim, Ho-Won; Kim, Hyoung-Nam

A power analysis attack is a well-known side-channel attack but the efficiency of the attack is frequently degraded by the existence of power components, irrelative to the encryption included in signals used for the attack. To enhance the performance of the power analysis attack, we propose a preprocessing method based on extracting encryption-related parts from the measured power signals. Experimental results show that the attacks with the preprocessed signals detect correct keys with much fewer signals, compared to the conventional power analysis attacks.

The paradox of strategic environmental assessment

Energy Technology Data Exchange (ETDEWEB)

Bidstrup, Morten, E-mail: bidstrup@plan.aau.dk; Hansen, Anne Merrild, E-mail: merrild@plan.aau.dk

2014-07-01

Strategic Environmental Assessment (SEA) is a tool that can facilitate sustainable development and improve decision-making by introducing environmental concern early in planning processes. However, various international studies conclude that current planning practice is not taking full advantage of the tool, and we therefore define the paradox of SEA as the methodological ambiguity of non-strategic SEA. This article explores causality through at three-step case study on aggregates extraction planning in Denmark, which consists of a document analysis; a questionnaire survey and follow-up communication with key planners. Though the environmental reports on one hand largely lack strategic considerations, practitioners express an inherent will for strategy and reveal that their SEAs in fact have been an integrated part of the planning process. Institutional context is found to be the most significant barrier for a strategy and this suggests that non-strategic planning setups can prove more important than non-strategic planning in SEA practice. Planners may try to execute strategy within the confinements of SEA-restricted planning contexts; however, such efforts can be overlooked if evaluated by a narrow criterion for strategy formation. Consequently, the paradox may also spark from challenged documentation. These findings contribute to the common understanding of SEA quality; however, further research is needed on how to communicate and influence the strategic options which arguably remain inside non-strategic planning realities. - Highlights: • International studies conclude that SEAs are not strategic. = The paradox of SEA. • Even on the highest managerial level, some contexts do not leave room for strategy. • Non-strategic SEA can derive from challenged documentation. • Descriptive and emergent strategy formation can, in practice, be deemed non-strategic.

The paradox of strategic environmental assessment

International Nuclear Information System (INIS)

Bidstrup, Morten; Hansen, Anne Merrild

2014-01-01

Strategic Environmental Assessment (SEA) is a tool that can facilitate sustainable development and improve decision-making by introducing environmental concern early in planning processes. However, various international studies conclude that current planning practice is not taking full advantage of the tool, and we therefore define the paradox of SEA as the methodological ambiguity of non-strategic SEA. This article explores causality through at three-step case study on aggregates extraction planning in Denmark, which consists of a document analysis; a questionnaire survey and follow-up communication with key planners. Though the environmental reports on one hand largely lack strategic considerations, practitioners express an inherent will for strategy and reveal that their SEAs in fact have been an integrated part of the planning process. Institutional context is found to be the most significant barrier for a strategy and this suggests that non-strategic planning setups can prove more important than non-strategic planning in SEA practice. Planners may try to execute strategy within the confinements of SEA-restricted planning contexts; however, such efforts can be overlooked if evaluated by a narrow criterion for strategy formation. Consequently, the paradox may also spark from challenged documentation. These findings contribute to the common understanding of SEA quality; however, further research is needed on how to communicate and influence the strategic options which arguably remain inside non-strategic planning realities. - Highlights: • International studies conclude that SEAs are not strategic. = The paradox of SEA. • Even on the highest managerial level, some contexts do not leave room for strategy. • Non-strategic SEA can derive from challenged documentation. • Descriptive and emergent strategy formation can, in practice, be deemed non-strategic

Strategic aspects of innovation management

Directory of Open Access Journals (Sweden)

Baruk Jerzy

2017-12-01

Full Text Available Innovations are regarded as the main factor for the development of organizations, regions and whole economies. In practice the innovativeness of economic entities is limited by many factors of internal and external origin. Among the internal factors there are factors associated with management itself focusing the attention of managers on the current problems, limited utilization of modern methods of management, especially strategic management and innovation management. In this publication the emphasis was put on the discussion of the essence of strategic approach to innovation management; the essence of strategic innovations and their role in the development of organizations; three model solutions were proposed, they facilitate: rationalization of decision-making processes for the selection of the strategy of innovative activity; making rational decisions with regard to the moments for the implementation of strategic and facilitating innovations; making rational decisions based on the cycle of strategic innovation in the horizontal and vertical system. Thus, the goal of this publication is to propose a strategic approach to innovation management based not on an intuitive approach, but on a rational approach using chosen model solutions.

Mass casualty response in the 2008 Mumbai terrorist attacks.

Science.gov (United States)

Roy, Nobhojit; Kapil, Vikas; Subbarao, Italo; Ashkenazi, Isaac

2011-12-01

The November 26-29, 2008, terrorist attacks on Mumbai were unique in its international media attention, multiple strategies of attack, and the disproportionate national fear they triggered. Everyone was a target: random members of the general population, iconic targets, and foreigners alike were under attack by the terrorists. A retrospective, descriptive study of the distribution of terror victims to various city hospitals, critical radius, surge capacity, and the nature of specialized medical interventions was gathered through police, legal reports, and interviews with key informants. Among the 172 killed and 304 injured people, about four-fifths were men (average age, 33 years) and 12% were foreign nationals. The case-fatality ratio for this event was 2.75:1, and the mortality rate among those who were critically injured was 12%. A total of 38.5% of patients arriving at the hospitals required major surgical intervention. Emergency surgical operations were mainly orthopedic (external fixation for compound fractures) and general surgical interventions (abdominal explorations for penetrating bullet/shrapnel injuries). The use of heavy-duty automatic weapons, explosives, hostages, and arson in these terrorist attacks alerts us to new challenges to medical counterterrorism response. The need for building central medical control for a coordinated response and for strengthening public hospital capacity are lessons learned for future attacks. These particular terrorist attacks had global consequences, in terms of increased security checks and alerts for and fears of further similar "Mumbai-style" attacks. The resilience of the citizens of Mumbai is a critical measure of the long-term effects of terror attacks.

Towards Global Jihadism: Al-Qaeda's Strategic, Ideological and Structural Adaptations since 9/11

Directory of Open Access Journals (Sweden)

Bill Braniff

2011-05-01

Full Text Available In recent years, Al-Qaeda has suffered a number of setbacks, but has also successfully spawned an expansionist global jihadist movement that will survive the death of Osama bin Laden. This article describes how the multifaceted threat posed by global jihadism has evolved over the last decade. It first recounts some of the more salient examples of Al-Qaeda’s post-9/11 strategic, ideological, and structural adaptations, and then offers a balance sheet of Al-Qaeda’s contemporary strengths and weaknesses. Al-Qaeda continues to enable the violence of others, orient that violence towards the United States and its allies in a distributed game of attrition warfare, and foster a dichotomous “us versus them” narrative between the Muslim world and the rest of the international community. Despite this overarching consistency, Al-Qaeda shepherds a different phenomenon than it did ten years ago. The aggregation of the movement’s strategic, ideological, and structural adaptations has fundamentally changed the nature of the jihadist threat to the West. This evolved threat is not inherently more dangerous, as counterterrorism efforts today focus on and disrupt capability earlier and more consistently than prior to September 2001. This multifaceted global jihad will, however, continue to produce greater numbers of attacks in more locations, from a more diverse cadre of individuals spanning a wider ideological spectrum.   

1994 Attack Team Workshop: Phase II - Full-Scale Offensive Fog Attack Tests

National Research Council Canada - National Science Library

Scheffey, Joseph

1997-01-01

.... This report demonstrates the benefits of using a medium angle fog stream to control the overhead fire threat when conducting a direct attack on a growing/steady state fire where the sea of the fire is obstructed...

Network overload due to massive attacks

Science.gov (United States)

Kornbluth, Yosef; Barach, Gilad; Tuchman, Yaakov; Kadish, Benjamin; Cwilich, Gabriel; Buldyrev, Sergey V.

2018-05-01

We study the cascading failure of networks due to overload, using the betweenness centrality of a node as the measure of its load following the Motter and Lai model. We study the fraction of survived nodes at the end of the cascade pf as a function of the strength of the initial attack, measured by the fraction of nodes p that survive the initial attack for different values of tolerance α in random regular and Erdös-Renyi graphs. We find the existence of a first-order phase-transition line pt(α ) on a p -α plane, such that if p pt , pf is large and the giant component of the network is still present. Exactly at pt, the function pf(p ) undergoes a first-order discontinuity. We find that the line pt(α ) ends at a critical point (pc,αc) , in which the cascading failures are replaced by a second-order percolation transition. We find analytically the average betweenness of nodes with different degrees before and after the initial attack, we investigate their roles in the cascading failures, and we find a lower bound for pt(α ) . We also study the difference between localized and random attacks.

