Composite Dos Attack Model

Directory of Open Access Journals (Sweden)

Simona Ramanauskaitė

2012-04-01

Full Text Available Preparation for potential threats is one of the most important phases ensuring system security. It allows evaluating possible losses, changes in the attack process, the effectiveness of used countermeasures, optimal system settings, etc. In cyber-attack cases, executing real experiments can be difficult for many reasons. However, mathematical or programming models can be used instead of conducting experiments in a real environment. This work proposes a composite denial of service attack model that combines bandwidth exhaustion, filtering and memory depletion models for a more real representation of similar cyber-attacks. On the basis of the introduced model, different experiments were done. They showed the main dependencies of the influence of attacker and victim’s properties on the success probability of denial of service attack. In the future, this model can be used for the denial of service attack or countermeasure optimization.

Cytoskeleton reorganization/disorganization is a key feature of induced inaccessibility for defence to successive pathogen attacks.

Science.gov (United States)

Moral, Juan; Montilla-Bascón, Gracia; Canales, Francisco J; Rubiales, Diego; Prats, Elena

2017-06-01

In this work, we investigated the involvement of the long-term dynamics of cytoskeletal reorganization on the induced inaccessibility phenomenon by which cells that successfully defend against a previous fungal attack become highly resistant to subsequent attacks. This was performed on pea through double inoculation experiments using inappropriate (Blumeria graminis f. sp. avenae, Bga) and appropriate (Erysiphe pisi, Ep) powdery mildew fungi. Pea leaves previously inoculated with Bga showed a significant reduction of later Ep infection relative to leaves inoculated only with Ep, indicating that cells had developed induced inaccessibility. This reduction in Ep infection was higher when the time interval between Bga and Ep inoculation ranged between 18 and 24 h, although increased penetration resistance in co-infected cells was observed even with time intervals of 24 days between inoculations. Interestingly, this increase in resistance to Ep following successful defence to the inappropriate Bga was associated with an increase in actin microfilament density that reached a maximum at 18-24 h after Bga inoculation and very slowly decreased afterwards. The putative role of cytoskeleton reorganization/disorganization leading to inaccessibility is supported by the suppression of the induced resistance mediated by specific actin (cytochalasin D, latrunculin B) or general protein (cycloheximide) inhibitors. © 2016 BSPP AND JOHN WILEY & SONS LTD.

Genetic attack on neural cryptography.

Science.gov (United States)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-03-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

Genetic attack on neural cryptography

International Nuclear Information System (INIS)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-01-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size

Genetic attack on neural cryptography

Science.gov (United States)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-03-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

An Analysis of Attacks on Blockchain Consensus

OpenAIRE

Bissias, George; Levine, Brian Neil; Ozisik, A. Pinar; Andresen, Gavin

2016-01-01

We present and validate a novel mathematical model of the blockchain mining process and use it to conduct an economic evaluation of the double-spend attack, which is fundamental to all blockchain systems. Our analysis focuses on the value of transactions that can be secured under a conventional double-spend attack, both with and without a concurrent eclipse attack. Our model quantifies the importance of several factors that determine the attack's success, including confirmation depth, attacke...

NETWORK SECURITY ATTACKS. ARP POISONING CASE STUDY

Directory of Open Access Journals (Sweden)

Luminiţa DEFTA

2010-12-01

Full Text Available Arp poisoning is one of the most common attacks in a switched network. A switch is a network device that limits the ability of attackers that use a packet sniffer to gain access to information from internal network traffic. However, using ARP poisoning the traffic between two computers can be intercepted even in a network that uses switches. This method is known as man in the middle attack. With this type of attack the affected stations from a network will have invalid entries in the ARP table. Thus, it will contain only the correspondence between the IP addresses of the stations from the same network and a single MAC address (the station that initiated the attack. In this paper we present step by step the initiation of such an attack in a network with three computers. We will intercept the traffic between two stations using the third one (the attacker.

Sleep bruxism possibly triggered by multiple sclerosis attacks and treated successfully with botulinum toxin: Report of three cases.

Science.gov (United States)

Sevim, Serhan; Kaleağası, Hakan; Fidancı, Halit

2015-09-01

Sleep bruxism refers to a nocturnal parafunctional activity including the clenching, grinding or gnashing of teeth. While most of the nocturnal bruxism cases seen in the general population are apparently idiopathic, it has been reported to be associated with a range of neurological diseases such as Huntington's disease, cranio-cervical dystonia and post-anoxic brain damage, but not multiple sclerosis (MS). We describe three cases of MS patients who have had moderate to severe complaints of bruxism in the two weeks following their relevant MS attacks. None of the three patients had a diagnosis of bruxism prior to her attack. The diagnosis was confirmed in one out of three by a polysomnography. One patient did not have any complaints related to bruxism previous to her attack, whereas two had mild and infrequent complaints. The symptoms of the relevant attacks were left hemihypesthesia in all and hemiparesis in two. None of the patients had spasticity that could result in severe teeth clenching. All three patients presented with morning headaches and jaw pain or tightness and were treated successfully with botulinum toxin (Btx) injections applied to their masseter and temporalis muscles. The cause of bruxism is controversial but lesions of the cortico-basalganglia-thalamo-cotrical loops are thought to be most likely. However, acute or chronic lesions in those pathways were not demonstrated in the 3 patients. It is feasible that they had normal appearing white matter interruptions in their cortico-basalganglia-thalamocortical loops along with their relevant attack. Copyright © 2015 Elsevier B.V. All rights reserved.

Step to improve neural cryptography against flipping attacks.

Science.gov (United States)

Zhou, Jiantao; Xu, Qinzhen; Pei, Wenjiang; He, Zhenya; Szu, Harold

2004-12-01

Synchronization of neural networks by mutual learning has been demonstrated to be possible for constructing key exchange protocol over public channel. However, the neural cryptography schemes presented so far are not the securest under regular flipping attack (RFA) and are completely insecure under majority flipping attack (MFA). We propose a scheme by splitting the mutual information and the training process to improve the security of neural cryptosystem against flipping attacks. Both analytical and simulation results show that the success probability of RFA on the proposed scheme can be decreased to the level of brute force attack (BFA) and the success probability of MFA still decays exponentially with the weights' level L. The synchronization time of the parties also remains polynomial with L. Moreover, we analyze the security under an advanced flipping attack.

Quantitative Attack Tree Analysis via Priced Timed Automata

NARCIS (Netherlands)

Kumar, Rajesh; Ruijters, Enno Jozef Johannes; Stoelinga, Mariëlle Ida Antoinette; Sankaranarayanan, Sriram; Vicario, Enrico

The success of a security attack crucially depends on the resources available to an attacker: time, budget, skill level, and risk appetite. Insight in these dependencies and the most vulnerable system parts is key to providing effective counter measures. This paper considers attack trees, one of the

Stochastic Model of TCP SYN Attacks

Directory of Open Access Journals (Sweden)

Simona Ramanauskaitė

2011-08-01

Full Text Available A great proportion of essential services are moving into internet space making the threat of DoS attacks even more actual. To estimate the real risk of some kind of denial of service (DoS attack in real world is difficult, but mathematical and software models make this task easier. In this paper we overview the ways of implementing DoS attack models and offer a stochastic model of SYN flooding attack. It allows evaluating the potential threat of SYN flooding attacks, taking into account both the legitimate system flow as well as the possible attack power. At the same time we can assess the effect of such parameters as buffer capacity, open connection storage in the buffer or filte­ring efficiency on the success of different SYN flooding attacks. This model can be used for other type of memory depletion denial of service attacks.Article in Lithuanian

Initial perspectives on process threat management

International Nuclear Information System (INIS)

Whiteley, James R. Rob; Mannan, M. Sam

2004-01-01

Terrorist and criminal acts are now considered credible risks in the process industries. Deliberate attacks on the nation's petroleum refineries and chemical plants would pose a significant threat to public welfare, national security, and the US economy. To-date, the primary response of government and industry has been on improved security to prevent attacks and the associated consequences. While prevention is clearly preferred, the potential for successful attacks must be addressed. If plant security is breached, the extent of the inflicted damage is determined by the available plant safety systems and procedures. We refer to this 'inside the gate' response as process threat management. The authors have initiated a joint industry/academia study to address: - the level of safety provided by existing plant equipment and safety systems in response to a terrorist act, and; - identification of process (rather than security) needs or opportunities to address this new safety concern. This paper describes the initial perspectives and issues identified by the team at the beginning of the study

Cache timing attacks on recent microarchitectures

DEFF Research Database (Denmark)

Andreou, Alexandres; Bogdanov, Andrey; Tischhauser, Elmar Wolfgang

2017-01-01

Cache timing attacks have been known for a long time, however since the rise of cloud computing and shared hardware resources, such attacks found new potentially devastating applications. One prominent example is S$A (presented by Irazoqui et al at S&P 2015) which is a cache timing attack against...... AES or similar algorithms in virtualized environments. This paper applies variants of this cache timing attack to Intel's latest generation of microprocessors. It enables a spy-process to recover cryptographic keys, interacting with the victim processes only over TCP. The threat model is a logically...... separated but CPU co-located attacker with root privileges. We report successful and practically verified applications of this attack against a wide range of microarchitectures, from a two-core Nehalem processor (i5-650) to two-core Haswell (i7-4600M) and four-core Skylake processors (i7-6700). The attack...

VoIP attacks detection engine based on neural network

Science.gov (United States)

Safarik, Jakub; Slachta, Jiri

2015-05-01

The security is crucial for any system nowadays, especially communications. One of the most successful protocols in the field of communication over IP networks is Session Initiation Protocol. It is an open-source project used by different kinds of applications, both open-source and proprietary. High penetration and text-based principle made SIP number one target in IP telephony infrastructure, so security of SIP server is essential. To keep up with hackers and to detect potential malicious attacks, security administrator needs to monitor and evaluate SIP traffic in the network. But monitoring and following evaluation could easily overwhelm the security administrator in networks, typically in networks with a number of SIP servers, users and logically or geographically separated networks. The proposed solution lies in automatic attack detection systems. The article covers detection of VoIP attacks through a distributed network of nodes. Then the gathered data analyze aggregation server with artificial neural network. Artificial neural network means multilayer perceptron network trained with a set of collected attacks. Attack data could also be preprocessed and verified with a self-organizing map. The source data is detected by distributed network of detection nodes. Each node contains a honeypot application and traffic monitoring mechanism. Aggregation of data from each node creates an input for neural networks. The automatic classification on a centralized server with low false positive detection reduce the cost of attack detection resources. The detection system uses modular design for easy deployment in final infrastructure. The centralized server collects and process detected traffic. It also maintains all detection nodes.

Effectiveness of the Call in Beach Volleyball Attacking Play

Directory of Open Access Journals (Sweden)

Künzell Stefan

2014-12-01

Full Text Available In beach volleyball the setter has the opportunity to give her or his hitter a “call”. The call intends that the setter suggests to her or his partner where to place the attack in the opponent’s court. The effectiveness of a call is still unknown. We investigated the women’s and men’s Swiss National Beach Volleyball Championships in 2011 and analyzed 2185 attacks. We found large differences between female and male players. While men called in only 38.4% of attacks, women used calls in 85.5% of attacks. If the male players followed a given call, 63% of the attacks were successful. The success rate of attacks without any call was 55.8% and 47.6% when the call was ignored. These differences were not significant (χ2(2 = 4.55, p = 0.103. In women’s beach volleyball, the rate of successful attacks was 61.5% when a call was followed, 35% for attacks without a call, and 42.6% when a call was ignored. The differences were highly significant (χ2(2 = 23.42, p < 0.0005. Taking into account the findings of the present study, we suggested that the call was effective in women’s beach volleyball, while its effect in men’s game was unclear. Considering the quality of calls we indicate that there is a significant potential to increase the effectiveness of a call.

Modeling Resources Allocation in Attacker-Defender Games with "Warm Up" CSF.

Science.gov (United States)

Guan, Peiqiu; Zhuang, Jun

2016-04-01

Like many other engineering investments, the attacker's and defender's investments may have limited impact without initial capital to "warm up" the systems. This article studies such "warm up" effects on both the attack and defense equilibrium strategies in a sequential-move game model by developing a class of novel and more realistic contest success functions. We first solve a single-target attacker-defender game analytically and provide numerical solutions to a multiple-target case. We compare the results of the models with and without consideration of the investment "warm up" effects, and find that the defender would suffer higher expected damage, and either underestimate the attacker effort or waste defense investment if the defender falsely believes that no investment "warm up" effects exist. We illustrate the model results with real data, and compare the results of the models with and without consideration of the correlation between the "warm up" threshold and the investment effectiveness. Interestingly, we find that the defender is suggested to give up defending all the targets when the attack or the defense "warm up" thresholds are sufficiently high. This article provides new insights and suggestions on policy implications for homeland security resource allocation. © 2015 Society for Risk Analysis.

A Mitigation Approach to Counter Initial Ranging Based DoS Attacks on IEEE 802.16-2009

International Nuclear Information System (INIS)

Saleem, Y.; Asif, K.H.; Ahmad, T.; Bashir, K.

2013-01-01

In recent years increase in wireless accessed devices does not prerequisite any evidence. Security is the main concern for the researchers in 802.16e now-a-days. The layer structures defines that the security sub-layer resides over the physical layer and provides security on the link layer. This paper discusses the security threats present and still unsolved at the initial network entry stage. A mitigation approach to counter Initial Ranging Based DoS attacks on IEEE 802.16-2009 are particularized in this paper. Furthermore the existing solutions of initial ranging vulnerability are analyzed and their limitations are discussed. Proposed solution was checked against these limitations to ensure their absence. Moreover the solution was implemented in OMNET++ and results were analyzed to ensure the practicality and efficiency. (author)

Quantitative Verification and Synthesis of Attack-Defence Scenarios

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming; Parker, David

2016-01-01

analysis of quantitative properties of complex attack-defence scenarios, using an extension of attack-defence trees which models temporal ordering of actions and allows explicit dependencies in the strategies adopted by attackers and defenders. We adopt a game-theoretic approach, translating attack...... which guarantee or optimise some quantitative property, such as the probability of a successful attack, the expected cost incurred, or some multi-objective trade-off between the two. We implement our approach, building upon the PRISM-games model checker, and apply it to a case study of an RFID goods...

DDOS ATTACK DETECTION SIMULATION AND HANDLING MECHANISM

Directory of Open Access Journals (Sweden)

Ahmad Sanmorino

2013-11-01

Full Text Available In this study we discuss how to handle DDoS attack that coming from the attacker by using detection method and handling mechanism. Detection perform by comparing number of packets and number of flow. Whereas handling mechanism perform by limiting or drop the packets that detected as a DDoS attack. The study begins with simulation on real network, which aims to get the real traffic data. Then, dump traffic data obtained from the simulation used for detection method on our prototype system called DASHM (DDoS Attack Simulation and Handling Mechanism. From the result of experiment that has been conducted, the proposed method successfully detect DDoS attack and handle the incoming packet sent by attacker.

Using the Domain Name System to Thwart Automated Client-Based Attacks

Energy Technology Data Exchange (ETDEWEB)

Taylor, Curtis R [ORNL; Shue, Craig A [ORNL

2011-09-01

On the Internet, attackers can compromise systems owned by other people and then use these systems to launch attacks automatically. When attacks such as phishing or SQL injections are successful, they can have negative consequences including server downtime and the loss of sensitive information. Current methods to prevent such attacks are limited in that they are application-specific, or fail to block attackers. Phishing attempts can be stopped with email filters, but if the attacker manages to successfully bypass these filters, then the user must determine if the email is legitimate or not. Unfortunately, they often are unable to do so. Since attackers have a low success rate, they attempt to compensate for it in volume. In order to have this high throughput, attackers take shortcuts and break protocols. We use this knowledge to address these issues by implementing a system that can detect malicious activity and use it to block attacks. If the client fails to follow proper procedure, they can be classified as an attacker. Once an attacker has been discovered, they will be isolated and monitored. This can be accomplished using existing software in Ubuntu Linux applications, along with our custom wrapper application. After running the system and seeing its performance on three popular Web browsers Chromium, Firefox and Internet Explorer as well as two popular email clients, Thunderbird and Evolution, we found that not only is this system conceivable, it is effective and has low overhead.

Defending majority voting systems against a strategic attacker

International Nuclear Information System (INIS)

Levitin, Gregory; Hausken, Kjell; Ben Haim, Hanoch

2013-01-01

Voting systems used in technical and tactical decision making in pattern recognition and target detection, data handling, signal processing, distributed and secure computing etc. are considered. A maxmin two period game is analyzed where the defender first protects and chooses units for participation in voting. The attacker thereafter attacks a subset of units. It is shown that when the defender protects all the voting units, the optimal number of units chosen for voting is either one or the maximal possible odd number. When the defender protects only the units chosen for voting, the optimal number of chosen units increases with the defender resource superiority (i.e., more resources than the attacker) and with probability of providing correct output by any unit. The system success probability always increases in the total number of voting units, the defender–attacker resource ratio, and the probability that each voting unit produces a correct output. The system success probability increases in the attacker–defender contest intensity if the defender achieves per-unit resource superiority, and otherwise decreases in the contest intensity. The presented model and enumerative algorithm allow obtaining optimal voting system defense strategy for any combination of parameters: total number of units, attack and defense resources, unit success probability and contest intensity.

Network overload due to massive attacks

Science.gov (United States)

Kornbluth, Yosef; Barach, Gilad; Tuchman, Yaakov; Kadish, Benjamin; Cwilich, Gabriel; Buldyrev, Sergey V.

2018-05-01

We study the cascading failure of networks due to overload, using the betweenness centrality of a node as the measure of its load following the Motter and Lai model. We study the fraction of survived nodes at the end of the cascade pf as a function of the strength of the initial attack, measured by the fraction of nodes p that survive the initial attack for different values of tolerance α in random regular and Erdös-Renyi graphs. We find the existence of a first-order phase-transition line pt(α ) on a p -α plane, such that if p pt , pf is large and the giant component of the network is still present. Exactly at pt, the function pf(p ) undergoes a first-order discontinuity. We find that the line pt(α ) ends at a critical point (pc,αc) , in which the cascading failures are replaced by a second-order percolation transition. We find analytically the average betweenness of nodes with different degrees before and after the initial attack, we investigate their roles in the cascading failures, and we find a lower bound for pt(α ) . We also study the difference between localized and random attacks.

Physics-based simulations of aerial attacks by peregrine falcons reveal that stooping at high speed maximizes catch success against agile prey.

Science.gov (United States)

Mills, Robin; Hildenbrandt, Hanno; Taylor, Graham K; Hemelrijk, Charlotte K

2018-04-01

The peregrine falcon Falco peregrinus is renowned for attacking its prey from high altitude in a fast controlled dive called a stoop. Many other raptors employ a similar mode of attack, but the functional benefits of stooping remain obscure. Here we investigate whether, when, and why stooping promotes catch success, using a three-dimensional, agent-based modeling approach to simulate attacks of falcons on aerial prey. We simulate avian flapping and gliding flight using an analytical quasi-steady model of the aerodynamic forces and moments, parametrized by empirical measurements of flight morphology. The model-birds' flight control inputs are commanded by their guidance system, comprising a phenomenological model of its vision, guidance, and control. To intercept its prey, model-falcons use the same guidance law as missiles (pure proportional navigation); this assumption is corroborated by empirical data on peregrine falcons hunting lures. We parametrically vary the falcon's starting position relative to its prey, together with the feedback gain of its guidance loop, under differing assumptions regarding its errors and delay in vision and control, and for three different patterns of prey motion. We find that, when the prey maneuvers erratically, high-altitude stoops increase catch success compared to low-altitude attacks, but only if the falcon's guidance law is appropriately tuned, and only given a high degree of precision in vision and control. Remarkably, the optimal tuning of the guidance law in our simulations coincides closely with what has been observed empirically in peregrines. High-altitude stoops are shown to be beneficial because their high airspeed enables production of higher aerodynamic forces for maneuvering, and facilitates higher roll agility as the wings are tucked, each of which is essential to catching maneuvering prey at realistic response delays.

Physics-based simulations of aerial attacks by peregrine falcons reveal that stooping at high speed maximizes catch success against agile prey.

Directory of Open Access Journals (Sweden)

Robin Mills

2018-04-01

Full Text Available The peregrine falcon Falco peregrinus is renowned for attacking its prey from high altitude in a fast controlled dive called a stoop. Many other raptors employ a similar mode of attack, but the functional benefits of stooping remain obscure. Here we investigate whether, when, and why stooping promotes catch success, using a three-dimensional, agent-based modeling approach to simulate attacks of falcons on aerial prey. We simulate avian flapping and gliding flight using an analytical quasi-steady model of the aerodynamic forces and moments, parametrized by empirical measurements of flight morphology. The model-birds' flight control inputs are commanded by their guidance system, comprising a phenomenological model of its vision, guidance, and control. To intercept its prey, model-falcons use the same guidance law as missiles (pure proportional navigation; this assumption is corroborated by empirical data on peregrine falcons hunting lures. We parametrically vary the falcon's starting position relative to its prey, together with the feedback gain of its guidance loop, under differing assumptions regarding its errors and delay in vision and control, and for three different patterns of prey motion. We find that, when the prey maneuvers erratically, high-altitude stoops increase catch success compared to low-altitude attacks, but only if the falcon's guidance law is appropriately tuned, and only given a high degree of precision in vision and control. Remarkably, the optimal tuning of the guidance law in our simulations coincides closely with what has been observed empirically in peregrines. High-altitude stoops are shown to be beneficial because their high airspeed enables production of higher aerodynamic forces for maneuvering, and facilitates higher roll agility as the wings are tucked, each of which is essential to catching maneuvering prey at realistic response delays.

Sapwood Stored Resources Decline in Whitebark and Lodgepole Pines Attacked by Mountain Pine Beetles (Coleoptera: Curculionidae).

Science.gov (United States)

Lahr, Eleanor C; Sala, Anna

2016-12-01

Recent outbreaks of forest insects have been directly linked to climate change-induced warming and drought, but effects of tree stored resources on insects have received less attention. We asked whether tree stored resources changed following mountain pine beetle (Dendroctonus ponderosae Hopkins) attack and whether they affected beetle development. We compared initial concentrations of stored resources in the sapwood of whitebark pine (Pinus albicaulis Engelmann) and lodgepole pine (Pinus contorta Douglas ex. Louden) with resource concentrations one year later, in trees that were naturally attacked by beetles and trees that remained unattacked. Beetles did not select host trees based on sapwood resources-there were no consistent a priori differences between attacked versus unattacked trees-but concentrations of nonstructural carbohydrate (NSC), lipids, and phosphorus declined in attacked trees, relative to initial concentrations and unattacked trees. Whitebark pine experienced greater resource declines than lodgepole pine; however, sapwood resources were not correlated with beetle success in either species. Experimental manipulation confirmed that the negative effect of beetles on sapwood and phloem NSC was not due to girdling. Instead, changes in sapwood resources were related to the percentage of sapwood with fungal blue-stain. Overall, mountain pine beetle attack affected sapwood resources, but sapwood resources did not contribute directly to beetle success; instead, sapwood resources may support colonization by beetle-vectored fungi that potentially accelerate tree mortality. Closer attention to stored resource dynamics will improve our understanding of the interaction between mountain pine beetles, fungi, and host trees, an issue that is relevant to our understanding of insect range expansion under climate change. © The Authors 2016. Published by Oxford University Press on behalf of Entomological Society of America. All rights reserved. For Permissions

False Positive and False Negative Effects on Network Attacks

Science.gov (United States)

Shang, Yilun

2018-01-01

Robustness against attacks serves as evidence for complex network structures and failure mechanisms that lie behind them. Most often, due to detection capability limitation or good disguises, attacks on networks are subject to false positives and false negatives, meaning that functional nodes may be falsely regarded as compromised by the attacker and vice versa. In this work, we initiate a study of false positive/negative effects on network robustness against three fundamental types of attack strategies, namely, random attacks (RA), localized attacks (LA), and targeted attack (TA). By developing a general mathematical framework based upon the percolation model, we investigate analytically and by numerical simulations of attack robustness with false positive/negative rate (FPR/FNR) on three benchmark models including Erdős-Rényi (ER) networks, random regular (RR) networks, and scale-free (SF) networks. We show that ER networks are equivalently robust against RA and LA only when FPR equals zero or the initial network is intact. We find several interesting crossovers in RR and SF networks when FPR is taken into consideration. By defining the cost of attack, we observe diminishing marginal attack efficiency for RA, LA, and TA. Our finding highlights the potential risk of underestimating or ignoring FPR in understanding attack robustness. The results may provide insights into ways of enhancing robustness of network architecture and improve the level of protection of critical infrastructures.

An Explanation of Nakamoto's Analysis of Double-spend Attacks

OpenAIRE

Ozisik, A. Pinar; Levine, Brian Neil

2017-01-01

The fundamental attack against blockchain systems is the double-spend attack. In this tutorial, we provide a very detailed explanation of just one section of Satoshi Nakamoto's original paper where the attack's probability of success is stated. We show the derivation of the mathematics relied upon by Nakamoto to create a model of the attack. We also validate the model with a Monte Carlo simulation, and we determine which model component is not perfect.

Success factors for strategic change initiatives: a qualitative study of healthcare administrators' perspectives.

Science.gov (United States)

Kash, Bita Arbab; Spaulding, Aaron; Johnson, Christopher E; Gamm, Larry

2014-01-01

Success factors related to the implementation of change initiatives are well documented and discussed in the management literature, but they are seldom studied in healthcare organizations engaged in multiple strategic change initiatives. The purpose of this study was to identify key success factors related to implementation of change initiatives based on rich qualitative data gathered from health leader interviews at two large health systems implementing multiple change initiatives. In-depth personal interviews with 61 healthcare leaders in the two large systems were conducted and inductive qualitative analysis was employed to identify success factors associated with 13 change initiatives. Results from this analysis were compared to success factors identified in the literature, and generalizations were drawn that add significantly to the management literature, especially to that in the healthcare sector. Ten specific success factors were identified for the implementation of change initiatives. The top three success factors were (1) culture and values, (2) business processes, and (3) people and engagement. Two of the identified success factors are unique to the healthcare sector and not found in the literature on change models: service quality and client satisfaction (ranked fourth of 10) and access to information (ranked ninth). Results demonstrate the importance of human resource functions, alignment of culture and values with change, and business processes that facilitate effective communication and access to information to achieve many change initiatives. The responses also suggest opportunities for leaders of healthcare organizations to more formally recognize the degree to which various change initiatives are dependent on one another.

Ontogenetic development of attack behaviour by turbot larvae when exposed to copepod prey

DEFF Research Database (Denmark)

Højgaard, Jacob K.; Bruno, Eleonora; Støttrup, Josianne Gatt

2018-01-01

offered small nauplii (129–202 μm), large nauplii (222–278 μm) and copepodites (342–542 μm), of the calanoid copepod Acartia tonsa. At 8 DPH, turbot larvae had the highest capture success (67%) when offered small nauplii, with a lower capture success of large nauplii (27%) but totally lacked...... by the larva on the copepod was examined, and the approach pattern of the larva was identified as a controlling mechanism for their strike distance, with the initial approach speed of larva at DPH 10 being significantly less than at DPH 8. In all successful attacks, the strike distance was less than 1.17 mm...

A joint mid-course and terminal course cooperative guidance law for multi-missile salvo attack

Directory of Open Access Journals (Sweden)

Jie ZENG

2018-06-01

Full Text Available Salvo attacking a surface target by multiple missiles is an effective tactic to enhance the lethality and penetrate the defense system. However, existing cooperative guidance laws in the mid-course or terminal course are not suitable for long- and medium-range missiles or stand-off attacking. Because the initial conditions of cooperative terminal guidance that are generally generated from the mid-course flight may not lead to a successful cooperative terminal guidance without proper mid-course flight adjustment. Meanwhile, cooperative guidance in the mid-course cannot solely guarantee the accuracy of a simultaneous arrival of multiple missiles. Therefore, a joint mid-course and terminal course cooperative guidance law is developed. By building a distinct leader-follower framework, this paper proposes an efficient coordinated Dubins path planning method to synchronize the arrival time of all engaged missiles in the mid-course flight. The planned flight can generate proper initial conditions for cooperative terminal guidance, and also benefit an earliest simultaneous arrival. In the terminal course, an existing cooperative proportional navigation guidance law guides all the engaged missiles to arrive at a target accurately and simultaneously. The integrated guidance law for an intuitive application is summarized. Simulations demonstrate that the proposed method can generate fast and accurate salvo attack. Keywords: Cooperative systems, Dubins path, Mid-course flight, Missile guidance, Salvo attack

Use of Attack Graphs in Security Systems

Directory of Open Access Journals (Sweden)

Vivek Shandilya

2014-01-01

Full Text Available Attack graphs have been used to model the vulnerabilities of the systems and their potential exploits. The successful exploits leading to the partial/total failure of the systems are subject of keen security interest. Considerable effort has been expended in exhaustive modeling, analyses, detection, and mitigation of attacks. One prominent methodology involves constructing attack graphs of the pertinent system for analysis and response strategies. This not only gives the simplified representation of the system, but also allows prioritizing the security properties whose violations are of greater concern, for both detection and repair. We present a survey and critical study of state-of-the-art technologies in attack graph generation and use in security system. Based on our research, we identify the potential, challenges, and direction of the current research in using attack graphs.

Investigating the Possibility to Individualize Asthma Attack Therapy Based on Attack Severity and Patient Characteristics

Directory of Open Access Journals (Sweden)

Sárkány Zoltán

2016-03-01

Full Text Available Introduction: The objective of this study was to investigate with the help of a computerized simulation model whether the treatment of an acute asthma attack can be individualized based on the severity of the attack and the characteristics of the patient. Material and Method: A stochastic lung model was used to simulate the deposition of 1 nm - 10 μm particles during a mild and a moderate asthma attack. Breathing parameters were varied to maximize deposition, and simulation results were compared with those obtained in the case of a severe asthma attack. In order to investigate the effect of height on the deposition of inhaled particles, another series of simulations was carried out with identical breathing parameters, comparing patient heights of 155 cm, 175 cm and 195 cm. Results: The optimization process yielded an increase in the maximum deposition values of around 6-7% for each type of investigated asthma attack, and the difference between attacks of different degree of severity was around 5% for both the initial and the optimized values, a higher degree of obstruction increasing the amount of deposited particles. Conclusions: Our results suggest that the individualization of asthma attack treatment cannot be based on particles of different size, as the highest deposited fraction in all three types of attacks can be obtained using 0.01 μm particles. The use of a specific set of breathing parameters yields a difference between a mild and a moderate, as well as a moderate and a severe asthma attack of around 5%.

Using agility to combat cyber attacks.

Science.gov (United States)

Anderson, Kerry

2017-06-01

Some incident response practitioners feel that they have been locked in a battle with cyber criminals since the popular adoption of the internet. Initially, organisations made great inroads in preventing and containing cyber attacks. In the last few years, however, cyber criminals have become adept at eluding defence security technologies and rapidly modifying their exploit strategies for financial or political gains. Similar to changes in military combat tactics, cyber criminals utilise distributed attack cells, real-time communications, and rapidly mutating exploits to minimise the potential for detection. Cyber criminals have changed their attack paradigm. This paper describes a new incident response paradigm aimed at combating the new model of cyber attacks with an emphasis on agility to increase the organisation's ability to respond rapidly to these new challenges.

Algebraic Side-Channel Attack on Twofish

Directory of Open Access Journals (Sweden)

Chujiao Ma

2017-05-01

Full Text Available While algebraic side-channel attack (ASCA has been successful in breaking simple cryptographic algorithms, it has never been done on larger or more complex algorithms such as Twofish. Compared to other algorithms that ASCA has been used on, Twofish is more difficult to attack due to the key-dependent S-boxes as well as the complex key scheduling. In this paper, we propose the first algebraic side-channel attack on Twofish, and examine the importance of side-channel information in getting past the key-dependent S-boxes and the complex key scheduling. The cryptographic algorithm and side-channel information are both expressed as boolean equations and a SAT solver is used to recover the key. While algebraic attack by itself is not sufficient to break the algorithm, with the help of side-channel information such as Hamming weights, we are able to correctly solve for 96 bits of the 128 bits key in under 2 hours with known plaintext/ciphertext.

Peritoneal dialysis technique success during the initial 90 days of therapy.

Science.gov (United States)

Guest, Steven; Hayes, Andrew C; Story, Kenneth; Davis, Ira D

2012-01-01

Comparisons of technique success by peritoneal dialysis (PD) modality have typically excluded the initial 90 days of therapy. We analyzed a database of 51,469 new PD starts from 2004 to 2008 in the United States. The analysis concentrated on the initial 90 days of therapy to determine technique success and the impact of the continuous ambulatory PD (CAPD) and automated PD (APD) modalities. Overall, 13.3% of patients stopped PD within 90 days. Of patients starting directly on APD, 14.3% stopped PD within 90 days. Of patients starting on CAPD, 12.6% stopped PD within 90 days, and 63.4% changed to APD within 90 days. Only 3.3% of the latter patients failed to reach 90 days of therapy. By comparison, technique failure occurred in 28.8% of those initiating with and remaining on CAPD. We conclude that initial training to perform CAPD, with timely transfer to APD within the first 3 months, was associated with the greatest technique success at 90 days. The reasons for that success are unclear, and further research should be directed to determining factors responsible. It is possible that patients trained initially to CAPD but converted to APD have a greater understanding of the total therapy, which improves confidence. Those converted to APD may be more appreciative of the lifestyle benefits of APD, which translates into improved compliance; alternatively, technical factors associated with APD may be responsible. Those technical factors may include improved catheter function in the recumbent position during APD or the reduced infection risk associated with just 2 connect/disconnect procedures in APD compared with 8 in CAPD.

Optimal counterterrorism and the recruitment effect of large terrorist attacks

DEFF Research Database (Denmark)

Jensen, Thomas

2011-01-01

We analyze a simple dynamic model of the interaction between terrorists and authorities. Our primary aim is to study optimal counterterrorism and its consequences when large terrorist attacks lead to a temporary increase in terrorist recruitment. First, we show that an increase in counterterrorism...... makes it more likely that terrorist cells plan small rather than large attacks and therefore may increase the probability of a successful attack. Analyzing optimal counterterrorism we see that the recruitment effect makes authorities increase the level of counterterrorism after large attacks. Therefore......, in periods following large attacks a new attack is more likely to be small compared to other periods. Finally, we analyze the long-run consequences of the recruitment effect. We show that it leads to more counterterrorism, more small attacks, and a higher sum of terrorism damage and counterterrorism costs...

The epidemiology of physical attack and rape among crack-using women.

Science.gov (United States)

Falck, R S; Wang, J; Carlson, R G; Siegal, H A

2001-02-01

This prospective study examines the epidemiology of physical attack and rape among a sample of 171 not-in-treatment, crack-cocaine using women. Since initiating crack use, 62% of the women reported suffering a physical attack. The annual rate of victimization by physical attack was 45%. Overall, more than half of the victims sought medical care subsequent to an attack. The prevalence of rape since crack use was initiated was 32%, and the annual rate was 11%. Among those women having been raped since they initiated crack use, 83% reported they were high on crack when the crime occurred as were an estimated 57% of the perpetrators. Logistic regression analyses showed that duration of crack use, arrest for prostitution, and some college education were predictors of having experienced a physical attack. Duration of crack use and a history of prostitution were predictors of suffering a rape. Drug abuse treatment programs must be sensitive to high levels of violence victimization experienced by crack-cocaine using women. Screening women for victimization, and treating the problems that emanate from it, may help make drug abuse treatment more effective.

Activity Modelling and Comparative Evaluation of WSN MAC Security Attacks

DEFF Research Database (Denmark)

Pawar, Pranav M.; Nielsen, Rasmus Hjorth; Prasad, Neeli R.

2012-01-01

and initiate security attacks that disturb the normal functioning of the network in a severe manner. Such attacks affect the performance of the network by increasing the energy consumption, by reducing throughput and by inducing long delays. Of all existing WSN attacks, MAC layer attacks are considered...... the most harmful as they directly affect the available resources and thus the nodes’ energy consumption. The first endeavour of this paper is to model the activities of MAC layer security attacks to understand the flow of activities taking place when mounting the attack and when actually executing it....... The second aim of the paper is to simulate these attacks on hybrid MAC mechanisms, which shows the performance degradation of aWSN under the considered attacks. The modelling and implementation of the security attacks give an actual view of the network which can be useful in further investigating secure...

Can community change be measured for an outcomes-based initiative? A comparative case study of the success by 6 initiative.

Science.gov (United States)

Minich, Lisa; Howe, Steven; Langmeyer, Daniel; Corcoran, Kevin

2006-12-01

One of the challenges facing nonprofit organizations today is the demand for measurable results. Increasingly, these organizations are focusing less on program outputs and program outcomes in favor of community outcomes or changes demonstrated in the larger community. Success by 6(R) is a popular United Way initiative that emphasizes defining and measuring community outcomes. In this paper, we describe our work with 24 Success by 6(R) initiatives around the country. It is clear that not all of these initiatives are measuring community outcomes. Of those initiatives that are experiencing some success measuring community outcomes, similar measurement strategies are reported. Additionally, our experience suggests several United Way employees express dissatisfaction with the logic model as a framework for defining and measuring community outcomes although no preferred alternative model is identified. Evaluators working with community-wide initiatives must find ways to communicate the differences between program and community outcomes to key stakeholders and funders.

Heuristic attacks against graphical password generators

CSIR Research Space (South Africa)

Peach, S

2010-05-01

Full Text Available In this paper the authors explore heuristic attacks against graphical password generators. A new trend is emerging to use user clickable pictures to generate passwords. This technique of authentication can be successfully used for - for example...

Enabling Success: 2011-2012 Think Tank Initiative Annual Report ...

International Development Research Centre (IDRC) Digital Library (Canada)

2013-06-12

In addition to a review of the Initiative's overall progress, this year's annual report, Enabling Success, captures the conversations at last year's TTI Exchange in Cape Town about what it means to be a ... English · Français ... June 12, 2013.

Identifying Risk of Future Asthma Attacks Using UK Medical Record Data: A Respiratory Effectiveness Group Initiative.

Science.gov (United States)

Blakey, John D; Price, David B; Pizzichini, Emilio; Popov, Todor A; Dimitrov, Borislav D; Postma, Dirkje S; Josephs, Lynn K; Kaplan, Alan; Papi, Alberto; Kerkhof, Marjan; Hillyer, Elizabeth V; Chisholm, Alison; Thomas, Mike

Asthma attacks are common, serious, and costly. Individual factors associated with attacks, such as poor symptom control, are not robust predictors. We investigated whether the rich data available in UK electronic medical records could identify patients at risk of recurrent attacks. We analyzed anonymized, longitudinal medical records of 118,981 patients with actively treated asthma (ages 12-80 years) and 3 or more years of data. Potential risk factors during 1 baseline year were evaluated using univariable (simple) logistic regression for outcomes of 2 or more and 4 or more attacks during the following 2-year period. Predictors with significant univariable association (P attacks included baseline-year markers of attacks (acute oral corticosteroid courses, emergency visits), more frequent reliever use and health care utilization, worse lung function, current smoking, blood eosinophilia, rhinitis, nasal polyps, eczema, gastroesophageal reflux disease, obesity, older age, and being female. The number of oral corticosteroid courses had the strongest association. The final cross-validated models incorporated 19 and 16 risk factors for 2 or more and 4 or more attacks over 2 years, respectively, with areas under the curve of 0.785 (95% CI, 0.780-0.789) and 0.867 (95% CI, 0.860-0.873), respectively. Routinely collected data could be used proactively via automated searches to identify individuals at risk of recurrent asthma attacks. Further research is needed to assess the impact of such knowledge on clinical prognosis. Copyright © 2016 American Academy of Allergy, Asthma & Immunology. Published by Elsevier Inc. All rights reserved.

Risk Due to Radiological Terror Attacks With Natural Radionuclides

International Nuclear Information System (INIS)

Friedrich, Steinhaeusler; Lyudmila, Zaitseva; Stan, Rydell

2008-01-01

The naturally occurring radionuclides radium (Ra-226) and polonium (Po-210) have the potential to be used for criminal acts. Analysis of international incident data contained in the Database on Nuclear Smuggling, Theft and Orphan Radiation Sources (CSTO), operated at the University of Salzburg, shows that several acts of murder and terrorism with natural radionuclides have already been carried out in Europe and Russia. Five different modes of attack (T) are possible: (1) Covert irradiation of an individual in order to deliver a high individual dose; (2) Covert irradiation of a group of persons delivering a large collective dose; (3) Contamination of food or drink; (4) Generation of radioactive aerosols or solutions; (5) Combination of Ra-226 with conventional explosives (Dirty Bomb).This paper assesses the risk (R) of such criminal acts in terms of: (a) Probability of terrorist motivation deploying a certain attack mode T; (b) Probability of success by the terrorists for the selected attack mode T; (c) Primary damage consequence (C) to the attacked target (activity, dose); (d) Secondary damage consequence (C') to the attacked target (psychological and socio-economic effects); (e) Probability that the consequences (C, C') cannot be brought under control, resulting in a failure to manage successfully the emergency situation due to logistical and/or technical deficits in implementing adequate countermeasures. Extensive computer modelling is used to determine the potential impact of such a criminal attack on directly affected victims and on the environment

Risk Due to Radiological Terror Attacks With Natural Radionuclides

Science.gov (United States)

Friedrich, Steinhäusler; Stan, Rydell; Lyudmila, Zaitseva

2008-08-01

The naturally occurring radionuclides radium (Ra-226) and polonium (Po-210) have the potential to be used for criminal acts. Analysis of international incident data contained in the Database on Nuclear Smuggling, Theft and Orphan Radiation Sources (CSTO), operated at the University of Salzburg, shows that several acts of murder and terrorism with natural radionuclides have already been carried out in Europe and Russia. Five different modes of attack (T) are possible: (1) Covert irradiation of an individual in order to deliver a high individual dose; (2) Covert irradiation of a group of persons delivering a large collective dose; (3) Contamination of food or drink; (4) Generation of radioactive aerosols or solutions; (5) Combination of Ra-226 with conventional explosives (Dirty Bomb). This paper assesses the risk (R) of such criminal acts in terms of: (a) Probability of terrorist motivation deploying a certain attack mode T; (b) Probability of success by the terrorists for the selected attack mode T; (c) Primary damage consequence (C) to the attacked target (activity, dose); (d) Secondary damage consequence (C') to the attacked target (psychological and socio-economic effects); (e) Probability that the consequences (C, C') cannot be brought under control, resulting in a failure to manage successfully the emergency situation due to logistical and/or technical deficits in implementing adequate countermeasures. Extensive computer modelling is used to determine the potential impact of such a criminal attack on directly affected victims and on the environment.

Does the aggressiveness of the prey modify the attack behavior of the predator Supputius cincticeps (Stål (Hemiptera, Pentatomidae?

Directory of Open Access Journals (Sweden)

Rafael Braga da Silva

2012-06-01

Full Text Available Does the aggressiveness of the prey modify the attack behavior of the predator Supputius cincticeps (Stål (Hemiptera, Pentatomidae? The stink bug Supputius cincticeps (Stål (Hemiptera, Pentatomidae is a predator found in several Brazilian regions, which possesses desirable attributes as a natural control agent and in biological control programs. The aim of this study was to test if the attack behavior and predation success of S. cincticeps were affected by prey species. Larvae of Tenebrio molitor (L. (Coleoptera, Tenebrionidae, Spodoptera frugiperda (J. E. Smith (Lepidoptera, Noctuidae, and Thyrinteina arnobia (Stoll (Lepidoptera, Geometridae were offered to S. cincticeps in laboratory bioassays where predatory attack and prey defensive behaviors were observed for 2-hour periods. The attack behavior of S. cincticeps changed with the prey species offered. More than 25% of T. molitor and S. frugiperda larvae were immediately attacked, but T. arnobia was not immediately attacked by S. cincticeps. Successful attack (i.e., successful insertion of the predator stylets into the prey depends on the region of the body attacked, with a greater proportion of successful attacks in the anterior than in the median or posterior regions. Larvae of T. arnobia and S. frugiperda displayed a sequence of abrupt head and body movements in response to S. cincticeps attack. Attempts of predation were more successful on T. molitor and S. frugiperda than on T. arnobia. Information about the differential attack behavior of S. cincticeps on different prey species is important for designing successful biological control programs using this hemipteran predator.

Situational awareness of a coordinated cyber attack

Science.gov (United States)

Sudit, Moises; Stotz, Adam; Holender, Michael

2005-03-01

As technology continues to advance, services and capabilities become computerized, and an ever increasing amount of business is conducted electronically the threat of cyber attacks gets compounded by the complexity of such attacks and the criticality of the information which must be secured. A new age of virtual warfare has dawned in which seconds can differentiate between the protection of vital information and/or services and a malicious attacker attaining their goal. In this paper we present a novel approach in the real-time detection of multistage coordinated cyber attacks and the promising initial testing results we have obtained. We introduce INFERD (INformation Fusion Engine for Real-time Decision-making), an adaptable information fusion engine which performs fusion at levels zero, one, and two to provide real-time situational assessment and its application to the cyber domain in the ECCARS (Event Correlation for Cyber Attack Recognition System) system. The advantages to our approach are fourfold: (1) The complexity of the attacks which we consider, (2) the level of abstraction in which the analyst interacts with the attack scenarios, (3) the speed at which the information fusion is presented and performed, and (4) our disregard for ad-hoc rules or a priori parameters.

Modeling attacker-defender interactions in information networks.

Energy Technology Data Exchange (ETDEWEB)

Collins, Michael Joseph

2010-09-01

The simplest conceptual model of cybersecurity implicitly views attackers and defenders as acting in isolation from one another: an attacker seeks to penetrate or disrupt a system that has been protected to a given level, while a defender attempts to thwart particular attacks. Such a model also views all non-malicious parties as having the same goal of preventing all attacks. But in fact, attackers and defenders are interacting parts of the same system, and different defenders have their own individual interests: defenders may be willing to accept some risk of successful attack if the cost of defense is too high. We have used game theory to develop models of how non-cooperative but non-malicious players in a network interact when there is a substantial cost associated with effective defensive measures. Although game theory has been applied in this area before, we have introduced some novel aspects of player behavior in our work, including: (1) A model of how players attempt to avoid the costs of defense and force others to assume these costs; (2) A model of how players interact when the cost of defending one node can be shared by other nodes; and (3) A model of the incentives for a defender to choose less expensive, but less effective, defensive actions.

Isolated Cataplexy in the Differential Diagnosis of Drop Attacks: A Case of Successful Clinical Diagnosis and Treatment

Directory of Open Access Journals (Sweden)

Robert T. Egel

2012-01-01

Full Text Available Drop attacks are sudden spontaneous falls that are not accompanied by alteration of consciousness and are followed by immediate recovery. Cataplexy, which is usually associated with narcolepsy, is one of the causes of drop attacks. We report a patient with the rare condition of cataplexy without associated narcolepsy (isolated cataplexy. Isolated cataplexy should be included in the differential diagnosis when a patient presents with recurrent drop attacks and normal diagnostic test results.

Chess therapy: A new approach to curing panic attack.

Science.gov (United States)

Barzegar, Kazem; Barzegar, Somayeh

2017-12-01

To study the effect of playing cell phone chess game on treating panic attack. The chess game on an android cell phone was played by the researcher who was affected by panic attack as a post-traumatic disorder immediately after or before feeling of the start of symptoms. The right level of difficulty, i.e., levels 2-4, was selected for optimal results. Playing chess game on the android cell phone prevented the manifestation of panic attack and led to the cure of this traumatic condition. Chess therapy with the right level of difficulty can be recommended as a very effective non-pharmaceutical method for the successful treatment of panic attacks. Copyright © 2017 Elsevier B.V. All rights reserved.

Exploiting Small Leakages in Masks to Turn a Second-Order Attack into a First-Order Attack and Improved Rotating Substitution Box Masking with Linear Code Cosets

Science.gov (United States)

DeTrano, Alexander; Karimi, Naghmeh; Karri, Ramesh; Guo, Xiaofei; Carlet, Claude; Guilley, Sylvain

2015-01-01

Masking countermeasures, used to thwart side-channel attacks, have been shown to be vulnerable to mask-extraction attacks. State-of-the-art mask-extraction attacks on the Advanced Encryption Standard (AES) algorithm target S-Box recomputation schemes but have not been applied to scenarios where S-Boxes are precomputed offline. We propose an attack targeting precomputed S-Boxes stored in nonvolatile memory. Our attack targets AES implemented in software protected by a low entropy masking scheme and recovers the masks with 91% success rate. Recovering the secret key requires fewer power traces (in fact, by at least two orders of magnitude) compared to a classical second-order attack. Moreover, we show that this attack remains viable in a noisy environment or with a reduced number of leakage points. Eventually, we specify a method to enhance the countermeasure by selecting a suitable coset of the masks set. PMID:26491717

ShadowNet: An Active Defense Infrastructure for Insider Cyber Attack Prevention

Energy Technology Data Exchange (ETDEWEB)

Cui, Xiaohui [ORNL; Beaver, Justin M [ORNL; Treadwell, Jim N [ORNL

2012-01-01

The ShadowNet infrastructure for insider cyber attack prevention is comprised of a tiered server system that is able to dynamically redirect dangerous/suspicious network traffic away from production servers that provide web, ftp, database and other vital services to cloned virtual machines in a quarantined environment. This is done transparently from the point of view of both the attacker and normal users. Existing connections, such as SSH sessions, are not interrupted. Any malicious activity performed by the attacker on a quarantined server is not reflected on the production server. The attacker is provided services from the quarantined server, which creates the impression that the attacks performed are successful. The activities of the attacker on the quarantined system are able to be recorded much like a honeypot system for forensic analysis.

State of the art on defenses against wormhole attacks in wireless sensor networks

DEFF Research Database (Denmark)

Prasad, Neeli R.; Giannetsos, T.; Dimitriou, T.

2009-01-01

describe the wormhole attack, a severe routing attack against sensor networks that is particularly challenging to defend against. We detail its characteristics and study its effects on the successful operation of a sensor network. We present state-of-the-art research for addressing wormhole related...... the possibility of using more sophisticated methods, like intrusion detection systems, to achieve a more complete and autonomic defense mechanism against wormhole attackers. We present our work on intrusion detection and introduce a lightweight IDS framework, called LIDeA, designed for wireless sensor networks....... LIDeA is based on a distributed architecture, in which nodes overhear their neighboring nodes and collaborate with each other in order to successfully detect an intrusion. We conclude by highlighting how such a system can be used for defending against wormhole attackers....

Security Analysis of 7-Round MISTY1 against Higher Order Differential Attacks

Science.gov (United States)

Tsunoo, Yukiyasu; Saito, Teruo; Shigeri, Maki; Kawabata, Takeshi

MISTY1 is a 64-bit block cipher that has provable security against differential and linear cryptanalysis. MISTY1 is one of the algorithms selected in the European NESSIE project, and it has been recommended for Japanese e-Government ciphers by the CRYPTREC project. This paper shows that higher order differential attacks can be successful against 7-round versions of MISTY1 with FL functions. The attack on 7-round MISTY1 can recover a partial subkey with a data complexity of 254.1 and a computational complexity of 2120.8, which signifies the first successful attack on 7-round MISTY1 with no limitation such as a weak key. This paper also evaluates the complexity of this higher order differential attack on MISTY1 in which the key schedule is replaced by a pseudorandom function. It is shown that resistance to the higher order differential attack is not substantially improved even in 7-round MISTY1 in which the key schedule is replaced by a pseudorandom function.

A Unique Fatal Moose Attack Mimicking Homicide.

Science.gov (United States)

Gudmannsson, Petur; Berge, Johan; Druid, Henrik; Ericsson, Göran; Eriksson, Anders

2018-03-01

Fatalities caused by animal attacks are rare, but have the potential to mimic homicide. We present a case in which a moose attacked and killed a woman who was walking her dog in a forest. Autopsy showed widespread blunt trauma with a large laceration on one leg in which blades of grass were embedded. Flail chest was the cause of death. The case was initially conceived as homicide by means of a riding lawn mower. A review of the case by moose experts and analyses of biological trace material that proved to originate from moose, established the true source of injury. The dog probably provoked a moose, which, in response, stomped and gored the victim to death. The injuries resembled those previously reported from attacks by cattle and water buffalo. Fatal moose attacks constitute an extremely rare threat in boreal areas, but can be considered in traumatic deaths of unknown cause. © 2017 American Academy of Forensic Sciences.

Developing Simulated Cyber Attack Scenarios Against Virtualized Adversary Networks

Science.gov (United States)

2017-03-01

enclave, as shown in Figure 11, is a common design for many secure networks. Different variations of a cyber-attack scenario can be rehearsed based...achieved a greater degree of success against multiple variations of an enemy network. E. ATTACK TYPES A primary goal of this thesis is to define and...2013. [33] R. Goldberg , “Architectural principles for virtual computer systems,” Ph.D. dissertation, Dept. of Comp. Sci., Harvard Univ., Cambridge

Robustness analysis of interdependent networks under multiple-attacking strategies

Science.gov (United States)

Gao, Yan-Li; Chen, Shi-Ming; Nie, Sen; Ma, Fei; Guan, Jun-Jie

2018-04-01

The robustness of complex networks under attacks largely depends on the structure of a network and the nature of the attacks. Previous research on interdependent networks has focused on two types of initial attack: random attack and degree-based targeted attack. In this paper, a deliberate attack function is proposed, where six kinds of deliberate attacking strategies can be derived by adjusting the tunable parameters. Moreover, the robustness of four types of interdependent networks (BA-BA, ER-ER, BA-ER and ER-BA) with different coupling modes (random, positive and negative correlation) is evaluated under different attacking strategies. Interesting conclusions could be obtained. It can be found that the positive coupling mode can make the vulnerability of the interdependent network to be absolutely dependent on the most vulnerable sub-network under deliberate attacks, whereas random and negative coupling modes make the vulnerability of interdependent network to be mainly dependent on the being attacked sub-network. The robustness of interdependent network will be enhanced with the degree-degree correlation coefficient varying from positive to negative. Therefore, The negative coupling mode is relatively more optimal than others, which can substantially improve the robustness of the ER-ER network and ER-BA network. In terms of the attacking strategies on interdependent networks, the degree information of node is more valuable than the betweenness. In addition, we found a more efficient attacking strategy for each coupled interdependent network and proposed the corresponding protection strategy for suppressing cascading failure. Our results can be very useful for safety design and protection of interdependent networks.

Identifying Risk of Future Asthma Attacks Using UK Medical Record Data : A Respiratory Effectiveness Group Initiative

NARCIS (Netherlands)

Blakey, John D.; Price, David B.; Pizzichini, Emilio; Popov, Todor A.; Dimitrov, Borislav D.; Postma, Dirkje S.; Josephs, Lynn K.; Kaplan, Alan; Papi, Alberto; Kerkhof, Marjan; Hillyer, Elizabeth V.; Chisholm, Alison; Thomas, Mike

BACKGROUND: Asthma attacks are common, serious, and costly. Individual factors associated with attacks, such as poor symptom control, are not robust predictors. OBJECTIVE: We investigated whether the rich data available in UK electronic medical records could identify patients at risk of recurrent

The successful implementation of STEM initiatives in lower income schools

Science.gov (United States)

Bakshi, Leena

The purpose of this study was to examine the leadership strategies utilized by superintendents, district administrators and school principals and the impact of these identified strategies on implementing STEM initiatives specifically for lower-income students. This study set out to determine (a) What role does district leadership play in the implementation of STEM initiatives in lower income secondary schools; (b) What internal systems of accountability exist in successful lower income secondary schools' STEM programs; (c) What leadership strategies are used to implement STEM curriculum initiatives; (d) How do school and district leadership support staff in order to achieve student engagement in STEM Initiative curriculum. This study used a mixed-methods approach to determine the impact of leadership strategies utilized by superintendents, district administrators and school principals on implementing STEM initiatives. Quantitative data analyzed survey questionnaires to determine the degree of correlation between the school districts that have demonstrated the successful implementation of STEM initiatives at the school and district levels. Qualitative data was collected using highly structured participant interviews and purposeful sampling of four district superintendents, one district-level administrator and five school leaders to capture the key strategies in implementing STEM initiatives in lower income secondary schools. Through the process of triangulation, the results of the study revealed that superintendents and principals should consider the characteristics of effective STEM initiatives that have shown a considerable degree of correlation with positive outcomes for lower income students. These included the leadership strategies of personnel's making decisions about the district's and school's instructional direction and an emphasis on the conceptual development of scientific principles using the Next Generation Science Standards coupled with the Common Core

Effects of Motivation: Rewarding Hackers for Undetected Attacks Cause Analysts to Perform Poorly.

Science.gov (United States)

Maqbool, Zahid; Makhijani, Nidhi; Pammi, V S Chandrasekhar; Dutt, Varun

2017-05-01

The aim of this study was to determine how monetary motivations influence decision making of humans performing as security analysts and hackers in a cybersecurity game. Cyberattacks are increasing at an alarming rate. As cyberattacks often cause damage to existing cyber infrastructures, it is important to understand how monetary rewards may influence decision making of hackers and analysts in the cyber world. Currently, only limited attention has been given to this area. In an experiment, participants were randomly assigned to three between-subjects conditions ( n = 26 for each condition): equal payoff, where the magnitude of monetary rewards for hackers and defenders was the same; rewarding hacker, where the magnitude of monetary reward for hacker's successful attack was 10 times the reward for analyst's successful defense; and rewarding analyst, where the magnitude of monetary reward for analyst's successful defense was 10 times the reward for hacker's successful attack. In all conditions, half of the participants were human hackers playing against Nash analysts and half were human analysts playing against Nash hackers. Results revealed that monetary rewards for human hackers and analysts caused a decrease in attack and defend actions compared with the baseline. Furthermore, rewarding human hackers for undetected attacks made analysts deviate significantly from their optimal behavior. If hackers are rewarded for their undetected attack actions, then this causes analysts to deviate from optimal defend proportions. Thus, analysts need to be trained not become overenthusiastic in defending networks. Applications of our results are to networks where the influence of monetary rewards may cause information theft and system damage.

Assessing risk from intelligent attacks: A perspective on approaches

International Nuclear Information System (INIS)

Guikema, Seth D.; Aven, Terje

2010-01-01

Assessing the uncertainties in and severity of the consequences of intelligent attacks are fundamentally different from risk assessment for accidental events and other phenomena with inherently random failures. Intelligent attacks against a system involve adaptation on the part of the adversary. The probabilities of the initiating events depend on the risk management actions taken, and they may be more difficult to assess due to high degrees of epistemic uncertainty about the motivations and future actions of adversaries. Several fundamentally different frameworks have been proposed for assessing risk from intelligent attacks. These include basing risk assessment and management on game theoretic modelling of attacker actions, using a probabilistic risk analysis (PRA) approach based on eliciting probabilities of different initiating events from appropriate experts, assessing uncertainties beyond probabilities and expected values, and ignoring the probabilities of the attacks and choosing to protect highest valued targets. In this paper we discuss and compare the fundamental assumptions that underlie each of these approaches. We then suggest a new framework that makes the fundamental assumptions underlying the approaches clear to decision makers and presents them with a suite of results from conditional risk analysis methods. Each of the conditional methods presents the risk from a specified set of fundamental assumptions, allowing the decision maker to see the impacts of these assumptions on the risk management strategies considered and to weight the different conditional results with their assessments of the relative likelihood of the different sets of assumptions.

Successful ADVANCE Initiatives for Junior Women Faculty in STEM

Science.gov (United States)

Riskin, Eve

2015-01-01

The NSF ADVANCE program was designed to transform university policies, procedures, and practices so that women faculty could advance in STEM faculty careers, obtain tenure, and ultimately become academic leaders. The results have been impressive. The most recent data from the American Society of Engineering Education (Fall 2013) show that the average percentage of women faculty in U.S. Colleges of Engineering is now 14.5%; it was just 9% when ADVANCE started in 2001.This talk will describe programs to support and promote junior women faculty that have been successful in recruiting and retaining women in STEM. These programs include mentoring, professional development, and work/life balance initiatives. Suggestions will be made for ways to disseminate low-cost successful ADVANCE programs to other institutions so that they can successfully support their own women faculty in STEM. One effort is the University of Washington's LEAD-it-Yourself! online toolkit that will enable other universities to run their own leadership workshops for department chairs and deans.

Effect of Angle of Attack on Slope Climbing Performance

Science.gov (United States)

Creager, Colin M.; Jones, Lucas; Smith, Lauren M.

2017-01-01

Ascending steep slopes is often a very difficult challenge for off-road vehicles, whether on Earth or on extraterrestrial bodies. This challenge is even greater if the surface consists of loose granular soil that does not provide much shear strength. This study investigated how the path at which a vehicle traverses a slope, specifically the angle that it is commanded to drive relative to the base of the hill (the angle of attack), can affect its performance. A vehicle was driven in loose sand at slope angles up to 15 degrees and angles of attack ranging from 10 to 90 degrees. A novel photogrammetry technique was implemented to both track vehicle motion and create a three-dimensional profile of the terrain. This allowed for true wheel sinkage measurements. The study showed that though low angles of attack result in lower wheel slip and sinkage, the efficiency of the vehicles uphill motion increased at higher angles of attack. For slopes up to 15 degrees, a 90 degree angle of attack provided the greatest likelihood of successful ascent.

Wolf Attack Probability: A Theoretical Security Measure in Biometric Authentication Systems

Science.gov (United States)

Une, Masashi; Otsuka, Akira; Imai, Hideki

This paper will propose a wolf attack probability (WAP) as a new measure for evaluating security of biometric authentication systems. The wolf attack is an attempt to impersonate a victim by feeding “wolves” into the system to be attacked. The “wolf” means an input value which can be falsely accepted as a match with multiple templates. WAP is defined as a maximum success probability of the wolf attack with one wolf sample. In this paper, we give a rigorous definition of the new security measure which gives strength estimation of an individual biometric authentication system against impersonation attacks. We show that if one reestimates using our WAP measure, a typical fingerprint algorithm turns out to be much weaker than theoretically estimated by Ratha et al. Moreover, we apply the wolf attack to a finger-vein-pattern based algorithm. Surprisingly, we show that there exists an extremely strong wolf which falsely matches all templates for any threshold value.

Changes in vestibular evoked myogenic potentials after Meniere attacks.

Science.gov (United States)

Kuo, Shih-Wei; Yang, Ting-Hua; Young, Yi-Ho

2005-09-01

The aim of this study was to apply videonystagmography (VNG) and vestibular evoked myogenic potential (VEMP) tests to patients with Meniere attacks, to explore the mechanics of where saccular disorders may affect the semicircular canals. From January 2001 to December 2003, 12 consecutive patients with unilateral definite Meniere's disease with vertiginous attacks underwent VNG for recording spontaneous nystagmus, as well as VEMP tests. At the very beginning of the Meniere attack, the spontaneous nystagmus beat toward the lesion side in 5 patients (42%) and toward the healthy side in 7 patients (58%). Twenty-four hours later, only 6 patients (50%) showed spontaneous nystagmus beating toward the healthy side. Nevertheless, spontaneous nystagmus subsided in all patients within 48 hours. The VEMP test was performed within 24 hours of a Meniere attack; the VEMPs were normal in 4 patients and abnormal in 8 patients (67%). After 48 hours, 4 patients with initially abnormal VEMPs had resolution and return to normal VEMPs, and the other 4 patients still had absent VEMPs. Most patients (67%) with Meniere attacks revealed abnormal VEMPs, indicating that the saccule participates in a Meniere attack. This is an important idea that stimulates consideration of the mechanism of Meniere attacks.

Choosing What to Protect When Attacker Resources and Asset Valuations are Uncertain

Directory of Open Access Journals (Sweden)

Kjell Hausken

2014-01-01

Full Text Available The situation has been modelled where the attacker's resources are unknown to the defender. Protecting assets presupposes that the defender has some information on the attacker's resource capabilities. An attacker targets one of two assets. The attacker's resources and valuations of these assets are drawn probabilistically. We specify when the isoutility curves are upward sloping (the defender prefers to invest less in defense, thus leading to higher probabilities of success for attacks on both assets or downward sloping (e.g. when one asset has a low value or high unit defense cost. This stands in contrast to earlier research and results from the uncertainty regarding the level of the attacker's resources. We determine which asset the attacker targets depending on his type, unit attack costs, the contest intensity, and investment in defense. A two stage game is considered, where the defender moves first and the attacker moves second. When both assets are equivalent and are treated equivalently by both players, an interior equilibrium exists when the contest intensity is low, and a corner equilibrium with no defense exists when the contest intensity is large and the attacker holds large resources. Defense efforts are inverse U shaped in the attacker's resources. (original abstract

The persuasion and security awareness experiment: reducing the success of social engineering attacks

NARCIS (Netherlands)

Bullee, Jan-Willem; Montoya, L.; Pieters, Wolter; Junger, Marianne; Hartel, Pieter H.

Objectives: The aim of the current study is to explore to what extent an intervention reduces the effects of social engineering (e.g. the obtaining of access by persuasion) in an office environment. In particular, we study the effect of authority during a `social engineering' attack. Methods: 31

Resisting persuasion by the skin of one's teeth: the hidden success of resisted persuasive messages.

Science.gov (United States)

Tormala, Zakary L; Clarkson, Joshua J; Petty, Richard E

2006-09-01

Recent research has suggested that when people resist persuasion they can perceive this resistance and, under specifiable conditions, become more certain of their initial attitudes (e.g., Z. L. Tormala & R. E. Petty, 2002). Within the same metacognitive framework, the present research provides evidence for the opposite phenomenon--that is, when people resist persuasion, they sometimes become less certain of their initial attitudes. Four experiments demonstrate that when people perceive that they have done a poor job resisting persuasion (e.g., they believe they generated weak arguments against a persuasive message), they lose attitude certainty, show reduced attitude-behavioral intention correspondence, and become more vulnerable to subsequent persuasive attacks. These findings suggest that resisted persuasive attacks can sometimes have a hidden yet important success by reducing the strength of the target attitude. ((c) 2006 APA, all rights reserved).

Gait biometrics under spoofing attacks: an experimental investigation

Science.gov (United States)

Hadid, Abdenour; Ghahramani, Mohammad; Kellokumpu, Vili; Feng, Xiaoyi; Bustard, John; Nixon, Mark

2015-11-01

Gait is a relatively biometric modality which has a precious advantage over other modalities, such as iris and voice, in that it can be easily captured from a distance. Although it has recently become a topic of great interest in biometric research, there has been little investigation into gait spoofing attacks where a person tries to imitate the clothing or walking style of someone else. We recently analyzed for the first time the effects of spoofing attacks on silhouette-based gait biometric systems and showed that it was indeed possible to spoof gait biometric systems by clothing impersonation and the deliberate selection of a target that has a similar build to the attacker. To gain deeper insight into the performance of current gait biometric systems under spoofing attacks, we provide a thorough investigation on how clothing can be used to spoof a target and evaluate the performance of two state-of-the-art recognition methods on a gait spoofing database recorded at the University of Southampton. Furthermore, we describe and evaluate an initial solution coping with gait spoofing attacks. The obtained results are very promising and point out interesting findings which can be used for future investigations.

Classifier fusion for VoIP attacks classification

Science.gov (United States)

Safarik, Jakub; Rezac, Filip

2017-05-01

SIP is one of the most successful protocols in the field of IP telephony communication. It establishes and manages VoIP calls. As the number of SIP implementation rises, we can expect a higher number of attacks on the communication system in the near future. This work aims at malicious SIP traffic classification. A number of various machine learning algorithms have been developed for attack classification. The paper presents a comparison of current research and the use of classifier fusion method leading to a potential decrease in classification error rate. Use of classifier combination makes a more robust solution without difficulties that may affect single algorithms. Different voting schemes, combination rules, and classifiers are discussed to improve the overall performance. All classifiers have been trained on real malicious traffic. The concept of traffic monitoring depends on the network of honeypot nodes. These honeypots run in several networks spread in different locations. Separation of honeypots allows us to gain an independent and trustworthy attack information.

Attacks on IEEE 802.11 wireless networks

Directory of Open Access Journals (Sweden)

Dejan Milan Tepšić

2013-06-01

Full Text Available Security of wireless computer networks was initially secured with the WEP security protocol, which relies on the RC4 encryption algorithm and the CRC algorithm to check the integrity. The basic problems of the WEP are a short initialization vector, unsafe data integrity checking, using a common key, the lack of mechanisms for management and exchange of keys, the lack of protection from the endless insertion of the same package into the network, the lack of authentication of access points and the like. The consequences of these failures are easy attacks against the WEP network, namely their complete insecurity. Therefore, the work began on the IEEE 802.11i protocol, which should radically improve the security of wireless networks. Since the development of a protocol lasted, the WPA standard was released to offset the security gap caused by the WEP. The WPA also relies on RC4 and CRC algorithms, but brings temporary keys and the MIC algorithm for data integrity. The 802.1X authentication was introduced and common keys are no longer needed, since it is possible to use an authentication server. The length of the initialization vector was increased and the vector is obtained based on the packet serial number, in order to prevent the insertion of the same packet into the network. The weakness of the WPA security mechanism is the use of a common key. WPA2 (802.11i later appeared. Unlike the WPA mechanism that worked on old devices with the replacement of software, WPA2 requires new network devices that can perform AES encryption. AES replaces the RC4 algorithm and delivers much greater security. Data integrity is protected by encryption. Despite progress, there are still weaknesses in wireless networks. Attacks for denial of service are possible as well as spoofing package headers attacks. For now, it is not advisable to use wireless networks in environments where unreliability and unavailability are not tolerated. Introduction In the entire history of

The efficacy and tolerability of frovatriptan and dexketoprofen for the treatment of acute migraine attacks.

Science.gov (United States)

Allais, Gianni; Rolando, Sara; De Lorenzo, Cristina; Benedetto, Chiara

2014-08-01

Frovatriptan is a triptan characterized by a high affinity for 5-HT1B/1D receptors and a long half-life contributing to a more sustained and prolonged action than other triptans. Dexketoprofen is a nonsteroidal anti-inflammatory drug with a relatively short half-life and rapid onset of action, blocking the action of cyclo-oxygenase, which is involved in prostaglandins' production, thus reducing inflammation and pain. Both drugs have been successfully employed as monotherapies for the treatment of acute migraine attacks. The combination of these two drugs (frovatriptan 2.5 mg plus dexketoprofen 25 or 37.5 mg) has been tested in migraine sufferers, showing a rapid and good initial efficacy, with 2-h pain free rates of 51%, and a high persistence in the 48-h following the onset of pain: recurrence occurred in only 29% of attacks and sustained pain free rates were 43% at 24- and 33% at 48-h.

A UNIFIED APPROACH FOR DETECTION AND PREVENTION OF DDOS ATTACKS USING ENHANCED SUPPORT VECTOR MACHINES AND FILTERING MECHANISMS

Directory of Open Access Journals (Sweden)

T. Subbulakshmi

2014-10-01

Full Text Available Distributed Denial of Service (DDoS attacks were considered to be a tremendous threat to the current information security infrastructure. During DDoS attack, multiple malicious hosts that are recruited by the attackers launch a coordinated attack against one host or a network victim, which cause denial of service to legitimate users. The existing techniques suffer from more number of false alarms and more human intervention for attack detection. The objective of this paper is to monitor the network online which automatically initiates detection mechanism if there is any suspicious activity and also defense the hosts from being arrived at the network. Both spoofed and non spoofed IP’s are detected in this approach. Non spoofed IP’s are detected using Enhanced Support Vector Machines (ESVM and spoofed IP’s are detected using Hop Count Filtering (HCF mechanism. The detected IP’s are maintained separately to initiate the defense process. The attack strength is calculated using Lanchester Law which initiates the defense mechanism. Based on the calculated attack strength any of the defense schemes such as Rate based limiting or History based IP filtering is automatically initiated to drop the packets from the suspected IP. The integrated online monitoring approach for detection and defense of DDoS attacks is deployed in an experimental testbed. The online approach is found to be obvious in the field of integrated DDoS detection and defense.

Internet of Things Security: Layered classification of attacks and possible Countermeasures

Directory of Open Access Journals (Sweden)

Otmane El Mouaatamid

2016-12-01

Full Text Available Nowadays, the internet of things (IoT presents a strong focus of research with various initiatives working on the application, and usage of Internet standards in the IoT. But the big challenge of the internet of things is security. In this paper a layered classification and a goal based comparison of attacks in the IoT are presented so that a better understanding of IoT attacks can be achieved and subsequently more efficient and effective techniques and procedures to combat these attacks may be developed

Analysis for Ad Hoc Network Attack-Defense Based on Stochastic Game Model

Directory of Open Access Journals (Sweden)

Yuanjie LI

2014-06-01

Full Text Available The attack actions analysis for Ad Hoc networks can provide a reference for the design security mechanisms. This paper presents an analysis method of security of Ad Hoc networks based on Stochastic Game Nets (SGN. This method can establish a SGN model of Ad Hoc networks and calculate to get the Nash equilibrium strategy. After transforming the SGN model into a continuous-time Markov Chain (CTMC, the security of Ad Hoc networks can be evaluated and analyzed quantitatively by calculating the stationary probability of CTMC. Finally, the Matlab simulation results show that the probability of successful attack is related to the attack intensity and expected payoffs, but not attack rate.

A Novel Multiple-Bits Collision Attack Based on Double Detection with Error-Tolerant Mechanism

Directory of Open Access Journals (Sweden)

Ye Yuan

2018-01-01

Full Text Available Side-channel collision attacks are more powerful than traditional side-channel attack without knowing the leakage model or establishing the model. Most attack strategies proposed previously need quantities of power traces with high computational complexity and are sensitive to mistakes, which restricts the attack efficiency seriously. In this paper, we propose a multiple-bits side-channel collision attack based on double distance voting detection (DDVD and also an improved version, involving the error-tolerant mechanism, which can find all 120 relations among 16 key bytes when applied to AES (Advanced Encryption Standard algorithm. In addition, we compare our collision detection method called DDVD with the Euclidean distance and the correlation-enhanced collision method under different intensity of noise, which indicates that our detection technique performs better in the circumstances of noise. Furthermore, 4-bit model of our collision detection method is proven to be optimal in theory and in practice. Meanwhile the corresponding practical attack experiments are also performed on a hardware implementation of AES-128 on FPGA board successfully. Results show that our strategy needs less computation time but more traces than LDPC method and the online time for our strategy is about 90% less than CECA and 96% less than BCA with 90% success rate.

Neutralizing SQL Injection Attack Using Server Side Code Modification in Web Applications

Directory of Open Access Journals (Sweden)

Asish Kumar Dalai

2017-01-01

Full Text Available Reports on web application security risks show that SQL injection is the top most vulnerability. The journey of static to dynamic web pages leads to the use of database in web applications. Due to the lack of secure coding techniques, SQL injection vulnerability prevails in a large set of web applications. A successful SQL injection attack imposes a serious threat to the database, web application, and the entire web server. In this article, the authors have proposed a novel method for prevention of SQL injection attack. The classification of SQL injection attacks has been done based on the methods used to exploit this vulnerability. The proposed method proves to be efficient in the context of its ability to prevent all types of SQL injection attacks. Some popular SQL injection attack tools and web application security datasets have been used to validate the model. The results obtained are promising with a high accuracy rate for detection of SQL injection attack.

Underlying Reasons for Success and Failure of Terrorist Attacks: Selected Case Studies

Science.gov (United States)

2007-06-04

Ibrahim had exhibited antisocial behavior as early as high school217 and had a significant criminal past—in 1996, he was sentenced to five years in prison...media. In addition to long-term emotional health issues, the attacks of September 11 have had a lasting effect on the physical health of those who were...Psychological and Behavioural Reactions to the Bombings in London on 7 July 2005: Cross Sectional Survey of a Representative Sample of Londoners

Bluetooth security attacks comparative analysis, attacks, and countermeasures

CERN Document Server

Haataja, Keijo; Pasanen, Sanna; Toivanen, Pekka

2013-01-01

This overview of Bluetooth security examines network vulnerabilities and offers a comparative analysis of recent security attacks. It also examines related countermeasures and proposes a novel attack that works against all existing Bluetooth versions.

Construction of a Cyber Attack Model for Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Varuttamaseni, Athi; Bari, Robert A.; Youngblood, Robert

2017-05-01

The consideration of how one compromised digital equipment can impact neighboring equipment is critical to understanding the progression of cyber attacks. The degree of influence that one component may have on another depends on a variety of factors, including the sharing of resources such as network bandwidth or processing power, the level of trust between components, and the inclusion of segmentation devices such as firewalls. The interactions among components via mechanisms that are unique to the digital world are not usually considered in traditional PRA. This means potential sequences of events that may occur during an attack may be missed if one were to only look at conventional accident sequences. This paper presents a method where, starting from the initial attack vector, the progression of a cyber attack can be modeled. The propagation of the attack is modeled by considering certain attributes of the digital components in the system. These attributes determine the potential vulnerability of a component to a class of attack and the capability gained by the attackers once they are in control of the equipment. The use of attributes allows similar components (components with the same set of attributes) to be modeled in the same way, thereby reducing the computing resources required for analysis of large systems.

A New Unified Intrusion Anomaly Detection in Identifying Unseen Web Attacks

Directory of Open Access Journals (Sweden)

Muhammad Hilmi Kamarudin

2017-01-01

Full Text Available The global usage of more sophisticated web-based application systems is obviously growing very rapidly. Major usage includes the storing and transporting of sensitive data over the Internet. The growth has consequently opened up a serious need for more secured network and application security protection devices. Security experts normally equip their databases with a large number of signatures to help in the detection of known web-based threats. In reality, it is almost impossible to keep updating the database with the newly identified web vulnerabilities. As such, new attacks are invisible. This research presents a novel approach of Intrusion Detection System (IDS in detecting unknown attacks on web servers using the Unified Intrusion Anomaly Detection (UIAD approach. The unified approach consists of three components (preprocessing, statistical analysis, and classification. Initially, the process starts with the removal of irrelevant and redundant features using a novel hybrid feature selection method. Thereafter, the process continues with the application of a statistical approach to identifying traffic abnormality. We performed Relative Percentage Ratio (RPR coupled with Euclidean Distance Analysis (EDA and the Chebyshev Inequality Theorem (CIT to calculate the normality score and generate a finest threshold. Finally, Logitboost (LB is employed alongside Random Forest (RF as a weak classifier, with the aim of minimising the final false alarm rate. The experiment has demonstrated that our approach has successfully identified unknown attacks with greater than a 95% detection rate and less than a 1% false alarm rate for both the DARPA 1999 and the ISCX 2012 datasets.

Successive substitution one-leg hybrid P-stable LMM for initial value ...

African Journals Online (AJOL)

This paper derives P-stable successive substitution one-leg hybrid linear multistep methods for the numerical solution of second order initial value problems in ordinary differential equations without explicit first order derivative. The methods are demonstrated by a numerical example also considered by Fatunla, et al (1997) ...

Asynchronous Channel-Hopping Scheme under Jamming Attacks

Directory of Open Access Journals (Sweden)

Yongchul Kim

2018-01-01

Full Text Available Cognitive radio networks (CRNs are considered an attractive technology to mitigate inefficiency in the usage of licensed spectrum. CRNs allow the secondary users (SUs to access the unused licensed spectrum and use a blind rendezvous process to establish communication links between SUs. In particular, quorum-based channel-hopping (CH schemes have been studied recently to provide guaranteed blind rendezvous in decentralized CRNs without using global time synchronization. However, these schemes remain vulnerable to jamming attacks. In this paper, we first analyze the limitations of quorum-based rendezvous schemes called asynchronous channel hopping (ACH. Then, we introduce a novel sequence sensing jamming attack (SSJA model in which a sophisticated jammer can dramatically reduce the rendezvous success rates of ACH schemes. In addition, we propose a fast and robust asynchronous rendezvous scheme (FRARS that can significantly enhance robustness under jamming attacks. Our numerical results demonstrate that the performance of the proposed scheme vastly outperforms the ACH scheme when there are security concerns about a sequence sensing jammer.

Non-invasive ventilation in severe asthma attack, its possibilities and problems.

Science.gov (United States)

Murase, K; Tomii, K; Chin, K; Niimi, A; Ishihara, K; Mishima, M

2011-06-01

Asthma attack is characterized by episodic attacks of cough, dyspnea and wheeze occurring due to bronchoconstriction, airway hyperresponsiveness and mucous hypersecretion. Although nationwide clinical guidelines have been published to establish the standard care of asthma, choices in the treatment of fatal asthma attacks remain of clinical significance. Especially, in a severe asthma attack, despite the application of conventional medical treatment, respiratory management is critical. Even though non-invasive ventilation (NIV) has been shown to be effective in a wide variety of clinical settings, reports of NIV in asthmatic patients are scarce. According to a few prospective clinical trials reporting promising results in favour of the use of NIV in a severe asthma attack, a trial of NIV prior to invasive mechanical ventilation seems acceptable and may benefit patients by decreasing the need for intubation and by supporting pharmaceutical treatments. Although selecting the appropriate patients for NIV use is a key factor in successful NIV application, how to distinguish such patients is quite controversial. Larger high quality clinical trails are urgently required to confirm the benefits of NIV to patients with severe asthma attack. In this article, we focus on the body of evidence supporting the use of NIV in asthma attacks and discuss its advantages as well its problems.