Novel mechanism of network protection against the new generation of cyber attacks

Science.gov (United States)

Milovanov, Alexander; Bukshpun, Leonid; Pradhan, Ranjit

2012-06-01

A new intelligent mechanism is presented to protect networks against the new generation of cyber attacks. This mechanism integrates TCP/UDP/IP protocol stack protection and attacker/intruder deception to eliminate existing TCP/UDP/IP protocol stack vulnerabilities. It allows to detect currently undetectable, highly distributed, low-frequency attacks such as distributed denial-of-service (DDoS) attacks, coordinated attacks, botnet, and stealth network reconnaissance. The mechanism also allows insulating attacker/intruder from the network and redirecting the attack to a simulated network acting as a decoy. As a result, network security personnel gain sufficient time to defend the network and collect the attack information. The presented approach can be incorporated into wireless or wired networks that require protection against known and the new generation of cyber attacks.

Crisis - Strategic Management in Public Relation

OpenAIRE

Saari Ahmad

2012-01-01

This is a concept paper to explore the strategic management approaches in public relations during crisis. The main objective of this article is to identify the most effective action plan for Public relation. The review of the strategic management in public relations literature reveals that the relationship between strategic management and public relations is still vague. Four stages were identified in the process of establishing the action plan for public relations and eleven strategic action...

Strategic Management in Times of Crisis

OpenAIRE

Groh, Maximilian

2014-01-01

This aim of this article is to identify unusual strategic-management matters in times of crisis. The research scope is strategic management processes, the characteristics of the processes and methods of strategic crisis management. The study reports research on the contemporary state of strategic crisis-management problems and provides an analysis of some theoretical and methodological principles. The analysis includes a classification of the main problems which must be solved for efficient, ...

STRATEGIC MANAGEMENT ACCOUNTING: DEFINITION AND TOOLS

OpenAIRE

Pylypiv, Nadiia; Pіatnychuk, Iryna

2017-01-01

The article is dedicated to learning the essence of the definition of “strategic management accounting” in domestic and foreign literature. Strategic management accounting tools has been studied and identified constraints that affect its choice. The result of the study is that the understanding of strategic management accounting was formed by authors. The tools which are common for both traditional managerial accounting and strategic and the specific tools necessary for efficient implementati...

Software test attacks to break mobile and embedded devices

CERN Document Server

Hagar, Jon Duncan

2013-01-01

Address Errors before Users Find Them Using a mix-and-match approach, Software Test Attacks to Break Mobile and Embedded Devices presents an attack basis for testing mobile and embedded systems. Designed for testers working in the ever-expanding world of ""smart"" devices driven by software, the book focuses on attack-based testing that can be used by individuals and teams. The numerous test attacks show you when a software product does not work (i.e., has bugs) and provide you with information about the software product under test. The book guides you step by step starting with the basics. It

Modeling attacking of high skills volleyball players

Directory of Open Access Journals (Sweden)

Vladimir Gamaliy

2014-12-01

Full Text Available Purpose: to determine the model indicators of technical and tactical actions in the attack highly skilled volleyball players. Material and Methods: the study used statistical data of major international competitions: Olympic Games – 2012 World Championships – 2010, World League – 2010–2014 European Championship – 2010–2014. A total of 130 analyzed games. Methods were used: analysis and generalization of scientific and methodological literature, analysis of competitive activity highly skilled volleyball players, teacher observation, modeling technical and tactical actions in attacking highly skilled volleyball players. Results: it was found that the largest volume application of technical and tactical actions in the attack belongs to the group tactics «supple movement», whose indicator is 21,3%. The smallest amount of application belongs to the group tactics «flight level» model whose indicators is 5,4%, the efficiency of 3,4%, respectively. It is found that the power service in the jump from model parameters used in 51,6% of cases, the planning targets – 21,7% and 4,4% planning to reduce. Attacks performed with the back line, on model parameters used in the amount of 20,8% efficiency –13,7%. Conclusions: we prove that the performance of technical and tactical actions in the attack can be used as model in the control system of training and competitive process highly skilled volleyball players

Sleep Deprivation Attack Detection in Wireless Sensor Network

OpenAIRE

Bhattasali, Tapalina; Chaki, Rituparna; Sanyal, Sugata

2012-01-01

Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maxi...

Calcium Supplements: A Risk Factor for Heart Attack?

Science.gov (United States)

... factor for heart attack? I've read that calcium supplements may increase the risk of heart attack. ... D. Some doctors think it's possible that taking calcium supplements may increase your risk of a heart ...

Using the Domain Name System to Thwart Automated Client-Based Attacks

Energy Technology Data Exchange (ETDEWEB)

Taylor, Curtis R [ORNL; Shue, Craig A [ORNL

2011-09-01

On the Internet, attackers can compromise systems owned by other people and then use these systems to launch attacks automatically. When attacks such as phishing or SQL injections are successful, they can have negative consequences including server downtime and the loss of sensitive information. Current methods to prevent such attacks are limited in that they are application-specific, or fail to block attackers. Phishing attempts can be stopped with email filters, but if the attacker manages to successfully bypass these filters, then the user must determine if the email is legitimate or not. Unfortunately, they often are unable to do so. Since attackers have a low success rate, they attempt to compensate for it in volume. In order to have this high throughput, attackers take shortcuts and break protocols. We use this knowledge to address these issues by implementing a system that can detect malicious activity and use it to block attacks. If the client fails to follow proper procedure, they can be classified as an attacker. Once an attacker has been discovered, they will be isolated and monitored. This can be accomplished using existing software in Ubuntu Linux applications, along with our custom wrapper application. After running the system and seeing its performance on three popular Web browsers Chromium, Firefox and Internet Explorer as well as two popular email clients, Thunderbird and Evolution, we found that not only is this system conceivable, it is effective and has low overhead.

Strategic Self-Ignorance

DEFF Research Database (Denmark)

Thunström, Linda; Nordström, Leif Jonas; Shogren, Jason F.

We examine strategic self-ignorance—the use of ignorance as an excuse to overindulge in pleasurable activities that may be harmful to one’s future self. Our model shows that guilt aversion provides a behavioral rationale for present-biased agents to avoid information about negative future impacts...... of such activities. We then confront our model with data from an experiment using prepared, restaurant-style meals — a good that is transparent in immediate pleasure (taste) but non-transparent in future harm (calories). Our results support the notion that strategic self-ignorance matters: nearly three of five...... subjects (58 percent) chose to ignore free information on calorie content, leading at-risk subjects to consume significantly more calories. We also find evidence consistent with our model on the determinants of strategic self-ignorance....

Strategic self-ignorance

DEFF Research Database (Denmark)

Thunström, Linda; Nordström, Leif Jonas; Shogren, Jason F.

2016-01-01

We examine strategic self-ignorance—the use of ignorance as an excuse to over-indulge in pleasurable activities that may be harmful to one’s future self. Our model shows that guilt aversion provides a behavioral rationale for present-biased agents to avoid information about negative future impacts...... of such activities. We then confront our model with data from an experiment using prepared, restaurant-style meals—a good that is transparent in immediate pleasure (taste) but non-transparent in future harm (calories). Our results support the notion that strategic self-ignorance matters: nearly three of five...... subjects (58%) chose to ignore free information on calorie content, leading at-risk subjects to consume significantly more calories. We also find evidence consistent with our model on the determinants of strategic self-ignorance....

STRATEGIC BUSINESS UNIT – THE CENTRAL ELEMENT OF THE BUSINESS PORTFOLIO STRATEGIC PLANNING PROCESS

OpenAIRE

FLORIN TUDOR IONESCU

2011-01-01

Over time, due to changes in the marketing environment, generated by the tightening competition, technological, social and political pressures the companies have adopted a new approach, by which the potential businesses began to be treated as strategic business units. A strategic business unit can be considered a part of a company, a product line within a division, and sometimes a single product or brand. From a strategic perspective, the diversified companies represent a collection of busine...

Multilevel Modeling of Distributed Denial of Service Attacks in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Katarzyna Mazur

2016-01-01

Full Text Available The growing popularity of wireless sensor networks increases the risk of security attacks. One of the most common and dangerous types of attack that takes place these days in any electronic society is a distributed denial of service attack. Due to the resource constraint nature of mobile sensors, DDoS attacks have become a major threat to its stability. In this paper, we established a model of a structural health monitoring network, being disturbed by one of the most common types of DDoS attacks, the flooding attack. Through a set of simulations, we explore the scope of flood-based DDoS attack problem, assessing the performance and the lifetime of the network under the attack condition. To conduct our research, we utilized the Quality of Protection Modeling Language. With the proposed approach, it was possible to examine numerous network configurations, parameters, attack options, and scenarios. The results of the carefully performed multilevel analysis allowed us to identify a new kind of DDoS attack, the delayed distributed denial of service, by the authors, referred to as DDDoS attack. Multilevel approach to DDoS attack analysis confirmed that, examining endangered environments, it is significant to take into account many characteristics at once, just to not overlook any important aspect.