Robustness of coevolution in resolving prisoner's dilemma games on interdependent networks subject to attack

Science.gov (United States)

Liu, Penghui; Liu, Jing

2017-08-01

Recently, coevolution between strategy and network structure has been established as a rule to resolve social dilemmas and reach optimal situations for cooperation. Many follow-up researches have focused on studying how coevolution helps networks reorganize to deter the defectors and many coevolution methods have been proposed. However, the robustness of the coevolution rules against attacks have not been studied much. Since attacks may directly influence the original evolutionary process of cooperation, the robustness should be an important index while evaluating the quality of a coevolution method. In this paper, we focus on investigating the robustness of an elementary coevolution method in resolving the prisoner's dilemma game upon the interdependent networks. Three different types of time-independent attacks, named as edge attacks, instigation attacks and node attacks have been employed to test its robustness. Through analyzing the simulation results obtained, we find this coevolution method is relatively robust against the edge attack and the node attack as it successfully maintains cooperation in the population over the entire attack range. However, when the instigation probability of the attacked individuals is large or the attack range of instigation attack is wide enough, coevolutionary rule finally fails in maintaining cooperation in the population.

Forensic Evidence Identification and Modeling for Attacks against a Simulated Online Business Information System

Directory of Open Access Journals (Sweden)

Manghui Tu

2012-12-01

Full Text Available Forensic readiness can support future forensics investigation or auditing on external/internal attacks, internal sabotage and espionage, and business frauds. To establish forensics readiness, it is essential for an organization to identify what evidences are relevant and where they can be found, to determine whether they are logged in a forensic sound way and whether all the needed evidences are available to reconstruct the events successfully.  Our goal of this research is to ensure evidence availability. First, both external and internal attacks are molded as augmented attack trees/graphs based on the system vulnerabilities. Second, modeled attacks are conducted against a honeynet simulating an online business information system, and each honeypot's hard drive is forensic sound imaged for each individual attack. Third, an evidence tree/graph will be built after forensics examination on the disk images for each attack. The evidence trees/graphs are expected to be used for automatic crime scene reconstruction and automatic attack/fraud detection in the future.

Impact modeling and prediction of attacks on cyber targets

Science.gov (United States)

Khalili, Aram; Michalk, Brian; Alford, Lee; Henney, Chris; Gilbert, Logan

2010-04-01

In most organizations, IT (information technology) infrastructure exists to support the organization's mission. The threat of cyber attacks poses risks to this mission. Current network security research focuses on the threat of cyber attacks to the organization's IT infrastructure; however, the risks to the overall mission are rarely analyzed or formalized. This connection of IT infrastructure to the organization's mission is often neglected or carried out ad-hoc. Our work bridges this gap and introduces analyses and formalisms to help organizations understand the mission risks they face from cyber attacks. Modeling an organization's mission vulnerability to cyber attacks requires a description of the IT infrastructure (network model), the organization mission (business model), and how the mission relies on IT resources (correlation model). With this information, proper analysis can show which cyber resources are of tactical importance in a cyber attack, i.e., controlling them enables a large range of cyber attacks. Such analysis also reveals which IT resources contribute most to the organization's mission, i.e., lack of control over them gravely affects the mission. These results can then be used to formulate IT security strategies and explore their trade-offs, which leads to better incident response. This paper presents our methodology for encoding IT infrastructure, organization mission and correlations, our analysis framework, as well as initial experimental results and conclusions.

A blind video watermarking scheme resistant to rotation and collusion attacks

Directory of Open Access Journals (Sweden)

Amlan Karmakar

2016-04-01

Full Text Available In this paper, Discrete Cosine Transform (DCT based blind video watermarking algorithm is proposed, which is perceptually invisible and robust against rotation and collusion attacks. To make the scheme resistant against rotation, watermark is embedded within the square blocks, placed on the middle position of every luminance channel. Then Zernike moments of those square blocks are calculated. The rotation invariance property of the Complex Zernike moments is exploited to predict the rotation angle of the video at the time of extraction of watermark bits. To make the scheme robust against collusion, design of the scheme is done in such a way that the embedding blocks will vary for the successive frames of the video. A Pseudo Random Number (PRN generator and a permutation vector are used to achieve the goal. The experimental results show that the scheme is robust against conventional video attacks, rotation attack and collusion attacks.

Weather, logging, and tree growth associated with fir engraver attack scars in white fir

Science.gov (United States)

George T. Ferrell

1973-01-01

The boles of 32 recently killed, and 41 living, white fir were examined for embedded fir engraver (Scolytus ventralis) attack scars. Of 287 scars found in annual rings for the years 1934-69, only 2 to 3 percent represented reproductively successful attacks. Trends in scar abundance were directly correlated with trends in white fir killed by ...

Depletion-of-Battery Attack: Specificity, Modelling and Analysis.

Science.gov (United States)

Shakhov, Vladimir; Koo, Insoo

2018-06-06

The emerging Internet of Things (IoT) has great potential; however, the societal costs of the IoT can outweigh its benefits. To unlock IoT potential, there needs to be improvement in the security of IoT applications. There are several standardization initiatives for sensor networks, which eventually converge with the Internet of Things. As sensor-based applications are deployed, security emerges as an essential requirement. One of the critical issues of wireless sensor technology is limited sensor resources, including sensor batteries. This creates a vulnerability to battery-exhausting attacks. Rapid exhaustion of sensor battery power is not only explained by intrusions, but can also be due to random failure of embedded sensor protocols. Thus, most wireless sensor applications, without tools to defend against rash battery exhausting, would be unable to function during prescribed times. In this paper, we consider a special type of threat, in which the harm is malicious depletion of sensor battery power. In contrast to the traditional denial-of-service attack, quality of service under the considered attack is not necessarily degraded. Moreover, the quality of service can increase up to the moment of the sensor set crashes. We argue that this is a distinguishing type of attack. Hence, the application of a traditional defense mechanism against this threat is not always possible. Therefore, effective methods should be developed to counter the threat. We first discuss the feasibility of rash depletion of battery power. Next, we propose a model for evaluation of energy consumption when under attack. Finally, a technique to counter the attack is discussed.

Cluster headache attack remission with sphenopalatine ganglion stimulation

DEFF Research Database (Denmark)

Barloese, Mads C J; Jürgens, Tim P; May, Arne

2016-01-01

collected at regular clinic visits. The time point “after remission” was defined as the first visit after the end of the remission period. Results: Thirty percent (10/33) of enrolled patients experienced at least one period of complete attack remission. All remission periods followed the start of SPG...... stimulation, with the first period beginning 134 ± 86 (range 21-272) days after initiation of stimulation. On average, each patient’s longest remission period lasted 149 ± 97 (range 62-322) days. The ability to treat acute attacks before and after remission was similar (37 % ± 25 % before, 49 % ± 32 % after...

REAL-TIME INTELLIGENT MULTILAYER ATTACK CLASSIFICATION SYSTEM

Directory of Open Access Journals (Sweden)

T. Subbhulakshmi

2014-01-01

Full Text Available Intrusion Detection Systems (IDS takes the lion’s share of the current security infrastructure. Detection of intrusions is vital for initiating the defensive procedures. Intrusion detection was done by statistical and distance based methods. A threshold value is used in these methods to indicate the level of normalcy. When the network traffic crosses the level of normalcy then above which it is flagged as anomalous. When there are occurrences of new intrusion events which are increasingly a key part of system security, the statistical techniques cannot detect them. To overcome this issue, learning techniques are used which helps in identifying new intrusion activities in a computer system. The objective of the proposed system designed in this paper is to classify the intrusions using an Intelligent Multi Layered Attack Classification System (IMLACS which helps in detecting and classifying the intrusions with improved classification accuracy. The intelligent multi layered approach contains three intelligent layers. The first layer involves Binary Support Vector Machine classification for detecting the normal and attack. The second layer involves neural network classification to classify the attacks into classes of attacks. The third layer involves fuzzy inference system to classify the attacks into various subclasses. The proposed IMLACS can be able to detect an intrusion behavior of the networks since the system contains a three intelligent layer classification and better set of rules. Feature selection is also used to improve the time of detection. The experimental results show that the IMLACS achieves the Classification Rate of 97.31%.

Intrusion detection in cloud computing based attack patterns and risk assessment

Directory of Open Access Journals (Sweden)

Ben Charhi Youssef

2017-05-01

Full Text Available This paper is an extension of work originally presented in SYSCO CONF.We extend our previous work by presenting the initial results of the implementation of intrusion detection based on risk assessment on cloud computing. The idea focuses on a novel approach for detecting cyber-attacks on the cloud environment by analyzing attacks pattern using risk assessment methodologies. The aim of our solution is to combine evidences obtained from Intrusion Detection Systems (IDS deployed in a cloud with risk assessment related to each attack pattern. Our approach presents a new qualitative solution for analyzing each symptom, indicator and vulnerability analyzing impact and likelihood of distributed and multi-steps attacks directed to cloud environments. The implementation of this approach will reduce the number of false alerts and will improve the performance of the IDS.

Crony Attack: Strategic Attack’s Silver Bullet

Science.gov (United States)

2006-11-01

physical assets or financial assets. The form of crony attack that most closely resembles classic strategic attack is to deny, degrade, or destroy a money...February 1951. Reprinted in Airpower Studies Coursebook , Air Command and Staff College, Maxwell AFB, AL, 2002, 152–58. Hirsch, Michael. “NATO’s Game of

Research Note on the Energy Infrastructure Attack Database (EIAD

Directory of Open Access Journals (Sweden)

Jennifer Giroux

2013-12-01

Full Text Available The January 2013 attack on the In Amenas natural gas facility drew international attention. However this attack is part of a portrait of energy infrastructure targeting by non-state actors that spans the globe. Data drawn from the Energy Infrastructure Attack Database (EIAD shows that in the last decade there were, on average, nearly 400 annual attacks carried out by armed non-state actors on energy infrastructure worldwide, a figure that was well under 200 prior to 1999. This data reveals a global picture whereby violent non-state actors target energy infrastructures to air grievances, communicate to governments, impact state economic interests, or capture revenue in the form of hijacking, kidnapping ransoms, theft. And, for politically motivated groups, such as those engaged in insurgencies, attacking industry assets garners media coverage serving as a facilitator for international attention. This research note will introduce EIAD and position its utility within various research areas where the targeting of energy infrastructure, or more broadly energy infrastructure vulnerability, has been addressed, either directly or indirectly. We also provide a snapshot of the initial analysis of the data between 1980-2011, noting specific temporal and spatial trends, and then conclude with a brief discussion on the contribution of EIAD, highlighting future research trajectories. 

Nonstructural carbohydrate dynamics of lodgepole pine dying from mountain pine beetle attack.

Science.gov (United States)

Wiley, Erin; Rogers, Bruce J; Hodgkinson, Robert; Landhäusser, Simon M

2016-01-01

Bark beetle outbreaks are an important cause of tree death, but the process by which trees die remains poorly understood. The effect of beetle attack on whole-tree nonstructural carbohydrate (NSC) dynamics is particularly unclear, despite the potential role of carbohydrates in plant defense and survival. We monitored NSC dynamics of all organs in attacked and protected lodgepole pines (Pinus contorta) during a mountain pine beetle (Dendroctonus ponderosae) outbreak in British Columbia, starting before beetle flight in June 2011 through October 2012, when most attacked trees had died. Following attack, NSC concentrations were first reduced in the attacked region of the bole. The first NSC reduction in a distant organ appeared in the needles at the end of 2011, while branch and root NSC did not decline until much later in 2012. Attacked trees that were still alive in October 2012 had less beetle damage, which was negatively correlated with initial bark sugar concentrations in the attack region. The NSC dynamics of dying trees indicate that trees were killed by a loss of water conduction and not girdling. Further, our results identify locally reduced carbohydrate availability as an important mechanism by which stressors like drought may increase tree susceptibility to biotic attack. © 2015 The Authors. New Phytologist © 2015 New Phytologist Trust.

Defense of Cyber Infrastructures Against Cyber-Physical Attacks Using Game-Theoretic Models.

Science.gov (United States)

Rao, Nageswara S V; Poole, Stephen W; Ma, Chris Y T; He, Fei; Zhuang, Jun; Yau, David K Y

2016-04-01

The operation of cyber infrastructures relies on both cyber and physical components, which are subject to incidental and intentional degradations of different kinds. Within the context of network and computing infrastructures, we study the strategic interactions between an attacker and a defender using game-theoretic models that take into account both cyber and physical components. The attacker and defender optimize their individual utilities, expressed as sums of cost and system terms. First, we consider a Boolean attack-defense model, wherein the cyber and physical subinfrastructures may be attacked and reinforced as individual units. Second, we consider a component attack-defense model wherein their components may be attacked and defended, and the infrastructure requires minimum numbers of both to function. We show that the Nash equilibrium under uniform costs in both cases is computable in polynomial time, and it provides high-level deterministic conditions for the infrastructure survival. When probabilities of successful attack and defense, and of incidental failures, are incorporated into the models, the results favor the attacker but otherwise remain qualitatively similar. This approach has been motivated and validated by our experiences with UltraScience Net infrastructure, which was built to support high-performance network experiments. The analytical results, however, are more general, and we apply them to simplified models of cloud and high-performance computing infrastructures. © 2015 Society for Risk Analysis.

Rising from failure and learning from success: The role of past experience in radical initiative taking

NARCIS (Netherlands)

D. Deichmann (Dirk); J.C.M. van den Ende (Jan)

2014-01-01

markdownabstract__Abstract__ We investigate how the successes and failures of people who initiate radical ideas influence (a) the inclination to take new personal initiatives and (b) the outcome of those initiatives. Using the data of 1,792 radical ideas suggested by 908 employees in a

Post-attack aposematic display in prey facilitates predator avoidance learning

Directory of Open Access Journals (Sweden)

Changku eKang

2016-04-01

Full Text Available Warning signals protect unpalatable prey from predation because predators who learn the association between the warning signal and prey unprofitability decrease attacks on the prey. Most of the research have focused on visual aposematic signals that are constantly presented and visible to the predators. But a variety of chemically defended insects are rather cryptic when resting, and only in response to predator attacks (post-attack they perform displays of conspicuous abdomens or hindwings normally hidden under forewings. The function of those displays in unpalatable insects is not well understood. We examined two adaptive hypotheses on this facultative aposematic display using wild-caught oriental tits (Parus minor as predators. First, we tested whether the display increases the rejection of the prey by predators upon seeing the display (i.e. at the moment of attack through learning trials (aposematic signaling hypothesis. Second, we tested whether the display facilitates the memory formation between cryptic visible form of the prey and prey defense so that it prevents the predators initiate an attack upon seeing the cryptic form (facilitation hypothesis. We found that predators learned to avoid attacking the prey which supports the facilitation hypothesis. However, the support for the aposematic signaling hypothesis was equivocal. Our results open new directions of research by highlighting the possibility that similar facilitation effects may contribute to the evolution of various forms of post-attack visual displays in chemically, or otherwise, defended animals.

A Strategic Analysis of Information Sharing Among Cyber Attackers

Directory of Open Access Journals (Sweden)

Kjell Hausken

2015-10-01

Full Text Available We build a game theory model where the market design is such that one firm invests in security to defend against cyber attacks by two hackers. The firm has an asset, which is allocated between the three market participants dependent on their contest success. Each hacker chooses an optimal attack, and they share information with each other about the firm’s vulnerabilities. Each hacker prefers to receive information, but delivering information gives competitive advantage to the other hacker. We find that each hacker’s attack and information sharing are strategic complements while one hacker’s attack and the other hacker’s information sharing are strategic substitutes. As the firm’s unit defense cost increases, the attack is inverse U-shaped and reaches zero, while the firm’s defense and profit decrease, and the hackers’ information sharing and profit increase. The firm’s profit increases in the hackers’ unit cost of attack, while the hackers’ information sharing and profit decrease. Our analysis also reveals the interesting result that the cumulative attack level of the hackers is not affected by the effectiveness of information sharing between them and moreover, is also unaffected by the intensity of joint information sharing. We also find that as the effectiveness of information sharing between hackers increases relative to the investment in attack, the firm’s investment in cyber security defense and profit are constant, the hackers’ investments in attacks decrease, and information sharing levels and hacker profits increase. In contrast, as the intensity of joint information sharing increases, while the firm’s investment in cyber security defense and profit remain constant, the hackers’ investments in attacks increase, and the hackers’ information sharing levels and profits decrease. Increasing the firm’s asset causes all the variables to increase linearly, except information sharing which is constant. We extend

Roles High School Principals Play in Establishing a Successful Character Education Initiative

Science.gov (United States)

Francom, Jacob A.

2016-01-01

Principal leadership is crucial to the success of a high school character education initiative. The purpose of this qualitative grounded theory research was to identify the roles that high school principals play in developing, implementing, and sustaining a high functioning character education program. Data were collected through interviews and…

A study on the mechanism of speculative attack and the defence strategy of the central bank.

Directory of Open Access Journals (Sweden)

Chang-Hyun Yun

1999-09-01

Full Text Available We first analyze the concrete mechanism of speculative attack on the foreign exchange market which became very prevalent phenomena during the foreign exchange crisis. When the central bank of the domestic country tries to defend the attack by increasing the interest rate, some problems can arise in that the speculative attacks through foreign exchange options market and/or index futures markets can be very successful due to that policy. So the central bank should pay much attention to the microstructure of the financial markets when the defence strategy against speculative attack is determined.

Depletion-of-Battery Attack: Specificity, Modelling and Analysis

Directory of Open Access Journals (Sweden)

Vladimir Shakhov

2018-06-01

Full Text Available The emerging Internet of Things (IoT has great potential; however, the societal costs of the IoT can outweigh its benefits. To unlock IoT potential, there needs to be improvement in the security of IoT applications. There are several standardization initiatives for sensor networks, which eventually converge with the Internet of Things. As sensor-based applications are deployed, security emerges as an essential requirement. One of the critical issues of wireless sensor technology is limited sensor resources, including sensor batteries. This creates a vulnerability to battery-exhausting attacks. Rapid exhaustion of sensor battery power is not only explained by intrusions, but can also be due to random failure of embedded sensor protocols. Thus, most wireless sensor applications, without tools to defend against rash battery exhausting, would be unable to function during prescribed times. In this paper, we consider a special type of threat, in which the harm is malicious depletion of sensor battery power. In contrast to the traditional denial-of-service attack, quality of service under the considered attack is not necessarily degraded. Moreover, the quality of service can increase up to the moment of the sensor set crashes. We argue that this is a distinguishing type of attack. Hence, the application of a traditional defense mechanism against this threat is not always possible. Therefore, effective methods should be developed to counter the threat. We first discuss the feasibility of rash depletion of battery power. Next, we propose a model for evaluation of energy consumption when under attack. Finally, a technique to counter the attack is discussed.

Predation by the Dwarf Seahorse on Copepods: Quantifying Motion and Flows Using 3D High Speed Digital Holographic Cinematography - When Seahorses Attack!

Science.gov (United States)

Gemmell, Brad; Sheng, Jian; Buskey, Ed

2008-11-01

Copepods are an important planktonic food source for most of the world's fish species. This high predation pressure has led copepods to evolve an extremely effective escape response, with reaction times to hydrodynamic disturbances of less than 4 ms and escape speeds of over 500 body lengths per second. Using 3D high speed digital holographic cinematography (up to 2000 frames per second) we elucidate the role of entrainment flow fields generated by a natural visual predator, the dwarf seahorse (Hippocampus zosterae) during attacks on its prey, Acartia tonsa. Using phytoplankton as a tracer, we recorded and reconstructed 3D flow fields around the head of the seahorse and its prey during both successful and unsuccessful attacks to better understand how some attacks lead to capture with little or no detection from the copepod while others result in failed attacks. Attacks start with a slow approach to minimize the hydro-mechanical disturbance which is used by copepods to detect the approach of a potential predator. Successful attacks result in the seahorse using its pipette-like mouth to create suction faster than the copepod's response latency. As these characteristic scales of entrainment increase, a successful escape becomes more likely.

Rising from failure and learning from success: the role of past experience in radical initiative taking

NARCIS (Netherlands)

Deichmann, D.; van den Ende, J..

2014-01-01

We investigate how the successes and failures of people who initiate radical ideas influence (a) the inclination to take new personal initiatives and (b) the outcome of those initiatives. Using the data of 1,792 radical ideas suggested by 908 employees in a multinational firm's idea and innovation

Multiple cyber attacks against a target with observation errors and dependent outcomes: Characterization and optimization

International Nuclear Information System (INIS)

Hu, Xiaoxiao; Xu, Maochao; Xu, Shouhuai; Zhao, Peng

2017-01-01

In this paper we investigate a cybersecurity model: An attacker can launch multiple attacks against a target with a termination strategy that says that the attacker will stop after observing a number of successful attacks or when the attacker is out of attack resources. However, the attacker's observation of the attack outcomes (i.e., random variables indicating whether the target is compromised or not) has an observation error that is specified by both a false-negative and a false-positive probability. The novelty of the model we study is the accommodation of the dependence between the attack outcomes, because the dependence was assumed away in the literature. In this model, we characterize the monotonicity and bounds of the compromise probability (i.e., the probability that the target is compromised). In addition to extensively showing the impact of dependence on quantities such as compromise probability and attack cost, we give methods for finding the optimal strategy that leads to maximum compromise probability or minimum attack cost. This study highlights that the dependence between random variables cannot be assumed away, because the results will be misleading. - Highlights: • A novel cybersecurity model is proposed to accommodate the dependence among attack outcomes. • The monotonicity and bounds of the compromise probability are studied. • The dependence effect on the compromise probability and attack cost is discussed via simulation. • The optimal strategy that leads to maximum compromise probability or minimum attack cost is presented.

Heart Attack Recovery FAQs

Science.gov (United States)

... recommendations to make a full recovery. View an animation of a heart attack . Heart Attack Recovery Questions ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

Gray Matter Is Targeted in First-Attack Multiple Sclerosis

Energy Technology Data Exchange (ETDEWEB)

Schutzer, Steven E.; Angel, Thomas E.; Liu, Tao; Schepmoes, Athena A.; Xie, Fang; Bergquist, Jonas P.; Vecsei, Lazlo' ; Zadori, Denes; Camp, David G.; Holland, Bart K.; Smith, Richard D.; Coyle, Patricia K.

2013-09-10

The cause of multiple sclerosis (MS), its driving pathogenesis at the earliest stages, and what factors allow the first clinical attack to manifest remain unknown. Some imaging studies suggest gray rather than white matter may be involved early, and some postulate this may be predictive of developing MS. Other imaging studies are in conflict. To determine if there was objective molecular evidence of gray matter involvement in early MS we used high-resolution mass spectrometry to identify proteins in the cerebrospinal fluid (CSF) of first-attack MS patients (two independent groups) compared to established relapsing remitting (RR) MS and controls. We found that the CSF proteins in first-attack patients were differentially enriched for gray matter components (axon, neuron, synapse). Myelin components did not distinguish these groups. The results support that gray matter dysfunction is involved early in MS, and also may be integral for the initial clinical presentation.

Two fatal tiger attacks in zoos.

Science.gov (United States)

Tantius, Britta; Wittschieber, Daniel; Schmidt, Sven; Rothschild, Markus A; Banaschak, Sibylle

2016-01-01

Two captive tiger attacks are presented that took place in Cologne and Münster zoos. Both attacks occurred when the handlers, intent on cleaning the enclosures, entered whilst the tigers accidently retained access to the location, and thus defended their territory against the perceived intruders. Both victims suffered fatal neck injuries from the bites. At Münster, colleagues managed to lure the tiger away from its victim to enable treatment, whilst the Cologne zoo tiger had to be shot in order to allow access to be gained. Whilst it was judged that human error led to the deaths of the experienced zookeepers, the investigation in Münster was closed as no third party was found to be at fault, whereas the Cologne zoo director was initially charged with being negligent. These charges were subsequently dismissed as safety regulations were found to be up to date.

Induction of cellular accessibility and inaccessibility and suppression and potentiation of cell death in oat attacked by ¤Blumeria graminis¤ f.sp. ¤avenae¤

DEFF Research Database (Denmark)

Carver, T.L.W.; Lyngkjær, M.F.; Neyron, L.

1999-01-01

graminis DC.). Successful penetration and haustorium formation by the inducer rendered living epidermal cells highly accessible to later challenge attack as judged by increased frequency of challenge penetration success compared to controls. Conversely, where failure of inducer attack on living epidermal......First-formed (seedling) and later-formed leaves of oat cvs Selma (susceptible) and Maldwyn (adult plant resistance under complex genetic control) were subjected to a double inoculation procedure ('inducer' followed by 'challenger') with conidia of Blumeria graminis (DC.) Speer (Syn. Erysiphe......, suggesting that induced changes in (in)accessibility may be a common consequence of B. graminis attack in cereals. As expected, in Maldwyn, cell death was a consistent but infrequent response to attack (5-20%, of attacks caused cell death in controls). Here, the successful formation of an inducer haustorium...

SDN-based path hopping communication against eavesdropping attack

Science.gov (United States)

Zhang, Chuanhao; Bu, Youjun; Zhao, Zheng

2016-10-01

Network eavesdropping is one of the most popular means used by cyber attackers, which has been a severe threat to network communication security. Adversaries could capture and analyze network communication data from network nodes or links, monitor network status and steal sensitive data such as username and password etc. Traditional network usually uses static network configuration, and existing defense methods, including firewall, IDS, IPS etc., cannot prevent eavesdropping, which has no distinguishing characteristic. Network eavesdropping become silent during most of the time of the attacking process, which is why it is difficult to discover and to defend. But A successful eavesdropping attack also has its' precondition, which is the target path should be relatively stable and has enough time of duration. So, In order to resolve this problem, it has to work on the network architecture. In this paper, a path hopping communication(PHC) mechanism based on Software Define Network (SDN) was proposed to solve this problem. In PHC, Ends in communication packets as well as the routing paths were changed dynamically. Therefore, the traffic would be distributed to multiple flows and transmitted along different paths. so that Network eavesdropping attack could be prevented effectively. It was concluded that PHC was able to increase the overhead of Network eavesdropping, as well as the difficulty of communication data recovery.

Seven Deadliest Wireless Technologies Attacks

CERN Document Server

Haines, Brad

2010-01-01

How can an information security professional keep up with all of the hacks, attacks, and exploits? One way to find out what the worst of the worst are is to read the seven books in our Seven Deadliest Attacks Series. Not only do we let you in on the anatomy of these attacks but we also tell you how to get rid of them and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve. Attacks featured in this book include:Bluetooth AttacksCredit Card, Access Card, and Passport AttacksBad Encryption

The RAS Initiative

Science.gov (United States)

NCI established the RAS Initiative to explore innovative approaches for attacking the proteins encoded by mutant forms of RAS genes and to ultimately create effective, new therapies for RAS-related cancers.

An efficient algorithm for the detection of exposed and hidden wormhole attack

International Nuclear Information System (INIS)

Khan, Z.A.; Rehman, S.U.; Islam, M.H.

2016-01-01

MANETs (Mobile Ad Hoc Networks) are slowly integrating into our everyday lives, their most prominent uses are visible in the disaster and war struck areas where physical infrastructure is almost impossible or very hard to build. MANETs like other networks are facing the threat of malicious users and their activities. A number of attacks have been identified but the most severe of them is the wormhole attack which has the ability to succeed even in case of encrypted traffic and secure networks. Once wormhole is launched successfully, the severity increases by the fact that attackers can launch other attacks too. This paper presents a comprehensive algorithm for the detection of exposed as well as hidden wormhole attack while keeping the detection rate to maximum and at the same reducing false alarms. The algorithm does not require any extra hardware, time synchronization or any special type of nodes. The architecture consists of the combination of Routing Table, RTT (Round Trip Time) and RSSI (Received Signal Strength Indicator) for comprehensive detection of wormhole attack. The proposed technique is robust, light weight, has low resource requirements and provides real-time detection against the wormhole attack. Simulation results show that the algorithm is able to provide a higher detection rate, packet delivery ratio, negligible false alarms and is also better in terms of Ease of Implementation, Detection Accuracy/ Speed and processing overhead. (author)

Blocking of Brute Force Attack

OpenAIRE

M.Venkata Krishna Reddy

2012-01-01

A common threat Web developers face is a password-guessing attack known as a brute-force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. If your Web site requires user authentication, you are a good target for a brute-force attack. An attacker can always discover a password through a brute-force attack, but the downside is that it co...

A thermodynamic model for the attack behaviour in stainless steel clad oxide fuel pins

International Nuclear Information System (INIS)

Goetzmann, O.

1979-01-01

So far, post irradiation examination of burnt fuel pins has not revealed a clear cut picture of the cladding attack situation. For seemingly same conditions sometimes attack occurs, sometimes not. This model tries to depict the reaction possibilities along the inner cladding wall on the basis of thermodynamic facts in the fuel pin. It shows how the thermodynamic driving force for attack changes along the fuel column, and with different initial and operational conditions. Two criteria for attack are postulated: attack as a result of the direct reaction of reactive elements with cladding components; and attack as a result of the action of a special agent (CsOH). In defining a reaction potenial the oxygen potential, the temperature conditions (cladding temperature and fuel surface temperature), and the fission products are involved. For the determination of the oxygen potential at the cladding, three models for the redistribution of oxygen across the fuel/clad gap are offered. The effect of various parameters, like rod power, gap conductance, oxygen potential, inner wall temperature, on the thermodynamic potential for attack is analysed. (Auth.)

Solidarity under Attack

DEFF Research Database (Denmark)

Meret, Susi; Goffredo, Sergio

2017-01-01

https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack......https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack...

Attack surfaces

DEFF Research Database (Denmark)

Gruschka, Nils; Jensen, Meiko

2010-01-01

The new paradigm of cloud computing poses severe security risks to its adopters. In order to cope with these risks, appropriate taxonomies and classification criteria for attacks on cloud computing are required. In this work-in-progress paper we present one such taxonomy based on the notion...... of attack surfaces of the cloud computing scenario participants....

An Approach for Assessing Consequences of Potential Supply Chain and Insider Contributed Cyber Attacks on Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Chu, Tsong L.

2016-11-06

The Stuxnet attack at the Natanz facility is an example of a targeted and successful cyber attack on a nuclear facility. Snowden's release of National Security Agency documents demonstrated the consequences of the insider threat. More recently, the United States tried to attack North Korea but failed, South Korea was attempting to attack North Korea, and both applied Stuxnet-like approaches. These sophisticated targeted attacks differ from web-site hacking events that are reported almost daily in the news mainly because targeted attacks require detailed design and operation information of the systems attacked and/or are often carried out by insiders. For instance, in order to minimize disruption of facilities around the world, Stuxnet remained idle until it recognized the specific configuration of the Natanz facility, demonstrating that the attackers possessed extremely detailed information about the facility. Such targeted cyber attacks could become a national-level military weapon and be used in coercion of hostile countries.

DMP: Detouring Using Multiple Paths against Jamming Attack for Ubiquitous Networking System

Directory of Open Access Journals (Sweden)

Mihui Kim

2010-04-01

Full Text Available To successfully realize the ubiquitous network environment including home automation or industrial control systems, it is important to be able to resist a jamming attack. This has recently been considered as an extremely threatening attack because it can collapse the entire network, despite the existence of basic security protocols such as encryption and authentication. In this paper, we present a method of jamming attack tolerant routing using multiple paths based on zones. The proposed scheme divides the network into zones, and manages the candidate forward nodes of neighbor zones. After detecting an attack, detour nodes decide zones for rerouting, and detour packets destined for victim nodes through forward nodes in the decided zones. Simulation results show that our scheme increases the PDR (Packet Delivery Ratio and decreases the delay significantly in comparison with rerouting by a general routing protocol on sensor networks, AODV (Ad hoc On Demand Distance Vector, and a conventional JAM (Jammed Area Mapping service with one reroute.

DMP: detouring using multiple paths against jamming attack for ubiquitous networking system.

Science.gov (United States)

Kim, Mihui; Chae, Kijoon

2010-01-01

To successfully realize the ubiquitous network environment including home automation or industrial control systems, it is important to be able to resist a jamming attack. This has recently been considered as an extremely threatening attack because it can collapse the entire network, despite the existence of basic security protocols such as encryption and authentication. In this paper, we present a method of jamming attack tolerant routing using multiple paths based on zones. The proposed scheme divides the network into zones, and manages the candidate forward nodes of neighbor zones. After detecting an attack, detour nodes decide zones for rerouting, and detour packets destined for victim nodes through forward nodes in the decided zones. Simulation results show that our scheme increases the PDR (Packet Delivery Ratio) and decreases the delay significantly in comparison with rerouting by a general routing protocol on sensor networks, AODV (Ad hoc On Demand Distance Vector), and a conventional JAM (Jammed Area Mapping) service with one reroute.

A Study on the VHCF Fatigue Behaviors of Hydrogen Attacked Inconel 718 Alloy

Energy Technology Data Exchange (ETDEWEB)

Suh, Chang-Min [Kyungpook National Univ., DMI Senior Fellow, Daegu (Korea, Republic of); Nahm, Seung-Hoon [Korea Research Institute of Standards and Science, Daejeon (Korea, Republic of); Kim, Jun-Hyong; Pyun, Young-Sik [Sun Moon Univ., Chunan (Korea, Republic of)

2016-07-15

This study is to investigate the influence of hydrogen attack and UNSM on fatigue behaviors of the Inconel 718 alloy. The decrease of the fatigue life between the untreated and the hydrogen attacked material is 10-20%. The fatigue lives of hydrogen attacked specimen decreased without a fatigue limit, similar to those of nonferrous materials. Due to hydrogen embrittlement, about 80% of the surface cracks were smaller than the average grain size of 13 μm. Many small surface cracks caused by the embrittling effect of hydrogen attack were initiated at the grain boundaries and surface scratches. Cracks were irregularly distributed, grew, and then coalesced through tearing, leading to a reduction of fatigue life. Results revealed that the fatigue lives of UNSM-treated specimens were longer than those of the untreated specimens.

ROBUSTNESS OF THE SECRET MESSAGE IN STEGO FILE AGAINST FLIP AND ROTATION ATTACK

Directory of Open Access Journals (Sweden)

Stanimir Zhelezov

2017-06-01

Full Text Available This paper provides an algorithm to achieve robustness with the extraction of the secret message from a Stego file after an applied attack from the fl ip, rotate type, or any random combination thereof. The LSB method is at the base of the algorithm, which is applied with a column modification when reading the matrix of pixels. Ratios are used, such as PSNR and embedding efficiency. To assess the results histogram and steganalytic analyses are applied as well. It is experimentally proved that the proposed method can be successfully applied to extract the secret message with these attacks, even if an LSB Inversion attack is attached to the file as well.

Preoperative short hookwire placement for small pulmonary lesions: evaluation of technical success and risk factors for initial placement failure.

Science.gov (United States)

Iguchi, Toshihiro; Hiraki, Takao; Matsui, Yusuke; Fujiwara, Hiroyasu; Masaoka, Yoshihisa; Tanaka, Takashi; Sato, Takuya; Gobara, Hideo; Toyooka, Shinichi; Kanazawa, Susumu

2018-05-01

To retrospectively evaluate the technical success of computed tomography fluoroscopy-guided short hookwire placement before video-assisted thoracoscopic surgery and to identify the risk factors for initial placement failure. In total, 401 short hookwire placements for 401 lesions (mean diameter 9.3 mm) were reviewed. Technical success was defined as correct positioning of the hookwire. Possible risk factors for initial placement failure (i.e., requirement for placement of an additional hookwire or to abort the attempt) were evaluated using logistic regression analysis for all procedures, and for procedures performed via the conventional route separately. Of the 401 initial placements, 383 were successful and 18 failed. Short hookwires were finally placed for 399 of 401 lesions (99.5%). Univariate logistic regression analyses revealed that in all 401 procedures only the transfissural approach was a significant independent predictor of initial placement failure (odds ratio, OR, 15.326; 95% confidence interval, CI, 5.429-43.267; p < 0.001) and for the 374 procedures performed via the conventional route only lesion size was a significant independent predictor of failure (OR 0.793, 95% CI 0.631-0.996; p = 0.046). The technical success of preoperative short hookwire placement was extremely high. The transfissural approach was a predictor initial placement failure for all procedures and small lesion size was a predictor of initial placement failure for procedures performed via the conventional route. • Technical success of preoperative short hookwire placement was extremely high. • The transfissural approach was a significant independent predictor of initial placement failure for all procedures. • Small lesion size was a significant independent predictor of initial placement failure for procedures performed via the conventional route.

Resolving the paradox for protein aggregation diseases: a common mechanism for aggregated proteins to initially attack membranes without needing aggregates [v1; ref status: indexed, http://f1000r.es/221

Directory of Open Access Journals (Sweden)

Haina Qin

2013-10-01

Full Text Available Paradoxically, aggregation of specific proteins is characteristic of many human diseases and aging, yet aggregates have been found to be unnecessary for initiating pathogenesis. Here we determined the NMR topology and dynamics of a helical mutant in a membrane environment transformed from the 125-residue cytosolic all-β MSP by the ALS-causing P56S mutation. Unexpectedly, despite its low hydrophobicity, the P56S major sperm protein (MSP domain becomes largely embedded in the membrane environment with high backbone rigidity. Furthermore it is composed of five helices with amphiphilicity comparable to those of the partly-soluble membrane toxin mellitin and α-synuclein causing Parkinson's disease. Consequently, the mechanism underlying this chameleon transformation becomes clear: by disrupting the specific tertiary interaction network stabilizing the native all-β MSP fold to release previously-locked amphiphilic segments, the P56S mutation acts to convert the classic MSP fold into a membrane-active protein that is fundamentally indistinguishable from mellitin and α-synuclein which are disordered in aqueous solution but spontaneously partition into membrane interfaces driven by hydrogen-bond energetics gained from forming α-helix in the membrane environments. As segments with high amphiphilicity exist in all proteins, our study successfully resolves the paradox by deciphering that the proteins with a higher tendency to aggregate have a stronger potential to partition into membranes through the same mechanism as α-synuclein to initially attack membranes to trigger pathogenesis without needing aggregates. This might represent the common first step for various kinds of aggregated proteins to trigger familiar, sporadic and aging diseases. Therefore the homeostasis of aggregated proteins in vivo is the central factor responsible for a variety of human diseases including aging. The number and degree of the membrane attacks by aggregated proteins may

Seven Deadliest Microsoft Attacks

CERN Document Server

Kraus, Rob; Borkin, Mike; Alpern, Naomi

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting Microsoft products? Then you need Seven Deadliest Microsoft Attacks. This book pinpoints the most dangerous hacks and exploits specific to Microsoft applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Windows Operating System-Password AttacksActive Directory-Escalat

Patent foramen ovale and migraine attacks: a systematic review.

Science.gov (United States)

Lip, Philomena Z Y; Lip, Gregory Y H

2014-05-01

Migraine headache and the presence of a patent foramen ovale have been associated with each other, although the precise pathophysiological mechanism(s) are uncertain. The purpose of this systematic review was to identify the extent of patent foramen ovale prevalence in migraineurs and to determine whether closure of a patent foramen ovale would improve migraine headache. An electronic literature search was performed to select studies between January 1980 and February 2013 that were relevant to the prevalence of patent foramen ovale and migraine, and the effects of intervention(s) on migraine attacks. Of the initial 368 articles presented by the initial search, 20 satisfied the inclusion criteria assessing patent foramen ovale prevalence in migraineurs and 21 presented data on patent foramen ovale closure. In case series and cohort studies, patent foramen ovale prevalence in migraineurs ranged from 14.6% to 66.5%. Case-control studies reported a prevalence ranging from 16.0% to 25.7% in controls, compared with 26.8% to 96.0% for migraine with aura. The extent of improvement or resolution of migraine headache attack symptoms was variable. In case series, intervention ameliorated migraine headache attack in 13.6% to 92.3% of cases. One single randomized trial did not show any benefit from patent foramen ovale closure. The data overall do not exclude the possibility of a placebo effect for resolving migraine following patent foramen ovale closure. This systematic review demonstrates firstly that migraine headache attack is associated with a higher prevalence of patent foramen ovale than among the general population. Observational data suggest that some improvement of migraine would be observed if the patent foramen ovale were to be closed. A proper assessment of any interventions for patent foramen ovale closure would require further large randomized trials to be conducted given uncertainties from existing trial data. Copyright © 2014 Elsevier Inc. All rights reserved.

Higher Order Differential Attack on 6-Round MISTY1

Science.gov (United States)

Tsunoo, Yukiyasu; Saito, Teruo; Nakashima, Hiroki; Shigeri, Maki

MISTY1 is a 64-bit block cipher that has provable security against differential and linear cryptanalysis. MISTY1 is one of the algorithms selected in the European NESSIE project, and it has been recommended for Japanese e-Government ciphers by the CRYPTREC project. This paper reports a previously unknown higher order differential characteristic of 4-round MISTY1 with the FL functions. It also shows that a higher order differential attack that utilizes this newly discovered characteristic is successful against 6-round MISTY1 with the FL functions. This attack can recover a partial subkey with a data complexity of 253.7 and a computational complexity of 264.4, which is better than any previous cryptanalysis of MISTY1.

A systematic review of re-identification attacks on health data.

Science.gov (United States)

El Emam, Khaled; Jonker, Elizabeth; Arbuckle, Luk; Malin, Bradley

2011-01-01

Privacy legislation in most jurisdictions allows the disclosure of health data for secondary purposes without patient consent if it is de-identified. Some recent articles in the medical, legal, and computer science literature have argued that de-identification methods do not provide sufficient protection because they are easy to reverse. Should this be the case, it would have significant and important implications on how health information is disclosed, including: (a) potentially limiting its availability for secondary purposes such as research, and (b) resulting in more identifiable health information being disclosed. Our objectives in this systematic review were to: (a) characterize known re-identification attacks on health data and contrast that to re-identification attacks on other kinds of data, (b) compute the overall proportion of records that have been correctly re-identified in these attacks, and (c) assess whether these demonstrate weaknesses in current de-identification methods. Searches were conducted in IEEE Xplore, ACM Digital Library, and PubMed. After screening, fourteen eligible articles representing distinct attacks were identified. On average, approximately a quarter of the records were re-identified across all studies (0.26 with 95% CI 0.046-0.478) and 0.34 for attacks on health data (95% CI 0-0.744). There was considerable uncertainty around the proportions as evidenced by the wide confidence intervals, and the mean proportion of records re-identified was sensitive to unpublished studies. Two of fourteen attacks were performed with data that was de-identified using existing standards. Only one of these attacks was on health data, which resulted in a success rate of 0.00013. The current evidence shows a high re-identification rate but is dominated by small-scale studies on data that was not de-identified according to existing standards. This evidence is insufficient to draw conclusions about the efficacy of de-identification methods.

A systematic review of re-identification attacks on health data.

Directory of Open Access Journals (Sweden)

Khaled El Emam

Full Text Available Privacy legislation in most jurisdictions allows the disclosure of health data for secondary purposes without patient consent if it is de-identified. Some recent articles in the medical, legal, and computer science literature have argued that de-identification methods do not provide sufficient protection because they are easy to reverse. Should this be the case, it would have significant and important implications on how health information is disclosed, including: (a potentially limiting its availability for secondary purposes such as research, and (b resulting in more identifiable health information being disclosed. Our objectives in this systematic review were to: (a characterize known re-identification attacks on health data and contrast that to re-identification attacks on other kinds of data, (b compute the overall proportion of records that have been correctly re-identified in these attacks, and (c assess whether these demonstrate weaknesses in current de-identification methods.Searches were conducted in IEEE Xplore, ACM Digital Library, and PubMed. After screening, fourteen eligible articles representing distinct attacks were identified. On average, approximately a quarter of the records were re-identified across all studies (0.26 with 95% CI 0.046-0.478 and 0.34 for attacks on health data (95% CI 0-0.744. There was considerable uncertainty around the proportions as evidenced by the wide confidence intervals, and the mean proportion of records re-identified was sensitive to unpublished studies. Two of fourteen attacks were performed with data that was de-identified using existing standards. Only one of these attacks was on health data, which resulted in a success rate of 0.00013.The current evidence shows a high re-identification rate but is dominated by small-scale studies on data that was not de-identified according to existing standards. This evidence is insufficient to draw conclusions about the efficacy of de-identification methods.

Whispering through DDoS attack

OpenAIRE

Miralem Mehic; Jiri Slachta; Miroslav Voznak

2016-01-01

Denial of service (DoS) attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS) attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes o...

Testing Dialog-Verification of SIP Phones with Single-Message Denial-of-Service Attacks

Science.gov (United States)

Seedorf, Jan; Beckers, Kristian; Huici, Felipe

The Session Initiation Protocol (SIP) is widely used for signaling in multimedia communications. However, many SIP implementations are still in their infancy and vulnerable to malicious messages. We investigate flaws in the SIP implementations of eight phones, showing that the deficient verification of SIP dialogs further aggravates the problem by making it easier for attacks to succeed. Our results show that the majority of the phones we tested are susceptible to these attacks.

Attacks of the soccer teams participating in the champions league and the Serbian super liga

Directory of Open Access Journals (Sweden)

Janković Aleksandar

2016-01-01

Full Text Available The area of tactics in soccer game is of particular importance for modern soccer development. The analysis and improvement of spatio-temporal indicators as well as the game principles related to tactics may be crucial to the achievement of competitive results. This study is aimed at comparing tactical manifestations of the teams competing in the top quality European club competition, the Champions League, and the best Serbian soccer championship by analyzing competitive activity. The results of the conducted research were obtained by observing an overall of 20 randomly selected matches, 10 of the Champions League (CL and 10 of the Serbian Super Liga (SSL, which is a sufficient number of matches for making conclusions about the competitions respectively. In the previously designed observing protocol, using a method of notation, we analyzed all the attacks completed by shooting at the opponent's goal. The structure of successfully realized attacks was assessed on the basis of: accuracy, types of realized offensive actions; area of starting the action, manner of realization of passes completed (assists and distance from the goal from which a shot on goal was executed. The study showed that there are certain common characteristics, but also there are differences in the structure of successfully realized attacks between the two analyzed competitions. The teams of the CL competition had significantly greater number of effective attacks per match (p = 0. 006, they realized their offensive activities with slightly greater number of players (p = 0.002 and number of passes (p = 0.000, whereas there are no significant differences in the area of starting successful attacks, the manner of realization of assists and distance from which shots on goal were executed. The study results may define certain guidelines in training technology when preparing the teams of the SSL competition for taking part in the European soccer cups.

Protecting Cryptographic Memory against Tampering Attack

DEFF Research Database (Denmark)

Mukherjee, Pratyay

In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks. In prac......In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks....... In practice such attacks can be executed easily, e.g. by heating the device, as substantiated by numerous works in the past decade. Tampering attacks are a class of such physical attacks where the attacker can change the memory/computation, gains additional (non-black-box) knowledge by interacting...... with the faulty device and then tries to break the security. Prior works show that generically approaching such problem is notoriously difficult. So, in this dissertation we attempt to solve an easier question, known as memory-tampering, where the attacker is allowed tamper only with the memory of the device...

Reliably determining data leakage in the presence of strong attackers

NARCIS (Netherlands)

Bortolameotti, R.; Peter, A.; Everts, M.H.; Jonker, W.; Hartel, P.

2016-01-01

We address the problem of determining what data has been leaked from a system after its recovery from a successful attack. This is a forensic process which is relevant to give a better understanding of the impact of a data breach, but more importantly it is becoming mandatory according to the recent

Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

Directory of Open Access Journals (Sweden)

Apostolos P. Fournaris

2017-07-01

Full Text Available Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT and Operational Technology (OT systems that are meant to operate harmonically under a security critical framework. As security IT countermeasures are gradually been installed in many embedded system nodes, thus securing them from many well-know cyber attacks there is a lurking danger that is still overlooked. Apart from the software vulnerabilities that typical malicious programs use, there are some very interesting hardware vulnerabilities that can be exploited in order to mount devastating software or hardware attacks (typically undetected by software countermeasures capable of fully compromising any embedded system device. Real-time microarchitecture attacks such as the cache side-channel attacks are such case but also the newly discovered Rowhammer fault injection attack that can be mounted even remotely to gain full access to a device DRAM (Dynamic Random Access Memory. Under the light of the above dangers that are focused on the device hardware structure, in this paper, an overview of this attack field is provided including attacks, threat directives and countermeasures. The goal of this paper is not to exhaustively overview attacks and countermeasures but rather to survey the various, possible, existing attack directions and highlight the security risks that they can pose to security critical embedded systems as well as indicate their strength on compromising the Quality of Service (QoS such systems are designed to provide.

Neural Correlates of User-initiated Motor Success and Failure - A Brain-Computer Interface Perspective.

Science.gov (United States)

Yazmir, Boris; Reiner, Miriam

2018-05-15

Any motor action is, by nature, potentially accompanied by human errors. In order to facilitate development of error-tailored Brain-Computer Interface (BCI) correction systems, we focused on internal, human-initiated errors, and investigated EEG correlates of user outcome successes and errors during a continuous 3D virtual tennis game against a computer player. We used a multisensory, 3D, highly immersive environment. Missing and repelling the tennis ball were considered, as 'error' (miss) and 'success' (repel). Unlike most previous studies, where the environment "encouraged" the participant to perform a mistake, here errors happened naturally, resulting from motor-perceptual-cognitive processes of incorrect estimation of the ball kinematics, and can be regarded as user internal, self-initiated errors. Results show distinct and well-defined Event-Related Potentials (ERPs), embedded in the ongoing EEG, that differ across conditions by waveforms, scalp signal distribution maps, source estimation results (sLORETA) and time-frequency patterns, establishing a series of typical features that allow valid discrimination between user internal outcome success and error. The significant delay in latency between positive peaks of error- and success-related ERPs, suggests a cross-talk between top-down and bottom-up processing, represented by an outcome recognition process, in the context of the game world. Success-related ERPs had a central scalp distribution, while error-related ERPs were centro-parietal. The unique characteristics and sharp differences between EEG correlates of error/success provide the crucial components for an improved BCI system. The features of the EEG waveform can be used to detect user action outcome, to be fed into the BCI correction system. Copyright © 2016 IBRO. Published by Elsevier Ltd. All rights reserved.

Seven deadliest USB attacks

CERN Document Server

Anderson, Brian

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting USB technology? Then you need Seven Deadliest USB Attacks. This book pinpoints the most dangerous hacks and exploits specific to USB, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: USB Hacksaw USB Switchblade USB Based Virus/Malicous Code Launch USB Device Overflow RAMdum

Seven Deadliest Unified Communications Attacks

CERN Document Server

York, Dan

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting Unified Communications technology? Then you need Seven Deadliest Unified Communication Attacks. This book pinpoints the most dangerous hacks and exploits specific to Unified Communications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks featured in this book include: UC Ecosystem Attacks Insecure Endpo

Invisible Trojan-horse attack.

Science.gov (United States)

Sajeed, Shihan; Minshull, Carter; Jain, Nitin; Makarov, Vadim

2017-08-21

We demonstrate the experimental feasibility of a Trojan-horse attack that remains nearly invisible to the single-photon detectors employed in practical quantum key distribution (QKD) systems, such as Clavis2 from ID Quantique. We perform a detailed numerical comparison of the attack performance against Scarani-Ac´ın-Ribordy-Gisin (SARG04) QKD protocol at 1924 nm versus that at 1536 nm. The attack strategy was proposed earlier but found to be unsuccessful at the latter wavelength, as reported in N. Jain et al., New J. Phys. 16, 123030 (2014). However at 1924 nm, we show experimentally that the noise response of the detectors to bright pulses is greatly reduced, and show by modeling that the same attack will succeed. The invisible nature of the attack poses a threat to the security of practical QKD if proper countermeasures are not adopted.

Use of Deception to Improve Client Honeypot Detection of Drive-by-Download Attacks

Energy Technology Data Exchange (ETDEWEB)

Popovsky, Barbara; Narvaez Suarez, Julia F.; Seifert, Christian; Frincke, Deborah A.; O' Neil, Lori R.; Aval, Chiraag U.

2009-07-24

This paper presents the application of deception theory to improve the success of client honeypots at detecting malicious web page attacks from infected servers programmed by online criminals to launch drive-by-download attacks. The design of honeypots faces three main challenges: deception, how to design honeypots that seem real systems; counter-deception, techniques used to identify honeypots and hence defeating their deceiving nature; and counter counter-deception, how to design honeypots that deceive attackers. The authors propose the application of a deception model known as the deception planning loop to identify the current status on honeypot research, development and deployment. The analysis leads to a proposal to formulate a landscape of the honeypot research and planning of steps ahead.

Critical supply network protection against intentional attacks: A game-theoretical model

International Nuclear Information System (INIS)

Bricha, Naji; Nourelfath, Mustapha

2013-01-01

A crucial issue in today's critical supply chains is how to protect facilities against intentional attacks, since it has become unacceptable to ignore the high impact of low probability disruptions caused by these attacks. This article develops a game-theoretical model to deal with the protection of facilities, in the context of the uncapacitated fixed-charge location problem. Given a set of investment alternatives for protecting the facilities against identified threats, the objective is to select the optimal defence strategy. The attacker is considered as a player who tries to maximise the expected damage while weighing against the attacks expenditures. The conflict on facilities vulnerability is modelled using the concept of contest. The vulnerability of a facility is defined by its destruction probability. Contest success functions determine the vulnerability of each facility dependent on the relative investments of the defender and the attacker on each facility, and on the characteristics of the contest. A method is developed to evaluate the utilities of the players (i.e., the defender and the attacker). This method evaluates many expected costs, including the cost needed to restore disabled facilities, the backorder cost, and the cost incurred because of the increase in transportation costs after attacks. In fact, when one or several facilities are unavailable, transportation costs will increase since reassigned customers may receive shipments from facilities which are farther away. The model considers a non-cooperative two-period game between the players, and an algorithm is presented to determine the equilibrium solution and the optimal defence strategy. An illustrative example is presented. The approach is compared to other suggested strategies, and some managerial insights are provided in the context of facility location

It's the Motivation Stupid! : The Influence of Motivation of Secondary Currency Initiators on the Currencies' Success

NARCIS (Netherlands)

L. Fesenfeld (Lukas); J. Stuckatz (Jan); I. Summerson (Iona); T. Kiesgen (Thomas); D. Russ (Daniela); M. Klimaschewski (Maja)

2015-01-01

textabstractThis paper attempts to explain the success of secondary currencies. Success is defined as the degree to which the initiators of these currencies manage to reach their original goals. In order to do so, we draw on two explanatory factors: the motivation of a currency’s founder and the

Security attack detection algorithm for electric power gis system based on mobile application

Science.gov (United States)

Zhou, Chao; Feng, Renjun; Wang, Liming; Huang, Wei; Guo, Yajuan

2017-05-01

Electric power GIS is one of the key information technologies to satisfy the power grid construction in China, and widely used in power grid construction planning, weather, and power distribution management. The introduction of electric power GIS based on mobile applications is an effective extension of the geographic information system that has been widely used in the electric power industry. It provides reliable, cheap and sustainable power service for the country. The accurate state estimation is the important conditions to maintain the normal operation of the electric power GIS. Recent research has shown that attackers can inject the complex false data into the power system. The injection attack of this new type of false data (load integrity attack LIA) can successfully bypass the routine detection to achieve the purpose of attack, so that the control center will make a series of wrong decision. Eventually, leading to uneven distribution of power in the grid. In order to ensure the safety of the electric power GIS system based on mobile application, it is very important to analyze the attack mechanism and propose a new type of attack, and to study the corresponding detection method and prevention strategy in the environment of electric power GIS system based on mobile application.

Creative Persuasion: A Study on Adversarial Behaviors and Strategies in Phishing Attacks.

Science.gov (United States)

Rajivan, Prashanth; Gonzalez, Cleotilde

2018-01-01

Success of phishing attacks depend on effective exploitation of human weaknesses. This research explores a largely ignored, but crucial aspect of phishing: the adversarial behavior. We aim at understanding human behaviors and strategies that adversaries use, and how these may determine the end-user response to phishing emails. We accomplish this through a novel experiment paradigm involving two phases. In the adversarial phase, 105 participants played the role of a phishing adversary who were incentivized to produce multiple phishing emails that would evade detection and persuade end-users to respond. In the end-user phase, 340 participants performed an email management task, where they examined and classified phishing emails generated by participants in phase-one along with benign emails. Participants in the adversary role, self-reported the strategies they employed in each email they created, and responded to a test of individual creativity. Data from both phases of the study was combined and analyzed, to measure the effect of adversarial behaviors on end-user response to phishing emails. We found that participants who persistently used specific attack strategies (e.g., sending notifications, use of authoritative tone, or expressing shared interest) in all their attempts were overall more successful, compared to others who explored different strategies in each attempt. We also found that strategies largely determined whether an end-user was more likely to respond to an email immediately, or delete it. Individual creativity was not a reliable predictor of adversarial performance, but it was a predictor of an adversary's ability to evade detection. In summary, the phishing example provided initially, the strategies used, and the participants' persistence with some of the strategies led to higher performance in persuading end-users to respond to phishing emails. These insights may be used to inform tools and training procedures to detect phishing strategies in

Whispering through DDoS attack

Directory of Open Access Journals (Sweden)

Miralem Mehic

2016-03-01

Full Text Available Denial of service (DoS attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes of hiding data or concealing the existing covert channel. In addition, in this paper we analyzed the possibility of detection of such covert communication with the well-known statistical method. Also, we proposed the coordination mechanisms of the attack which may be used. A lot of research has been done in order to describe and prevent DDoS attacks, yet research on steganography on this field is still scarce.

Telephone-based social engineering attacks: An experiment testing the success and time decay of an intervention

NARCIS (Netherlands)

Bullee, Jan-Willem; Montoya, L.; Junger, Marianne; Hartel, Pieter H.; Mathur, A.; Roychoudhury, A.

The objective of this study is to get insight into the effectiveness of an information campaign to counter a social engineering attack via the telephone. Four different offenders phoned 48 employees and made them believe that their PC was distributing spam emails. Targets were told that this

Academic Success and Initial Labor Market Outcomes for Pharmacy Graduates

Directory of Open Access Journals (Sweden)

Sean Murphy

2011-01-01

Full Text Available Purpose: This study examines the relationship between academic success and labor market outcomes among graduating pharmacy students. Unlike previous studies, this paper characterizes labor market outcome not only as an individual's starting salary, but also whether or not the student had a position secured at the time of graduation, whether or not a signing bonus was received, and the setting in which (she will practice. Methods: A standard exit survey was administered to graduating Doctor of Pharmacy students at a Midwestern, public university within two weeks of graduation. The relationship between academic success and initial labor market outcome was assessed using cross-tabulations, chi-square and Fisher exact tests. Results: There were no significant relationships between grade point averages and signing bonuses, starting salaries or employment offers. Students with higher grade point averages were less likely to work in chain community pharmacies, and more likely to work in a hospital or other health-system setting. Conclusions: The relationships between academic and direct measures of labor market outcomes (salary and bonuses were not necessarily positive, as standard economic theory predicts. Rather, the relationship is indirect, as it appears that students with greater academic success obtained employment in more clinical settings, which carry a different mix of pecuniary and non-pecuniary benefits. Type: Original Research

Heart attack - discharge

Science.gov (United States)

... and lifestyle Cholesterol - drug treatment Controlling your high blood pressure Deep vein thrombosis - discharge Dietary fats explained Fast food tips Heart attack - discharge Heart attack - what to ask your doctor Heart bypass ... pacemaker - discharge High blood pressure - what to ask your doctor How to read ...

Host Plants Affect the Foraging Success of Two Parasitoids that Attack Light Brown Apple Moth Epiphyas postvittana (Walker (Lepidoptera: Tortricidae.

Directory of Open Access Journals (Sweden)

Yi Feng

Full Text Available The light brown apple moth, Epiphyas postvittana is a key pest of wine grapes in Australia. Two parasitoids, Dolichogenidea tasmanica and Therophilus unimaculatus, attack the larval stage of this pest. D. tasmanica is dominant in vineyards, whereas T. unimaculatus is mainly active in native vegetation. We sought to understand why they differ in their use of habitats. Plants are a major component of habitats of parasitoids, and herbivore-infested plants influence parasitoid foraging efficiency by their architecture and emission of volatile chemicals. We investigated how different plant species infested by E. postvittana could affect the foraging success of the two parasitoid species in both laboratory and field experiments. Four common host-plant species were selected for this study. In paired-choice experiments to determine the innate foraging preferences for plants, both parasitoid species showed differences in innate search preferences among plant species. The plant preference of D. tasmanica was altered by oviposition experience with hosts that were feeding on other plant species. In a behavioral assay, the two parasitoid species allocated their times engaged in various types of behavior differently when foraging on different plant species. For both parasitoids, parasitism on Hardenbergia violacea was the highest of the four plant species. Significantly more larvae dropped from Myoporum insulare when attacked than from the other three host-plant species, which indicates that parasitism is also affected by interactions between plants and host insects. In vineyards, parasitism by D. tasmanica was significantly lower on M. insulare than on the other three host-plant species, but the parasitism rates were similar among the other three plant species. Our results indicate that plants play a role in the habitat preferences of these two parasitoid species by influencing their foraging behavior, and are likely to contribute to their distributions

Attack Trees for Practical Security Assessment: Ranking of Attack Scenarios with ADTool 2.0

NARCIS (Netherlands)

Gadyatskaya, Olga; Jhawar, Ravi; Kordy, P.T.; Lounis, Karim; Mauw, Sjouke; Trujillo-Rasua, Rolando

2016-01-01

In this tool demonstration paper we present the ADTool2.0: an open-source software tool for design, manipulation and analysis of attack trees. The tool supports ranking of attack scenarios based on quantitative attributes entered by the user; it is scriptable; and it incorporates attack trees with

The work-averse cyber attacker model : theory and evidence from two million attack signatures

NARCIS (Netherlands)

Allodi, L.; Massacci, F.; Williams, J.

The typical cyber attacker is assumed to be all powerful and to exploit all possible vulnerabilities. In this paper we present, and empirically validate, a novel and more realistic attacker model. The intuition of our model is that an attacker will optimally choose whether to act and weaponize a new

Security strategy of powered-off SRAM for resisting physical attack to data remanence

International Nuclear Information System (INIS)

Yu Kai; Zou Xuecheng; Yu Guoyi; Wang Weixu

2009-01-01

This paper presents a security strategy for resisting a physical attack utilizing data remanence in powered-off static random access memory (SRAM). Based on the mechanism of physical attack to data remanence, the strategy intends to erase data remanence in memory cells once the power supply is removed, which disturbs attackers trying to steal the right information. Novel on-chip secure circuits including secure power supply and erase transistor are integrated into conventional SRAM to realize erase operation. Implemented in 0.25 μm Huahong-NEC CMOS technology, an SRAM exploiting the proposed security strategy shows the erase operation is accomplished within 0.2 μs and data remanence is successfully eliminated. Compared with conventional SRAM, the retentive time of data remanence is reduced by 82% while the operation power consumption only increases by 7%.

Web server attack analyzer

OpenAIRE

Mižišin, Michal

2013-01-01

Web server attack analyzer - Abstract The goal of this work was to create prototype of analyzer of injection flaws attacks on web server. Proposed solution combines capabilities of web application firewall and web server log analyzer. Analysis is based on configurable signatures defined by regular expressions. This paper begins with summary of web attacks, followed by detection techniques analysis on web servers, description and justification of selected implementation. In the end are charact...

Network Protection Against DDoS Attacks

Directory of Open Access Journals (Sweden)

Petr Dzurenda

2015-03-01

Full Text Available The paper deals with possibilities of the network protection against Distributed Denial of Service attacks (DDoS. The basic types of DDoS attacks and their impact on the protected network are presented here. Furthermore, we present basic detection and defense techniques thanks to which it is possible to increase resistance of the protected network or device against DDoS attacks. Moreover, we tested the ability of current commercial Intrusion Prevention Systems (IPS, especially Radware DefensePro 6.10.00 product against the most common types of DDoS attacks. We create five scenarios that are varied in type and strength of the DDoS attacks. The attacks intensity was much greater than the normal intensity of the current DDoS attacks.

Attack Tree Generation by Policy Invalidation

DEFF Research Database (Denmark)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

2015-01-01

through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based......Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified...... on invalidating policies in the system model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps....

Terrorists and Suicide Attacks

National Research Council Canada - National Science Library

Cronin, Audrey K

2003-01-01

Suicide attacks by terrorist organizations have become more prevalent globally, and assessing the threat of suicide attacks against the United States and its interests at home and abroad has therefore...

A Systematic Review of Re-Identification Attacks on Health Data

Science.gov (United States)

El Emam, Khaled; Jonker, Elizabeth; Arbuckle, Luk; Malin, Bradley

2011-01-01

Background Privacy legislation in most jurisdictions allows the disclosure of health data for secondary purposes without patient consent if it is de-identified. Some recent articles in the medical, legal, and computer science literature have argued that de-identification methods do not provide sufficient protection because they are easy to reverse. Should this be the case, it would have significant and important implications on how health information is disclosed, including: (a) potentially limiting its availability for secondary purposes such as research, and (b) resulting in more identifiable health information being disclosed. Our objectives in this systematic review were to: (a) characterize known re-identification attacks on health data and contrast that to re-identification attacks on other kinds of data, (b) compute the overall proportion of records that have been correctly re-identified in these attacks, and (c) assess whether these demonstrate weaknesses in current de-identification methods. Methods and Findings Searches were conducted in IEEE Xplore, ACM Digital Library, and PubMed. After screening, fourteen eligible articles representing distinct attacks were identified. On average, approximately a quarter of the records were re-identified across all studies (0.26 with 95% CI 0.046–0.478) and 0.34 for attacks on health data (95% CI 0–0.744). There was considerable uncertainty around the proportions as evidenced by the wide confidence intervals, and the mean proportion of records re-identified was sensitive to unpublished studies. Two of fourteen attacks were performed with data that was de-identified using existing standards. Only one of these attacks was on health data, which resulted in a success rate of 0.00013. Conclusions The current evidence shows a high re-identification rate but is dominated by small-scale studies on data that was not de-identified according to existing standards. This evidence is insufficient to draw conclusions about the

Healthy competition drives success in results-based aid: Lessons from the Salud Mesoamérica Initiative.

Science.gov (United States)

El Bcheraoui, Charbel; Palmisano, Erin B; Dansereau, Emily; Schaefer, Alexandra; Woldeab, Alexander; Moradi-Lakeh, Maziar; Salvatierra, Benito; Hernandez-Prado, Bernardo; Mokdad, Ali H

2017-01-01

The Salud Mesoamérica Initiative (SMI) is a three-operation strategy, and is a pioneer in the world of results-based aid (RBA) in terms of the success it has achieved in improving health system inputs following its initial operation. This success in meeting pre-defined targets is rare in the world of financial assistance for health. We investigated the influential aspects of SMI that could have contributed to its effectiveness in improving health systems, with the aim of providing international donors, bilateral organizations, philanthropies, and recipient countries with new perspectives that can help increase the effectiveness of future assistance for health, specifically in the arena of RBA. Qualitative methods based on the criteria of relevance and effectiveness proposed by the Development Assistance Committee of the Organization for Economic Co-operation and Development. Our methods included document review, key informant interviews, a focus group discussion, and a partnership analysis. A purposive sample of 113 key informants, comprising donors, representatives from the Inter-American Development Bank, ministries of health, technical assistance organizations, evaluation organizations, and health care providers. During May-October 2016, we interviewed regarding the relevance and effectiveness of SMI. Themes emerged relative to the topics we investigated, and covered the design and the drivers of success of the initiative. The success is due to 1) the initiative's regional approach, which pressured recipient countries to compete toward meeting targets, 2) a robust and flexible design that incorporated the richness of input from stakeholders at all levels, 3) the design-embedded evaluation component that created a culture of accountability among recipient countries, and 4) the reflective knowledge environment that created a culture of evidence-based decision-making. A regional approach involving all appropriate stakeholders, and based on knowledge sharing and

Attack Trees with Sequential Conjunction

NARCIS (Netherlands)

Jhawar, Ravi; Kordy, Barbara; Mauw, Sjouke; Radomirović, Sasa; Trujillo-Rasua, Rolando

2015-01-01

We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND at- tack tree formalism increases the expressivity of attack trees by intro- ducing the sequential conjunctive operator SAND. This operator enables the modeling of

Heart attack first aid

Science.gov (United States)

First aid - heart attack; First aid - cardiopulmonary arrest; First aid - cardiac arrest ... A heart attack occurs when the blood flow that carries oxygen to the heart is blocked. The heart muscle ...

Analytical Characterization of Internet Security Attacks

Science.gov (United States)

Sellke, Sarah H.

2010-01-01

Internet security attacks have drawn significant attention due to their enormously adverse impact. These attacks includes Malware (Viruses, Worms, Trojan Horse), Denial of Service, Packet Sniffer, and Password Attacks. There is an increasing need to provide adequate defense mechanisms against these attacks. My thesis proposal deals with analytical…

Bush animal attacks: management of complex injuries in a resource-limited setting

Directory of Open Access Journals (Sweden)

Mitchell Katrina B

2011-12-01

Full Text Available Abstract Introduction Though animal-related injuries and fatalities have been documented throughout the world, the variety of attacks by wild animals native to rural East Africa are less commonly described. Given the proximity of our northwestern Tanzania hospital to Lake Victoria, Lake Tanganyika, and the Serengeti National Park, and presentation of several patients attacked by bush animals and suffering a variety of complex injuries, we sought to report the pattern of attacks and surgical management in a resource-limited setting. Materials and methods Four patients who were admitted to the northwestern Tanzania tertiary referral hospital, Bugando Medical Centre (BMC, in 2010-2011 suffered attacks by different bush animals: hyena, elephant, crocodile, and vervet monkey. These patients were triaged as trauma patients in the Casualty Ward, then admitted for inpatient monitoring and treatment. Their outcomes were followed to discharge. Results The age and gender of the patients attacked was variable, though all but the pediatric patient were participating in food gathering or guarding activities in rural locations at the time of the attacks. All patients required surgical management of their injuries, which included debridement and closure of wounds, chest tube insertion, amputation, and external fixation of an extremity fracture. All patients survived and were discharged home. Discussion Though human injuries secondary to encounters with undomesticated animals such as cows, moose, and camel are reported, they often are indirect traumas resulting from road traffic collisions. Snake attacks are well documented and common. However, this series of unique bush animal attacks describes the initial and surgical management of human injuries in the resource-limited setting of the developing world. Conclusion Animal attacks are common throughout the world, but their pattern may vary in Africa throughout jungle and bush environmental settings. It is

Anger attacks in obsessive compulsive disorder

Directory of Open Access Journals (Sweden)

Nitesh Prakash Painuly

2011-01-01

Full Text Available Background: Research on anger attacks has been mostly limited to depression, and only a few studies have focused on anger attacks in obsessive compulsive disorder. Materials and Methods: In a cross-sectional study all new obsessive compulsive disorder patients aged 20-60 years attending an outpatient clinic were assessed using the anger attack questionnaire, irritability, depression and anxiety scale (for the direction of the aggressive behavior and quality of life (QOL. Results: The sample consisted of 42 consecutive subjects with obsessive compulsive disorder, out of which 21 (50% had anger attacks. The obsessive compulsive disorder subjects with and without anger attacks did not show significant differences in terms of sociodemographic variables, duration of illness, treatment, and family history. However, subjects with anger attacks had significantly higher prevalence of panic attacks and comorbid depression. Significantly more subjects with anger attacks exhibited aggressive acts toward spouse, parents, children, and other relatives in the form of yelling and threatening to hurt, trying to hurt, and threatening to leave. However, the two groups did not differ significantly in terms of QOL, except for the psychological domain being worse in the subjects with anger attacks. Conclusion: Anger attacks are present in half of the patients with obsessive compulsive disorder, and they correlate with the presence of comorbid depression.

Acanthopria and Mimopriella parasitoid wasps (Diapriidae) attack Cyphomyrmex fungus-growing ants (Formicidae, Attini)

Science.gov (United States)

Fernández-Marín, Hermógenes; Zimmerman, Jess K.; Wcislo, William T.

2006-01-01

New World diapriine wasps are abundant and diverse, but the biology of most species is unknown. We provide the first description of the biology of diapriine wasps, Acanthopria spp. and Mimopriella sp., which attack the larvae of Cyphomyrmex fungus-growing ants. In Puerto Rico, the koinobiont parasitoids Acanthopria attack Cyphomyrmex minutus, while in Panama at least four morphospecies of Acanthopria and one of Mimopriella attack Cyphomyrmex rimosus. Of the total larvae per colony, 0 100% were parasitized, and 27 70% of the colonies per population were parasitized. Parasitism rate and colony size were negatively correlated for C. rimosus but not for C. minutus. Worker ants grasped at, bit, and in some cases, killed adult wasps that emerged in artificial nests or tried to enter natural nests. Parasitoid secondary sex ratios were female-biased for eclosing wasps, while field collections showed a male-biased sex ratio. Based on their abundance and success in attacking host ants, these minute wasps present excellent opportunities to explore how natural enemies impact ant colony demography and population biology.

Seven Deadliest Social Network Attacks

CERN Document Server

Timm, Carl

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting social networks? Then you need Seven Deadliest Social Network Attacks. This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: Social Networking Infrastruct

Pericarditis - after heart attack

Science.gov (United States)

... include: A previous heart attack Open heart surgery Chest trauma A heart attack that has affected the thickness of your heart muscle Symptoms Symptoms include: Anxiety Chest pain from the swollen pericardium rubbing on the ...

A Novel Friendly Jamming Scheme in Industrial Crowdsensing Networks against Eavesdropping Attack.

Science.gov (United States)

Li, Xuran; Wang, Qiu; Dai, Hong-Ning; Wang, Hao

2018-06-14

Eavesdropping attack is one of the most serious threats in industrial crowdsensing networks. In this paper, we propose a novel anti-eavesdropping scheme by introducing friendly jammers to an industrial crowdsensing network. In particular, we establish a theoretical framework considering both the probability of eavesdropping attacks and the probability of successful transmission to evaluate the effectiveness of our scheme. Our framework takes into account various channel conditions such as path loss, Rayleigh fading, and the antenna type of friendly jammers. Our results show that using jammers in industrial crowdsensing networks can effectively reduce the eavesdropping risk while having no significant influence on legitimate communications.

Vulnerability Assessment of IPv6 Websites to SQL Injection and Other Application Level Attacks

Directory of Open Access Journals (Sweden)

Ying-Chiang Cho

2013-01-01

Full Text Available Given the proliferation of internet connected devices, IPv6 has been proposed to replace IPv4. Aside from providing a larger address space which can be assigned to internet enabled devices, it has been suggested that the IPv6 protocol offers increased security due to the fact that with the large number of addresses available, standard IP scanning attacks will no longer become feasible. However, given the interest in attacking organizations rather than individual devices, most initial points of entry onto an organization's network and their attendant devices are visible and reachable through web crawling techniques, and, therefore, attacks on the visible application layer may offer ways to compromise the overall network. In this evaluation, we provide a straightforward implementation of a web crawler in conjunction with a benign black box penetration testing system and analyze the ease at which SQL injection attacks can be carried out.

Vulnerability assessment of IPv6 websites to SQL injection and other application level attacks.

Science.gov (United States)

Cho, Ying-Chiang; Pan, Jen-Yi

2013-01-01

Given the proliferation of internet connected devices, IPv6 has been proposed to replace IPv4. Aside from providing a larger address space which can be assigned to internet enabled devices, it has been suggested that the IPv6 protocol offers increased security due to the fact that with the large number of addresses available, standard IP scanning attacks will no longer become feasible. However, given the interest in attacking organizations rather than individual devices, most initial points of entry onto an organization's network and their attendant devices are visible and reachable through web crawling techniques, and, therefore, attacks on the visible application layer may offer ways to compromise the overall network. In this evaluation, we provide a straightforward implementation of a web crawler in conjunction with a benign black box penetration testing system and analyze the ease at which SQL injection attacks can be carried out.

WILD PIG ATTACKS ON HUMANS

Energy Technology Data Exchange (ETDEWEB)

Mayer, J.

2013-04-12

Attacks on humans by wild pigs (Sus scrofa) have been documented since ancient times. However, studies characterizing these incidents are lacking. In an effort to better understand this phenomenon, information was collected from 412 wild pig attacks on humans. Similar to studies of large predator attacks on humans, data came from a variety of sources. The various attacks compiled occurred in seven zoogeographic realms. Most attacks occurred within the species native range, and specifically in rural areas. The occurrence was highest during the winter months and daylight hours. Most happened under non-hunting circumstances and appeared to be unprovoked. Wounded animals were the chief cause of these attacks in hunting situations. The animals involved were typically solitary, male and large in size. The fate of the wild pigs involved in these attacks varied depending upon the circumstances, however, most escaped uninjured. Most human victims were adult males traveling on foot and alone. The most frequent outcome for these victims was physical contact/mauling. The severity of resulting injuries ranged from minor to fatal. Most of the mauled victims had injuries to only one part of their bodies, with legs/feet being the most frequent body part injured. Injuries were primarily in the form of lacerations and punctures. Fatalities were typically due to blood loss. In some cases, serious infections or toxemia resulted from the injuries. Other species (i.e., pets and livestock) were also accompanying some of the humans during these attacks. The fates of these animals varied from escaping uninjured to being killed. Frequency data on both non-hunting and hunting incidents of wild pig attacks on humans at the Savannah River Site, South Carolina, showed quantitatively that such incidents are rare.

Analysis Of Default Passwords In Routers Against Brute-Force Attack

Directory of Open Access Journals (Sweden)

Mohammed Farik

2015-08-01

Full Text Available Abstract Password authentication is the main means of access control on network routers and router manufacturers provide a default password for initial login to the router. While there has been many publications regarding the minimum requirements of a good password how widely the manufacturers themselves are adhering to the minimum standards and whether these passwords can withstand brute-force attack are not widely known. The novelty of this research is that this is the first time default passwords have been analyzed and documented from such a large variety of router models to reveal password strengths or weaknesses against brute-force attacks. Firstly individual default router password of each model was collected tabulated and tested using password strength meter for entropy. Then descriptive statistical analysis was performed on the tabulated data. The analysis revealed quantitatively how strong or weak default passwords are against brute-force attacks. The results of this research give router security researchers router manufacturers router administrators a useful guide on the strengths and weaknesses of passwords that follow similar patterns.

The characteristics of radiological cloud caused by 'dirty bomb' attack

International Nuclear Information System (INIS)

Wang Qingbo; Wang Bairong

2006-01-01

This paper discusses the characteristics of the radiological cloud after the RDD explosion, including the initial cloud size, material's distribution and the rate of particle or aerosol sedimentation. For there are limited papers in involved this topic publicly, only empirical formulas are given. However, it would be helpful when evaluating the consequences of the RDD terrorism attacks. (authors)

The Cyber-Physical Attacker

DEFF Research Database (Denmark)

Vigo, Roberto

2012-01-01

The world of Cyber-Physical Systems ranges from industrial to national interest applications. Even though these systems are pervading our everyday life, we are still far from fully understanding their security properties. Devising a suitable attacker model is a crucial element when studying...... the security properties of CPSs, as a system cannot be secured without defining the threats it is subject to. In this work an attacker scenario is presented which addresses the peculiarities of a cyber-physical adversary, and we discuss how this scenario relates to other attacker models popular in the security...

An efficient collaborative approach for black hole attack discovery and mitigating its impact in manet

Science.gov (United States)

Devipriya, K.; Ivy, B. Persis Urbana; Prabha, D.

2018-04-01

A mobile ad hoc network (MANET) is an assemblage of nodes composed of mobile devices coupled in various ways wirelessly which do not have any central administration. Each node in MANET cooperates in forwarding packets in the network. This type of collaboration incurs high cost but there exits nodes that declines to cooperate leading to selfish conduct of nodes which effects overall network performance. To discover the attacks caused by such nodes, a renowned mechanism using watchdog can be deployed. In infrastructure less network attack detection and reaction and high false positives, false negatives initiating black hole attack becomes major issue in watchdog. This paper put forward a collaborative approach for identifying such attacks in MANET. Through abstract analysis and extensive simulation of this approach, the detection time of misbehaved nodes is reduced and substantial enhancement in overhead and throughput is witnessed.

Forensics Investigation of Web Application Security Attacks

OpenAIRE

Amor Lazzez; Thabet Slimani

2015-01-01

Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the sec...

Lead exposure potentiates predatory attack behavior in the cat

International Nuclear Information System (INIS)

Li Wenjie; Han Shenggao; Gregg, T.R.; Kemp, F.W.Francis W.; Davidow, A.L.; Louria, D.B.; Siegel, Allan; Bogden, J.D.