Exploiting Small Leakages in Masks to Turn a Second-Order Attack into a First-Order Attack and Improved Rotating Substitution Box Masking with Linear Code Cosets

Science.gov (United States)

DeTrano, Alexander; Karimi, Naghmeh; Karri, Ramesh; Guo, Xiaofei; Carlet, Claude; Guilley, Sylvain

2015-01-01

Masking countermeasures, used to thwart side-channel attacks, have been shown to be vulnerable to mask-extraction attacks. State-of-the-art mask-extraction attacks on the Advanced Encryption Standard (AES) algorithm target S-Box recomputation schemes but have not been applied to scenarios where S-Boxes are precomputed offline. We propose an attack targeting precomputed S-Boxes stored in nonvolatile memory. Our attack targets AES implemented in software protected by a low entropy masking scheme and recovers the masks with 91% success rate. Recovering the secret key requires fewer power traces (in fact, by at least two orders of magnitude) compared to a classical second-order attack. Moreover, we show that this attack remains viable in a noisy environment or with a reduced number of leakage points. Eventually, we specify a method to enhance the countermeasure by selecting a suitable coset of the masks set. PMID:26491717

Quick Reference: Cyber Attacks Awareness and Prevention Method for Home Users

OpenAIRE

Haydar Teymourlouei

2015-01-01

It is important to take security measures to protect your computer information, reduce identify theft, and prevent from malicious cyber-attacks. With cyber-attacks on the continuous rise, people need to understand and learn ways to prevent from these attacks. Cyber-attack is an important factor to be considered if one is to be able to protect oneself from malicious attacks. Without proper security measures, most computer technology would hinder home users more than such t...

Is strategic stockpiling essential?

International Nuclear Information System (INIS)

Anon.

2007-01-01

As mentioned by the European Commission, a consultant has surveyed stakeholders on the concept of setting up strategic stockpiles of natural gas, namely to boost the security of Europe's supply, much like the strategic stockpiling for petroleum products the OECD member countries carried out after the petroleum crisis. If strategic stockpiling consists in blocking off a quantity of gas in addition to the usable stockpile, the AFG believes it is necessary to assess the implications of such a measure and to examine the security gain it would actually offer compared to the measures that have already been implemented to secure supplies. (author)

Sensation seeking in a community sample of French gamblers: Comparison between strategic and non-strategic gamblers.

Science.gov (United States)

Bonnaire, Céline; Bungener, Catherine; Varescon, Isabelle

2017-04-01

The purpose of this research is to examine the relationship between sensation seeking and gambling disorder (GD) in a community sample of gamblers (when controlling for the effect of substance use, gender and age) and see whether sensation seeking scores depend on the gambling activity when comparing strategic and non-strategic gamblers. A total of 380 gamblers was recruited. First, pathological gamblers (PGs) (n =143) were compared to non-pathological gamblers (NPGs) (n =237). Second, strategic gamblers (n =93) were compared to non-strategic gamblers (n =110). Sociodemographic data, gambling behavior (SOGS, DSM-IV), tobacco and alcohol use (CAGE), and sensation seeking (SSS) were evaluated. PGs have higher boredom susceptibility scores than NPGs and this factor is associated with GD. Nevertheless, the relationship between sensation seeking and GD depends on the gambling activity. In fact, sensation seeking is associated with GD in strategic gamblers only. PGs playing strategic games display different profiles from non-strategic PGs. Thus, factors associated with GD differ when the gambling activity is taken into account. These findings are consistent with the idea of it being essential to identify clinically distinct subgroups of PGs in the treatment of GD. Copyright © 2017 Elsevier Ireland Ltd. All rights reserved.

The analysis of strategic planning in transport

OpenAIRE

Išoraitė, Margarita

2006-01-01

Strategic planning is a process whish brings to life the mission and vision of an enterprise. The article analyses the following issues: 1. Concepts of strategy. 2. Components of strategic planning. 3. The basis of strategic planning. 4. Formal strategic planning. 5. Tools used in strategy development. 6. Problems of strategic planning. Strateginis planavimas yra procesas, kurio metu įgyvendinami įmonės tikslai. Šiame straipsnyje nagrinėjama: strategijos sąvoka; strateginio planavimo kompo...

Strengthening Crypto-1 Cipher Against Algebraic Attacks

Directory of Open Access Journals (Sweden)

Farah Afianti

2015-08-01

Full Text Available In the last few years, several studies addressed the problem of data security in Mifare Classic. One of its weaknesses is the low random number quality. This causes SAT solver attacks to have lower complexity. In order to strengthen Crypto-1 against SAT solver attacks, a modification of the feedback function with better cryptographic properties is proposed. It applies a primitive polynomial companion matrix. SAT solvers cannot directly attack the feedback shift register that uses the modified Boolean feedback function, the register has to be split into smaller groups. Experimental testing showed that the amount of memory and CPU time needed were highest when attacking the modified Crypto-1 using the modified feedback function and the original filter function. In addition, another modified Crypto-1, using the modified feedback function and a modified filter function, had the lowest percentage of revealed variables. It can be concluded that the security strength and performance of the modified Crypto-1 using the modified feedback function and the modified filter function are better than those of the original Crypto-1.

A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees

NARCIS (Netherlands)

Jhawar, Ravi; Lounis, Karim; Mauw, Sjouke

2016-01-01

Cyber attacks are becoming increasingly complex, practically sophisticated and organized. Losses due to such attacks are important, varying from the loss of money to business reputation spoilage. Therefore, there is a great need for potential victims of cyber attacks to deploy security solutions

Vulnerability of water supply systems to cyber-physical attacks

Science.gov (United States)

Galelli, Stefano; Taormina, Riccardo; Tippenhauer, Nils; Salomons, Elad; Ostfeld, Avi

2016-04-01

The adoption of smart meters, distributed sensor networks and industrial control systems has largely improved the level of service provided by modern water supply systems. Yet, the progressive computerization exposes these critical infrastructures to cyber-physical attacks, which are generally aimed at stealing critical information (cyber-espionage) or causing service disruption (denial-of-service). Recent statistics show that water and power utilities are undergoing frequent attacks - such as the December power outage in Ukraine - , attracting the interest of operators and security agencies. Taking the security of Water Distribution Networks (WDNs) as domain of study, our work seeks to characterize the vulnerability of WDNs to cyber-physical attacks, so as to conceive adequate defense mechanisms. We extend the functionality of EPANET, which models hydraulic and water quality processes in pressurized pipe networks, to include a cyber layer vulnerable to repeated attacks. Simulation results on a medium-scale network show that several hydraulic actuators (valves and pumps, for example) can be easily attacked, causing both service disruption - i.e., water spillage and loss of pressure - and structural damages - e.g., pipes burst. Our work highlights the need for adequate countermeasures, such as attacks detection and reactive control systems.

Security Measurement for Unknown Threats Based on Attack Preferences

Directory of Open Access Journals (Sweden)

Lihua Yin

2018-01-01

Full Text Available Security measurement matters to every stakeholder in network security. It provides security practitioners the exact security awareness. However, most of the works are not applicable to the unknown threat. What is more, existing efforts on security metric mainly focus on the ease of certain attack from a theoretical point of view, ignoring the “likelihood of exploitation.” To help administrator have a better understanding, we analyze the behavior of attackers who exploit the zero-day vulnerabilities and predict their attack timing. Based on the prediction, we propose a method of security measurement. In detail, we compute the optimal attack timing from the perspective of attacker, using a long-term game to estimate the risk of being found and then choose the optimal timing based on the risk and profit. We design a learning strategy to model the information sharing mechanism among multiattackers and use spatial structure to model the long-term process. After calculating the Nash equilibrium for each subgame, we consider the likelihood of being attacked for each node as the security metric result. The experiment results show the efficiency of our approach.

The Need for Situational Awareness in a CBRNE Attack

Directory of Open Access Journals (Sweden)

Jordan Nelms

2011-02-01

Full Text Available Six years before the terrorist attacks on the World Trade Center and the Pentagon, and eight years before the United States went to war with Saddam Hussein for his alleged concealment of chemical and biological weapons caches, Japan's Tokyo subway was struck by one of the most vicious terror attacks in modern history.  The 1995 Sarin terrorist attack represents an important case study for post-9/11 emergency managers because it highlights the key issues first responders and public health officials face when confronted with a CBRNE ('C'hemical, 'B'iological, 'R'adiological, 'N'uclear, 'E'xplosive mass-casualty attack.