2003-01-01

Epidemiologic studies have demonstrated that environmental lead exposure is associated with aggressive behavior in children; however, numerous confounding variables limit the ability of these studies to establish a causal relationship. The study of aggressive behavior using a validated animal model was used to test the hypothesis that there is a causal relationship between lead exposure and aggression in the absence of confounding variables. We studied the effects of lead exposure on a feline model of aggression: predatory (quiet biting) attack of an anesthetized rat. Five cats were stimulated with a precisely controlled electrical current via electrodes inserted into the lateral hypothalamus. The response measure was the predatory attack threshold current (i.e., the current required to elicit an attack response on 50% of the trials). Blocks of trials were administered in which predatory attack threshold currents were measured three times a week for a total of 6-10 weeks, including before, during, and after lead exposure. Lead was incorporated into cat food 'treats' at doses of 50-150 mg/kg/day. Two of the five cats received a second period of lead exposure. Blood lead concentrations were measured twice a week and were <1, 21-77, and <20 μg/dL prior to, during, and after lead exposure, respectively. The predatory attack threshold decreased significantly during initial lead exposure in three of five cats and increased after the cessation of lead exposure in four of the five cats (P<0.01). The predatory attack thresholds and blood lead concentrations for each cat were inversely correlated (r=-0.35 to -0.74). A random-effects mixed model demonstrated a significant (P=0.0019) negative association between threshold current and blood lead concentration. The data of this study demonstrate that lead exposure enhances predatory aggression in the cat and provide experimental support for a causal relationship between lead exposure and aggressive behavior in humans

Adaptive cyber-attack modeling system

Science.gov (United States)

Gonsalves, Paul G.; Dougherty, Edward T.

2006-05-01

The pervasiveness of software and networked information systems is evident across a broad spectrum of business and government sectors. Such reliance provides an ample opportunity not only for the nefarious exploits of lone wolf computer hackers, but for more systematic software attacks from organized entities. Much effort and focus has been placed on preventing and ameliorating network and OS attacks, a concomitant emphasis is required to address protection of mission critical software. Typical software protection technique and methodology evaluation and verification and validation (V&V) involves the use of a team of subject matter experts (SMEs) to mimic potential attackers or hackers. This manpower intensive, time-consuming, and potentially cost-prohibitive approach is not amenable to performing the necessary multiple non-subjective analyses required to support quantifying software protection levels. To facilitate the evaluation and V&V of software protection solutions, we have designed and developed a prototype adaptive cyber attack modeling system. Our approach integrates an off-line mechanism for rapid construction of Bayesian belief network (BN) attack models with an on-line model instantiation, adaptation and knowledge acquisition scheme. Off-line model construction is supported via a knowledge elicitation approach for identifying key domain requirements and a process for translating these requirements into a library of BN-based cyber-attack models. On-line attack modeling and knowledge acquisition is supported via BN evidence propagation and model parameter learning.

Predicting Factors of Zone 4 Attack in Volleyball.

Science.gov (United States)

Costa, Gustavo C; Castro, Henrique O; Evangelista, Breno F; Malheiros, Laura M; Greco, Pablo J; Ugrinowitsch, Herbert

2017-06-01

This study examined 142 volleyball games of the Men's Super League 2014/2015 seasons in Brazil from which we analyzed 24-26 games of each participating team, identifying 5,267 Zone 4 attacks for further analysis. Within these Zone 4 attacks, we analyzed the association between the effect of the attack carried out and the separate effects of serve reception, tempo and type of attack. We found that the reception, tempo of attack, second tempo of attack, and power of diagonal attack were predictors of the attack effect in Zone 4. Moreover, placed attacks showed a tendency to not yield a score. In conclusion, winning points in high-level men's volleyball requires excellent receptions, a fast attack tempo and powerfully executed of attacks.

Managing burn victims of suicide bombing attacks: outcomes, lessons learnt, and changes made from three attacks in Indonesia.

Science.gov (United States)

Chim, Harvey; Yew, Woon Si; Song, Colin

2007-01-01

Terror attacks in Southeast Asia were almost nonexistent until the 2002 Bali bomb blast, considered the deadliest attack in Indonesian history. Further attacks in 2003 (Jakarta), 2004 (Jakarta), and 2005 (Bali) have turned terrorist attacks into an ever-present reality. The authors reviewed medical charts of victims evacuated to the Singapore General Hospital (SGH) Burns Centre during three suicide attacks involving Bali (2002 and 2005) and the Jakarta Marriott hotel (2003). Problems faced, lessons learnt, and costs incurred are discussed. A burns disaster plan drawing on lessons learnt from these attacks is presented. Thirty-one patients were treated at the SGH Burns Centre in three attacks (2002 Bali attack [n = 15], 2003 Jakarta attack [n = 14], and 2005 Bali attack [n = 2]). For the 2002 Bali attack, median age was 29 years (range 20 to 50 years), median percentage of total burn surface area (TBSA) was 29% (range 5% to 55%), and median abbreviated burn severity index (ABSI) was 6 (range 3 to 10). Eight of 15 patients were admitted to the intensive care unit. For the 2003 Jakarta attack, median age was 35 years (range 24 to 56 years), median percentage of TBSA was 10% (range 2% to 46%), and median ABSI was 4 (range 3 to 9). A large number of patients had other injuries. Problems faced included manpower issues, lack of bed space, shortage of blood products, and lack of cadaver skin. The changing nature of terror attacks mandates continued vigilance and disaster preparedness. The multidimensional burns patient, complicated by other injuries, is likely to become increasingly common. A burns disaster plan with emphasis on effective command, control, and communication as well as organisation of health care personnel following a 'team concept' will do much to ensure that the sudden onset of a crisis situation at an unexpected time does not overwhelm hospital manpower and resources.

Overview of DOS attacks on wireless sensor networks and experimental results for simulation of interference attacks

Directory of Open Access Journals (Sweden)

Željko Gavrić

2018-01-01

Full Text Available Wireless sensor networks are now used in various fields. The information transmitted in the wireless sensor networks is very sensitive, so the security issue is very important. DOS (denial of service attacks are a fundamental threat to the functioning of wireless sensor networks. This paper describes some of the most common DOS attacks and potential methods of protection against them. The case study shows one of the most frequent attacks on wireless sensor networks – the interference attack. In the introduction of this paper authors assume that the attack interference can cause significant obstruction of wireless sensor networks. This assumption has been proved in the case study through simulation scenario and simulation results.

Securing internet by eliminating DDOS attacks

Science.gov (United States)

Niranchana, R.; Gayathri Devi, N.; Santhi, H.; Gayathri, P.

2017-11-01

The major threat caused to the authorised usage of Internet is Distributed Denial of Service attack. The mechanisms used to prevent the DDoS attacks are said to overcome the attack’s ability in spoofing the IP packets source addresses. By utilising Internet Protocol spoofing, the attackers cause a consequential load over the networks destination for policing attack packets. To overcome the IP Spoofing level on the Internet, We propose an Inter domain Packet Filter (IPF) architecture. The proposed scheme is not based on global routing information. The packets with reliable source addresses are not rejected, the IPF frame work works in such a manner. The spoofing capability of attackers is confined by IPF, and also the filter identifies the source of an attack packet by minimal number of candidate network.

Plants under dual attack

NARCIS (Netherlands)

Ponzio, C.A.M.

2016-01-01

Though immobile, plants are members of complex environments, and are under constant threat from a wide range of attackers, which includes organisms such as insect herbivores or plant pathogens. Plants have developed sophisticated defenses against these attackers, and include chemical responses

New attacks on Wi-Fi Protected Setup

OpenAIRE

Hamed Mohtadi; Alireza Rahimi

2015-01-01

Wi-Fi Protected Setup (WPS) is a network security standard that is used to secure networks in home and office, introduced in 2006 by the Wi-Fi Alliance. It provides easier configuration setup and is used in almost all recent Wi-Fi devices. In this paper we propose two attacks on this standard. The first attack is an offline brute force attack that uses imbalance on registration protocol. This attack needs user action, but it is more efficient than previous attacks. The second attack uses weak...

A Game Theoretic Approach to Cyber Attack Prediction

Energy Technology Data Exchange (ETDEWEB)

Peng Liu

2005-11-28

The area investigated by this project is cyber attack prediction. With a focus on correlation-based prediction, current attack prediction methodologies overlook the strategic nature of cyber attack-defense scenarios. As a result, current cyber attack prediction methodologies are very limited in predicting strategic behaviors of attackers in enforcing nontrivial cyber attacks such as DDoS attacks, and may result in low accuracy in correlation-based predictions. This project develops a game theoretic framework for cyber attack prediction, where an automatic game-theory-based attack prediction method is proposed. Being able to quantitatively predict the likelihood of (sequences of) attack actions, our attack prediction methodology can predict fine-grained strategic behaviors of attackers and may greatly improve the accuracy of correlation-based prediction. To our best knowledge, this project develops the first comprehensive framework for incentive-based modeling and inference of attack intent, objectives, and strategies; and this project develops the first method that can predict fine-grained strategic behaviors of attackers. The significance of this research and the benefit to the public can be demonstrated to certain extent by (a) the severe threat of cyber attacks to the critical infrastructures of the nation, including many infrastructures overseen by the Department of Energy, (b) the importance of cyber security to critical infrastructure protection, and (c) the importance of cyber attack prediction to achieving cyber security.

Invisible Trojan-horse attack

DEFF Research Database (Denmark)

Sajeed, Shihan; Minshull, Carter; Jain, Nitin

2017-01-01

We demonstrate the experimental feasibility of a Trojan-horse attack that remains nearly invisible to the single-photon detectors employed in practical quantum key distribution (QKD) systems, such as Clavis2 from ID Quantique. We perform a detailed numerical comparison of the attack performance...

Security and Risk Analysis of Nuclear Safeguards Instruments Using Attack Trees

International Nuclear Information System (INIS)

Naumann, I.; Wishard, B.

2015-01-01

The IAEA's nuclear safeguards instruments must be frequently evaluated against attack vectors, which are extremely varied and, at first approximation, may seem inconsequential, but are not. To accurately analyze the impact of attacks on a multi-component system requires a highly structured and well-documented assessment. Tree structures, such as fault trees, have long been used to assess the consequences of selecting potential solutions and their impact on risk. When applied to security threats by introducing threat agents (adversaries) and vulnerabilities, this approach can be extremely valuable in uncovering previously unidentified risks and identifying mitigation steps. This paper discusses how attack trees can be used for the security analysis of nuclear safeguards instruments. The root node of such a tree represents an objective that negatively impacts security such as disclosing and/or falsifying instrument data or circumventing safeguards methods. Usually, this objective is rather complex and attaining it requires a combination of several security breaches which may vary on how much funding or what capabilities are required in order to execute them. Thus, it is necessary to break the root objective into smaller, less complex units. Once a leaf node describes a reasonably comprehensible action, it is the security experts' task to allocate levels of difficulty and funding to this node. Eventually, the paths from the leaf nodes to the root node describe all possible combinations of actions necessary to carry out a successful attack. The use of a well-structured attack tree facilitates the developer in thinking like the adversary providing more effective security solutions. (author)

Effect of mutual interference on the ability of Spalangia cameroni (Hymenoptera: Pteromalidae) to attack and parasitize pupae of Stomoxys calcitrans (Diptera: Muscidae)

DEFF Research Database (Denmark)

Skovgård, Henrik; Nachman, Gösta

2015-01-01

We investigated the effect of mutual interference on the attack efficiency and the rate of successful parasitism on the parasitoid Spalangia cameroni (Perkins) attacking pupae of the stable fly Stomoxys calcitrans (L.). Female parasitoids (2, 4, 8, 16, or 32) were exposed to 100 fly pupae during ...

Radiological attacks and accidents. Medical consequences

International Nuclear Information System (INIS)

Sakuta, Hidenari

2007-01-01

Probability of the occurrence of radiological attacks appears to be elevated after the terrorist attacks against the United States on September 11 in 2001. There are a lot of scenarios of radiological attack: simple radiological device, radiological disperse device (RDD or dirty bomb), attacks against nuclear reactor, improvised nuclear device, and nuclear weapons. Of these, RDD attack is the most probable scenario, because it can be easily made and can generate enormous psychological and economic damages. Radiological incidents are occurring to and fro in the world, including several cases of theft to nuclear facilities and unsuccessful terrorist attacks against them. Recently, a former Russian spy has allegedly been killed using polonium-210. In addition, serious radiological accidents have occurred in Chernobyl, Goiania, and Tokai-mura. Planning, preparation, education, and training exercise appear to be essential factors to cope with radiological attacks and accidents effectively without feeling much anxiety. Triage and psychological first aid are prerequisite to manage and provide effective medial care for mass casualties without inducing panic. (author)

Script-viruses Attacks on UNIX OS

Directory of Open Access Journals (Sweden)

D. M. Mikhaylov

2010-06-01

Full Text Available In this article attacks on UNIX OS are considered. Currently antivirus developers are concentrated on protecting systems from viruses that are most common and attack popular operating systems. If the system or its components are not often attacked then the antivirus products are not protecting these components as it is not profitable. The same situation is with script-viruses for UNIX OS as most experts consider that it is impossible for such viruses to get enough rights to attack. Nevertheless the main conclusion of this article is the fact that such viruses can be very powerful and can attack systems and get enough rights.

Guideline on management of the acute asthma attack in children by Italian Society of Pediatrics.

Science.gov (United States)

Indinnimeo, Luciana; Chiappini, Elena; Miraglia Del Giudice, Michele

2018-04-06

Acute asthma attack is a frequent condition in children. It is one of the most common reasons for emergency department (ED) visit and hospitalization. Appropriate care is fundamental, considering both the high prevalence of asthma in children, and its life-threatening risks. Italian Society of Pediatrics recently issued a guideline on the management of acute asthma attack in children over age 2, in ambulatory and emergency department settings. The Grading of Recommendations Assessment, Development, and Evaluation (GRADE) methodology was adopted. A literature search was performed using the Cochrane Library and Medline/PubMed databases, retrieving studies in English or Italian and including children over age 2 year. Inhaled ß 2 agonists are the first line drugs for acute asthma attack in children. Ipratropium bromide should be added in moderate/severe attacks. Early use of systemic steroids is associated with reduced risk of ED visits and hospitalization. High doses of inhaled steroids should not replace systemic steroids. Aminophylline use should be avoided in mild/moderate attacks. Weak evidence supports its use in life-threatening attacks. Epinephrine should not be used in the treatment of acute asthma for its lower cost / benefit ratio, compared to β 2 agonists. Intravenous magnesium solphate could be used in children with severe attacks and/or forced expiratory volume1 (FEV1) lower than 60% predicted, unresponsive to initial inhaled therapy. Heliox could be administered in life-threatening attacks. Leukotriene receptor antagonists are not recommended. This Guideline is expected to be a useful resource in managing acute asthma attacks in children over age 2.

Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers

Directory of Open Access Journals (Sweden)

Roberto Alonso

2016-08-01

Full Text Available The Domain Name System (DNS is a critical infrastructure of any network, and, not surprisingly a common target of cybercrime. There are numerous works that analyse higher level DNS traffic to detect anomalies in the DNS or any other network service. By contrast, few efforts have been made to study and protect the recursive DNS level. In this paper, we introduce a novel abstraction of the recursive DNS traffic to detect a flooding attack, a kind of Distributed Denial of Service (DDoS. The crux of our abstraction lies on a simple observation: Recursive DNS queries, from IP addresses to domain names, form social groups; hence, a DDoS attack should result in drastic changes on DNS social structure. We have built an anomaly-based detection mechanism, which, given a time window of DNS usage, makes use of features that attempt to capture the DNS social structure, including a heuristic that estimates group composition. Our detection mechanism has been successfully validated (in a simulated and controlled setting and with it the suitability of our abstraction to detect flooding attacks. To the best of our knowledge, this is the first time that work is successful in using this abstraction to detect these kinds of attacks at the recursive level. Before concluding the paper, we motivate further research directions considering this new abstraction, so we have designed and tested two additional experiments which exhibit promising results to detect other types of anomalies in recursive DNS servers.

Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers.

Science.gov (United States)

Alonso, Roberto; Monroy, Raúl; Trejo, Luis A

2016-08-17

The Domain Name System (DNS) is a critical infrastructure of any network, and, not surprisingly a common target of cybercrime. There are numerous works that analyse higher level DNS traffic to detect anomalies in the DNS or any other network service. By contrast, few efforts have been made to study and protect the recursive DNS level. In this paper, we introduce a novel abstraction of the recursive DNS traffic to detect a flooding attack, a kind of Distributed Denial of Service (DDoS). The crux of our abstraction lies on a simple observation: Recursive DNS queries, from IP addresses to domain names, form social groups; hence, a DDoS attack should result in drastic changes on DNS social structure. We have built an anomaly-based detection mechanism, which, given a time window of DNS usage, makes use of features that attempt to capture the DNS social structure, including a heuristic that estimates group composition. Our detection mechanism has been successfully validated (in a simulated and controlled setting) and with it the suitability of our abstraction to detect flooding attacks. To the best of our knowledge, this is the first time that work is successful in using this abstraction to detect these kinds of attacks at the recursive level. Before concluding the paper, we motivate further research directions considering this new abstraction, so we have designed and tested two additional experiments which exhibit promising results to detect other types of anomalies in recursive DNS servers.

Leveraging KVM Events to Detect Cache-Based Side Channel Attacks in a Virtualization Environment

Directory of Open Access Journals (Sweden)

Ady Wahyudi Paundu

2018-01-01

Full Text Available Cache-based side channel attack (CSCa techniques in virtualization systems are becoming more advanced, while defense methods against them are still perceived as nonpractical. The most recent CSCa variant called Flush + Flush has showed that the current detection methods can be easily bypassed. Within this work, we introduce a novel monitoring approach to detect CSCa operations inside a virtualization environment. We utilize the Kernel Virtual Machine (KVM event data in the kernel and process this data using a machine learning technique to identify any CSCa operation in the guest Virtual Machine (VM. We evaluate our approach using Receiver Operating Characteristic (ROC diagram of multiple attack and benign operation scenarios. Our method successfully separate the CSCa datasets from the non-CSCa datasets, on both trained and nontrained data scenarios. The successful classification also include the Flush + Flush attack scenario. We are also able to explain the classification results by extracting the set of most important features that separate both classes using their Fisher scores and show that our monitoring approach can work to detect CSCa in general. Finally, we evaluate the overhead impact of our CSCa monitoring method and show that it has a negligible computation overhead on the host and the guest VM.

Hybrid attacks on model-based social recommender systems

Science.gov (United States)

Yu, Junliang; Gao, Min; Rong, Wenge; Li, Wentao; Xiong, Qingyu; Wen, Junhao

2017-10-01

With the growing popularity of the online social platform, the social network based approaches to recommendation emerged. However, because of the open nature of rating systems and social networks, the social recommender systems are susceptible to malicious attacks. In this paper, we present a certain novel attack, which inherits characteristics of the rating attack and the relation attack, and term it hybrid attack. Furtherly, we explore the impact of the hybrid attack on model-based social recommender systems in multiple aspects. The experimental results show that, the hybrid attack is more destructive than the rating attack in most cases. In addition, users and items with fewer ratings will be influenced more when attacked. Last but not the least, the findings suggest that spammers do not depend on the feedback links from normal users to become more powerful, the unilateral links can make the hybrid attack effective enough. Since unilateral links are much cheaper, the hybrid attack will be a great threat to model-based social recommender systems.

THE ANALYSIS OF THE COMMODITY PRICE FORECASTING SUCCESS CONSIDERING DIFFERENT LENGTHS OF THE INITIAL CONDITION DRIFT

Directory of Open Access Journals (Sweden)

Marcela Lascsáková

2015-09-01

Full Text Available In the paper the numerical model based on the exponential approximation of commodity stock exchanges was derived. The price prognoses of aluminium on the London Metal Exchange were determined as numerical solution of the Cauchy initial problem for the 1st order ordinary differential equation. To make the numerical model more accurate the idea of the modification of the initial condition value by the stock exchange was realized. By having analyzed the forecasting success of the chosen initial condition drift types, the initial condition drift providing the most accurate prognoses for the commodity price movements was determined. The suggested modification of the original model made the commodity price prognoses more accurate.

Exploiting Wireless Received Signal Strength Indicators to Detect Evil-Twin Attacks in Smart Homes

Directory of Open Access Journals (Sweden)

Zhanyong Tang

2017-01-01

Full Text Available Evil-Twin is becoming a common attack in smart home environments where an attacker can set up a fake AP to compromise the security of the connected devices. To identify the fake APs, The current approaches of detecting Evil-Twin attacks all rely on information such as SSIDs, the MAC address of the genuine AP, or network traffic patterns. However, such information can be faked by the attacker, often leading to low detection rates and weak protection. This paper presents a novel Evil-Twin attack detection method based on the received signal strength indicator (RSSI. Our approach considers the RSSI as a fingerprint of APs and uses the fingerprint of the genuine AP to identify fake ones. We provide two schemes to detect a fake AP in two different scenarios where the genuine AP can be located at either a single or multiple locations in the property, by exploiting the multipath effect of the Wi-Fi signal. As a departure from prior work, our approach does not rely on any professional measurement devices. Experimental results show that our approach can successfully detect 90% of the fake APs, at the cost of a one-off, modest connection delay.

Dog attack resulting in evisceration in an infant.

Science.gov (United States)

Cataldi, Laura A; Yamout, Sani Z; Glick, Philip L

2011-04-01

Severe dog bites can result in substantial morbidity and potentially fatal injury. We present a case of an infant attacked by a Staffordshire bull terrier with resultant soft tissue injury, evisceration, and bowel injury. Rapid assessment in the emergency department included evaluation for both blunt and penetrating injuries. After initial survey and resuscitation, the patient was transported to the operating room where he underwent an exploratory laparotomy, small bowel repair, and abdominal wall closure. Copyright © 2011 by Lippincott Williams & Wilkins

Automated classification of computer network attacks

CSIR Research Space (South Africa)

Van Heerden, R

2013-11-01

Full Text Available according to the relevant types of attack scenarios depicted in the ontology. The two network attack instances are the Distributed Denial of Service attack on SpamHaus in 2013 and the theft of 42 million Rand ($6.7 million) from South African Postbank...

Helicobacter pylori infection as a triggering factor of attacks in patients with hereditary angioedema

DEFF Research Database (Denmark)

Visy, Beáta; Füst, George; Bygum, Anette

2007-01-01

BACKGROUND: Helicobacter pylori infection is considered among the causative factors of urticaria and angioedema. Having conducted a study on 65 patients, Hungarian authors reported in 2001 that successful eradication of H. pylori is followed by a significant reduction in the number of attacks in ...

Protecting Dynamic Mobile Agent against Denial of Service Attacks

Science.gov (United States)

Aggarwal, Mayank; Nipur, Pallavi

2010-11-01

Mobile Agents are softwares migrating from one node to another to fulfill the task of its owner. The introduction of mobile agents has reduced network latency, network traffic a lot but at the same time it has increased the vulnerability for attacks by malicious hosts. One such attack is `Denial of Service', once the agent is launched it is free to roam without any control of its owner, this on one hand decreases the cost of agent—owner interaction and on the other hand increases the chances of `Denial Of Service'. In Denial Of Service attack the malicious host may deny resources required by the agent and kill the agent, thus the result computed so far is lost and this may happen every time the agent visits any malicious host. In this paper we continued the work done in [10] in which the authors proposed techniques by which owner can detect the malicious host for `Denial Of Service' but they did not covered technique for dynamic routes i.e. where the host or agent initiate migrations to hosts which were not contained in the route composed by the owner. We introduced an algorithm and a model which can be useful for the above purpose.

Cyber Attacks and Combat Behavior

Directory of Open Access Journals (Sweden)

Carataș Maria Alina

2017-01-01

Full Text Available Cyber terrorism is an intangible danger, a real over the corner threat in the life of individuals,organizations, and governments and is getting harder to deal with its damages. The motivations forthe cyber-attacks are different, depending on the terrorist group, from cybercrime to hacktivism,attacks over the authorities’ servers. Organizations constantly need to find new ways ofstrengthening protection against cyber-attacks, assess their cyber readiness, expand the resiliencecapacity and adopts international security regulations.

Attacks on public telephone networks: technologies and challenges

Science.gov (United States)

Kosloff, T.; Moore, Tyler; Keller, J.; Manes, Gavin W.; Shenoi, Sujeet

2003-09-01

Signaling System 7 (SS7) is vital to signaling and control in America's public telephone networks. This paper describes a class of attacks on SS7 networks involving the insertion of malicious signaling messages via compromised SS7 network components. Three attacks are discussed in detail: IAM flood attacks, redirection attacks and point code spoofing attacks. Depending on their scale of execution, these attacks can produce effects ranging from network congestion to service disruption. Methods for detecting these denial-of-service attacks and mitigating their effects are also presented.

An Approach for Prevention of MitM Attack Based on Rogue AP in Wireless Network

Directory of Open Access Journals (Sweden)

Zhendong Wu

2014-12-01

Full Text Available With the rapid development of WLAN, more and more schools and businesses have begun to provide the WLAN for users. However, WLAN is considerably more susceptible to MitM (man- in-the-middle attack. To overcome it, we propose a dynamic password technology named Two-way Dynamic Authentication Technology (TDAT. It uses two-factor during the initial authentication, and uses a two-way hash chain during the cross-domain authentication. TDAT effectively protects users' authentication credentials and improves users' experience. In an actual wireless network environment, we implement a MitM attack framework based on Rogue AP. Then we effectively prevent this MitM attack by using TDAT. Moreover we analyze the security of TDAT by using BAN logic.

The use of new facility by means internal balance with sting support for wide range Angle of Attack aircraft

Science.gov (United States)

Subagyo; Daryanto, Yanto; Risnawan, Novan

2018-04-01

The development of facilities for the testing of wide range angle of attack aircraft in the wind tunnel at subsonic regime has done and implemented. Development required to meet the test at an angle of attack from -20 ° to 40 °. Testing the wide range angle of attack aircraft with a wide variation of the angle of attack become important needs. This can be done simply by using the sting support-equipped by internal balance to measure the forces and moments component aerodynamics. The results of development and use on the wide range angle of attack aircraft testing are aerodynamics characteristics in the form of the coefficient three components forces and the three components of the moment. A series of test aircraft was successfully carried out and the results are shown in the form of graphs of characteristic of aerodynamics at wind speed 70 m/s.

Automated Generation of Attack Trees

DEFF Research Database (Denmark)

Vigo, Roberto; Nielson, Flemming; Nielson, Hanne Riis

2014-01-01

Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impractica......Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error......-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees...... are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase...

Pareto Efficient Solutions of Attack-Defence Trees

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming

2015-01-01

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as proba......Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes......, such as probability or cost of attacks and defences. In case of multiple parameters most analytical methods optimise one parameter at a time, e.g., minimise cost or maximise probability of an attack. Such methods may lead to sub-optimal solutions when optimising conflicting parameters, e.g., minimising cost while...... maximising probability. In order to tackle this challenge, we devise automated techniques that optimise all parameters at once. Moreover, in the case of conflicting parameters our techniques compute the set of all optimal solutions, defined in terms of Pareto efficiency. The developments are carried out...

Nest initiation in three North American bumble bees (Bombus): gyne number and presence of honey bee workers influence establishment success and colony size.

Science.gov (United States)

Strange, James P

2010-01-01

Three species of bumble bees, Bombus appositus Cresson, Bombus bifarius, Cresson and Bombus centralis Cresson (Hymenoptera: Apidae) were evaluated for nest initiation success under three sets of initial conditions. In the spring, gynes of each species were caught in the wild and introduced to nest boxes in one of three ways. Gynes were either introduced in conspecific pairs, singly with two honey bees, Apis mellifera L. (Hymenoptera: Apidae) workers, or alone. Nesting success and colony growth parameters were measured to understand the effects of the various treatments on nest establishment. Colonies initiated from pairs of conspecific gynes were most successful in producing worker bees (59.1%), less successful were colonies initiated with honey bee workers (33.3%), and least successful were bumble bee gynes initiating colonies alone (16.7%). There was a negative correlation between the numbers of days to the emergence of the first worker in a colony to the attainment of ultimate colony size, indicating that gynes that have not commenced oviposition in 21 days are unlikely to result in colonies exceeding 50 workers. B. appositus had the highest rate of nest establishment followed by B. bifarius and B. centralis. Nest establishment rates in three western bumble bee species can be increased dramatically by the addition of either honey bee workers or a second gyne to nesting boxes at colony initiation.

Big News: The Indian Media and Student Attacks in Australia

Directory of Open Access Journals (Sweden)

Matt Wade

2016-05-01

Full Text Available By any measure, 2009 was a big year for news in India. And yet the safety of Indian students in Australia ranked among the major news events in India that year. The India-Australia Poll 2013 found 65 per cent of respondents believed the Indian media had accurately reported the problems faced by Indian students in Australia in 2009-10. That implies two-thirds of Indians accepted the Indian media’s mostly negative depictions of Australia. Those who believed the media reporting about Australia had been accurate were more likely to be from large cities, be tertiary educated and have relatively high-incomes. The poll found 62 per cent of respondents thought Australia was a dangerous place for Indian students and that 61 per cent believed attacks on Indian students were motivated by racism. The results suggest negative perceptions about Australia created by the media’s portrayal of the student attacks linger in the Indian community. The timing of the initial attacks, and the imagery associated with them, helped attract and sustain media attention on the issue. The diplomatic tensions created by the crisis highlighted the growing influence of the broadcast media on India’s foreign relations. But the episode also exposed a deep lack of understanding about India in Australia. Governments were slow to comprehend how much damage media coverage of student attacks could do to Australia’s reputation in India.

Cross-site scripting attacks procedure and Prevention Strategies

Directory of Open Access Journals (Sweden)

Wang Xijun

2016-01-01

Full Text Available Cross-site scripting attacks and defense has been the site of attack and defense is an important issue, this paper, the definition of cross-site scripting attacks, according to the current understanding of the chaos on the cross-site scripting, analyzes the causes and harm cross-site scripting attacks formation of attacks XXS complete process XSS attacks made a comprehensive analysis, and then for the web program includes Mobility there are cross-site scripting filter laxity given from ordinary users browse the web and web application developers two the defense cross-site scripting attacks effective strategy.

Heart Attack Symptoms in Women

Science.gov (United States)

... fat, cholesterol and other substances (plaque). Watch an animation of a heart attack . Many women think the ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

Implementation of DoS attack and mitigation strategies in IEEE 802.11b/g WLAN

Science.gov (United States)

Deng, Julia; Meng, Ke; Xiao, Yang; Xu, Roger

2010-04-01

IEEE 802.11 wireless Local Area Network (WLAN) becomes very prevalent nowadays. Either as a simple range extender for a home wired Ethernet interface, or as a wireless deployment throughout an enterprise, WLAN provides mobility, convenience, and low cost. However, an IEEE 802.11b/g wireless network uses the frequency of unlicensed 2.4GHz, which makes the network unsafe and more vulnerable than traditional Ethernet networks. As a result, anyone who is familiar with wireless network may initiate a Denial of Service (DoS) attack to influence the common communication of the network or even make it crash. In this paper, we present our studies on the DoS attacks and mitigation strategies for IEEE 802.11b/g WLANs and describe some initial implementations using IEEE 802.11b/g wireless devices.

Robust multiple frequency multiple power localization schemes in the presence of multiple jamming attacks.

Directory of Open Access Journals (Sweden)

Ahmed Abdulqader Hussein

Full Text Available Localization of the wireless sensor network is a vital area acquiring an impressive research concern and called upon to expand more with the rising of its applications. As localization is gaining prominence in wireless sensor network, it is vulnerable to jamming attacks. Jamming attacks disrupt communication opportunity among the sender and receiver and deeply impact the localization process, leading to a huge error of the estimated sensor node position. Therefore, detection and elimination of jamming influence are absolutely indispensable. Range-based techniques especially Received Signal Strength (RSS is facing severe impact of these attacks. This paper proposes algorithms based on Combination Multiple Frequency Multiple Power Localization (C-MFMPL and Step Function Multiple Frequency Multiple Power Localization (SF-MFMPL. The algorithms have been tested in the presence of multiple types of jamming attacks including capture and replay, random and constant jammers over a log normal shadow fading propagation model. In order to overcome the impact of random and constant jammers, the proposed method uses two sets of frequencies shared by the implemented anchor nodes to obtain the averaged RSS readings all over the transmitted frequencies successfully. In addition, three stages of filters have been used to cope with the replayed beacons caused by the capture and replay jammers. In this paper the localization performance of the proposed algorithms for the ideal case which is defined by without the existence of the jamming attack are compared with the case of jamming attacks. The main contribution of this paper is to achieve robust localization performance in the presence of multiple jamming attacks under log normal shadow fading environment with a different simulation conditions and scenarios.

Resilience of LTE networks against smart jamming attacks: Wideband model

KAUST Repository

Aziz, Farhan M.

2015-12-03

LTE/LTE-A networks have been successfully providing advanced broadband services to millions of users worldwide. Lately, it has been suggested to use LTE networks for mission-critical applications like public safety, smart grid and military communications. We have previously shown that LTE networks are vulnerable to Denial-of-Service (DOS) and loss of service attacks from smart jammers. In this paper, we extend our previous work on resilience of LTE networks to wideband multipath fading channel, SINR estimation in frequency domain and computation of utilities based on observable parameters under the framework of single-shot and repeated games with asymmetric information. In a single-shot game formulation, network utility is severely compromised at its solutions, i.e. at the Nash Equilibria (NE). We propose evolved repeated-game strategy algorithms to combat smart jamming attacks that can be implemented in existing deployments using current technology. © 2015 IEEE.

Model checking exact cost for attack scenarios

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming

2017-01-01

Attack trees constitute a powerful tool for modelling security threats. Many security analyses of attack trees can be seamlessly expressed as model checking of Markov Decision Processes obtained from the attack trees, thus reaping the benefits of a coherent framework and a mature tool support....... However, current model checking does not encompass the exact cost analysis of an attack, which is standard for attack trees. Our first contribution is the logic erPCTL with cost-related operators. The extended logic allows to analyse the probability of an event satisfying given cost bounds and to compute...... the exact cost of an event. Our second contribution is the model checking algorithm for erPCTL. Finally, we apply our framework to the analysis of attack trees....

Understanding How Components of Organisations Contribute to Attacks

DEFF Research Database (Denmark)

Gu, Min; Aslanyan, Zaruhi; Probst, Christian W.

2016-01-01

Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors is diffi......Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors...... is difficult. Recently, system models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However......, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, understanding the relations between several model...

Attack Graph Construction for Security Events Analysis

Directory of Open Access Journals (Sweden)

Andrey Alexeevich Chechulin

2014-09-01

Full Text Available The paper is devoted to investigation of the attack graphs construction and analysis task for a network security evaluation and real-time security event processing. Main object of this research is the attack modeling process. The paper contains the description of attack graphs building, modifying and analysis technique as well as overview of implemented prototype for network security analysis based on attack graph approach.

Automated Discovery of Mimicry Attacks

National Research Council Canada - National Science Library

Giffin, Jonathon T; Jha, Somesh; Miller, Barton P

2006-01-01

.... These systems are useful only if they detect actual attacks. Previous research developed manually-constructed mimicry and evasion attacks that avoided detection by hiding a malicious series of system calls within a valid sequence allowed by the model...

Transforming Graphical System Models to Graphical Attack Models

DEFF Research Database (Denmark)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

2016-01-01

Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations...... approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset....

When Sinuses Attack! (For Kids)

Science.gov (United States)

... First Aid & Safety Doctors & Hospitals Videos Recipes for Kids Kids site Sitio para niños How the Body Works ... Search English Español When Sinuses Attack! KidsHealth / For Kids / When Sinuses Attack! What's in this article? What ...

Heart Attack

Science.gov (United States)

... properly causes your body's blood sugar levels to rise, increasing your risk of heart attack. Metabolic syndrome. This occurs when you have obesity, high blood pressure and high blood sugar. Having metabolic ...

Software-based Microarchitectural Attacks

OpenAIRE

Gruss, Daniel

2017-01-01

Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Software-based microarchitectural attacks exploit effects of these optimizations. Microarchitectural side-channel attacks leak secrets from cryptographic computations, from general purpose computations, or from the kernel. This leakage even persists across all common isolation boundaries, such as processes, containers, and virtual ...

Integrating cyber attacks within fault trees

International Nuclear Information System (INIS)

Nai Fovino, Igor; Masera, Marcelo; De Cian, Alessio

2009-01-01

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Integrating cyber attacks within fault trees

Energy Technology Data Exchange (ETDEWEB)

Nai Fovino, Igor [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy)], E-mail: igor.nai@jrc.it; Masera, Marcelo [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy); De Cian, Alessio [Department of Electrical Engineering, University di Genova, Genoa (Italy)

2009-09-15

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Attack and Vulnerability Penetration Testing: FreeBSD

Directory of Open Access Journals (Sweden)

Abdul Hanan Abdullah

2013-07-01

Full Text Available Computer system security has become a major concern over the past few years. Attacks, threasts or intrusions, against computer system and network have become commonplace events. However, there are some system devices and other tools that are available to overcome the threat of these attacks. Currently, cyber attack is a major research and inevitable. This paper presents some steps of penetration in FreeBSD operating system, some tools and new steps to attack used in this experiment, probes for reconnaissance, guessing password via brute force, gaining privilege access and flooding victim machine to decrease availability. All these attacks were executed and infiltrate within the environment of Intrusion Threat Detection Universiti Teknologi Malaysia (ITD UTM data set. This work is expected to be a reference for practitioners to prepare their systems from Internet attacks.

Estimating the Attack Ratio of Dengue Epidemics under Time-varying Force of Infection using Aggregated Notification Data

Science.gov (United States)

Coelho, Flavio Codeço; Carvalho, Luiz Max De

2015-12-01

Quantifying the attack ratio of disease is key to epidemiological inference and public health planning. For multi-serotype pathogens, however, different levels of serotype-specific immunity make it difficult to assess the population at risk. In this paper we propose a Bayesian method for estimation of the attack ratio of an epidemic and the initial fraction of susceptibles using aggregated incidence data. We derive the probability distribution of the effective reproductive number, Rt, and use MCMC to obtain posterior distributions of the parameters of a single-strain SIR transmission model with time-varying force of infection. Our method is showcased in a data set consisting of 18 years of dengue incidence in the city of Rio de Janeiro, Brazil. We demonstrate that it is possible to learn about the initial fraction of susceptibles and the attack ratio even in the absence of serotype specific data. On the other hand, the information provided by this approach is limited, stressing the need for detailed serological surveys to characterise the distribution of serotype-specific immunity in the population.

Superposition Attacks on Cryptographic Protocols

DEFF Research Database (Denmark)

Damgård, Ivan Bjerre; Funder, Jakob Løvstad; Nielsen, Jesper Buus

2011-01-01

of information. In this paper, we introduce a fundamentally new model of quantum attacks on classical cryptographic protocols, where the adversary is allowed to ask several classical queries in quantum superposition. This is a strictly stronger attack than the standard one, and we consider the security......Attacks on classical cryptographic protocols are usually modeled by allowing an adversary to ask queries from an oracle. Security is then defined by requiring that as long as the queries satisfy some constraint, there is some problem the adversary cannot solve, such as compute a certain piece...... of several primitives in this model. We show that a secret-sharing scheme that is secure with threshold $t$ in the standard model is secure against superposition attacks if and only if the threshold is lowered to $t/2$. We use this result to give zero-knowledge proofs for all of NP in the common reference...

Co-culture microorganisms with different initial proportions reveal the mechanism of chalcopyrite bioleaching coupling with microbial community succession.

Science.gov (United States)

Ma, Liyuan; Wang, Xingjie; Feng, Xue; Liang, Yili; Xiao, Yunhua; Hao, Xiaodong; Yin, Huaqun; Liu, Hongwei; Liu, Xueduan

2017-01-01

The effect of co-culture microorganisms with different initial proportions on chalcopyrite bioleaching was investigated. Communities were rebuilt by six typical strains isolated from the same habitat. The results indicated, by community with more sulfur oxidizers at both 30 and 40°C, the final copper extraction rate was 19.8% and 6.5% higher, respectively, than that with more ferrous oxidizers. The variations of pH, redox potential, ferrous and copper ions in leachate also provided evidences that community with more sulfur oxidizers was more efficient. Community succession of free and attached cells revealed that initial proportions played decisive roles on community dynamics at 30°C, while communities shared similar structures, not relevant to initial proportions at 40°C. X-ray diffraction analysis confirmed different microbial functions on mineral surface. A mechanism model for chalcopyrite bioleaching was established coupling with community succession. This will provide theoretical basis for reconstructing an efficient community in industrial application. Copyright © 2016 Elsevier Ltd. All rights reserved.