Cyber attack analysis on cyber-physical systems: Detectability, severity, and attenuation strategy

Science.gov (United States)

Kwon, Cheolhyeon

Security of Cyber-Physical Systems (CPS) against malicious cyber attacks is an important yet challenging problem. Since most cyber attacks happen in erratic ways, it is usually intractable to describe and diagnose them systematically. Motivated by such difficulties, this thesis presents a set of theories and algorithms for a cyber-secure architecture of the CPS within the control theoretic perspective. Here, instead of identifying a specific cyber attack model, we are focused on analyzing the system's response during cyber attacks. Firstly, we investigate the detectability of the cyber attacks from the system's behavior under cyber attacks. Specifically, we conduct a study on the vulnerabilities in the CPS's monitoring system against the stealthy cyber attack that is carefully designed to avoid being detected by its detection scheme. After classifying three kinds of cyber attacks according to the attacker's ability to compromise the system, we derive the necessary and sufficient conditions under which such stealthy cyber attacks can be designed to cause the unbounded estimation error while not being detected. Then, the analytical design method of the optimal stealthy cyber attack that maximizes the estimation error is developed. The proposed stealthy cyber attack analysis is demonstrated with illustrative examples on Air Traffic Control (ATC) system and Unmanned Aerial Vehicle (UAV) navigation system applications. Secondly, in an attempt to study the CPSs' vulnerabilities in more detail, we further discuss a methodology to identify potential cyber threats inherent in the given CPSs and quantify the attack severity accordingly. We then develop an analytical algorithm to test the behavior of the CPS under various cyber attack combinations. Compared to a numerical approach, the analytical algorithm enables the prediction of the most effective cyber attack combinations without computing the severity of all possible attack combinations, thereby greatly reducing the

Consciousness in Non-Epileptic Attack Disorder

OpenAIRE

Reuber, M.; Kurthen, M.

2011-01-01

Non-epileptic attack disorder (NEAD) is one of the most important differential diagnoses of epilepsy. Impairment of\\ud consciousness is the key feature of non-epileptic attacks (NEAs). The first half of this review summarises the clinical research\\ud literature featuring observations relating to consciousness in NEAD. The second half places this evidence in the wider context\\ud of the recent discourse on consciousness in neuroscience and the philosophy of mind. We argue that studies of consci...

Gait biometrics under spoofing attacks: an experimental investigation

Science.gov (United States)

Hadid, Abdenour; Ghahramani, Mohammad; Kellokumpu, Vili; Feng, Xiaoyi; Bustard, John; Nixon, Mark

2015-11-01

Gait is a relatively biometric modality which has a precious advantage over other modalities, such as iris and voice, in that it can be easily captured from a distance. Although it has recently become a topic of great interest in biometric research, there has been little investigation into gait spoofing attacks where a person tries to imitate the clothing or walking style of someone else. We recently analyzed for the first time the effects of spoofing attacks on silhouette-based gait biometric systems and showed that it was indeed possible to spoof gait biometric systems by clothing impersonation and the deliberate selection of a target that has a similar build to the attacker. To gain deeper insight into the performance of current gait biometric systems under spoofing attacks, we provide a thorough investigation on how clothing can be used to spoof a target and evaluate the performance of two state-of-the-art recognition methods on a gait spoofing database recorded at the University of Southampton. Furthermore, we describe and evaluate an initial solution coping with gait spoofing attacks. The obtained results are very promising and point out interesting findings which can be used for future investigations.

Learning from history: The Glasgow Airport terrorist attack.

Science.gov (United States)

Crichton, Gillies

Glasgow Airport was the target of a terrorist attack on 30th June, 2007. Many people within Scotland had come to believe that Scotland was immune from terrorism. This perception was in large part informed by Scotland's experience during the protracted Troubles in Northern Ireland, during which the Provisional Irish Republican Army's mainland bombing campaign focused on targets in England, sparing both Scotland and Wales. While Glasgow Airport did not expect such an attack to take place, meticulous planning, organising and testing of plans had taken place to mitigate the unlikely event of such an attack. The attack stands up as a shining example of robust business continuity management, where the airport reopened for business as usual in less than 24 hours from the time of the attack. Little is known about how the airport handled the situation in conjunction with other responding agencies as people tend to want to focus on high-profile disasters only. Yet countless such incidents are happening worldwide on a daily basis, in which there are excellent learning opportunities, and, taken in the spirit of converting hindsight into foresight, the likelihood of similar incidents could potentially be reduced in the future.

Strategic arms limitation

Science.gov (United States)

Allen Greb, G.; Johnson, Gerald W.

1983-10-01

Following World War II, American scientists and politicians proposed in the Baruch plan a radical solution to the problem of nuclear weapons: to eliminate them forever under the auspices of an international nuclear development authority. The Soviets, who as yet did not possess the bomb, rejected this plan. Another approach suggested by Secretary of War Henry Stimson to negotiate directly with the Soviet Union was not accepted by the American leadership. These initial arms limitation failures both reflected and exacerbated the hostile political relationship of the superpowers in the 1950s and 1960s. Since 1969, the more modest focus of the Soviet-American arms control process has been on limiting the numbers and sizes of both defensive and offensive strategic systems. The format for this effort has been the Strategic Arms Limitatins Talks (Salt) and more recently the Strategic Arms Reduction Talks (START). Both sides came to these negotiations convinced that nuclear arsenals had grown so large that some for of mutual restraint was needed. Although the SALT/START process has been slow and ponderous, it has produced several concrete the agreements and collateral benefits. The 1972 ABM Treaty restricts the deployment of ballistic missile defense systems, the 1972 Interim Agreement places a quantitative freeze on each side's land based and sea based strategic launchers, and the as yet unratified 1979 SALT II Treaty sets numerical limits on all offensive strategic systems and sublimits on MIRVed systems. Collateral benefits include improved verification procedures, working definitions and counting rules, and permanent bureaucratic apparatus which enhance stability and increase the chances for achieving additional agreements.

Heart Attack Payment - Hospital

Data.gov (United States)

U.S. Department of Health & Human Services — Payment for heart attack patients measure – provider data. This data set includes provider data for payments associated with a 30-day episode of care for heart...

Strategic decision quality in Flemish municipalities

NARCIS (Netherlands)

B.R.J. George (Bert); S. Desmidt (Sebastian); J. De Moyer (Julie)

2016-01-01

textabstractStrategic planning (SP) has taken the public sector by storm because it is widely believed that SP’s approach to strategic decision-making strengthens strategic decision quality (SDQ) in public organizations. However, if or how SP relates to SDQ seems to lack empirical evidence. Drawing

Stability Analysis of an Advanced Persistent Distributed Denial-of-Service Attack Dynamical Model

Directory of Open Access Journals (Sweden)

Chunming Zhang

2018-01-01

Full Text Available The advanced persistent distributed denial-of-service (APDDoS attack is a fairly significant threat to cybersecurity. Formulating a mathematical model for accurate prediction of APDDoS attack is important. However, the dynamical model of APDDoS attack has barely been reported. This paper first proposes a novel dynamical model of APDDoS attack to understand the mechanisms of APDDoS attack. Then, the attacked threshold of this model is calculated. The global stability of attack-free and attacked equilibrium are both proved. The influences of the model’s parameters on attacked equilibrium are discussed. Eventually, the main conclusions of the theoretical analysis are examined through computer simulations.

Strategic Decision Making Paradigms: A Primer for Senior Leaders

Science.gov (United States)

2009-07-01

decision making . STRATEGIC DECISION MAKING Strategic Change: There are several strategic...influenced by stakeholders outside of the organization. The Ontology of Strategic Decision Making . Strategic decisions are non-routine and involve...Coates USAWC, July 2009 5 The Complexity of Strategic Decision Making Strategic decisions entail “ill-structured,”6 “messy” or

Strategic management of population programs

OpenAIRE

Bernhart, Michael H.

1992-01-01

Formal strategic planning and management appear to contribute to organizational effectiveness. The author surveys the literature on strategic management in private/for-profit organizations and applies lessons from that literature to population programs. Few would argue that population programs would not benefit from strategic planning and management, but it would be inadvisable to initiate the process when the organization is faced with a short-term crisis; during or immediately before a chan...

Enhancing the Strategic Capability of the Army: An Investigation of Strategic Thinking Tasks, Skills, and Development

Science.gov (United States)

2016-02-01

Army assignments. Teaching can also help develop visualization skills and innovative thinking through the use of certain teaching methods...required. Some of the specific strategic thinking KSAs built through exposure to complex problems that were mentioned in the interviews were visualization ...Research Report 1995 Enhancing the Strategic Capability of the Army: An Investigation of Strategic Thinking Tasks, Skills

Children's strategic theory of mind.

Science.gov (United States)

Sher, Itai; Koenig, Melissa; Rustichini, Aldo

2014-09-16

Human strategic interaction requires reasoning about other people's behavior and mental states, combined with an understanding of their incentives. However, the ontogenic development of strategic reasoning is not well understood: At what age do we show a capacity for sophisticated play in social interactions? Several lines of inquiry suggest an important role for recursive thinking (RT) and theory of mind (ToM), but these capacities leave out the strategic element. We posit a strategic theory of mind (SToM) integrating ToM and RT with reasoning about incentives of all players. We investigated SToM in 3- to 9-y-old children and adults in two games that represent prevalent aspects of social interaction. Children anticipate deceptive and competitive moves from the other player and play both games in a strategically sophisticated manner by 7 y of age. One game has a pure strategy Nash equilibrium: In this game, children achieve equilibrium play by the age of 7 y on the first move. In the other game, with a single mixed-strategy equilibrium, children's behavior moved toward the equilibrium with experience. These two results also correspond to two ways in which children's behavior resembles adult behavior in the same games. In both games, children's behavior becomes more strategically sophisticated with age on the first move. Beyond the age of 7 y, children begin to think about strategic interaction not myopically, but in a farsighted way, possibly with a view to cooperating and capitalizing on mutual gains in long-run relationships.

Inflammation and neuropathic attacks in hereditary brachial plexus neuropathy

Science.gov (United States)

Klein, C; Dyck, P; Friedenberg, S; Burns, T; Windebank, A; Dyck, P

2002-01-01

Objective: To study the role of mechanical, infectious, and inflammatory factors inducing neuropathic attacks in hereditary brachial plexus neuropathy (HBPN), an autosomal dominant disorder characterised by attacks of pain and weakness, atrophy, and sensory alterations of the shoulder girdle and upper limb muscles. Methods: Four patients from separate kindreds with HBPN were evaluated. Upper extremity nerve biopsies were obtained during attacks from a person of each kindred. In situ hybridisation for common viruses in nerve tissue and genetic testing for a hereditary tendency to pressure palsies (HNPP; tomaculous neuropathy) were undertaken. Two patients treated with intravenous methyl prednisolone had serial clinical and electrophysiological examinations. One patient was followed prospectively through pregnancy and during the development of a stereotypic attack after elective caesarean delivery. Results: Upper extremity nerve biopsies in two patients showed prominent perivascular inflammatory infiltrates with vessel wall disruption. Nerve in situ hybridisation for viruses was negative. There were no tomaculous nerve changes. In two patients intravenous methyl prednisolone ameliorated symptoms (largely pain), but with tapering of steroid dose, signs and symptoms worsened. Elective caesarean delivery did not prevent a typical postpartum attack. Conclusions: Inflammation, probably immune, appears pathogenic for some if not all attacks of HBPN. Immune modulation may be useful in preventing or reducing the neuropathic attacks, although controlled trials are needed to establish efficacy, as correction of the mutant gene is still not possible. The genes involved in immune regulation may be candidates for causing HBPN disorders. PMID:12082044

Heart Attack Payment - National

Data.gov (United States)

U.S. Department of Health & Human Services — Payment for heart attack patients measure – national data. This data set includes national-level data for payments associated with a 30-day episode of care for heart...

Heart Attack Payment - State

Data.gov (United States)

U.S. Department of Health & Human Services — Payment for heart attack patients measure – state data. This data set includes state-level data for payments associated with a 30-day episode of care for heart...

Collaborative Strategic Planning: Myth or Reality?

Science.gov (United States)

Mbugua, Flora; Rarieya, Jane F. A.

2014-01-01

The concept and practice of strategic planning, while entrenched in educational institutions in the West, is just catching on in Kenya. While literature emphasizes the importance of collaborative strategic planning, it does not indicate the challenges presented by collaboratively engaging in strategic planning. This article reports on findings of…

Choosing What to Protect When Attacker Resources and Asset Valuations are Uncertain

Directory of Open Access Journals (Sweden)

Kjell Hausken

2014-01-01

Full Text Available The situation has been modelled where the attacker's resources are unknown to the defender. Protecting assets presupposes that the defender has some information on the attacker's resource capabilities. An attacker targets one of two assets. The attacker's resources and valuations of these assets are drawn probabilistically. We specify when the isoutility curves are upward sloping (the defender prefers to invest less in defense, thus leading to higher probabilities of success for attacks on both assets or downward sloping (e.g. when one asset has a low value or high unit defense cost. This stands in contrast to earlier research and results from the uncertainty regarding the level of the attacker's resources. We determine which asset the attacker targets depending on his type, unit attack costs, the contest intensity, and investment in defense. A two stage game is considered, where the defender moves first and the attacker moves second. When both assets are equivalent and are treated equivalently by both players, an interior equilibrium exists when the contest intensity is low, and a corner equilibrium with no defense exists when the contest intensity is large and the attacker holds large resources. Defense efforts are inverse U shaped in the attacker's resources. (original abstract

Development of Cyber-attack Risk Assessment Model for Nuclear Power Plants

International Nuclear Information System (INIS)

Park, Jong Woo; Lee, Seung Jun

2017-01-01

In this work, a risk evaluation method to identify significant cyber-attack scenarios and important components which should be defensed was proposed based on the probabilistic safety assessment (PSA) method which is widely used for evaluating risk of NPPs. NPPs adopting digital systems have been facing the risk of cyber-attacks. To develop efficient and reasonable defense strategy, it is required to identify significant cyber-attack scenarios and important components because there are huge number of critical digital assets in an NPP. By evaluating the risk of cyber-attack, the risk-informed defense strategies against cyber-attack could be suggested. In this work, the method to identify important cyber-attack scenarios and to evaluate the quantitative risk caused by cyber-attacks was proposed. For a future study, more feasible scenarios will be analyzed and additional modifications will be made in the model if necessary.

Analysis of Network Vulnerability Under Joint Node and Link Attacks

Science.gov (United States)

Li, Yongcheng; Liu, Shumei; Yu, Yao; Cao, Ting

2018-03-01

The security problem of computer network system is becoming more and more serious. The fundamental reason is that there are security vulnerabilities in the network system. Therefore, it’s very important to identify and reduce or eliminate these vulnerabilities before they are attacked. In this paper, we are interested in joint node and link attacks and propose a vulnerability evaluation method based on the overall connectivity of the network to defense this attack. Especially, we analyze the attack cost problem from the attackers’ perspective. The purpose is to find the set of least costs for joint links and nodes, and their deletion will lead to serious network connection damage. The simulation results show that the vulnerable elements obtained from the proposed method are more suitable for the attacking idea of the malicious persons in joint node and link attack. It is easy to find that the proposed method has more realistic protection significance.

Neural mechanisms mediating degrees of strategic uncertainty.

Science.gov (United States)

Nagel, Rosemarie; Brovelli, Andrea; Heinemann, Frank; Coricelli, Giorgio

2018-01-01

In social interactions, strategic uncertainty arises when the outcome of one's choice depends on the choices of others. An important question is whether strategic uncertainty can be resolved by assessing subjective probabilities to the counterparts' behavior, as if playing against nature, and thus transforming the strategic interaction into a risky (individual) situation. By means of functional magnetic resonance imaging with human participants we tested the hypothesis that choices under strategic uncertainty are supported by the neural circuits mediating choices under individual risk and deliberation in social settings (i.e. strategic thinking). Participants were confronted with risky lotteries and two types of coordination games requiring different degrees of strategic thinking of the kind 'I think that you think that I think etc.' We found that the brain network mediating risk during lotteries (anterior insula, dorsomedial prefrontal cortex and parietal cortex) is also engaged in the processing of strategic uncertainty in games. In social settings, activity in this network is modulated by the level of strategic thinking that is reflected in the activity of the dorsomedial and dorsolateral prefrontal cortex. These results suggest that strategic uncertainty is resolved by the interplay between the neural circuits mediating risk and higher order beliefs (i.e. beliefs about others' beliefs). © The Author(s) (2017). Published by Oxford University Press.

Manage "Human Capital" Strategically

Science.gov (United States)

Odden, Allan

2011-01-01

To strategically manage human capital in education means restructuring the entire human resource system so that schools not only recruit and retain smart and capable individuals, but also manage them in ways that support the strategic directions of the organization. These management practices must be aligned with a district's education improvement…

Managing transdisciplinarity in strategic foresight

DEFF Research Database (Denmark)

Rasmussen, Birgitte; Andersen, Per Dannemand; Borch, Kristian

2010-01-01

Strategic foresight deals with the long term future and is a transdisciplinary exercise which, among other aims, addresses the prioritization of science and other decision making in science and innovation advisory and funding bodies. This article discusses challenges in strategic foresight...... in relation to transdisciplinarity based on empirical as well as theoretical work in technological domains. By strategic foresight is meant future oriented, participatory consultation of actors and stakeholders, both within and outside a scientific community. It therefore allows multiple stakeholders...... strategic foresight has now been widely accepted for strategy-making and priority-setting in science and innovation policy, the methodologies underpinning it still need further development. Key findings are the identification of challenges, aspects and issues related to management and facilitation...

Semantic Identification Attacks on Web Browsing

OpenAIRE

Guha, Neel

2016-01-01

We introduce a Semantic Identification Attack, in which an adversary uses semantic signals about the pages visited in one browsing session to identify other browsing sessions launched by the same user. This attack allows an adver- sary to determine if two browsing sessions originate from the same user regardless of any measures taken by the user to disguise their browser or network. We use the MSNBC Anonymous Browsing data set, which contains a large set of user visits (labeled by category) t...

Peran Strategic Entrepreneurship Dalam Membangun Sustainable Competitive Advantage

OpenAIRE

Handrimurtjahjo, Agustinus Dedy

2014-01-01

Strategic entrepreneurship has emerged as a new concept in examining convergence in entrepreneurship studies (opportunity-seeking behavior) and strategic management (advantage-seeking behavior). Studies in the area of strategic management have gradually exposed the relationship betweenstrategic management and entrepreneurship: entrepreneurial strategy making; intrapreneurship; entrepreneurial strategic posture within organizations; entrepreneurial orientation; strategic managementintegration ...

Hereditary angioedema attacks resolve faster and are shorter after early icatibant treatment.