Recurrent spontaneous attacks of dizziness.

Science.gov (United States)

Lempert, Thomas

2012-10-01

This article describes the common causes of recurrent vertigo and dizziness that can be diagnosed largely on the basis of history. Ninety percent of spontaneous recurrent vertigo and dizziness can be explained by six disorders: (1) Ménière disease is characterized by vertigo attacks, lasting 20 minutes to several hours, with concomitant hearing loss, tinnitus, and aural fullness. Aural symptoms become permanent during the course of the disease. (2) Attacks of vestibular migraine may last anywhere from minutes to days. Most patients have a previous history of migraine headaches, and many experience migraine symptoms during the attack. (3) Vertebrobasilar TIAs affect older adults with vascular risk factors. Most attacks last less than 1 hour and are accompanied by other symptoms from the posterior circulation territory. (4) Vestibular paroxysmia is caused by vascular compression of the eighth cranial nerve. It manifests itself with brief attacks of vertigo that recur many times per day, sometimes with concomitant cochlear symptoms. (5) Orthostatic hypotension causes brief episodes of dizziness lasting seconds to a few minutes after standing up and is relieved by sitting or lying down. In older adults, it may be accompanied by supine hypertension. (6) Panic attacks usually last minutes, occur in specific situations, and are accompanied by choking, palpitations, tremor, heat, and anxiety. Less common causes of spontaneous recurrent vertigo and dizziness include perilymph fistula, superior canal dehiscence, autoimmune inner ear disease, otosclerosis, cardiac arrhythmia, and medication side effects. Neurologists need to venture into otolaryngology, internal medicine, and psychiatry to master the differential diagnosis of recurrent dizziness.

[Clinical pathway for management of patients with acute asthma attack].

Science.gov (United States)

Azuma, Naoto; Katada, Yoshinori; Kobayashi, Masaaki; Kojima, Makiko; Nakajima, Yumi; Shibano, Miyo; Tomita, Hitomi; Yamanaka, Takao; Harada, Yoshinori; Ishii, Taeko; Saeki, Yukihiko

2008-11-01

There have been few reports of clinical pathway (CP) for treatment of asthma attack, because patients with asthma always admit emergently and the severity varies. We introduced CP so that standard asthma treatment can be widely used, and investigated its clinical usefulness. We designed a new CP for treating asthma attack according to the guideline (Japanese guideline (JGL) and Global Initiative for Asthma (GINA)). 136 patients who admitted to our hospital due to asthma attack from January 1999 to November 2006, were enrolled our study. Excluding cases complicated with pneumonia, COPD or cardiac failure, we evaluated 46 cases treated with the CP comparing with 19 cases treated without the CP. The clinical evaluations include systemic and inhaled steroid use, FEV1.0%, history of asthma, and the duration of asthma attack. Furthermore, we investigated difference between cases with and without prolonged admission. While the rates of systemic and inhaled steroid use in cases without the CP were 57.9% and 52.6% respectively, those in cases with the CP were approximately 100%. Employing the CP, FEV 1.0% at discharge time was elevated from 71.7% to 76.3% and the duration of hospitalization was shortened from 14.2 days to 11.5 days. Mean age of the cases with prolonged admission was higher than the rest. The asthma CP is an effective way for the standard treatment according to the guideline to be used widely even by doctors who are not familiar with asthma treatment. It improves the efficacy of in-hospital treatment.

A Bitslice Implementation of Anderson's Attack on A5/1

Science.gov (United States)

Bulavintsev, Vadim; Semenov, Alexander; Zaikin, Oleg; Kochemazov, Stepan

2018-03-01

The A5/1 keystream generator is a part of Global System for Mobile Communications (GSM) protocol, employed in cellular networks all over the world. Its cryptographic resistance was extensively analyzed in dozens of papers. However, almost all corresponding methods either employ a specific hardware or require an extensive preprocessing stage and significant amounts of memory. In the present study, a bitslice variant of Anderson's Attack on A5/1 is implemented. It requires very little computer memory and no preprocessing. Moreover, the attack can be made even more efficient by harnessing the computing power of modern Graphics Processing Units (GPUs). As a result, using commonly available GPUs this method can quite efficiently recover the secret key using only 64 bits of keystream. To test the performance of the implementation, a volunteer computing project was launched. 10 instances of A5/1 cryptanalysis have been successfully solved in this project in a single week.

Computer Security: Computer security threats, vulnerabilities and attacks (3/4)

CERN Document Server

CERN. Geneva

2012-01-01

Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

Shark Attack Project - Marine Attack at Towed Hydrophone Arrays

National Research Council Canada - National Science Library

Kalmijn, Adrianus J

2005-01-01

The original objective of the SIO Marine Attack project was to identify the electric and magnetic fields causing sharks to inflict serious damage upon the towed hydrophone arrays of US Navy submarines...

Novel Method For Low-Rate Ddos Attack Detection

Science.gov (United States)

Chistokhodova, A. A.; Sidorov, I. D.

2018-05-01

The relevance of the work is associated with an increasing number of advanced types of DDoS attacks, in particular, low-rate HTTP-flood. Last year, the power and complexity of such attacks increased significantly. The article is devoted to the analysis of DDoS attacks detecting methods and their modifications with the purpose of increasing the accuracy of DDoS attack detection. The article details low-rate attacks features in comparison with conventional DDoS attacks. During the analysis, significant shortcomings of the available method for detecting low-rate DDoS attacks were found. Thus, the result of the study is an informal description of a new method for detecting low-rate denial-of-service attacks. The architecture of the stand for approbation of the method is developed. At the current stage of the study, it is possible to improve the efficiency of an already existing method by using a classifier with memory, as well as additional information.

Biometrics based authentication scheme for session initiation protocol

OpenAIRE

Xie, Qi; Tang, Zhixiong

2016-01-01

Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when co...

Heart Attack

Science.gov (United States)

... family history of heart attack race – African Americans, Mexican Americans, Native Americans, and native Hawaiians are at ... Your doctor will prescribe the medicines that are right for you. If you have had a heart ...

Resilience 2.0: social media use and (self-)care during the 2011 Norway attacks

Science.gov (United States)

2015-01-01

Departing from the understanding that resilience is a technique of self-organization during emergencies, this article provides a study on the way in which the use of social media influenced and engendered societal resilience practices during the 2011 Norway attacks. It builds on the concepts of governmentality and mediality to discuss how the interplay between social media and its users created new forms of self-initiated and mediated emergency governance. Empirically, it draws on material from 20 in-depth interviews with Norwegians who explained and reflected upon their social media use during the attacks. The article presents an overview of the different functions that social media assumed in the process of dealing with the attacks and discusses these vis-à-vis their related challenges. It draws conclusions about the way in which resilience practices and the resilient subject are influenced by the networked character of 2.0 technologies. PMID:29708120

Automatic Classification of Attacks on IP Telephony

Directory of Open Access Journals (Sweden)

Jakub Safarik

2013-01-01

Full Text Available This article proposes an algorithm for automatic analysis of attack data in IP telephony network with a neural network. Data for the analysis is gathered from variable monitoring application running in the network. These monitoring systems are a typical part of nowadays network. Information from them is usually used after attack. It is possible to use an automatic classification of IP telephony attacks for nearly real-time classification and counter attack or mitigation of potential attacks. The classification use proposed neural network, and the article covers design of a neural network and its practical implementation. It contains also methods for neural network learning and data gathering functions from honeypot application.

Further attacks on Yeung-Mintzer fragile watermarking scheme

Science.gov (United States)

Fridrich, Jessica; Goljan, Miroslav; Memon, Nasir D.

2000-05-01

In this paper, we describe new and improved attacks on the authentication scheme previously proposed by Yeung and Mintzer. Previous attacks assumed that the binary watermark logo inserted in an image for the purposes of authentication was known. Here we remove that assumption and show how the scheme is still vulnerable, even if the binary logo is not known but the attacker has access to multiple images that have been watermarked with the same secret key and contain the same (but unknown) logo. We present two attacks. The first attack infers the secret watermark insertion function and the binary logo, given multiple images authenticated with the same key and containing the same logo. We show that a very good approximation to the logo and watermark insertion function can be constructed using as few as two images. With color images, one needs many more images, nevertheless the attack is still feasible. The second attack we present, which we call the 'collage-attack' is a variation of the Holliman-Memon counterfeiting attack. The proposed variation does not require knowledge of the watermark logo and produces counterfeits of superior quality by means of a suitable dithering process that we develop.

Pareto Efficient Solution of Attack-Defence Trees

NARCIS (Netherlands)

Aslanyan, Zaruhi; Nielson, Flemming

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as

Marine light attack helicopter close air support trainer for situation awareness

Science.gov (United States)

2017-06-01

JTAC Joint Terminal Attack Controller MAGTF Marine Air Ground Task Force MATSS Marine Aviation Training System Sites MAW Marine Aircraft Wing...relevant to aircraft performance not CAS. Therefore, the SA training system should provide visual and audio cues relevant to the CAS environment ... environmental elements outside the aircraft . The initial environment elements included in the trainer are those relating directly to the CAS execution

Initial radioiodine remnant ablation success rates compared by diagnostic scan methods: I123 versus I131

International Nuclear Information System (INIS)

Choi, W.; Choi, E.; Yoo, I.; Kim, S.; Han, E.; Lee, S.; Lee, W.

2015-01-01

Full text of publication follows. Objective: to see if diagnostic whole body scan (DxWBS) performed with I-131 prior diminishes the success rate of initial radioiodine remnant ablation (RRA) compared to I-123 DxWBS in differentiated thyroid cancer patients. Material and methods: consecutive thyroid cancer patients who received total thyroidectomy for differentiated thyroid cancer and then high dose RRA (either 100 mCi or 150 mCi) within 6 months were included. DxWBSs were performed with I-123 or with I-131. Prior to the DxWBSs, all patients followed strict low iodine diet for 2 weeks and withdrew hormone to stimulate TSH above 30 mIU/l. Patients with extra-thyroidal extension of tumor, lymph node metastasis, or distant metastasis were excluded. The initial RRA was defined as successful if the next DxWBS done 6 months to 1 year later was negative and stimulated thyroglobulin level was below 2 ng/ml. Results: of 71 patients who had I-123 DxWBSs, 31 patients went on to receive RRA with 100 mCi and 40 patients received 150 mCi. Of 73 patients who had I-131 DxWBSs, 66 received 100 mCi and 7 patients received 150 mCi. The overall success rate was 79% for patients who had I-123 DxWBS prior to RRA (68% for 100 mCi and 86% for 150 mCi), and 68% for patient who had I-131 DxWBSs (68% for 100 mCi and 71% for 150 mCi). Conclusion: for patients who received 100 mCi, the RRA success rate was the same for I-123 DxWBS and I-131 DxWBS. For patients treated with 150 mCi, the success rate may be lower in patients who receive RRA following DxWBS with I-131 compared to DxWBS with I-123. (authors)

Attacks on the AJPS Mersenne-based cryptosystem

NARCIS (Netherlands)

K. de Boer (Koen); L. Ducas (Léo); S. Jeffery (Stacey); R. M. de Wolf (Ronald)

2018-01-01

textabstractAggarwal, Joux, Prakash and Santha recently introduced a new potentially quantum-safe public-key cryptosystem, and suggested that a brute-force attack is essentially optimal against it. They consider but then dismiss both Meet-in-the-Middle attacks and LLL-based attacks. Very soon after

The political attack ad

Directory of Open Access Journals (Sweden)

Palma Peña-Jiménez, Ph.D.

2011-01-01

Full Text Available During election campaigns the political spot has a clear objective: to win votes. This message is communicated to the electorate through television and Internet, and usually presents a negative approach, which includes a direct critical message against the opponent, rather than an exposition of proposals. This article is focused on the analysis of the campaign attack video ad purposely created to encourage the disapproval of the political opponent among voters. These ads focus on discrediting the opponent, many times, through the transmission of ad hominem messages, instead of disseminating the potential of the political party and the virtues and manifesto of its candidate. The article reviews the development of the attack ad since its first appearance, which in Spain dates back to 1996, when the famous Doberman ad was broadcast, and examines the most memorable campaign attack ads.

Robust Detection of Stepping-Stone Attacks

National Research Council Canada - National Science Library

He, Ting; Tong, Lang

2006-01-01

The detection of encrypted stepping-stone attack is considered. Besides encryption and padding, the attacker is capable of inserting chaff packets and perturbing packet timing and transmission order...

A Framework for Attack-Resilient Industrial Control Systems : Attack Detection and Controller Reconfiguration

OpenAIRE

Paridari, Kaveh; O'Mahony, Niamh; Mady, Alie El-Din; Chabukswar, Rohan; Boubekeur, Menouer; Sandberg, Henrik

2017-01-01

Most existing industrial control systems (ICSs), such as building energy management systems (EMSs), were installed when potential security threats were only physical. With advances in connectivity, ICSs are now, typically, connected to communications networks and, as a result, can be accessed remotely. This extends the attack surface to include the potential for sophisticated cyber attacks, which can adversely impact ICS operation, resulting in service interruption, equipment damage, safety c...

Drought predisposes piñon-juniper woodlands to insect attacks and mortality.

Science.gov (United States)

Gaylord, Monica L; Kolb, Thomas E; Pockman, William T; Plaut, Jennifer A; Yepez, Enrico A; Macalady, Alison K; Pangle, Robert E; McDowell, Nate G

2013-04-01

To test the hypothesis that drought predisposes trees to insect attacks, we quantified the effects of water availability on insect attacks, tree resistance mechanisms, and mortality of mature piñon pine (Pinus edulis) and one-seed juniper (Juniperus monosperma) using an experimental drought study in New Mexico, USA. The study had four replicated treatments (40 × 40 m plot/replicate): removal of 45% of ambient annual precipitation (H2 O-); irrigation to produce 125% of ambient annual precipitation (H2 O+); a drought control (C) to quantify the impact of the drought infrastructure; and ambient precipitation (A). Piñon began dying 1 yr after drought initiation, with higher mortality in the H2 O- treatment relative to other treatments. Beetles (bark/twig) were present in 92% of dead trees. Resin duct density and area were more strongly affected by treatments and more strongly associated with piñon mortality than direct measurements of resin flow. For juniper, treatments had no effect on insect resistance or attacks, but needle browning was highest in the H2 O- treatment. Our results provide strong evidence that ≥ 1 yr of severe drought predisposes piñon to insect attacks and increases mortality, whereas 3 yr of the same drought causes partial canopy loss in juniper. © 2013 The Authors. New Phytologist © 2013 New Phytologist Trust.

An Adaptive Approach for Defending against DDoS Attacks

Directory of Open Access Journals (Sweden)

Muhai Li

2010-01-01

Full Text Available In various network attacks, the Distributed Denial-of-Service (DDoS attack is a severe threat. In order to deal with this kind of attack in time, it is necessary to establish a special type of defense system to change strategy dynamically against attacks. In this paper, we introduce an adaptive approach, which is used for defending against DDoS attacks, based on normal traffic analysis. The approach can check DDoS attacks and adaptively adjust its configurations according to the network condition and attack severity. In order to insure the common users to visit the victim server that is being attacked, we provide a nonlinear traffic control formula for the system. Our simulation test indicates that the nonlinear control approach can prevent the malicious attack packets effectively while making legitimate traffic flows arrive at the victim.

Attacks on quantum key distribution protocols that employ non-ITS authentication

Science.gov (United States)

Pacher, C.; Abidin, A.; Lorünser, T.; Peev, M.; Ursin, R.; Zeilinger, A.; Larsson, J.-Å.

2016-01-01

We demonstrate how adversaries with large computing resources can break quantum key distribution (QKD) protocols which employ a particular message authentication code suggested previously. This authentication code, featuring low key consumption, is not information-theoretically secure (ITS) since for each message the eavesdropper has intercepted she is able to send a different message from a set of messages that she can calculate by finding collisions of a cryptographic hash function. However, when this authentication code was introduced, it was shown to prevent straightforward man-in-the-middle (MITM) attacks against QKD protocols. In this paper, we prove that the set of messages that collide with any given message under this authentication code contains with high probability a message that has small Hamming distance to any other given message. Based on this fact, we present extended MITM attacks against different versions of BB84 QKD protocols using the addressed authentication code; for three protocols, we describe every single action taken by the adversary. For all protocols, the adversary can obtain complete knowledge of the key, and for most protocols her success probability in doing so approaches unity. Since the attacks work against all authentication methods which allow to calculate colliding messages, the underlying building blocks of the presented attacks expose the potential pitfalls arising as a consequence of non-ITS authentication in QKD post-processing. We propose countermeasures, increasing the eavesdroppers demand for computational power, and also prove necessary and sufficient conditions for upgrading the discussed authentication code to the ITS level.

Countermeasures for unintentional and intentional video watermarking attacks

Science.gov (United States)

Deguillaume, Frederic; Csurka, Gabriela; Pun, Thierry

2000-05-01

These last years, the rapidly growing digital multimedia market has revealed an urgent need for effective copyright protection mechanisms. Therefore, digital audio, image and video watermarking has recently become a very active area of research, as a solution to this problem. Many important issues have been pointed out, one of them being the robustness to non-intentional and intentional attacks. This paper studies some attacks and proposes countermeasures applied to videos. General attacks are lossy copying/transcoding such as MPEG compression and digital/analog (D/A) conversion, changes of frame-rate, changes of display format, and geometrical distortions. More specific attacks are sequence edition, and statistical attacks such as averaging or collusion. Averaging attack consists of averaging locally consecutive frames to cancel the watermark. This attack works well for schemes which embed random independent marks into frames. In the collusion attack the watermark is estimated from single frames (based on image denoising), and averaged over different scenes for better accuracy. The estimated watermark is then subtracted from each frame. Collusion requires that the same mark is embedded into all frames. The proposed countermeasures first ensures robustness to general attacks by spread spectrum encoding in the frequency domain and by the use of an additional template. Secondly, a Bayesian criterion, evaluating the probability of a correctly decoded watermark, is used for rejection of outliers, and to implement an algorithm against statistical attacks. The idea is to embed randomly chosen marks among a finite set of marks, into subsequences of videos which are long enough to resist averaging attacks, but short enough to avoid collusion attacks. The Bayesian criterion is needed to select the correct mark at the decoding step. Finally, the paper presents experimental results showing the robustness of the proposed method.

Link-layer Jamming Attacks on S-MAC

NARCIS (Netherlands)

Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

2004-01-01

We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

Link-layer jamming attacks on S-MAC

NARCIS (Netherlands)

Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

Distributed Classification of Localization Attacks in Sensor Networks Using Exchange-Based Feature Extraction and Classifier

Directory of Open Access Journals (Sweden)

Su-Zhe Wang

2016-01-01

Full Text Available Secure localization under different forms of attack has become an essential task in wireless sensor networks. Despite the significant research efforts in detecting the malicious nodes, the problem of localization attack type recognition has not yet been well addressed. Motivated by this concern, we propose a novel exchange-based attack classification algorithm. This is achieved by a distributed expectation maximization extractor integrated with the PECPR-MKSVM classifier. First, the mixed distribution features based on the probabilistic modeling are extracted using a distributed expectation maximization algorithm. After feature extraction, by introducing the theory from support vector machine, an extensive contractive Peaceman-Rachford splitting method is derived to build the distributed classifier that diffuses the iteration calculation among neighbor sensors. To verify the efficiency of the distributed recognition scheme, four groups of experiments were carried out under various conditions. The average success rate of the proposed classification algorithm obtained in the presented experiments for external attacks is excellent and has achieved about 93.9% in some cases. These testing results demonstrate that the proposed algorithm can produce much greater recognition rate, and it can be also more robust and efficient even in the presence of excessive malicious scenario.

A computer network attack taxonomy and ontology

CSIR Research Space (South Africa)

Van Heerden, RP

2012-01-01

Full Text Available of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example, after the launch of a DDOS (Distributed Denial of Service) attack, zombie computers may still connect to the target...-scrap- value-of-a-hacked-pc-revisited/ . Lancor, L., & Workman, R. (2007). Using Google Hacking to Enhance Defense Strategies. ACM SIGCSE Bulletin, 39 (1), 491-495. Lau, F., Rubin, S. H., Smith, M. H., & Trajkovic, L. (2000). Distributed Denial of Service...

Unified communications forensics anatomy of common UC attacks

CERN Document Server

Grant, Nicholas Mr

2013-01-01

Unified Communications Forensics: Anatomy of Common UC Attacks is the first book to explain the issues and vulnerabilities and demonstrate the attacks, forensic artifacts, and countermeasures required to establish a secure (UC) environment. This book is written by leading UC experts Nicholas Grant and Joseph W. Shaw II and provides material never before found on the market, including: analysis of forensic artifacts in common UC attacks an in-depth look at established UC technologies and attack exploits hands-on understanding of UC attack vectors and associated countermeasures

Attacks and countermeasures on AES and ECC

DEFF Research Database (Denmark)

Tange, Henrik; Andersen, Birger

2013-01-01

AES (Advanced Encryption Standard) is widely used in LTE and Wi-Fi communication systems. AES has recently been exposed to new attacks which have questioned the overall security of AES. The newest attack is a so called biclique attack, which is using the fact that the content of the state array...

Intelligent Intrusion Detection of Grey Hole and Rushing Attacks in Self-Driving Vehicular Networks

Directory of Open Access Journals (Sweden)

Khattab M. Ali Alheeti

2016-07-01

Full Text Available Vehicular ad hoc networks (VANETs play a vital role in the success of self-driving and semi self-driving vehicles, where they improve safety and comfort. Such vehicles depend heavily on external communication with the surrounding environment via data control and Cooperative Awareness Messages (CAMs exchanges. VANETs are potentially exposed to a number of attacks, such as grey hole, black hole, wormhole and rushing attacks. This work presents an intelligent Intrusion Detection System (IDS that relies on anomaly detection to protect the external communication system from grey hole and rushing attacks. These attacks aim to disrupt the transmission between vehicles and roadside units. The IDS uses features obtained from a trace file generated in a network simulator and consists of a feed-forward neural network and a support vector machine. Additionally, the paper studies the use of a novel systematic response, employed to protect the vehicle when it encounters malicious behaviour. Our simulations of the proposed detection system show that the proposed schemes possess outstanding detection rates with a reduction in false alarms. This safe mode response system has been evaluated using four performance metrics, namely, received packets, packet delivery ratio, dropped packets and the average end to end delay, under both normal and abnormal conditions.

Biometrics based authentication scheme for session initiation protocol.

Science.gov (United States)

Xie, Qi; Tang, Zhixiong

2016-01-01

Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when compared to other related protocols.

Classifying network attack scenarios using an ontology

CSIR Research Space (South Africa)

Van Heerden, RP

2012-03-01

Full Text Available ) or to the target?s reputation. The Residue sub-phase refers to damage or artefacts of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example after the launch of a DDOS..., A. (1995). Hacking theft of $10 million from citibank revealed. Retrieved 10/10, 2011, from http://articles.latimes.com/1995-08-19/business/fi-36656_1_citibank-system Hurley, E. (2004). SCO site succumbs to DDoS attack. Retrieved 10/10, 2011, from...

Modelling Social-Technical Attacks with Timed Automata

DEFF Research Database (Denmark)

David, Nicolas; David, Alexandre; Hansen, Rene Rydhof

2015-01-01

. In this paper we develop an approach towards modelling socio-technical systems in general and socio-technical attacks in particular, using timed automata and illustrate its application by a complex case study. Thanks to automated model checking and automata theory, we can automatically generate possible attacks...... in our model and perform analysis and simulation of both model and attack, revealing details about the specific interaction between attacker and victim. Using timed automata also allows for intuitive modelling of systems, in which quantities like time and cost can be easily added and analysed....

Anti-discrimination Analysis Using Privacy Attack Strategies

KAUST Repository

Ruggieri, Salvatore

2014-09-15

Social discrimination discovery from data is an important task to identify illegal and unethical discriminatory patterns towards protected-by-law groups, e.g., ethnic minorities. We deploy privacy attack strategies as tools for discrimination discovery under hard assumptions which have rarely tackled in the literature: indirect discrimination discovery, privacy-aware discrimination discovery, and discrimination data recovery. The intuition comes from the intriguing parallel between the role of the anti-discrimination authority in the three scenarios above and the role of an attacker in private data publishing. We design strategies and algorithms inspired/based on Frèchet bounds attacks, attribute inference attacks, and minimality attacks to the purpose of unveiling hidden discriminatory practices. Experimental results show that they can be effective tools in the hands of anti-discrimination authorities.

Analysis Of Default Passwords In Routers Against Brute-Force Attack

OpenAIRE

Mohammed Farik; ABM Shawkat Ali

2015-01-01

Abstract Password authentication is the main means of access control on network routers and router manufacturers provide a default password for initial login to the router. While there has been many publications regarding the minimum requirements of a good password how widely the manufacturers themselves are adhering to the minimum standards and whether these passwords can withstand brute-force attack are not widely known. The novelty of this research is that this is the first time default...

Cyberprints: Identifying Cyber Attackers by Feature Analysis

Science.gov (United States)

Blakely, Benjamin A.

2012-01-01

The problem of attributing cyber attacks is one of increasing importance. Without a solid method of demonstrating the origin of a cyber attack, any attempts to deter would-be cyber attackers are wasted. Existing methods of attribution make unfounded assumptions about the environment in which they will operate: omniscience (the ability to gather,…

Simulation of Attacks for Security in Wireless Sensor Network.

Science.gov (United States)

Diaz, Alvaro; Sanchez, Pablo

2016-11-18

The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node's software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work.

Simulation of Attacks for Security in Wireless Sensor Network

Science.gov (United States)

Diaz, Alvaro; Sanchez, Pablo

2016-01-01

The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node’s software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work. PMID:27869710

Women's Heart Disease: Heart Attack Symptoms

Science.gov (United States)

... of this page please turn JavaScript on. Feature: Women's Heart Disease Heart Attack Symptoms Past Issues / Winter ... most common heart attack symptom in men and women is chest pain or discomfort. However, women also ...

Eyespots deflect predator attack increasing fitness and promoting the evolution of phenotypic plasticity

Science.gov (United States)

Prudic, Kathleen L.; Stoehr, Andrew M.; Wasik, Bethany R.; Monteiro, Antónia

2015-01-01

Some eyespots are thought to deflect attack away from the vulnerable body, yet there is limited empirical evidence for this function and its adaptive advantage. Here, we demonstrate the conspicuous ventral hindwing eyespots found on Bicyclus anynana butterflies protect against invertebrate predators, specifically praying mantids. Wet season (WS) butterflies with larger, brighter eyespots were easier for mantids to detect, but more difficult to capture compared to dry season (DS) butterflies with small, dull eyespots. Mantids attacked the wing eyespots of WS butterflies more frequently resulting in greater butterfly survival and reproductive success. With a reciprocal eyespot transplant, we demonstrated the fitness benefits of eyespots were independent of butterfly behaviour. Regardless of whether the butterfly was WS or DS, large marginal eyespots pasted on the hindwings increased butterfly survival and successful oviposition during predation encounters. In previous studies, DS B. anynana experienced delayed detection by vertebrate predators, but both forms suffered low survival once detected. Our results suggest predator abundance, identity and phenology may all be important selective forces for B. anynana. Thus, reciprocal selection between invertebrate and vertebrate predators across seasons may contribute to the evolution of the B. anynana polyphenism. PMID:25392465

A novel proposed network security management approach for cyber attacks

International Nuclear Information System (INIS)

Ahmed, Z.; Nazir, B.; Zafar, M.F.; Anwar, M.M.; Azam, K.; Asar, A.U.

2007-01-01

Network security is a discipline that focuses on securing networks from unauthorized access. Given the Escalating threats of malicious cyber attacks, modern enterprises employ multiple lines of defense. A comprehensive defense strategy against such attacks should include (I) an attack detection component that deter- mines the fact that a program is compromised, (2) an attack identification and prevention component that identifies attack packets so that one can block such packets in the future and prevents the attack from further propagation. Over the last decade, a significant amount of research has been vested in the systems that can detect cyber attacks either statically at compile time or dynamically at run time, However, not much effort is spent on automated attack packet identification or attack prevention. In this paper we present a unified solution to the problems mentioned above. We implemented this solution after the forward engineering of Open Source Security Information Management (OSSIM) system called Preventive Information Security management (PrISM) system that correlates input from different sensors so that the resulting product can automatically detect any cyber attack against it and prevents by identifying the actual attack packet(s). The PrISM was always able to detect the attacks, identify the attack packets and most often prevent by blocking the attacker's IP address to continue normal execution. There is no additional run-time performance overhead for attack prevention. (author)

Expansion of the baby-friendly hospital initiative ten steps to successful breastfeeding into neonatal intensive care

DEFF Research Database (Denmark)

Nyqvist, Kerstin H; Häggkvist, Anna-Pia; Hansen, Mette N

2013-01-01

In the World Health Organization/United Nations Children's Fund document Baby-Friendly Hospital Initiative: Revised, Updated and Expanded for Integrated Care, neonatal care is mentioned as 1 area that would benefit from expansion of the original Ten Steps to Successful Breastfeeding. The different...... provision of antenatal information, that are specific to neonatal care. Facilitation of early, continuous, and prolonged skin-to-skin contact (kangaroo mother care), early initiation of breastfeeding, and mothers' access to breastfeeding support during the infants' whole hospital stay are important. Mother......'s own milk or donor milk (when available) is the optimal nutrition. Efforts should be made to minimize parent-infant separation and facilitate parents' unrestricted presence with their infants. The initiation and continuation of breastfeeding should be guided only by infant competence and stability...

Adaptive optimisation-offline cyber attack on remote state estimator

Science.gov (United States)

Huang, Xin; Dong, Jiuxiang

2017-10-01

Security issues of cyber-physical systems have received increasing attentions in recent years. In this paper, deception attacks on the remote state estimator equipped with the chi-squared failure detector are considered, and it is assumed that the attacker can monitor and modify all the sensor data. A novel adaptive optimisation-offline cyber attack strategy is proposed, where using the current and previous sensor data, the attack can yield the largest estimation error covariance while ensuring to be undetected by the chi-squared monitor. From the attacker's perspective, the attack is better than the existing linear deception attacks to degrade the system performance. Finally, some numerical examples are provided to demonstrate theoretical results.

Successful integration of ergonomics into continuous improvement initiatives.

Science.gov (United States)

Monroe, Kimberly; Fick, Faye; Joshi, Madina

2012-01-01

Process improvement initiatives are receiving renewed attention by large corporations as they attempt to reduce manufacturing costs and stay competitive in the global marketplace. These initiatives include 5S, Six Sigma, and Lean. These programs often take up a large amount of available time and budget resources. More often than not, existing ergonomics processes are considered separate initiatives by upper management and struggle to gain a seat at the table. To effectively maintain their programs, ergonomics program managers need to overcome those obstacles and demonstrate how ergonomics initiatives are a natural fit with continuous improvement philosophies.

Cyber-physical attacks a growing invisible threat

CERN Document Server

Loukas, George

2015-01-01

Cyber-Physical Attacks: A Growing Invisible Threat presents the growing list of harmful uses of computers and their ability to disable cameras, turn off a building's lights, make a car veer off the road,  or a drone land in enemy hands. In essence, it details the ways cyber-physical attacks are replacing physical attacks in crime, warfare, and terrorism. The book explores how attacks using computers affect the physical world in ways that were previously only possible through physical means. Perpetrators can now cause damage without the same risk, and without the political, social, or moral

Scent of aura? Clinical features of olfactory hallucinations during a migraine attack (OHM).

Science.gov (United States)

Mainardi, Federico; Rapoport, Alan; Zanchin, Giorgio; Maggioni, Ferdinando

2017-02-01

Introduction Olfactory hallucination during a migraine attack (OHM) is a rare phenomenon. At present, it is not considered a manifestation of migraine aura. Material and methods The clinical features of OHM were collected in 11 patients. Results Of the 11 patients, 10 had migraine without aura and one migraine with aura associated with OHM. Mean age at onset of headache and at appearance of OHM were respectively 17.8 and 32.3 years. Migraine average frequency was 3.9 attacks/month, 19% of them being associated with OHM. The temporal pattern of OHM maintained the same characteristics in the different attacks. OHM onset was described as sudden ( n = 5), gradual ( n = 3), initially sudden and then gradual ( n = 2), or developing in a few seconds ( n = 1). In most of the cases ( n = 8) OHM lasted from 3 to 10 minutes; it persisted during the pain phase (2-24 hours) in only three patients. The type of the perceived smell was invariably constant in nine patients. Conclusion OHM features fulfilled the ICHD-III beta criteria for typical aura.

Neuroradiological study of transient ischemic attack

Energy Technology Data Exchange (ETDEWEB)

Takusagawa, Yoshihiko; Fujiwara, Yasuhiro; Ichiki, Ken; Suga, Takeshi; Nishigaki, Shinichi

1986-08-01

Fifty-two patients with carotid TIAs and thirteen patients with vertebrobasilar TIAs were investigated by angiography and computed tomography. TIA was diagnosed by clinical symptoms in accordance with the criteria for TIA of the Joint Committee for Stroke Facilities in the U.S.A. (1974). The 65 patients with TIAs included 49 males and 16 females with average age of 63.5 years old at the initial episode of TIA. As for the diseases associated with TIA, hypertension (51 %), diabetes mellitus (15 %) and ischemic heart diseases (11 %) were the major disorders. Atrial fibrillation was observed in 2 cases. Intervals from last TIA attack to angiography were less than 7 days in 22 cases, 8 -- 30 days in 19 cases, 1 -- 4 monthes in 14 cases and more than 4 monthes in 10 cases, respectively. The cases in which angiography was done earlier after attacks displayed more abnormal findings. In 52 patients with caroted TIAs the artherosclerotic change of extracranial portion of the internal carotid artery was found in 14 cases (27 %), that of intracranial portion of the artery in 11 cases (21 %) and both lesions in 2 cases (4 %). On the other hand, in 13 patients with vertebrobasilar TIAs, this change was observed in 4 cases at the extracranival potion and in 1 case at the intracranial potion (siphon) of the internal carotid artery. Abnormal CT findings were found in 29 of 65 patients, namely 9 had ventricular dilatation and brain atrophy, 6 had cerebral infarction which was not associated with associated with symptoms of TIA. In carotid TIAs, Cerebral infarction was associated with symptoms of TIAs in 15 cases, namely 10 had a small low density area in the basal ganglia near the internal capsule and 5 had a low density area in the cortical or subcortical region. All of these 5 cases had cerebral embolism, which recanalized after attacks. (J.P.N.).

Neuroradiological study of transient ischemic attack

International Nuclear Information System (INIS)

Takusagawa, Yoshihiko; Fujiwara, Yasuhiro; Ichiki, Ken; Suga, Takeshi; Nishigaki, Shinichi

1986-01-01

Fifty-two patients with carotid TIAs and thirteen patients with vertebrobasilar TIAs were investigated by angiography and computed tomography. TIA was diagnosed by clinical symptoms in accordance with the criteria for TIA of the Joint Committee for Stroke Facilities in the U.S.A. (1974). The 65 patients with TIAs included 49 males and 16 females with average age of 63.5 years old at the initial episode of TIA. As for the diseases associated with TIA, hypertension (51 %), diabetes mellitus (15 %) and ischemic heart diseases (11 %) were the major disorders. Atrial fibrillation was observed in 2 cases. Intervals from last TIA attack to angiography were less than 7 days in 22 cases, 8 ∼ 30 days in 19 cases, 1 ∼ 4 monthes in 14 cases and more than 4 monthes in 10 cases, respectively. The cases in which angiography was done earlier after attacks displayed more abnormal findings. In 52 patients with caroted TIAs the artherosclerotic change of extracranial portion of the internal carotid artery was found in 14 cases (27 %), that of intracranial portion of the artery in 11 cases (21 %) and both lesions in 2 cases (4 %). On the other hand, in 13 patients with vertebrobasilar TIAs, this change was observed in 4 cases at the extracranival potion and in 1 case at the intracranial potion (siphon) of the internal carotid artery. Abnormal CT findings were found in 29 of 65 patients, namely 9 had ventricular dilatation and brain atrophy, 6 had cerebral infarction which was not associated with associated with symptoms of TIA. In carotid TIAs, Cerebral infarction was associated with symptoms of TIAs in 15 cases, namely 10 had a small low density area in the basal ganglia near the internal capsule and 5 had a low density area in the cortical or subcortical region. All of these 5 cases had cerebral embolism, which recanalized after attacks. (J.P.N.)

A fatal elephant attack.

Science.gov (United States)

Hejna, Petr; Zátopková, Lenka; Safr, Miroslav

2012-01-01

A rare case of an elephant attack is presented. A 44-year-old man working as an elephant keeper was attacked by a cow elephant when he tripped over a foot chain while the animal was being medically treated. The man fell down and was consequently repeatedly attacked with elephant tusks. The man sustained multiple stab injuries to both groin regions, a penetrating injury to the abdominal wall with traumatic prolapse of the loops of the small bowel, multiple defects of the mesentery, and incomplete laceration of the abdominal aorta with massive bleeding into the abdominal cavity. In addition to the penetrating injuries, the man sustained multiple rib fractures with contusion of both lungs and laceration of the right lobe of the liver, and comminuted fractures of the pelvic arch and left femoral body. The man died shortly after he had been received at the hospital. The cause of death was attributed to traumatic shock. © 2011 American Academy of Forensic Sciences.

Cyber Attacks, Information Attacks, and Postmodern Warfare

Directory of Open Access Journals (Sweden)

Valuch Jozef

2017-06-01

Full Text Available The aim of this paper is to evaluate and differentiate between the phenomena of cyberwarfare and information warfare, as manifestations of what we perceive as postmodern warfare. We describe and analyse the current examples of the use the postmodern warfare and the reactions of states and international bodies to these phenomena. The subject matter of this paper is the relationship between new types of postmodern conflicts and the law of armed conflicts (law of war. Based on ICJ case law, it is clear that under current legal rules of international law of war, cyber attacks as well as information attacks (often performed in the cyberspace as well can only be perceived as “war” if executed in addition to classical kinetic warfare, which is often not the case. In most cases perceived “only” as a non-linear warfare (postmodern conflict, this practice nevertheless must be condemned as conduct contrary to the principles of international law and (possibly a crime under national laws, unless this type of conduct will be recognized by the international community as a “war” proper, in its new, postmodern sense.

Machine Learning Methods for Attack Detection in the Smart Grid.

Science.gov (United States)

Ozay, Mete; Esnaola, Inaki; Yarman Vural, Fatos Tunay; Kulkarni, Sanjeev R; Poor, H Vincent

2016-08-01

Attack detection problems in the smart grid are posed as statistical learning problems for different attack scenarios in which the measurements are observed in batch or online settings. In this approach, machine learning algorithms are used to classify measurements as being either secure or attacked. An attack detection framework is provided to exploit any available prior knowledge about the system and surmount constraints arising from the sparse structure of the problem in the proposed approach. Well-known batch and online learning algorithms (supervised and semisupervised) are employed with decision- and feature-level fusion to model the attack detection problem. The relationships between statistical and geometric properties of attack vectors employed in the attack scenarios and learning algorithms are analyzed to detect unobservable attacks using statistical learning methods. The proposed algorithms are examined on various IEEE test systems. Experimental analyses show that machine learning algorithms can detect attacks with performances higher than attack detection algorithms that employ state vector estimation methods in the proposed attack detection framework.

Transient Ischemic Attack

Medline Plus

Full Text Available ... stroke symptoms. Popular Topics TIA Cardiac Catheter Cholesterol Heart Attack Stent © 2018, American Heart Association, Inc. All rights reserved. Unauthorized use prohibited. ...

[Chronic pancreatitis diagnosed after the first attack of acute pancreatitis].

Science.gov (United States)

Bojková, Martina; Dítě, Petr; Uvírová, Magdalena; Dvořáčková, Nina; Kianička, Bohuslav; Kupka, Tomáš; Svoboda, Pavel; Klvaňa, Pavel; Martínek, Arnošt

2016-02-01

One of the diseases involving a potential risk of developing chronic pancreatitis is acute pancreatitis. Of the overall number of 231 individuals followed with a diagnosis of chronic pancreatitis, 56 patients were initially treated for acute pancreatitis (24.2 %). Within an interval of 12- 24 months from the first attack of acute pancreatitis, their condition gradually progressed to reached the picture of chronic pancreatitis. The individuals included in the study abstained (from alcohol) following the first attack of acute pancreatitis and no relapse of acute pancreatitis was proven during the period of their monitoring. The etiology of acute pancreatitis identified alcohol as the predominant cause (55.3 %), biliary etiology was proven in 35.7 %. According to the revised Atlanta classification, severe pancreatitis was established in 69.6 % of the patients, the others met the criterion for intermediate form, those with the light form were not included. Significant risk factors present among the patients were smoking, obesity and 18 %, resp. 25.8 % had pancreatogenous diabetes mellitus identified. 88.1 % of the patients with acute pancreatitis were smokers. The majority of individuals with chronic pancreatitis following an attack of acute pancreatitis were of a productive age from 25 to 50 years. It is not only acute alcoholic pancreatitis which evolves into chronic pancreatitis, we have also identified this transition for pancreatitis of biliary etiology.