Directory of Open Access Journals (Sweden)

Marcus Maurer

Full Text Available BACKGROUND: Attacks of hereditary angioedema (HAE are unpredictable and, if affecting the upper airway, can be lethal. Icatibant is used for physician- or patient self-administered symptomatic treatment of HAE attacks in adults. Its mode of action includes disruption of the bradykinin pathway via blockade of the bradykinin B(2 receptor. Early treatment is believed to shorten attack duration and prevent severe outcomes; however, evidence to support these benefits is lacking. OBJECTIVE: To examine the impact of timing of icatibant administration on the duration and resolution of HAE type I and II attacks. METHODS: The Icatibant Outcome Survey is an international, prospective, observational study for patients treated with icatibant. Data on timings and outcomes of icatibant treatment for HAE attacks were collected between July 2009-February 2012. A mixed-model of repeated measures was performed for 426 attacks in 136 HAE type I and II patients. RESULTS: Attack duration was significantly shorter in patients treated <1 hour of attack onset compared with those treated ≥ 1 hour (6.1 hours versus 16.8 hours [p<0.001]. Similar significant effects were observed for <2 hours versus ≥ 2 hours (7.2 hours versus 20.2 hours [p<0.001] and <5 hours versus ≥ 5 hours (8.0 hours versus 23.5 hours [p<0.001]. Treatment within 1 hour of attack onset also significantly reduced time to attack resolution (5.8 hours versus 8.8 hours [p<0.05]. Self-administrators were more likely to treat early and experience shorter attacks than those treated by a healthcare professional. CONCLUSION: Early blockade of the bradykinin B(2 receptor with icatibant, particularly within the first hour of attack onset, significantly reduced attack duration and time to attack resolution.

Pre-attack signs and symptoms in cluster headache: Characteristics and time profile.

Science.gov (United States)

Snoer, Agneta; Lund, Nunu; Beske, Rasmus; Jensen, Rigmor; Barloese, Mads

2018-05-01

Introduction In contrast to the premonitory phase of migraine, little is known about the pre-attack (prodromal) phase of a cluster headache. We aimed to describe the nature, prevalence, and duration of pre-attack symptoms in cluster headache. Methods Eighty patients with episodic cluster headache or chronic cluster headache, according to ICHD-3 beta criteria, were invited to participate. In this observational study, patients underwent a semi-structured interview where they were asked about the presence of 31 symptoms/signs in relation to a typical cluster headache attack. Symptoms included previously reported cluster headache pre-attack symptoms, premonitory migraine symptoms and accompanying symptoms of migraine and cluster headache. Results Pre-attack symptoms were reported by 83.3% of patients, with an average of 4.25 (SD 3.9) per patient. Local and painful symptoms, occurring with a median of 10 minutes before attack, were reported by 70%. Local and painless symptoms and signs, occurring with a median of 10 minutes before attack, were reported by 43.8% and general symptoms, occurring with a median of 20 minutes before attack, were reported by 62.5% of patients. Apart from a dull/aching sensation in the attack area being significantly ( p cluster headache. Since the origin of cluster headache attacks is still unresolved, studies of pre-attack symptoms could contribute to the understanding of cluster headache pathophysiology. Furthermore, identification and recognition of pre-attack symptoms could potentially allow earlier abortive treatment.

GAO Strategic Plan 2007-2012

National Research Council Canada - National Science Library

2007-01-01

In keeping with GAO's commitment to update its strategic plan at least once every 3 years consistent with the Government Performance and Results Act this strategic plan describes our proposed goals...

Variability of clinical features in attacks of migraine with aura

DEFF Research Database (Denmark)

Hansen, Jakob M; Goadsby, Peter J; Charles, Andrew C

2016-01-01

. CONCLUSION: These findings are consistent with variable involvement of different brain regions during a migraine attack. The variable occurrence of nausea, and phonophobia in conjunction with photophobia, both defining features of migraine, may be an important consideration in designing clinical studies......BACKGROUND: There is significant variability in the clinical presentation of migraine, both among patients, and between attacks in an individual patient. We examined clinical features of migraine with aura in a large group of patients enrolled in a clinical trial, and compared retrospective...... a detailed retrospective description of the clinical features of their attacks of migraine. During the trial, clinical symptoms in migraine attacks starting with aura were recorded prospectively in 861 attacks. RESULTS: Retrospectively reported visual aura symptoms were variable and often overlapping...

"Dateline NBC"'s Persuasive Attack on Wal-Mart.

Science.gov (United States)

Benoit, William L.; Dorries, Bruce

1996-01-01

Develops a typology of persuasive attack strategies. Identifies two key components of persuasive attack: responsibility and offensiveness. Describes several strategies for intensifying each of these elements. Applies this analysis to "Dateline NBC"'s allegations that Wal-Mart's "Buy American" campaign was deceptive. Concludes…

Transforming Graphical System Models To Graphical Attack Models

NARCIS (Netherlands)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, René Rydhof; Kammüller, Florian; Mauw, S.; Kordy, B.

2015-01-01

Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations that

TCPL: A Defense against wormhole attacks in wireless sensor networks

International Nuclear Information System (INIS)

Kumar, K. E. Naresh; Waheed, Mohd. Abdul; Basappa, K. Kari

2010-01-01

Do In this paper presents recent advances in technology have made low-cost, low-power wireless sensors with efficient energy consumption. A network of such nodes can coordinate among themselves for distributed sensing and processing of certain data. For which, we propose an architecture to provide a stateless solution in sensor networks for efficient routing in wireless sensor networks. This type of architecture is known as Tree Cast. We propose a unique method of address allocation, building up multiple disjoint trees which are geographically inter-twined and rooted at the data sink. Using these trees, routing messages to and from the sink node without maintaining any routing state in the sensor nodes is possible. In this paper, we introduce the wormhole attack, a severe attack in ad hoc networks that is particularly challenging to defend against. The wormhole attack is possible even if the attacker has not compromised any hosts and even if all communication provides authenticity and confidentiality. In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them to another location, and retransmits them there into the network. The wormhole attack can form a serious threat in wireless networks, especially against many sensor network routing protocols and location-based wireless security systems. For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to find routes longer than one or two hops, severely disrupting communication. We present a new, general mechanism, called packet leashes, for detecting and thus defending against wormhole attacks, and we present a specific protocol, called TIK, that implements leashes.

Behavioral Modeling of WSN MAC Layer Security Attacks: A Sequential UML Approach

DEFF Research Database (Denmark)

Pawar, Pranav M.; Nielsen, Rasmus Hjorth; Prasad, Neeli R.

2012-01-01

is the vulnerability to security attacks/threats. The performance and behavior of a WSN are vastly affected by such attacks. In order to be able to better address the vulnerabilities of WSNs in terms of security, it is important to understand the behavior of the attacks. This paper addresses the behavioral modeling...... of medium access control (MAC) security attacks in WSNs. The MAC layer is responsible for energy consumption, delay and channel utilization of the network and attacks on this layer can introduce significant degradation of the individual sensor nodes due to energy drain and in performance due to delays....... The behavioral modeling of attacks will be beneficial for designing efficient and secure MAC layer protocols. The security attacks are modeled using a sequential diagram approach of Unified Modeling Language (UML). Further, a new attack definition, specific to hybrid MAC mechanisms, is proposed....

The WOMBAT Attack Attribution Method: Some Results

Science.gov (United States)

Dacier, Marc; Pham, Van-Hau; Thonnard, Olivier

In this paper, we present a new attack attribution method that has been developed within the WOMBAT project. We illustrate the method with some real-world results obtained when applying it to almost two years of attack traces collected by low interaction honeypots. This analytical method aims at identifying large scale attack phenomena composed of IP sources that are linked to the same root cause. All malicious sources involved in a same phenomenon constitute what we call a Misbehaving Cloud (MC). The paper offers an overview of the various steps the method goes through to identify these clouds, providing pointers to external references for more detailed information. Four instances of misbehaving clouds are then described in some more depth to demonstrate the meaningfulness of the concept.

Speeding up detection of SHA-1 collision attacks using unavoidable attack conditions

NARCIS (Netherlands)

M.M.J. Stevens (Marc); D. Shumow

2017-01-01

textabstractCounter-cryptanalysis, the concept of using cryptanalytic techniques to detect cryptanalytic attacks, was introduced by Stevens at CRYPTO 2013 [22] with a hash collision detection algorithm. That is, an algorithm that detects whether a given single message is part of a colliding message

Improving Strategic Planning for Federal Public Health Agencies Through Collaborative Strategic Management

Science.gov (United States)

2013-03-01

and Results Act (GPRA) was passed, requiring all federal agencies to engage in strategic planning and nudging them towards comprehensive strategic...involves the social- psychological process of sense making that leads to negotiations. This stage is when the individual partner organizations...expectations through informal bargaining and informal sense making Commitments For future action through formal legal contract or psychological contract

Low-Rate DDoS Attack Detection Using Expectation of Packet Size

Directory of Open Access Journals (Sweden)

Lu Zhou

2017-01-01

Full Text Available Low-rate Distributed Denial-of-Service (low-rate DDoS attacks are a new challenge to cyberspace, as the attackers send a large amount of attack packets similar to normal traffic, to throttle legitimate flows. In this paper, we propose a measurement—expectation of packet size—that is based on the distribution difference of the packet size to distinguish two typical low-rate DDoS attacks, the constant attack and the pulsing attack, from legitimate traffic. The experimental results, obtained using a series of real datasets with different times and different tolerance factors, are presented to demonstrate the effectiveness of the proposed measurement. In addition, extensive experiments are performed to show that the proposed measurement can detect the low-rate DDoS attacks not only in the short and long terms but also for low packet rates and high packet rates. Furthermore, the false-negative rates and the adjudication distance can be adjusted based on the detection sensitivity requirements.