Application distribution model and related security attacks in VANET

Science.gov (United States)

Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

2013-03-01

In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

Transhepatic Balloon Dilatation of Early Biliary Strictures in Pediatric Liver Transplantation: Successful Initial and Mid-Term Outcome

International Nuclear Information System (INIS)

Belenky, Alexander; Mor, Eytan; Bartal, Gabriel; Atar, Eli; Shapiro, Riki; Bar-Nathan, Nathan; Bachar, Gil N.

2004-01-01

Purpose: To evaluate the initial and mid-term outcomes of transhepatic balloon dilatation for the treatment of early biliary strictures in lateral left-segment liver transplants in young children.Methods: Between April 1997 and May 2001, seven children aged 9 months to 6 years with nine benign strictures in left-segment liver grafts were treated percutaneously. Sessions of two or three dilations were performed three or four times at average intervals of 10-20 days. In each session, the biliary stenoses were gradually dilated using balloons of 3-7 mm. Follow-up ranged from 12 to 54 months (mean 27 months, median 12 months). Clinical success was defined as resolution of the stenosis, normalization of liver enzymes and lack of clinical symptoms. Results: Technical success was achieved in all nine strictures. Hemobilia occurred in one patient and was successfully treated. On follow-up, all patients had complete clinical recovery with normalization of liver function and imaging of patent bile ducts. Conclusion: Balloon dilatation is an effective and relatively safe method for the treatment of early biliary strictures in left-segment liver transplantation in young children. We recommend this approach as the initial treatment for early strictures. Metal stents or surgery should be reserved for patients with late appearance of strictures or failure of balloon dilatation

Nonepileptic attack disorder among married women.

Science.gov (United States)

Dhanaraj, M; Rangaraj, R; Arulmozhi, T; Vengatesan, A

2005-06-01

To study the clinical features, precipitating stressful life events and prognosis of nonepileptic attack disorder (NEAD) among married women. Prospective cohort study with 1-year follow-up. A tertiary care teaching hospital. Of the 1020 patients with epilepsy referred to the epilepsy clinic during 2002-2003, 30 were married women with NEAD. The diagnostic criteria for NEAD included normal EEG during ictal and post-ictal phase of the generalized 'attack.' The data collected included clinical characteristics, semiology of the attacks, precipitating stressful events, and co-morbid psychiatric disorders. The control group included 30 age-matched married women with generalized tonic-clonic seizures. The long-term outcome and factors influencing the outcomes were analyzed. The mean duration of illness was 18 months, and the pattern of the attack was 'fall and lying still' in 53% and 'fall with generalized motor movements' in 47%. The frequency was one or more per week in 57% and occasionally in 43%. The important stressful events were matrimonial discord following illegal relationship of the husband with another woman (chi2 = 9.02, P = 0.003) and constant quarrel with other family members (chi2 = 5.19, P = 0.02). The prevalence of sexual abuse was low (7%). Co-morbid psychiatric disorder was observed in 70%. At the end of 1 year, 39% were free from the attack. Resolution of the stressful life events (chi2 = 4.52, P = 0.03) and lower frequency of attack at the time of reporting (chi2 = 3.88, P = 0.05) correlated with good outcomes. Among patients with NEAD in India, the major precipitating factors were matrimonial discord following illegal relationship of the husband with another woman and constant quarrel with other family members and not sexual abuse. Women with low frequency of attack at the time of reporting and the remission of the stressful events had better outcomes.

Subclinical endophthalmitis following a rooster attack.

Science.gov (United States)

Lekse Kovach, Jaclyn; Maguluri, Srilakshmi; Recchia, Franco M

2006-12-01

Ocular injury resulting from rooster attacks is rarely reported in the literature. Sadly, the target of these attacks is most often children younger than 3 years old, whose naiveté of the aggressive, territorial behavior of birds can place them at risk. Acute sequelae of these attacks can result in a lifetime of visual impairment. The possibility of a subacute or occult infection is an unusual occurrence that must always be considered. In an effort to prevent future attacks and ocular casualties, we present a case of a 12-month-old boy who suffered an open globe following a rooster attack. The open globe was emergently repaired. One week later, a white cataract was noticed on examination in the absence of systemic or ocular signs of inflammation. Traumatic endophthalmitis and lenticular abscess were suspected during examination under anesthesia. Vitrectomy, lensectomy, and injection of intravitreal antibiotics were performed. Culture of lenticular and vitreous aspirates grew alpha-streptococcus. Alpha-streptococcal endophthalmitis can result from ocular injuries caused by rooster pecking. The infection may present insidiously and without typical ocular or systemic symptoms or signs. Management is challenging and may require surgery.

Optimizing power system investments and resilience against attacks

International Nuclear Information System (INIS)

Fang, Yiping; Sansavini, Giovanni

2017-01-01

This paper studies the combination of capacity expansion and switch installation in electric systems that ensures optimum performance under nominal operations and attacks. The planner–attacker–defender model is adopted to develop decisions that minimize investment and operating costs, and functionality loss after attacks. The model bridges long-term system planning for transmission expansion and short-term switching operations in reaction to attacks. The mixed-integer optimization is solved by decomposition via two-layer cutting plane algorithm. Numerical results on an IEEE system shows that small investments in transmission line switching enhance resilience by responding to disruptions via system reconfiguration. Sensitivity analyses show that transmission planning under the assumption of small-scale attacks provides the most robust strategy, i.e. the minimum-regret planning, if many constraints and limited investment budget affect the planning. On the other hand, the assumption of large-scale attacks provides the most robust strategy if the planning process involves large flexibility and budget. - Highlights: • Investment optimization in power systems under attacks is presented. • Capacity expansion and switch installation for system reconfiguration are combined. • The problem is solved by decomposition via two-layer cutting plane algorithm. • Small investments in switch installation enhance resilience by response to attacks. • Sensitivity analyses identify robust planning against different attack scenarios.

Influence of certain tactical attacking patterns on the result achieved by the teams participants of the 2010 FIFA World Cup in South Africa

Directory of Open Access Journals (Sweden)

Janković Aleksandar

2011-01-01

Full Text Available The aim of this study is to compare tactical manifestations of soccer teams, different competitive success, defined on the basis of the achieved results in one match at the 2010 FIFA World Cup in South Africa. The teams were divided into 3 groups based on the match results, the tactical analysis included a total of 60 matches of 2010 FIFA World Cup in South Africa. The first sub-sample of the subjects (winning was consisted of the teams that won in the final result, the second sub-sample (draw were the teams that ended in tied score (no winner, while the third subs ample (defeat consisted of the teams which were defeated in the course of regular 90-minute game. Based on the previously processed data, which were taken from the official website of the International Federation of Association Soccer (www.fi fa.com, the observed parameters refer to the game efficiency, tactical attacking resource - passing the ball and the ball passing structure. Based on the analysis of the successful attacks frequency, it was revealed that there is a statistically significant difference in the number of successful attacks between the teams that had achieved different results (p = 0.003, in favor of the winning teams. Additionally, the successfulness of attacks, observed through their accuracy, indicates the differences in their distribution (p = 0.000 between the aforesaid groups. The results also indicate that the total run distance, on the level of one team is not associated with the final result. However, ball possession (P = 0.001, overall number of passes (p = 0.015 and overall number of correct passes (P = 0.013 were figured as important factors in achieving better results, while the analysis of the efficacy percentage and the structure of the game that applied passing, i.e., pass length is little or not associated with the final result. The results of this study can help identify those tactical attacking resources in soccer, which contribute to achieving

Attacker Modelling in Ubiquitous Computing Systems

DEFF Research Database (Denmark)

Papini, Davide

in with our everyday life. This future is visible to everyone nowadays: terms like smartphone, cloud, sensor, network etc. are widely known and used in our everyday life. But what about the security of such systems. Ubiquitous computing devices can be limited in terms of energy, computing power and memory...... attacker remain somehow undened and still under extensive investigation. This Thesis explores the nature of the ubiquitous attacker with a focus on how she interacts with the physical world and it denes a model that captures the abilities of the attacker. Furthermore a quantitative implementation...

Peacetime Use of Computer Network Attack

National Research Council Canada - National Science Library

Busby, Daniel

2000-01-01

.... PDD-63 alerts the nation to prepare for impending cyber attacks. This paper examines the nature, scale, and likelihood of cyber attacks posited in PDD-63 and finds that the country does not face an imminent "electronic Pearl Harbor...

Denial of Service Attack Techniques: Analysis, Implementation and Comparison

Directory of Open Access Journals (Sweden)

Khaled Elleithy

2005-02-01

Full Text Available A denial of service attack (DOS is any type of attack on a networking structure to disable a server from servicing its clients. Attacks range from sending millions of requests to a server in an attempt to slow it down, flooding a server with large packets of invalid data, to sending requests with an invalid or spoofed IP address. In this paper we show the implementation and analysis of three main types of attack: Ping of Death, TCP SYN Flood, and Distributed DOS. The Ping of Death attack will be simulated against a Microsoft Windows 95 computer. The TCP SYN Flood attack will be simulated against a Microsoft Windows 2000 IIS FTP Server. Distributed DOS will be demonstrated by simulating a distribution zombie program that will carry the Ping of Death attack. This paper will demonstrate the potential damage from DOS attacks and analyze the ramifications of the damage.

Temporal Cyber Attack Detection.

Energy Technology Data Exchange (ETDEWEB)

Ingram, Joey Burton [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Draelos, Timothy J. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Galiardi, Meghan [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Doak, Justin E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2017-11-01

Rigorous characterization of the performance and generalization ability of cyber defense systems is extremely difficult, making it hard to gauge uncertainty, and thus, confidence. This difficulty largely stems from a lack of labeled attack data that fully explores the potential adversarial space. Currently, performance of cyber defense systems is typically evaluated in a qualitative manner by manually inspecting the results of the system on live data and adjusting as needed. Additionally, machine learning has shown promise in deriving models that automatically learn indicators of compromise that are more robust than analyst-derived detectors. However, to generate these models, most algorithms require large amounts of labeled data (i.e., examples of attacks). Algorithms that do not require annotated data to derive models are similarly at a disadvantage, because labeled data is still necessary when evaluating performance. In this work, we explore the use of temporal generative models to learn cyber attack graph representations and automatically generate data for experimentation and evaluation. Training and evaluating cyber systems and machine learning models requires significant, annotated data, which is typically collected and labeled by hand for one-off experiments. Automatically generating such data helps derive/evaluate detection models and ensures reproducibility of results. Experimentally, we demonstrate the efficacy of generative sequence analysis techniques on learning the structure of attack graphs, based on a realistic example. These derived models can then be used to generate more data. Additionally, we provide a roadmap for future research efforts in this area.

12 CFR 263.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 3 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in... shall be excused based on the pendency before any court of any interlocutory appeal or collateral attack. ...

12 CFR 509.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding....17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is... shall be excused based on the pendency before any court of any interlocutory appeal or collateral attack. ...

Detection of complex cyber attacks

Science.gov (United States)

Gregorio-de Souza, Ian; Berk, Vincent H.; Giani, Annarita; Bakos, George; Bates, Marion; Cybenko, George; Madory, Doug

2006-05-01

One significant drawback to currently available security products is their inabilty to correlate diverse sensor input. For instance, by only using network intrusion detection data, a root kit installed through a weak username-password combination may go unnoticed. Similarly, an administrator may never make the link between deteriorating response times from the database server and an attacker exfiltrating trusted data, if these facts aren't presented together. Current Security Information Management Systems (SIMS) can collect and represent diverse data but lack sufficient correlation algorithms. By using a Process Query System, we were able to quickly bring together data flowing from many sources, including NIDS, HIDS, server logs, CPU load and memory usage, etc. We constructed PQS models that describe dynamic behavior of complicated attacks and failures, allowing us to detect and differentiate simultaneous sophisticated attacks on a target network. In this paper, we discuss the benefits of implementing such a multistage cyber attack detection system using PQS. We focus on how data from multiple sources can be combined and used to detect and track comprehensive network security events that go unnoticed using conventional tools.

Vulnerability Assessment by Learning Attack Specifications in Graphs

NARCIS (Netherlands)

Nunes Leal Franqueira, V.; Lopes, Raul H.C.

This paper presents an evolutionary approach for learning attack specifications that describe attack scenarios. The objective is to find vulnerabilities in computer networks which minimise the cost of an attack with maximum impact. Although we focus on Insider Threat, the proposed approach applies

Efficacy of "Verbenone Plus" for protecting ponderosa pine trees and stands from Dendroctonus brevicomis (Coleoptera: Curculionidae) attack in British Columbia and California.

Science.gov (United States)

Fettig, Christopher J; McKelvey, Stephen R; Dabney, Christopher P; Huber, Dezene P W; Lait, Cameron G; Fowler, Donald L; Borden, John H

2012-10-01

The western pine beetle, Dendroctonus brevicomis LeConte (Coleoptera: Curculionidae, Scolytinae), is a major cause of ponderosa pine, Pinus ponderosa Douglas ex Lawson, mortality in much of western North America. We review several years of research that led to the identification of Verbenone Plus, a novel four-component semiochemcial blend [acetophenone, (E)-2-hexen-1-ol + (Z)-2-hexen-1-ol, and (-)-verbenone] that inhibits the response of D. brevicomis to attractant-baited traps, and examine the efficacy of Verbenone Plus for protecting individual trees and forest stands from D. brevicomis infestations in British Columbia and California. In all experiments, semiochemicals were stapled around the bole of treated trees at approximately equal to 2 m in height. (-)-Verbenone alone had no effect on the density of total attacks and successful attacks by D. brevicomis on attractant-baited P. ponderosa, but significantly increased the percentage of pitchouts (unsuccessful D. brevicomis attacks). Verbenone Plus significantly reduced the density of D. brevicomis total attacks and D. brevicomis successful attacks on individual trees. A significantly higher percentage of pitchouts occurred on Verbenone Plus-treated trees. The application of Verbenone Plus to attractant-baited P. ponderosa significantly reduced levels of tree mortality. In stand protection studies, Verbenone Plus significantly reduced the percentage of trees mass attacked by D. brevicomis in one study, but in a second study no significant treatment effect was observed. Future research should concentrate on determining optimal release rates and spacings of release devices in stand protection studies, and expansion of Verbenone Plus into other systems where verbenone alone has not provided adequate levels of tree protection.

Attack Tree Generation by Policy Invalidation

NARCIS (Netherlands)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, René Rydhof; Kammüller, Florian; Naeem Akram, R.; Jajodia, S.

2015-01-01

Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identi﬿cation. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identi﬿ed

Time to ART Initiation among Patients Treated for Rifampicin-Resistant Tuberculosis in Khayelitsha, South Africa: Impact on Mortality and Treatment Success.

Science.gov (United States)

Daniels, Johnny Flippie; Khogali, Mohammed; Mohr, Erika; Cox, Vivian; Moyo, Sizulu; Edginton, Mary; Hinderaker, Sven Gudmund; Meintjes, Graeme; Hughes, Jennifer; De Azevedo, Virginia; van Cutsem, Gilles; Cox, Helen Suzanne

2015-01-01

Khayelitsha, South Africa, with high burdens of rifampicin-resistant tuberculosis (RR-TB) and HIV co-infection. To describe time to antiretroviral treatment (ART) initiation among HIV-infected RR-TB patients initiating RR-TB treatment and to assess the association between time to ART initiation and treatment outcomes. A retrospective cohort study of patients with RR-TB and HIV co-infection not on ART at RR-TB treatment initiation. Of the 696 RR-TB and HIV-infected patients initiated on RR-TB treatment between 2009 and 2013, 303 (44%) were not on ART when RR-TB treatment was initiated. The median CD4 cell count was 126 cells/mm3. Overall 257 (85%) patients started ART during RR-TB treatment, 33 (11%) within 2 weeks, 152 (50%) between 2-8 weeks and 72 (24%) after 8 weeks. Of the 46 (15%) who never started ART, 10 (21%) died or stopped RR-TB treatment within 4 weeks and 16 (37%) had at least 4 months of RR-TB treatment. Treatment success and mortality during treatment did not vary by time to ART initiation: treatment success was 41%, 43%, and 50% among patients who started ART within 2 weeks, between 2-8 weeks, and after 8 weeks (p = 0.62), while mortality was 21%, 13% and 15% respectively (p = 0.57). Mortality was associated with never receiving ART (adjusted hazard ratio (aHR) 6.0, CI 2.1-18.1), CD4 count ≤100 (aHR 2.1, CI 1.0-4.5), and multidrug-resistant tuberculosis (MDR-TB) with second-line resistance (aHR 2.5, CI 1.1-5.4). Despite wide variation in time to ART initiation among RR-TB patients, no differences in mortality or treatment success were observed. However, a significant proportion of patients did not initiate ART despite receiving >4 months of RR-TB treatment. Programmatic priorities should focus on ensuring all patients with RR-TB/HIV co-infection initiate ART regardless of CD4 count, with special attention for patients with CD4 counts ≤ 100 to initiate ART as soon as possible after RR-TB treatment initiation.

Neural network classifier of attacks in IP telephony

Science.gov (United States)

Safarik, Jakub; Voznak, Miroslav; Mehic, Miralem; Partila, Pavol; Mikulec, Martin

2014-05-01

Various types of monitoring mechanism allow us to detect and monitor behavior of attackers in VoIP networks. Analysis of detected malicious traffic is crucial for further investigation and hardening the network. This analysis is typically based on statistical methods and the article brings a solution based on neural network. The proposed algorithm is used as a classifier of attacks in a distributed monitoring network of independent honeypot probes. Information about attacks on these honeypots is collected on a centralized server and then classified. This classification is based on different mechanisms. One of them is based on the multilayer perceptron neural network. The article describes inner structure of used neural network and also information about implementation of this network. The learning set for this neural network is based on real attack data collected from IP telephony honeypot called Dionaea. We prepare the learning set from real attack data after collecting, cleaning and aggregation of this information. After proper learning is the neural network capable to classify 6 types of most commonly used VoIP attacks. Using neural network classifier brings more accurate attack classification in a distributed system of honeypots. With this approach is possible to detect malicious behavior in a different part of networks, which are logically or geographically divided and use the information from one network to harden security in other networks. Centralized server for distributed set of nodes serves not only as a collector and classifier of attack data, but also as a mechanism for generating a precaution steps against attacks.

SCADA system vulnerabilities to cyber attack

Energy Technology Data Exchange (ETDEWEB)

Shaw, W. T. [Cyber Security Consulting (Canada)

2004-10-01

The susceptibility to terrorist attacks of computer-based supervisory control (SCADA) systems that are used to monitor and control water distribution systems, oil and gas pipelines and the electrical grid, is discussed. The discussion includes ways in which SCADA systems may be attacked and remedial actions that may be taken to reduce or eliminate the possibility of such attacks. Attacks may take the form of causing the system to generate false data to divert attention from impending system disasters, or commandeer the system to seriously disable it, or cause damage to the process or equipment being controlled by sending improper control commands. SCADA systems are also vulnerable to internal threats, either from an accidental action that results in damage, or an intentional action, as for example by a disgruntled employee, or ex-employee, usually by way of reprogramming an RTU or PLC by accessing the polling/communications circuit. Recent SCADA systems are much more susceptible to concerted cyber attacks because of the adoption of IT technologies and standards into the design of such systems. (Older systems are more likely to be unique designs, hence less susceptible to attack). As far as protection of SCADA systems is concerned, there are no technologies that would prevent a technologically sophisticated terrorist or disgruntled employee from doing major damage to the system, however, the IT world has developed a range of technologies for the protection of IT assets, and many of these same technologies can also be used to safeguard modern SCADA systems.

Combating Memory Corruption Attacks On Scada Devices

Science.gov (United States)

Bellettini, Carlo; Rrushi, Julian

Memory corruption attacks on SCADA devices can cause significant disruptions to control systems and the industrial processes they operate. However, despite the presence of numerous memory corruption vulnerabilities, few, if any, techniques have been proposed for addressing the vulnerabilities or for combating memory corruption attacks. This paper describes a technique for defending against memory corruption attacks by enforcing logical boundaries between potentially hostile data and safe data in protected processes. The technique encrypts all input data using random keys; the encrypted data is stored in main memory and is decrypted according to the principle of least privilege just before it is processed by the CPU. The defensive technique affects the precision with which attackers can corrupt control data and pure data, protecting against code injection and arc injection attacks, and alleviating problems posed by the incomparability of mitigation techniques. An experimental evaluation involving the popular Modbus protocol demonstrates the feasibility and efficiency of the defensive technique.

Attack Methodology Analysis: Emerging Trends in Computer-Based Attack Methodologies and Their Applicability to Control System Networks

Energy Technology Data Exchange (ETDEWEB)

Bri Rolston

2005-06-01

Threat characterization is a key component in evaluating the threat faced by control systems. Without a thorough understanding of the threat faced by critical infrastructure networks, adequate resources cannot be allocated or directed effectively to the defense of these systems. Traditional methods of threat analysis focus on identifying the capabilities and motivations of a specific attacker, assessing the value the adversary would place on targeted systems, and deploying defenses according to the threat posed by the potential adversary. Too many effective exploits and tools exist and are easily accessible to anyone with access to an Internet connection, minimal technical skills, and a significantly reduced motivational threshold to be able to narrow the field of potential adversaries effectively. Understanding how hackers evaluate new IT security research and incorporate significant new ideas into their own tools provides a means of anticipating how IT systems are most likely to be attacked in the future. This research, Attack Methodology Analysis (AMA), could supply pertinent information on how to detect and stop new types of attacks. Since the exploit methodologies and attack vectors developed in the general Information Technology (IT) arena can be converted for use against control system environments, assessing areas in which cutting edge exploit development and remediation techniques are occurring can provide significance intelligence for control system network exploitation, defense, and a means of assessing threat without identifying specific capabilities of individual opponents. Attack Methodology Analysis begins with the study of what exploit technology and attack methodologies are being developed in the Information Technology (IT) security research community within the black and white hat community. Once a solid understanding of the cutting edge security research is established, emerging trends in attack methodology can be identified and the gap between

Trace Attack against Biometric Mobile Applications

Directory of Open Access Journals (Sweden)

Sanaa Ghouzali

2016-01-01

Full Text Available With the exponential increase in the dependence on mobile devices in everyday life, there is a growing concern related to privacy and security issues in the Gulf countries; therefore, it is imperative that security threats should be analyzed in detail. Mobile devices store enormous amounts of personal and financial information, unfortunately without any security. In order to secure mobile devices against different threats, biometrics has been applied and shown to be effective. However, biometric mobile applications are also vulnerable to several types of attacks that can decrease their security. Biometric information itself is considered sensitive data; for example, fingerprints can leave traces in touched objects and facial images can be captured everywhere or accessed by the attacker if the facial image is stored in the mobile device (lost or stolen. Hence, an attacker can easily forge the identity of a legitimate user and access data on a device. In this paper, the effects of a trace attack on the sensitivity of biometric mobile applications are investigated in terms of security and user privacy. Experimental results carried out on facial and fingerprint mobile authentication applications using different databases have shown that these mobile applications are vulnerable to the proposed attack, which poses a serious threat to the overall system security and user privacy.

Limit Asthma Attacks Caused by Colds or Flu

Science.gov (United States)

Asthma: Limit asthma attacks caused by colds or flu A cold or the flu can trigger an asthma attack. Here's why — and how to keep your sneeze ... plan. If you notice warning signs of an asthma attack — such as coughing, wheezing, chest tightness or shortness ...

Finite Energy and Bounded Actuator Attacks on Cyber-Physical Systems

Energy Technology Data Exchange (ETDEWEB)

Djouadi, Seddik M [ORNL; Melin, Alexander M [ORNL; Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Dong, Jin [ORNL; Drira, Anis [ORNL

2015-01-01

As control system networks are being connected to enterprise level networks for remote monitoring, operation, and system-wide performance optimization, these same connections are providing vulnerabilities that can be exploited by malicious actors for attack, financial gain, and theft of intellectual property. Much effort in cyber-physical system (CPS) protection has focused on protecting the borders of the system through traditional information security techniques. Less effort has been applied to the protection of cyber-physical systems from intelligent attacks launched after an attacker has defeated the information security protections to gain access to the control system. In this paper, attacks on actuator signals are analyzed from a system theoretic context. The threat surface is classified into finite energy and bounded attacks. These two broad classes encompass a large range of potential attacks. The effect of theses attacks on a linear quadratic (LQ) control are analyzed, and the optimal actuator attacks for both finite and infinite horizon LQ control are derived, therefore the worst case attack signals are obtained. The closed-loop system under the optimal attack signals is given and a numerical example illustrating the effect of an optimal bounded attack is provided.

Post-traumatic stress reactions following the March 11, 2004 terrorist attacks in a Madrid community sample: a cautionary note about the measurement of psychological trauma.

Science.gov (United States)

Vázquez, Carmelo; Pérez-Sales, Pau; Matt, Georg

2006-05-01

Posttraumatic stress reactions related to the Madrid March 11, 2004, terrorist attacks were examined in a sample of Madrid residents (N = 503) 18-25 days after the attacks, using multiple diagnostic criteria and different cut-off scores. Based on the symptoms covered by the Posttraumatic Stress Disorder Checklist-Civilian (PCL-C; Weathers, Litz, Herman, Huska, and Keane, 1993), rates of probable posttraumatic stress disorder (PTSD) ranged from 3.4% to 13.3%. Taking into account additional criteria from the Diagnostic and Statistical Manual of Mental Disorders (American Psychiatric Association, 200; i.e., the impact of initial reaction and problems in daily functioning as a consequence of the traumatic event), only 1.9% of respondents reported probable PTSD. These results suggest that inferences about the impact of traumatic events on the general population are strongly influenced by the definition of traumatic response. Our findings also revealed that the magnitude of posttraumatic reactions is associated with several risk factors, including living close to the attacked locations, physical proximity to the attacks when they occurred, perception of one's life being at risk, intensity of initial emotional reactions, and being a daily user of the attacked train lines. The use of different cut-off scores did not affect the pattern of risk to develop traumatic stress. The implications of these results for public health policies related to terrorist attacks are discussed.

On localization attacks against cloud infrastructure

Science.gov (United States)

Ge, Linqiang; Yu, Wei; Sistani, Mohammad Ali

2013-05-01

One of the key characteristics of cloud computing is the device and location independence that enables the user to access systems regardless of their location. Because cloud computing is heavily based on sharing resource, it is vulnerable to cyber attacks. In this paper, we investigate a localization attack that enables the adversary to leverage central processing unit (CPU) resources to localize the physical location of server used by victims. By increasing and reducing CPU usage through the malicious virtual machine (VM), the response time from the victim VM will increase and decrease correspondingly. In this way, by embedding the probing signal into the CPU usage and correlating the same pattern in the response time from the victim VM, the adversary can find the location of victim VM. To determine attack accuracy, we investigate features in both the time and frequency domains. We conduct both theoretical and experimental study to demonstrate the effectiveness of such an attack.

Network attacks and defenses a hands-on approach

CERN Document Server

Trabelsi, Zouheir; Al Braiki, Arwa; Mathew, Sujith Samuel

2012-01-01

The attacks on computers and business networks are growing daily, and the need for security professionals who understand how malfeasants perform attacks and compromise networks is a growing requirement to counter the threat. Network security education generally lacks appropriate textbooks with detailed, hands-on exercises that include both offensive and defensive techniques. Using step-by-step processes to build and generate attacks using offensive techniques, Network Attacks and Defenses: A Hands-on Approach enables students to implement appropriate network security solutions within a laborat

SDN-Based Double Hopping Communication against Sniffer Attack

Directory of Open Access Journals (Sweden)

Zheng Zhao

2016-01-01

Full Text Available Sniffer attack has been a severe threat to network communication security. Traditional network usually uses static network configuration, which provides convenience to sniffer attack. In this paper, an SDN-based double hopping communication (DHC approach is proposed to solve this problem. In DHC, ends in communication packets as well as the routing paths are changed dynamically. Therefore, the traffic will be distributed to multiple flows and transmitted along different paths. Moreover, the data from multiple users will be mixed, bringing difficulty for attackers in obtaining and recovering the communication data, so that sniffer attack will be prevented effectively. It is concluded that DHC is able to increase the overhead of sniffer attack, as well as the difficulty of communication data recovery.

Attacks on Bluetooth Security Architecture and Its Countermeasures

Science.gov (United States)

Iqbal, Mian Muhammad Waseem; Kausar, Firdous; Wahla, Muhammad Arif

WPANs compliment the traditional IEEE 802.11 wireless networks by facilitating the clients with flexibility in network topologies, higher mobility and relaxed configuration/hardware requirements. Bluetooth, a WPAN technology, is an open standard for short-range radio frequency (RF) communication. However, it is also susceptible to typical security threats found in wireless LANs. This paper discuses some of the attack scenarios against the bluetooth network such as hostile intrusion, active Man-in-the-Middle (MITM) attack using unit key and various forms of denial of service (DoS) attacks. These threats and attacks compromise the confidentiality and availability of bluetooth data and services. This paper proposes an improved security architecture for bluetooth device which provides protection against the above mentioned attacks.

LAN attack detection using Discrete Event Systems.

Science.gov (United States)

Hubballi, Neminath; Biswas, Santosh; Roopa, S; Ratti, Ritesh; Nandi, Sukumar

2011-01-01

Address Resolution Protocol (ARP) is used for determining the link layer or Medium Access Control (MAC) address of a network host, given its Internet Layer (IP) or Network Layer address. ARP is a stateless protocol and any IP-MAC pairing sent by a host is accepted without verification. This weakness in the ARP may be exploited by malicious hosts in a Local Area Network (LAN) by spoofing IP-MAC pairs. Several schemes have been proposed in the literature to circumvent these attacks; however, these techniques either make IP-MAC pairing static, modify the existing ARP, patch operating systems of all the hosts etc. In this paper we propose a Discrete Event System (DES) approach for Intrusion Detection System (IDS) for LAN specific attacks which do not require any extra constraint like static IP-MAC, changing the ARP etc. A DES model is built for the LAN under both a normal and compromised (i.e., spoofed request/response) situation based on the sequences of ARP related packets. Sequences of ARP events in normal and spoofed scenarios are similar thereby rendering the same DES models for both the cases. To create different ARP events under normal and spoofed conditions the proposed technique uses active ARP probing. However, this probing adds extra ARP traffic in the LAN. Following that a DES detector is built to determine from observed ARP related events, whether the LAN is operating under a normal or compromised situation. The scheme also minimizes extra ARP traffic by probing the source IP-MAC pair of only those ARP packets which are yet to be determined as genuine/spoofed by the detector. Also, spoofed IP-MAC pairs determined by the detector are stored in tables to detect other LAN attacks triggered by spoofing namely, man-in-the-middle (MiTM), denial of service etc. The scheme is successfully validated in a test bed. Copyright © 2010 ISA. Published by Elsevier Ltd. All rights reserved.

An SDN-Based Fingerprint Hopping Method to Prevent Fingerprinting Attacks

Directory of Open Access Journals (Sweden)

Zheng Zhao

2017-01-01

Full Text Available Fingerprinting attacks are one of the most severe threats to the security of networks. Fingerprinting attack aims to obtain the operating system information of target hosts to make preparations for future attacks. In this paper, a fingerprint hopping method (FPH is proposed based on software-defined networks to defend against fingerprinting attacks. FPH introduces the idea of moving target defense to show a hopping fingerprint toward the fingerprinting attackers. The interaction of the fingerprinting attack and its defense is modeled as a signal game, and the equilibriums of the game are analyzed to develop an optimal defense strategy. Experiments show that FPH can resist fingerprinting attacks effectively.

Remote damage control during the attacks on Paris: Lessons learned by the Paris Fire Brigade and evolutions in the rescue system.

Science.gov (United States)

Lesaffre, Xavier; Tourtier, Jean-Pierre; Violin, Yann; Frattini, Benoit; Rivet, Catherine; Stibbe, Olivier; Faure, Florian; Godefroy, Anne; Gallet, Jean-Claude; Ausset, Sylvain

2017-06-01

On November 13, 2015, in 40 minutes, Paris suffered four suicide bombers attacks; shootings at three different restaurant terraces; and an attack on the Bataclan concert hall, resulting in 130 dead and 495 wounded. How did the Parisian rescue system respond and how did it evolve since?We proved we could deploy quickly wide prehospital and hospital resources and teams' equipment and preparedness is being further developed. To secure a swifter initial response, we need a better integration of the operators of the rescue chain with a simpler and more robust organization as well as improved communications channels. We must continue to anticipate and prepare for possible future attacks.

EPA Lean Government Initiative: How to Replicate Lean Successes

Science.gov (United States)

This Lean Replication Primer describes how EPA Offices and Regions can identify and adapt successful practices from previous Lean projects to “replicate” their successes and generate further improvements.

Can the Pelargonium sidoides root extract EPs® 7630 prevent asthma attacks during viral infections of the upper respiratory tract in children?

Science.gov (United States)

Tahan, Fulya; Yaman, Melih

2013-01-15

Asthma is a chronic disease characterized by airway inflammation. Viral infection initiates an immune inflammatory response that may produce asthma attacks. There is no effective preventing therapy for asthma attack during upper respiratory tract viral infections. To investigate the efficacy of 5 days of Pelargonium sidoides therapy for preventing asthma attack during upper respiratory tract viral infections. Sixty one asthmatic children with upper respiratory tract viral infection were enrolled in the study. The patients were randomized to receive Pelargonium sidoides daily for 5 days (n=30) or not (n=31). Before and after treatment, they all were examined and symptom scores were determined. Following five days treatment, children were evaluated whether or not they had an asthma attack. Treatment with Pelargonium sidoides was not associated with a statistically significant differences in fever and muscle aches (p>0.05, Chi-square test). There were significant differences in cough frequency and nasal congestion between the groups (pasthma attack between the groups (pasthma attack. Our study shows that Pelargonium sidoides may prevent asthma attacks during upper respiratory tract viral infections. Copyright © 2012 Elsevier GmbH. All rights reserved.

Defence against Black Hole and Selective Forwarding Attacks for Medical WSNs in the IoT

Directory of Open Access Journals (Sweden)

Avijit Mathur

2016-01-01

Full Text Available Wireless sensor networks (WSNs are being used to facilitate monitoring of patients in hospital and home environments. These systems consist of a variety of different components/sensors and many processes like clustering, routing, security, and self-organization. Routing is necessary for medical-based WSNs because it allows remote data delivery and it facilitates network scalability in large hospitals. However, routing entails several problems, mainly due to the open nature of wireless networks, and these need to be addressed. This paper looks at two of the problems that arise due to wireless routing between the nodes and access points of a medical WSN (for IoT use: black hole and selective forwarding (SF attacks. A solution to the former can readily be provided through the use of cryptographic hashes, while the latter makes use of a neighbourhood watch and threshold-based analysis to detect and correct SF attacks. The scheme proposed here is capable of detecting a selective forwarding attack with over 96% accuracy and successfully identifying the malicious node with 83% accuracy.

Defence against Black Hole and Selective Forwarding Attacks for Medical WSNs in the IoT.

Science.gov (United States)

Mathur, Avijit; Newe, Thomas; Rao, Muzaffar

2016-01-19

Wireless sensor networks (WSNs) are being used to facilitate monitoring of patients in hospital and home environments. These systems consist of a variety of different components/sensors and many processes like clustering, routing, security, and self-organization. Routing is necessary for medical-based WSNs because it allows remote data delivery and it facilitates network scalability in large hospitals. However, routing entails several problems, mainly due to the open nature of wireless networks, and these need to be addressed. This paper looks at two of the problems that arise due to wireless routing between the nodes and access points of a medical WSN (for IoT use): black hole and selective forwarding (SF) attacks. A solution to the former can readily be provided through the use of cryptographic hashes, while the latter makes use of a neighbourhood watch and threshold-based analysis to detect and correct SF attacks. The scheme proposed here is capable of detecting a selective forwarding attack with over 96% accuracy and successfully identifying the malicious node with 83% accuracy.

Quantum chemical study of halophilic interactions. Communication 3. Non-empirical study of the ways of tetrachloromethane attack by halide ions

International Nuclear Information System (INIS)

Kobychev, V.B.; Vitkovskaya, N.M.; Abramov, A.V.; Timokhin, B.V.

1999-01-01

It has been shown by means of non-empirical calculations of model reactions between tetrachloromethane and chlorine/iodine anions that in case of attack via carbon atom according to mechanism S N 2 formation of weakly-bound CCl 4 complexes with halide ions is observed at initial state. Further transformation of the complexes is restricted by considerable potential barriers. Attack of nucleophil via chlorine atom with formation of stable complexes CCl 3 -Cl-Hlg - is preferable [ru

Marginal eyespots on butterfly wings deflect bird attacks under low light intensities with UV wavelengths.

Directory of Open Access Journals (Sweden)

Martin Olofsson

2010-05-01

Full Text Available Predators preferentially attack vital body parts to avoid prey escape. Consequently, prey adaptations that make predators attack less crucial body parts are expected to evolve. Marginal eyespots on butterfly wings have long been thought to have this deflective, but hitherto undemonstrated function.Here we report that a butterfly, Lopinga achine, with broad-spectrum reflective white scales in its marginal eyespot pupils deceives a generalist avian predator, the blue tit, to attack the marginal eyespots, but only under particular conditions-in our experiments, low light intensities with a prominent UV component. Under high light intensity conditions with a similar UV component, and at low light intensities without UV, blue tits directed attacks towards the butterfly head.In nature, birds typically forage intensively at early dawn, when the light environment shifts to shorter wavelengths, and the contrast between the eyespot pupils and the background increases. Among butterflies, deflecting attacks is likely to be particularly important at dawn when low ambient temperatures make escape by flight impossible, and when insectivorous birds typically initiate another day's search for food. Our finding that the deflective function of eyespots is highly dependent on the ambient light environment helps explain why previous attempts have provided little support for the deflective role of marginal eyespots, and we hypothesize that the mechanism that we have discovered in our experiments in a laboratory setting may function also in nature when birds forage on resting butterflies under low light intensities.

Marginal eyespots on butterfly wings deflect bird attacks under low light intensities with UV wavelengths.

Science.gov (United States)

Olofsson, Martin; Vallin, Adrian; Jakobsson, Sven; Wiklund, Christer

2010-05-24

Predators preferentially attack vital body parts to avoid prey escape. Consequently, prey adaptations that make predators attack less crucial body parts are expected to evolve. Marginal eyespots on butterfly wings have long been thought to have this deflective, but hitherto undemonstrated function. Here we report that a butterfly, Lopinga achine, with broad-spectrum reflective white scales in its marginal eyespot pupils deceives a generalist avian predator, the blue tit, to attack the marginal eyespots, but only under particular conditions-in our experiments, low light intensities with a prominent UV component. Under high light intensity conditions with a similar UV component, and at low light intensities without UV, blue tits directed attacks towards the butterfly head. In nature, birds typically forage intensively at early dawn, when the light environment shifts to shorter wavelengths, and the contrast between the eyespot pupils and the background increases. Among butterflies, deflecting attacks is likely to be particularly important at dawn when low ambient temperatures make escape by flight impossible, and when insectivorous birds typically initiate another day's search for food. Our finding that the deflective function of eyespots is highly dependent on the ambient light environment helps explain why previous attempts have provided little support for the deflective role of marginal eyespots, and we hypothesize that the mechanism that we have discovered in our experiments in a laboratory setting may function also in nature when birds forage on resting butterflies under low light intensities.

Data-plane Defenses against Routing Attacks on Tor

Directory of Open Access Journals (Sweden)

Tan Henry

2016-10-01

Full Text Available Tor is susceptible to traffic correlation attacks in which an adversary who observes flows entering and leaving the anonymity network can apply statistical techniques to correlate flows and de-anonymize their endpoints. While an adversary may not be naturally positioned to conduct such attacks, a recent study shows that the Internet’s control-plane can be manipulated to increase an adversary’s view of the network, and consequently, improve its ability to perform traffic correlation. This paper explores, in-depth, the effects of control-plane attacks on the security of the Tor network. Using accurate models of the live Tor network, we quantify Tor’s susceptibility to these attacks by measuring the fraction of the Tor network that is vulnerable and the advantage to the adversary of performing the attacks. We further propose defense mechanisms that protect Tor users from manipulations at the control-plane. Perhaps surprisingly, we show that by leveraging existing trust anchors in Tor, defenses deployed only in the data-plane are sufficient to detect most control-plane attacks. Our defenses do not assume the active participation of Internet Service Providers, and require only very small changes to Tor. We show that our defenses result in a more than tenfold decrease in the effectiveness of certain control-plane attacks.