Implementation of Positive Operator-Valued Measure in Passive Faraday Mirror Attack

International Nuclear Information System (INIS)

Wang Wei-Long; Gao Ming; Ma Zhi

2015-01-01

Passive Faraday-mirror (PFM) attack is based on imperfect Faraday mirrors in practical quantum cryptography systems and a set of three-dimensional Positive Operator-Valued Measure (POVM) operators plays an important role in this attack. In this paper, we propose a simple scheme to implement the POVM in PFM attack on an Faraday–Michelson quantum cryptography system. Since the POVM can not be implemented directly with previous methods, in this scheme it needs to expand the states sent by Alice and the POVM operators in the attack into four-dimensional Hilbert space first, without changing the attacking effect by calculation. Based on the methods proposed by Ahnert and Payne, the linear-optical setup for implementing the POVM operators is derived. At last, the complete setup for realizing the PFM attack is presented with all parameters. Furthermore, our scheme can also be applied to realize PFM attack on a plug-and-play system by changing the parameters in the setup. (paper)

Regression Nodes: Extending attack trees with data from social sciences

NARCIS (Netherlands)

Bullee, Jan-Willem; Montoya, L.; Pieters, Wolter; Junger, Marianne; Hartel, Pieter H.

In the field of security, attack trees are often used to assess security vulnerabilities probabilistically in relation to multi-step attacks. The nodes are usually connected via AND-gates, where all children must be executed, or via OR-gates, where only one action is necessary for the attack step to

Depletion-of-Battery Attack: Specificity, Modelling and Analysis.

Science.gov (United States)

Shakhov, Vladimir; Koo, Insoo

2018-06-06

The emerging Internet of Things (IoT) has great potential; however, the societal costs of the IoT can outweigh its benefits. To unlock IoT potential, there needs to be improvement in the security of IoT applications. There are several standardization initiatives for sensor networks, which eventually converge with the Internet of Things. As sensor-based applications are deployed, security emerges as an essential requirement. One of the critical issues of wireless sensor technology is limited sensor resources, including sensor batteries. This creates a vulnerability to battery-exhausting attacks. Rapid exhaustion of sensor battery power is not only explained by intrusions, but can also be due to random failure of embedded sensor protocols. Thus, most wireless sensor applications, without tools to defend against rash battery exhausting, would be unable to function during prescribed times. In this paper, we consider a special type of threat, in which the harm is malicious depletion of sensor battery power. In contrast to the traditional denial-of-service attack, quality of service under the considered attack is not necessarily degraded. Moreover, the quality of service can increase up to the moment of the sensor set crashes. We argue that this is a distinguishing type of attack. Hence, the application of a traditional defense mechanism against this threat is not always possible. Therefore, effective methods should be developed to counter the threat. We first discuss the feasibility of rash depletion of battery power. Next, we propose a model for evaluation of energy consumption when under attack. Finally, a technique to counter the attack is discussed.

Alibaba's strategic drift

OpenAIRE

Kim, Young-Chan; Chen, Pi-Chi

2016-01-01

It is fundamental in both a theoretical and practical sense, to analyse the strategies of successful e-businesses who were formulated and operated alongside incumbent competitors. Thus, there have been an array of strategic arguments concerning the rapidly-burgeoning virtual powerhouse Alibaba, who amidst a sea of fortified competitors, found their ground to become one of the most prominent e-businesses of the decade. At the commencing stages, Alibaba lacked a specific strategic goal, aside f...

New Military Strategic Communications System

National Research Council Canada - National Science Library

Baldwin, Robert F

2007-01-01

... audience through unified action. The Quadrennial Defense Review Roadmap for Strategic Communications and the Department of Defense, Report of the Defense Science Board Task Force on Strategic Communication both concluded that the US...

Strategic planning and managerial control

OpenAIRE

Mihaela Ghicajanu

2004-01-01

In this paper present relationship among strategic planning and managerial control process. For begin I want present few elements about strategic planning and managerial control in order to identify link inter these elements.

Strategic alliances in engineering, technology and development

International Nuclear Information System (INIS)

Jazrawi, W.

1991-01-01

The role of strategic alliances in the development of heavy oil resources, both mineable and in-situ, is discussed. A strategic alliance is defined as a custom designed, long term collaborative working arrangement between two parties to pool, exchange, and integrate their resources to maximize mutual gain. A combination of one or more of the following success factors is seen as contributing to the unlocking of static heavy oil resources: sufficiently high and sustained crude oil prices; strategic intent to pursue heavy oil development regardless of short-term setbacks or economic downturns; technology breakthroughs that can reduce bitumen supply and upgrading costs; and strategic alliances. An idealized model for strategic alliances designed to help develop heavy oil resources is illustrated. The advantages and pitfalls involved in strategic alliances are listed along with the characteristics of viable contract agreements for such alliances. Some examples of strategic alliances in engineering and technology development are presented from Alberta experience. 2 figs., 1 tab

Fault attacks, injection techniques and tools for simulation

NARCIS (Netherlands)

Piscitelli, R.; Bhasin, S.; Regazzoni, F.

2015-01-01

Faults attacks are a serious threat to secure devices, because they are powerful and they can be performed with extremely cheap equipment. Resistance against fault attacks is often evaluated directly on the manufactured devices, as commercial tools supporting fault evaluation do not usually provide

Cybersecurity protecting critical infrastructures from cyber attack and cyber warfare

CERN Document Server

Johnson, Thomas A

2015-01-01

The World Economic Forum regards the threat of cyber attack as one of the top five global risks confronting nations of the world today. Cyber attacks are increasingly targeting the core functions of the economies in nations throughout the world. The threat to attack critical infrastructures, disrupt critical services, and induce a wide range of damage is becoming more difficult to defend against. Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare examines the current cyber threat landscape and discusses the strategies being used by governments and corporatio

[Comparative analysis of phenomenology of paroxysms of atrial fibrillation and panic attacks].

Science.gov (United States)

San'kova, T A; Solov'eva, A D; Nedostup, A V

2004-01-01

To study phenomenology of attacks of atrial fibrillation (AF) and to compare it with phenomenology of panic attacks for elucidation of pathogenesis of atrial fibrillation and for elaboration of rational therapeutic intervention including those aimed at correction of psychovegetative abnormalities. Patients with nonrheumatic paroxysmal AF (n=105) and 100 patients with panic attacks (n=100). Clinical, cardiological and neurological examination, analysis of patients complaints during attacks of AF, and comparison them with diagnostic criteria for panic attack. It was found that clinical picture of attacks of AF comprised vegetative, emotional and functional neurological phenomena similar to those characteristic for panic attacks. This similarity as well as positive therapeutic effect of clonazepam allowed to propose a novel pathogenic mechanism of AF attacks. Severity of psychovegetative disorders during paroxysm of AF could be evaluated by calculation of psychovegetative iudex: Psychovegetative index should be used for detection of panic attack-like component in clinical picture of AF paroxysm and thus for determination of indications for inclusion of vegetotropic drugs, e. g. clonazepam, in complex preventive therapy.

The strategic impact of social networks on the online gaming industry : strategic use of technology

OpenAIRE

Sousa, Sofia Taveira de

2012-01-01

This dissertation focuses on assessing the strategic potential of social networks by answering the following research question: Is there any strategic impact of social networks on the online gaming industry? In order to analyze the strategic potential of social networks for online games, we identify the main factors that online players consider as crucial for them to keep playing. These factors can either be related to the game’s strategy itself, such as all the details, graphics and ambig...

Securing SQL server protecting your database from attackers

CERN Document Server

Cherry, Denny

2015-01-01

SQL server is the most widely-used database platform in the world, and a large percentage of these databases are not properly secured, exposing sensitive customer and business data to attack. In Securing SQL Server, Third Edition, you will learn about the potential attack vectors that can be used to break into SQL server databases as well as how to protect databases from these attacks. In this book, Denny Cherry - a Microsoft SQL MVP and one of the biggest names in SQL server - will teach you how to properly secure an SQL server database from internal and external threats using best practic

The Tokyo subway sarin attack-lessons learned

International Nuclear Information System (INIS)

Okumura, T.; Hisaoka, T.; Yamada, A.; Naito, T.; Isonuma, H.; Okumura, S.; Miura, K.; Sakurada, M.; Maekawa, H.; Ishimatsu, S.; Takasu, N.; Suzuki, K.

2005-01-01

The sarin gas attack in the Tokyo subway system is reviewed from a clinical toxicology perspective. Based on the lessons learned from this attack, the following areas should be addressed on a global scale. First, an adequate supply of protective equipment is required, including level B protective equipment with a pressure demand breathing apparatus. In addition, a system should be established that enables a possible cause to be determined based on symptoms, physical findings, general laboratory tests, and a simple qualitative analysis for poisonous substances. If an antidote is needed, the system should enable it to be administered to the victims as quickly as possible. Preparation for a large-scale chemical attack by terrorists requires the prior establishment of a detailed decontamination plan that utilizes not only mass decontamination facilities but also public facilities in the area. A system should be established for summarizing, evaluating, and disseminating information on poisonous substances. Finally, a large-scale scientific investigation of the Tokyo sarin attack should be conducted to examine its long-term and subclinical effects and the effects of exposure to asymptomatic low levels of sarin

12 CFR 228.27 - Strategic plan.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 3 2010-01-01 2010-01-01 false Strategic plan. 228.27 Section 228.27 Banks and... REINVESTMENT (REGULATION BB) Standards for Assessing Performance § 228.27 Strategic plan. (a) Alternative...(s) under a strategic plan if: (1) The bank has submitted the plan to the Board as provided for in...

13 CFR 313.6 - Strategic Plans.

Science.gov (United States)

2010-01-01

... 13 Business Credit and Assistance 1 2010-01-01 2010-01-01 false Strategic Plans. 313.6 Section 313... § 313.6 Strategic Plans. (a) General. An Impacted Community that intends to apply for a grant for implementation assistance under § 313.7 shall develop and submit a Strategic Plan to EDA for evaluation and...

The value contribution of strategic foresight

DEFF Research Database (Denmark)

Rohrbeck, René; Schwarz, Jan Oliver

2013-01-01

This paper focuses on exploring the potential and empirically observable value creation of strategic foresight activities in firms. We first review the literature on strategic foresight, innovation management and strategic management in order to identify the potential value contributions. We use ......, (3) influencing other actors, (4) and through an enhanced capacity for organizational learning....

23 CFR 1335.6 - Strategic plan.

Science.gov (United States)

2010-04-01

... 23 Highways 1 2010-04-01 2010-04-01 false Strategic plan. 1335.6 Section 1335.6 Highways NATIONAL... § 1335.6 Strategic plan. A strategic plan shall— (a) Be a multi-year plan that identifies and prioritizes... performance-based measures by which progress toward those goals will be determined; and (c) Be submitted to...

Strategic planning: today's hot buttons.

Science.gov (United States)

Bohlmann, R C

1998-01-01

The first generation of mergers and managed care hasn't slowed down group practices' need for strategic planning. Even groups that already went through one merger are asking about new mergers or ownership possibilities, the future of managed care, performance standards and physician unhappiness. Strategic planning, including consideration of bench-marking, production of ancillary services and physician involvement, can help. Even if only a short, general look at the future, strategic planning shows the proactive leadership needed in today's environment.

Construction of a Cyber Attack Model for Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Varuttamaseni, Athi; Bari, Robert A.; Youngblood, Robert

2017-05-01

The consideration of how one compromised digital equipment can impact neighboring equipment is critical to understanding the progression of cyber attacks. The degree of influence that one component may have on another depends on a variety of factors, including the sharing of resources such as network bandwidth or processing power, the level of trust between components, and the inclusion of segmentation devices such as firewalls. The interactions among components via mechanisms that are unique to the digital world are not usually considered in traditional PRA. This means potential sequences of events that may occur during an attack may be missed if one were to only look at conventional accident sequences. This paper presents a method where, starting from the initial attack vector, the progression of a cyber attack can be modeled. The propagation of the attack is modeled by considering certain attributes of the digital components in the system. These attributes determine the potential vulnerability of a component to a class of attack and the capability gained by the attackers once they are in control of the equipment. The use of attributes allows similar components (components with the same set of attributes) to be modeled in the same way, thereby reducing the computing resources required for analysis of large systems.

Fatal injection: a survey of modern code injection attack countermeasures

Directory of Open Access Journals (Sweden)

Dimitris Mitropoulos

2017-11-01

Full Text Available With a code injection attack (CIA an attacker can introduce malicious code into a computer program or system that fails to properly encode data that comes from an untrusted source. A CIA can have different forms depending on the execution context of the application and the location of the programming flaw that leads to the attack. Currently, CIAs are considered one of the most damaging classes of application attacks since they can severely affect an organisation’s infrastructure and cause financial and reputational damage to it. In this paper we examine and categorize the countermeasures developed to detect the various attack forms. In particular, we identify two distinct categories. The first incorporates static program analysis tools used to eliminate flaws that can lead to such attacks during the development of the system. The second involves the use of dynamic detection safeguards that prevent code injection attacks while the system is in production mode. Our analysis is based on nonfunctional characteristics that are considered critical when creating security mechanisms. Such characteristics involve usability, overhead, implementation dependencies, false positives and false negatives. Our categorization and analysis can help both researchers and practitioners either to develop novel approaches, or use the appropriate mechanisms according to their needs.

Attacks and infections in percolation processes

International Nuclear Information System (INIS)

Janssen, Hans-Karl; Stenull, Olaf

2017-01-01

We discuss attacks and infections at propagating fronts of percolation processes based on the extended general epidemic process. The scaling behavior of the number of the attacked and infected sites in the long time limit at the ordinary and tricritical percolation transitions is governed by specific composite operators of the field-theoretic representation of this process. We calculate corresponding critical exponents for tricritical percolation in mean-field theory and for ordinary percolation to 1-loop order. Our results agree well with the available numerical data. (paper)

Lo Strategic Management Accounting

OpenAIRE

G. INVERNIZZI

2005-01-01

Il saggio indaga gli aggregati informativi e gli elementi che compongono lo strategic management accounting. Sono quindi analizzate le funzioni svolte nei diversi stadi del processo di gestione strategica osservando il suo ruolo all’interno del management accounting. Infine sono approfonditi i rapporti fra i livelli della gestione strategica e lo strategic management accounting.

ShadowNet: An Active Defense Infrastructure for Insider Cyber Attack Prevention

Energy Technology Data Exchange (ETDEWEB)

Cui, Xiaohui [ORNL; Beaver, Justin M [ORNL; Treadwell, Jim N [ORNL

2012-01-01

The ShadowNet infrastructure for insider cyber attack prevention is comprised of a tiered server system that is able to dynamically redirect dangerous/suspicious network traffic away from production servers that provide web, ftp, database and other vital services to cloned virtual machines in a quarantined environment. This is done transparently from the point of view of both the attacker and normal users. Existing connections, such as SSH sessions, are not interrupted. Any malicious activity performed by the attacker on a quarantined server is not reflected on the production server. The attacker is provided services from the quarantined server, which creates the impression that the attacks performed are successful. The activities of the attacker on the quarantined system are able to be recorded much like a honeypot system for forensic analysis.

Rewarding Stakeholders: The Perspective of Strategic Entrepreneurship

OpenAIRE

Dissanayake, Srinath

2013-01-01

Prime concern on stakeholders is a crucial aspect in each business success. Among the wide spectrum of organizational strategies, Strategic Entrepreneurship pays a greater emphasis. This essay details practical as well as empirical grounds with regard to the notion of Strategic Entrepreneurship. Focally, strategic Entrepreneurship is an integration of Entrepreneurship (Opportunity Seeking Behavior) and Strategic Management (Advantage Seeking Behavior). Thus I conclude, an amalgamation of Str...

REAL-TIME INTELLIGENT MULTILAYER ATTACK CLASSIFICATION SYSTEM

Directory of Open Access Journals (Sweden)

T. Subbhulakshmi

2014-01-01

Full Text Available Intrusion Detection Systems (IDS takes the lion’s share of the current security infrastructure. Detection of intrusions is vital for initiating the defensive procedures. Intrusion detection was done by statistical and distance based methods. A threshold value is used in these methods to indicate the level of normalcy. When the network traffic crosses the level of normalcy then above which it is flagged as anomalous. When there are occurrences of new intrusion events which are increasingly a key part of system security, the statistical techniques cannot detect them. To overcome this issue, learning techniques are used which helps in identifying new intrusion activities in a computer system. The objective of the proposed system designed in this paper is to classify the intrusions using an Intelligent Multi Layered Attack Classification System (IMLACS which helps in detecting and classifying the intrusions with improved classification accuracy. The intelligent multi layered approach contains three intelligent layers. The first layer involves Binary Support Vector Machine classification for detecting the normal and attack. The second layer involves neural network classification to classify the attacks into classes of attacks. The third layer involves fuzzy inference system to classify the attacks into various subclasses. The proposed IMLACS can be able to detect an intrusion behavior of the networks since the system contains a three intelligent layer classification and better set of rules. Feature selection is also used to improve the time of detection. The experimental results show that the IMLACS achieves the Classification Rate of 97.31%.

Simulating Cyber-Attacks for Fun and Profit