RApid Primary care Initiation of Drug treatment for Transient Ischaemic Attack (RAPID−TIA): study protocol for a pilot randomised controlled trial

Science.gov (United States)

2013-01-01

Background People who have a transient ischaemic attack (TIA) or minor stroke are at high risk of a recurrent stroke, particularly in the first week after the event. Early initiation of secondary prevention drugs is associated with an 80% reduction in risk of stroke recurrence. This raises the question as to whether these drugs should be given before being seen by a specialist – that is, in primary care or in the emergency department. The aims of the RAPID-TIA pilot trial are to determine the feasibility of a randomised controlled trial, to analyse cost effectiveness and to ask: Should general practitioners and emergency doctors (primary care physicians) initiate secondary preventative measures in addition to aspirin in people they see with suspected TIA or minor stroke at the time of referral to a specialist? Methods/Design This is a pilot randomised controlled trial with a sub-study of accuracy of primary care physician diagnosis of TIA. In the pilot trial, we aim to recruit 100 patients from 30 general practices (including out-of-hours general practice centres) and 1 emergency department whom the primary care physician diagnoses with TIA or minor stroke and randomly assign them to usual care (that is, initiation of aspirin and referral to a TIA clinic) or usual care plus additional early initiation of secondary prevention drugs (a blood-pressure lowering protocol, simvastatin 40 mg and dipyridamole 200 mg m/r bd). The primary outcome of the main study will be the number of strokes at 90 days. The diagnostic accuracy sub-study will include these 100 patients and an additional 70 patients in whom the primary care physician thinks the diagnosis of TIA is possible, rather than probable. For the pilot trial, we will report recruitment rate, follow-up rate, a preliminary estimate of the primary event rate and occurrence of any adverse events. For the diagnostic study, we will calculate sensitivity and specificity of primary care physician diagnosis using the final

RApid Primary care Initiation of Drug treatment for Transient Ischaemic Attack (RAPID-TIA): study protocol for a pilot randomised controlled trial.

Science.gov (United States)

Edwards, Duncan; Fletcher, Kate; Deller, Rachel; McManus, Richard; Lasserson, Daniel; Giles, Matthew; Sims, Don; Norrie, John; McGuire, Graham; Cohn, Simon; Whittle, Fiona; Hobbs, Vikki; Weir, Christopher; Mant, Jonathan

2013-07-02

People who have a transient ischaemic attack (TIA) or minor stroke are at high risk of a recurrent stroke, particularly in the first week after the event. Early initiation of secondary prevention drugs is associated with an 80% reduction in risk of stroke recurrence. This raises the question as to whether these drugs should be given before being seen by a specialist--that is, in primary care or in the emergency department. The aims of the RAPID-TIA pilot trial are to determine the feasibility of a randomised controlled trial, to analyse cost effectiveness and to ask: Should general practitioners and emergency doctors (primary care physicians) initiate secondary preventative measures in addition to aspirin in people they see with suspected TIA or minor stroke at the time of referral to a specialist? This is a pilot randomised controlled trial with a sub-study of accuracy of primary care physician diagnosis of TIA. In the pilot trial, we aim to recruit 100 patients from 30 general practices (including out-of-hours general practice centres) and 1 emergency department whom the primary care physician diagnoses with TIA or minor stroke and randomly assign them to usual care (that is, initiation of aspirin and referral to a TIA clinic) or usual care plus additional early initiation of secondary prevention drugs (a blood-pressure lowering protocol, simvastatin 40 mg and dipyridamole 200 mg m/r bd). The primary outcome of the main study will be the number of strokes at 90 days. The diagnostic accuracy sub-study will include these 100 patients and an additional 70 patients in whom the primary care physician thinks the diagnosis of TIA is possible, rather than probable. For the pilot trial, we will report recruitment rate, follow-up rate, a preliminary estimate of the primary event rate and occurrence of any adverse events. For the diagnostic study, we will calculate sensitivity and specificity of primary care physician diagnosis using the final TIA clinic diagnosis as the

Rotational Rebound Attacks on Reduced Skein

DEFF Research Database (Denmark)

Khovratovich, Dmitry; Nikolic, Ivica; Rechberger, Christian

2010-01-01

In this paper we combine a recent rotational cryptanalysis with the rebound attack, which results in the best cryptanalysis of Skein, a candidate for the SHA-3 competition. The rebound attack approach was so far only applied to AES-like constructions. For the first time, we show that this approach...

Improved Impossible Differential Attacks on Large-Block Rijndael

DEFF Research Database (Denmark)

Wang, Qingju; Gu, Dawu; Rijmen, Vincent

2012-01-01

. The improvement can lead to 10-round attack on Rijndael-256 as well. With 2198.1 chosen plaintexts, an attack is demonstrated on 9-round Rijndael-224 with 2 195.2 encryptions and 2140.4 bytes memory. Increasing the data complexity to 2216 plaintexts, the time complexity can be reduced to 2130 encryptions...... and the memory requirements to 2 93.6 bytes. For 9-round Rijndael-256, we provide an attack requiring 2229.3 chosen plaintexts, 2194 encryptions, and 2 139.6 bytes memory. Alternatively, with 2245.3 plaintexts, an attack with a reduced time of 2127.1 encryptions and a memory complexity of 290.9 bytes can...... be mounted. With 2244.2 chosen plaintexts, we can attack 10-round Rijndael-256 with 2253.9 encryptions and 2186.8 bytes of memory....

RAPTOR: Ransomware Attack PredicTOR

OpenAIRE

Quinkert, Florian; Holz, Thorsten; Hossain, KSM Tozammel; Ferrara, Emilio; Lerman, Kristina

2018-01-01

Ransomware, a type of malicious software that encrypts a victim's files and only releases the cryptographic key once a ransom is paid, has emerged as a potentially devastating class of cybercrimes in the past few years. In this paper, we present RAPTOR, a promising line of defense against ransomware attacks. RAPTOR fingerprints attackers' operations to forecast ransomware activity. More specifically, our method learns features of malicious domains by looking at examples of domains involved in...

Shark attack-related injuries: Epidemiology and implications for plastic surgeons.

Science.gov (United States)

Ricci, Joseph A; Vargas, Christina R; Singhal, Dhruv; Lee, Bernard T

2016-01-01

The increased media attention to shark attacks has led to a heightened fear and public awareness. Although few sharks are considered dangerous, attacks on humans can result in large soft tissue defects necessitating the intervention of reconstructive surgeons. This study aims to evaluate and describe the characteristics of shark-related injuries in order to improve treatment. The Global Shark Accident File, maintained by the Shark Research Institute (Princeton, NJ, USA), is a compilation of all known worldwide shark attacks. Database records since the 1900s were reviewed to identify differences between fatal and nonfatal attacks, including: geography, injury pattern, shark species, and victim activity. Since the 1900s, there have been 5034 reported shark attacks, of which 1205 (22.7%) were fatal. Although the incidence of attacks per decade has increased, the percentage of fatalities has decreased. Characteristics of fatal attacks included swimming (p = 0.001), boating (p = 0.001), three or more bite sites (p = 0.03), limb loss (p = 0.001), or tiger shark attack (p = 0.002). The most common attacks were bites to the legs (41.8%) or arms (18.4%), with limb loss occurring in 7% of attacks. Geographically, the majority of attacks occurred in North America (36.7%) and Australia (26.5%). Most attacks in the USA occurred in Florida (49.1%) and California (13.6%). Although rare, shark attacks result in devastating injuries to patients. As these injuries often involve multiple sites and limb loss, this creates a significant challenge for reconstructive surgeons. Proper identification of the characteristics of the attack can aid in providing optimal care for those affected. Copyright © 2015 British Association of Plastic, Reconstructive and Aesthetic Surgeons. Published by Elsevier Ltd. All rights reserved.

Privacy Leaks through Data Hijacking Attack on Mobile Systems

Directory of Open Access Journals (Sweden)

Zhang Daojuan

2017-01-01

Full Text Available To persistently eavesdrop on the mobile devices, attackers may obtain the elevated privilege and inject malicious modules into the user devices. Unfortunately, the attackers may not be able to obtain the privilege for a long period of time since the exploitable vulnerabilities may be fixed or the malware may be removed. In this paper, we propose a new data hijacking attack for the mobile apps. By employing the proposed method, the attackers are only required to obtain the root privilege of the user devices once, and they can persistently eavesdrop without any change to the original device. Specifically, we design a new approach to construct a shadow system by hijacking user data files. In the shadow system, attackers possess the identical abilities to the victims. For instance, if a victim has logged into the email app, the attacker can also access the email server in the shadow system without authentication in a long period of time. Without reauthentication of the app, it is difficult for victims to notice the intrusion since the whole eavesdropping is performed on other devices (rather than the user devices. In our experiments, we evaluate the effectiveness of the proposed attack and the result demonstrates that even the Android apps released by the top developers cannot resist this attack. Finally, we discuss some approaches to defend the proposed attack.

What Can We Learn?--The Algonquin Bear Attack.

Science.gov (United States)

Strickland, Dan

1992-01-01

Describes a bear attack in Algonquin Park in Lake Opeongo (Canada) in which a man and woman were killed. Hypothesizes that the bear deliberately preyed on its victims and concludes that the bear was physically normal. Despite this isolated attack, the chance of being attacked by a black bear when camping is virtually nonexistent. (KS)

Combined Heuristic Attack Strategy on Complex Networks

Directory of Open Access Journals (Sweden)

Marek Šimon

2017-01-01

Full Text Available Usually, the existence of a complex network is considered an advantage feature and efforts are made to increase its robustness against an attack. However, there exist also harmful and/or malicious networks, from social ones like spreading hoax, corruption, phishing, extremist ideology, and terrorist support up to computer networks spreading computer viruses or DDoS attack software or even biological networks of carriers or transport centers spreading disease among the population. New attack strategy can be therefore used against malicious networks, as well as in a worst-case scenario test for robustness of a useful network. A common measure of robustness of networks is their disintegration level after removal of a fraction of nodes. This robustness can be calculated as a ratio of the number of nodes of the greatest remaining network component against the number of nodes in the original network. Our paper presents a combination of heuristics optimized for an attack on a complex network to achieve its greatest disintegration. Nodes are deleted sequentially based on a heuristic criterion. Efficiency of classical attack approaches is compared to the proposed approach on Barabási-Albert, scale-free with tunable power-law exponent, and Erdős-Rényi models of complex networks and on real-world networks. Our attack strategy results in a faster disintegration, which is counterbalanced by its slightly increased computational demands.

Resveratrol products resulting by free radical attack

Energy Technology Data Exchange (ETDEWEB)

Bader, Yvonne; Quint, R.M. [Section Radiation Biology, Department of Nutritional Sciences, Faculty of Life Sciences, University of Vienna, UZAII, Althanstrasse 14, A-1090 Vienna (Austria); Getoff, Nikola [Section Radiation Biology, Department of Nutritional Sciences, Faculty of Life Sciences, University of Vienna, UZAII, Althanstrasse 14, A-1090 Vienna (Austria)], E-mail: nikola.getoff@univie.ac.at

2008-06-15

Trans-resveratrol (trans-3,4',5-trihydroxystilbene; RES), which is contained in red wine and many plants, is one of the most relevant and extensively investigated stilbenes with a broad spectrum of biological activities. Among other duties, RES has been reported to have anti-carcinogenetic activities, which could be attributed to its antioxidant properties. The degradation of RES was studied under various conditions. The products (aldehydes, carboxylic acids, etc.) generated from RES by the attack of free radicals were registered as a function of the radical concentration (absorbed radiation dose). Based on the obtained data it appears that the OH radicals are initiating the rather complicated process, which involves of the numerous consecutive reactions. A possible starting reaction mechanism is presented.

Experiment Analysis of Concrete’s Mechanical Property Deterioration Suffered Sulfate Attack and Drying-Wetting Cycles

Directory of Open Access Journals (Sweden)

Wei Tian

2017-01-01

Full Text Available The mechanism of concrete deterioration in sodium sulfate solution is investigated. The macroperformance was characterized via its apparent properties, mass loss, and compressive strength. Changes in ions in the solution at different sulfate attack periods were tested by inductively coupled plasma (ICP. The damage evolution law, as well as analysis of the concrete’s meso- and microstructure, was revealed by scanning electron microscope (SEM and computed tomography (CT scanning equipment. The results show that the characteristics of concrete differed at each sulfate attack period; the drying-wetting cycles generally accelerated the deterioration process of concrete. In the early sulfate attack period, the pore structure of the concrete was filled with sulfate attack products (e.g., ettringite and gypsum, and its mass and strength increased. The pore size and porosity decreased while the CT number increased. As deterioration progressed, the swelling/expansion force of products and the salt crystallization pressure of sulfate crystals acted on the inner wall of the concrete to accumulate damage and accelerate deterioration. The mass and strength of concrete sharply decreased. The number and volume of pores increased, and the pore grew more quickly resulting in initiation and expansion of microcracks while the CT number decreased.

Studies on sulfate attack: Mechanisms, test methods, and modeling

Science.gov (United States)

Santhanam, Manu

The objective of this research study was to investigate various issues pertaining to the mechanism, testing methods, and modeling of sulfate attack in concrete. The study was divided into the following segments: (1) effect of gypsum formation on the expansion of mortars, (2) attack by the magnesium ion, (3) sulfate attack in the presence of chloride ions---differentiating seawater and groundwater attack, (4) use of admixtures to mitigate sulfate attack---entrained air, sodium citrate, silica fume, and metakaolin, (5) effects of temperature and concentration of the attack solution, (6) development of new test methods using concrete specimens, and (7) modeling of the sulfate attack phenomenon. Mortar specimens using portland cement (PC) and tricalcium silicate (C 3S), with or without mineral admixtures, were prepared and immersed in different sulfate solutions. In addition to this, portland cement concrete specimens were also prepared and subjected to complete and partial immersion in sulfate solutions. Physical measurements, chemical analyses and microstructural studies were performed periodically on the specimens. Gypsum formation was seen to cause expansion of the C3S mortar specimens. Statistical analyses of the data also indicated that the quantity of gypsum was the most significant factor controlling the expansion of mortar bars. The attack by magnesium ion was found to drive the reaction towards the formation of brucite. Decalcification of the C-S-H and its subsequent conversion to the non-cementitious M-S-H was identified as the mechanism of destruction in magnesium sulfate attack. Mineral admixtures were beneficial in combating sodium sulfate attack, while reducing the resistance to magnesium sulfate attack. Air entrainment did not change the measured physical properties, but reduced the visible distress of the mortars. Sodium citrate caused a substantial reduction in the rate of damage of the mortars due to its retarding effect. Temperature and

Impact of Cyber Attacks on High Voltage DC Transmission Damping Control

Directory of Open Access Journals (Sweden)

Rui Fan

2018-04-01

Full Text Available Hybrid AC/HVDC (AC-HVDC grids have evolved to become huge cyber-physical systems that are vulnerable to cyber attacks because of the wide attack surface and increasing dependence on intelligent electronic devices, computing resources and communication networks. This paper, for the first time, studies the impact of cyber attacks on HVDC transmission oscillation damping control.Three kinds of cyber attack models are considered: timing attack, replay attack and false data injection attack. Followed by a brief introduction of the HVDC model and conventional oscillation damping control method, the design of three attack models is described in the paper. These attacks are tested on a modified IEEE New England 39-Bus AC-HVDC system. Simulation results have shown that all three kinds of attacks are capable of driving the AC-HVDC system into large oscillations or even unstable conditions.

Implementation of oral health initiatives by Australian rural communities: Factors for success.

Science.gov (United States)

Taylor, Judy; Carlisle, Karen; Farmer, Jane; Larkins, Sarah; Dickson-Swift, Virginia; Kenny, Amanda

2018-01-01

In this paper, we consider factors significant in the success of community participation in the implementation of new oral health services. Our analysis draws on data from the Rural Engaging Communities in Oral Health (Rural ECOH) study (2014-2016). We aimed to assess the Australian relevance of a Scottish community participation framework for health service development; Remote Service Futures. Internationally, community participation in planning of health initiatives is common, but less common in new service implementation. Health managers query the legitimacy of "lay" community members, whether they will persist, and whether they can act as change agents. Our data provide evidence that helps answer these queries. Six communities, located within regions covered by two large rural primary healthcare organisations (Medicare Locals), were selected in two Australian states. Two university-based facilitators worked with a group of local residents (for each community) to monitor implementation of new oral health initiatives designed through participatory processes. Data about implementation were collected through interviews with 28 key stakeholders at the beginning of implementation and 12 months later. Data were coded, themed and analysed abductively. Five themes emerged; the inter-relationship between community motivation to participate with the fortunes of the oral health initiatives, having the "right" people involved, continuing involvement of sponsors and/or significant people, trusting working relationships between participants and perceiving benefits from participation. Findings provide evidence of a role for community participation in implementing new community services if solid partnerships with relevant providers can be negotiated and services are seen to be relevant and useful to the community. © 2017 John Wiley & Sons Ltd.

Initial crisis risk communications: A success story

International Nuclear Information System (INIS)

Goldman, S.B.; Traverso, D.K.

1992-01-01

Federal regulations require nuclear facilities to be prepared for the risk communication aspects of a catastrophic emergency. Thus, all nuclear plants have provisions for a Joint Public Information Center (JPIC). The JPICs are designed to handle more than 300 media for 24 hours a day; to coordinate information among utility, federal, state, and local agencies; to provide spokespersons; etc. For a large-scale emergency, JPICs can work very well. However, some utilities - indeed, most companies - appear to have only two modes of emergency communication response: normal staff and JPIC. Experience has shown that normal staffing is inadequate to handle the risk communication response for media-intensive low-level emergencies and for the initial stages of an escalating emergency. It is clear that initial response will determine how well a company fares in its overall emergency response and in its long-term relations with the media and public. A solution to this risk communication challenge was developed by Cleveland Electric Illuminating Company's Perry Nuclear Plant - the Public Information Response Team. Using existing facilities and staff - only one of whom works regularly with the media - the Perry plant proactively manages its initial risk communication response

Global mobility orientation and the success of self-initiated expatriates in greater China

DEFF Research Database (Denmark)

Lauring, Jakob; Selmer, Jan

2014-01-01

We investigated 640 self-initiated expatriate academics residing in Greater China. We examined whether their inherent demographic characteristics (age/gender) and acquired demographic characteristics (marital status/seniority) differentiated their work outcomes regarding job adjustment, time...... to proficiency, performance and satisfaction. We also explored the associations between global mobility orientation and these four work outcomes and examined to what extent the demographic characteristics differentiated the relationships. Results support most hypothesized differences. We found that a global...... mobility orientation was associated with all the work outcomes, except satisfaction. For inherent demographic characteristics, we found support for our hypotheses that for individuals with less successful demographics (younger, male), there was a stronger relationship between global mobility orientation...

RESISTANCE TO CHANGE AND ERP IMPLEMENTATION SUCCESS: THE MODERATING ROLE OF CHANGE MANAGEMENT INITIATIVES

Directory of Open Access Journals (Sweden)

Zafar U. Ahmed

2006-01-01

Full Text Available Enterprise Resource Planning (ERP is a useful tool that builds strong capabilities, improves performance, supports better decision making, and provides competitive advantage for businesses. ERP aims to help the management by setting better business practices and equipping them with the right information to take timely decision. In any new technology implementation, one of the issues that need to be addressed is the resistance to change. Many implementations have failed due to strong resistance from the end users. Thus, the main purpose of this paper is to test the impact of resistance to change on ERP's implementation success and how change management initiatives acts in the capacity of a moderating role. Using data collected from 69 manufacturing organizations through a mail survey, it was found that resistance to change is negatively related to achievement of predetermined goals (b = –0.930, p < 0.01 and usersatisfaction (b = –0.952, p < 0.01. Further, change management initiatives did not moderate the relationship between resistance and predetermined goals but it moderated the relationship between resistance and user satisfaction. In addition, change management initiatives have a direct positive impact on user satisfaction. This research concludes that the human factor is very important in ERP's implementation.

OPERATION COBRA. Deliberate Attack, Exploitation

Science.gov (United States)

1984-05-25

to attack Sens, then continue to Troyes , on the Seine River. CCA was in the north, crossing the Loing River at Souppes against light resistance and...advanced from Troyes and prepared positions close to Sens. Under strong artillery support, a task force from CCA (TF Oden) attacked the enemy frontally...movement towards the Seine River on 24 August with an advance toward Troyes . Facing the combat command were what remained of the 51st SS Brigade, light

Robustness of non-interdependent and interdependent networks against dependent and adaptive attacks

Science.gov (United States)

Tyra, Adam; Li, Jingtao; Shang, Yilun; Jiang, Shuo; Zhao, Yanjun; Xu, Shouhuai

2017-09-01

Robustness of complex networks has been extensively studied via the notion of site percolation, which typically models independent and non-adaptive attacks (or disruptions). However, real-life attacks are often dependent and/or adaptive. This motivates us to characterize the robustness of complex networks, including non-interdependent and interdependent ones, against dependent and adaptive attacks. For this purpose, dependent attacks are accommodated by L-hop percolation where the nodes within some L-hop (L ≥ 0) distance of a chosen node are all deleted during one attack (with L = 0 degenerating to site percolation). Whereas, adaptive attacks are launched by attackers who can make node-selection decisions based on the network state in the beginning of each attack. The resulting characterization enriches the body of knowledge with new insights, such as: (i) the Achilles' Heel phenomenon is only valid for independent attacks, but not for dependent attacks; (ii) powerful attack strategies (e.g., targeted attacks and dependent attacks, dependent attacks and adaptive attacks) are not compatible and cannot help the attacker when used collectively. Our results shed some light on the design of robust complex networks.

Neutralizing SQL Injection Attack Using Server Side Code Modification in Web Applications

OpenAIRE

Dalai, Asish Kumar; Jena, Sanjay Kumar

2017-01-01

Reports on web application security risks show that SQL injection is the top most vulnerability. The journey of static to dynamic web pages leads to the use of database in web applications. Due to the lack of secure coding techniques, SQL injection vulnerability prevails in a large set of web applications. A successful SQL injection attack imposes a serious threat to the database, web application, and the entire web server. In this article, the authors have proposed a novel method for prevent...

Command Disaggregation Attack and Mitigation in Industrial Internet of Things

Directory of Open Access Journals (Sweden)

Peng Xun

2017-10-01

Full Text Available A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1 the command sequence is disordered and (2 disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework.

Command Disaggregation Attack and Mitigation in Industrial Internet of Things.

Science.gov (United States)

Xun, Peng; Zhu, Pei-Dong; Hu, Yi-Fan; Cui, Peng-Shuai; Zhang, Yan

2017-10-21

A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1) the command sequence is disordered and (2) disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework.

Counteracting Power Analysis Attacks by Masking

Science.gov (United States)

Oswald, Elisabeth; Mangard, Stefan

The publication of power analysis attacks [12] has triggered a lot of research activities. On the one hand these activities have been dedicated toward the development of secure and efficient countermeasures. On the other hand also new and improved attacks have been developed. In fact, there has been a continuous arms race between designers of countermeasures and attackers. This chapter provides a brief overview of the state-of-the art in the arms race in the context of a countermeasure called masking. Masking is a popular countermeasure that has been extensively discussed in the scientific community. Numerous articles have been published that explain different types of masking and that analyze weaknesses of this countermeasure.

[Therapy costs of adult patients admitting to emergency unit of a university hospital with asthma acute attack].

Science.gov (United States)

Serinken, Mustafa; Dursunoğlu, Neşe; Cimrin, Arif H

2009-01-01

In the present study, hospital costs of patients who admitted to the emergency department with asthma attack and several variables that could effect this cost were analyzed and data were collected in order to reduce economical burden of that disease was aimed. Between September 2005 and February 2007 patients with acute asthma attack, admitted to Pamukkale University Hospital Emergency Department were retrospectively evaluated. Totally 108 patients who met the inclusion criteria admitted to the emergency department with asthma acute attack. Of those 97 were women (89.8%). Forty mild, 51 moderate, 15 severe and 2 life-threatening attacks were detected. Severe and life-threatening attacks were more frequent in patients graduated from primary school compared with the other groups. Mean therapy costs of the patients who were hospitalized and treated in the emergency department were 836.60 +/- 324.30 TL (Turkish Lira) and 170.66 +/- 86.71 TL respectively. Treatment procedures consisted of 45.8% of and 38.5% hospital costs for patients treated in the emergency department and for patients hospitalized respectively. There was a statistically significant difference in the comparison of costs according to the attack severity (p= 0.0001). Education level of the patients had a significant effect on hospital costs (p= 0.025). Comorbidities were found a significant increasing factor of treatment costs (p= 0.017). There were no effects of sex, age, medical insurance or duration of asthma disease on the hospital costs. The relation between low-education level, living in the rural area and admissions with severe attacks of asthma to emergency department show the importance of treatment success with patient compliance. Positive and negative factors effecting disease control should be detected by evaluating larger populations to reduce economical burden of asthma.

Metrics for Assessment of Smart Grid Data Integrity Attacks

Energy Technology Data Exchange (ETDEWEB)

Annarita Giani; Miles McQueen; Russell Bent; Kameshwar Poolla; Mark Hinrichs

2012-07-01

There is an emerging consensus that the nation’s electricity grid is vulnerable to cyber attacks. This vulnerability arises from the increasing reliance on using remote measurements, transmitting them over legacy data networks to system operators who make critical decisions based on available data. Data integrity attacks are a class of cyber attacks that involve a compromise of information that is processed by the grid operator. This information can include meter readings of injected power at remote generators, power flows on transmission lines, and relay states. These data integrity attacks have consequences only when the system operator responds to compromised data by redispatching generation under normal or contingency protocols. These consequences include (a) financial losses from sub-optimal economic dispatch to service loads, (b) robustness/resiliency losses from placing the grid at operating points that are at greater risk from contingencies, and (c) systemic losses resulting from cascading failures induced by poor operational choices. This paper is focused on understanding the connections between grid operational procedures and cyber attacks. We first offer two examples to illustrate how data integrity attacks can cause economic and physical damage by misleading operators into taking inappropriate decisions. We then focus on unobservable data integrity attacks involving power meter data. These are coordinated attacks where the compromised data are consistent with the physics of power flow, and are therefore passed by any bad data detection algorithm. We develop metrics to assess the economic impact of these attacks under re-dispatch decisions using optimal power flow methods. These metrics can be use to prioritize the adoption of appropriate countermeasures including PMU placement, encryption, hardware upgrades, and advance attack detection algorithms.

The Importance of Loosely Systematized Game Phases in Sports: The Case of Attack Coverage Systems in High-Level Women’s Volleyball

Directory of Open Access Journals (Sweden)

Lorenzo Laporta

2015-03-01

Full Text Available Change is ubiquitous, but its degree and rate often affords detection of emerging patterns and establishing behavioral dynamics based on expected regularities. Match analysis capitalizes on such regularities, capturing information relevant for enhancing structure and reducing improvisation to a minimum. However, what if a game phase is only loosely regular, defying pattern systematization? Is it still possible to unfold principles of behavior capable of abstracting over-arching patterns? Our research focused on analysis of complex IV (KIV or attack coverage in volleyball. Fourteen matches from the 2013 Volleyball Women’s World Grand Champions Cup were analyzed. Results showed the occurrence of KIV corresponded to fewer than 5% of the total number of actions, and plays where a team successfully conquered a point after attack coverage was circa 1%, meaning this game complex will only make a difference in balanced matches. Overall, twenty-nine attack coverage structures emerged, denoting very high organizational variability. Attack coverage therefore provides an example of principle-based and not structured-based game phase. Associative analysis showed that quick attack tempos constrain the emergence of more complex attack coverage structures. The search for principle-based instead of structure-based game phases may provide useful insights for comprehension of game dynamics and for informing training processes.

A taxonomy of distributed denial of service attacks

DEFF Research Database (Denmark)

De Donno, Michele; Giaretta, Alberto; Dragoni, Nicola

2017-01-01

Distributed Denial of Service (DDoS) attacks which are now even more powerful and easier to achieve than the past. Understanding how these attacks work, in all their different forms, represents a first crucial step to tackle this urgent issue. To this end, in this paper we propose a new up-to-date taxonomy...... and a comprehensive classification of current DDoS attacks....

Modeling and Analysis of Information Attack in Computer Networks

National Research Council Canada - National Science Library

Pepyne, David

2003-01-01

... (as opposed to physical and other forms of attack) . Information based attacks are attacks that can be carried out from anywhere in the world, while sipping cappuccino at an Internet cafe' or while enjoying the comfort of a living room armchair...

Using an ontology for network attack planning

CSIR Research Space (South Africa)

Van Heerden, R

2016-09-01

Full Text Available The modern complexity of network attacks and their counter-measures (cyber operations) requires detailed planning. This paper presents a Network Attack Planning ontology which is aimed at providing support for planning such network operations within...

Protecting infrastructure networks from cost-based attacks

International Nuclear Information System (INIS)

Wang Xingang; Guan Shuguang; Lai, Choy Heng

2009-01-01

It is well known that heterogeneous networks are vulnerable to the intentional removal of a small fraction of highly connected or loaded nodes, implying that to protect the network effectively, the important nodes should be allocated more defense resource than the others. However, if too much resource is allocated to the few important nodes, the numerous less-important nodes will be less protected, which if attacked together can still lead to devastating damage. A natural question is therefore how to efficiently distribute the limited defense resource among the network nodes such that the network damage is minimized against any attack strategy. In this paper, taking into account the factor of attack cost, the problem of network security is reconsidered in terms of efficient network defense against cost-based attacks. The results show that, for a general complex network, there exists an optimal distribution of the defense resource with which the network is best protected from cost-based attacks. Furthermore, it is found that the configuration of the optimal defense is dependent on the network parameters. Specifically, networks of larger size, sparser connection and more heterogeneous structure will more likely benefit from the defense optimization.

Constructing APT Attack Scenarios Based on Intrusion Kill Chain and Fuzzy Clustering

Directory of Open Access Journals (Sweden)

Ru Zhang

2017-01-01

Full Text Available The APT attack on the Internet is becoming more serious, and most of intrusion detection systems can only generate alarms to some steps of APT attack and cannot identify the pattern of the APT attack. To detect APT attack, many researchers established attack models and then correlated IDS logs with the attack models. However, the accuracy of detection deeply relied on the integrity of models. In this paper, we propose a new method to construct APT attack scenarios by mining IDS security logs. These APT attack scenarios can be further used for the APT detection. First, we classify all the attack events by purpose of phase of the intrusion kill chain. Then we add the attack event dimension to fuzzy clustering, correlate IDS alarm logs with fuzzy clustering, and generate the attack sequence set. Next, we delete the bug attack sequences to clean the set. Finally, we use the nonaftereffect property of probability transfer matrix to construct attack scenarios by mining the attack sequence set. Experiments show that the proposed method can construct the APT attack scenarios by mining IDS alarm logs, and the constructed scenarios match the actual situation so that they can be used for APT attack detection.

On node replication attack in wireless sensor networks

International Nuclear Information System (INIS)

Qabulio, M.; Malkani, Y.A.

2015-01-01

WSNs (Wireless Sensor Networks) comprise a large number of small, inexpensive, low power and memory constrained sensing devices (called sensor nodes) that are densely deployed to measure a given physical phenomenon. Since WSNs are commonly deployed in a hostile and unattended environment, it is easy for an adversary to physically capture one or more legitimate sensor nodes, re-program and redeploy them in the network. As a result, the adversary becomes able to deploy several identical copies of physically captured nodes in the network in order to perform illegitimate activities. This type of attack is referred to as Node Replication Attack or Clone Node Attack. By launching node replication attack, an adversary can easily get control on the network which consequently is the biggest threat to confidentiality, integrity and availability of data and services. Thus, detection and prevention of node replication attack in WSNs has become an active area of research and to date more than two dozen schemes have been proposed, which address this issue. In this paper, we present a comprehensive review, classification and comparative analysis of twenty five of these schemes which help to detect and/or prevent node replication attack in WSNs. (author)

On Node Replication Attack in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Mumtaz Qabulio

2016-04-01

Full Text Available WSNs (Wireless Sensor Networks comprise a large number of small, inexpensive, low power and memory constrained sensing devices (called sensor nodes that are densely deployed to measure a given physical phenomenon. Since WSNs are commonly deployed in a hostile and unattended environment, it is easy for an adversary to physically capture one or more legitimate sensor nodes, re-program and redeploy them in the network. As a result, the adversary becomes able to deploy several identical copies of physically captured nodes in the network in order to perform illegitimate activities. This type of attack is referred to as Node Replication Attack or Clone Node Attack. By launching node replication attack, an adversary can easily get control on the network which consequently is the biggest threat to confidentiality, integrity and availability of data and services. Thus, detection and prevention of node replication attack in WSNs has become an active area of research and to date more than two dozen schemes have been proposed, which address this issue. In this paper, we present a comprehensive review, classification and comparative analysis of twenty five of these schemes which help to detect and/or prevent node replication attack in WSNs

Attacker-defender game from a network science perspective

Science.gov (United States)

Li, Ya-Peng; Tan, Suo-Yi; Deng, Ye; Wu, Jun

2018-05-01

Dealing with the protection of critical infrastructures, many game-theoretic methods have been developed to study the strategic interactions between defenders and attackers. However, most game models ignore the interrelationship between different components within a certain system. In this paper, we propose a simultaneous-move attacker-defender game model, which is a two-player zero-sum static game with complete information. The strategies and payoffs of this game are defined on the basis of the topology structure of the infrastructure system, which is represented by a complex network. Due to the complexity of strategies, the attack and defense strategies are confined by two typical strategies, namely, targeted strategy and random strategy. The simulation results indicate that in a scale-free network, the attacker virtually always attacks randomly in the Nash equilibrium. With a small cost-sensitive parameter, representing the degree to which costs increase with the importance of a target, the defender protects the hub targets with large degrees preferentially. When the cost-sensitive parameter exceeds a threshold, the defender switches to protecting nodes randomly. Our work provides a new theoretical framework to analyze the confrontations between the attacker and the defender on critical infrastructures and deserves further study.

Are the rules for the right to self-defense outdated to address current conflicts like attacks from non-state actors and cyber-attacks?

Directory of Open Access Journals (Sweden)

Gonzalo J. Arias

2017-06-01

Full Text Available The latest US-led coalition’s attacks against ISIS in Syria raised the question whether states can use defensive force against non-state actors. Two critical incidents had previously triggered the discussion on the importance and consequences of cyber-attacks as a new form armed attacks. The first one occurred in Estonia in 2007, when the country experienced extensive computer hacking attacks that lasted several weeks. The second incident happened in 2008, during the Georgia–Russia conflict over South Ossetia, when Georgia experienced cyber-attacks similar to those suffered by Estonia in the previous year. Furthermore, on June 21, 2016, the central banks of Indonesia and South Korea were hit by cyber-attacks on their public websites since activist hacking group Anonymous pledged last month to target banks across the world. The previous incidents have created, once again, public questioning if the rules on the use of force and the right of self-defense established in the United Nations Charter are sufficient and efficient to address these new forms of attacks.

After-gate attack on a quantum cryptosystem

International Nuclear Information System (INIS)

Wiechers, C; Wittmann, C; Elser, D; Marquardt, Ch; Leuchs, G; Lydersen, L; Skaar, J; Makarov, V

2011-01-01

We present a method to control the detection events in quantum key distribution systems that use gated single-photon detectors. We employ bright pulses as faked states, timed to arrive at the avalanche photodiodes outside the activation time. The attack can remain unnoticed, since the faked states do not increase the error rate per se. This allows for an intercept-resend attack, where an eavesdropper transfers her detection events to the legitimate receiver without causing any errors. As a side effect, afterpulses, originating from accumulated charge carriers in the detectors, increase the error rate. We have experimentally tested detectors of the system id3110 (Clavis2) from ID Quantique. We identify the parameter regime in which the attack is feasible despite the side effect. Furthermore, we outline how simple modifications in the implementation can make the device immune to this attack.

Compiling symbolic attacks to protocol implementation tests

Directory of Open Access Journals (Sweden)

Michael Rusinowitch

2013-07-01

Full Text Available Recently efficient model-checking tools have been developed to find flaws in security protocols specifications. These flaws can be interpreted as potential attacks scenarios but the feasability of these scenarios need to be confirmed at the implementation level. However, bridging the gap between an abstract attack scenario derived from a specification and a penetration test on real implementations of a protocol is still an open issue. This work investigates an architecture for automatically generating abstract attacks and converting them to concrete tests on protocol implementations. In particular we aim to improve previously proposed blackbox testing methods in order to discover automatically new attacks and vulnerabilities. As a proof of concept we have experimented our proposed architecture to detect a renegotiation vulnerability on some implementations of SSL/TLS, a protocol widely used for securing electronic transactions.

An Analysis of Cyber-Attack on NPP Considering Physical Impact

Energy Technology Data Exchange (ETDEWEB)

Lee, In Hyo; Kang, Hyun Gook [KAIST, Daejeon (Korea, Republic of); Son, Han Seong [Joonbu University, Geumsan (Korea, Republic of)

2016-05-15

Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans.

An Analysis of Cyber-Attack on NPP Considering Physical Impact

International Nuclear Information System (INIS)

Lee, In Hyo; Kang, Hyun Gook; Son, Han Seong

2016-01-01

Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans

Classification of cyber attacks in South Africa

CSIR Research Space (South Africa)

Van Heerden, R

2016-05-01

Full Text Available various ATM's throughout South Africa. Two criminals, Motsoane and Masoleng, were arrested in February 2012 and both sentenced to 15 years in jail [36, 37]. 3.10 2013: IOL DDoS Anonymous Africa claimed responsibility for launching a Distributed Denial... of Service (DDoS) attack on the Independent Newspaper web site iol.co.za. The attack was in response to claims that the IOL group supports Zimbabwean president Robert Mugabe. The following taunt was sent to boast about the attack: “IOL bad boys bad boys...

A Review Of Recent Cyber-Attacks In Fiji

Directory of Open Access Journals (Sweden)

Neeraj A. Sharma

2015-08-01

Full Text Available Computing technology has evolved in such dramatic ways that a child can use such technology and their features. Internet is one such technology which allows peripheral devices to be connected to each other creating a network to share information. In the same way information can be attacked. In this paper we will be discussing the different types of cyber-attack that recently took place in Fiji. Common attacks discussed in this review paper are phishing email scams website defacement and skimming. Apart from common preventative methods some novel recommendations have been made. We believe the Fiji experiences and recommendations will assist technology users prepare better against such attacks.

Research on high power intra-channel crosstalk attack in optical networks

Science.gov (United States)

Ren, Shuai; Zhang, Yinfa; Wang, Jingyu; Zhang, Jumei; Rao, Xuejun; Fang, Yuanyuan

2017-02-01

The mechanism of high power intra-channel crosstalk attack is analyzed theoretically and the conclusion that power of attack signal and crosstalk coefficient of optical switch are the main factors for which high power intra-channel have destructive effect on quality of legitimate signals is drawn. Effects of high power intra-channel crosstalk attack on quality of legitimate signals and its capability of attack propagation are investigated quantitatively by building the simulation system in VPI software. The results show that legitimate signals through the first and the second stage optical switch are affected by attack and legitimate signal through the third stage optical switch is almost unaffected by attack when power of original attack signal (OAS) is above 20dB more than that of legitimate signals and crosstalk coefficient of optical switch is -20dB at optical cross connect 1 (OXC1). High power intra-channel crosstalk attack has a certain capability of attack propagation. Attack capability of OAS can be propagated to OXC3 when power of OAS is 27dB more than that of legitimate signals and crosstalk coefficient of optical switch is -20dB. We also find that the secondary attack signal (SAS) does not have capability of attack propagation.

Evaluation of Crosstalk Attacks in Access Networks

DEFF Research Database (Denmark)

Wagner, Christoph; Eiselt, Michael; Grobe, Klaus

2016-01-01

WDM-PON systems regained interest as low-cost solution for metro and access networks. We present a comparative analysis of resilience of wavelength-selective and wavelength-routed architectures against crosstalk attackers. We compare the vulnerability of these architectures against attacks...

Financial planning for major initiatives: a framework for success.

Science.gov (United States)

Harris, John M

2007-11-01

A solid framework for assessing a major strategic initiative consists of four broad steps: Initial considerations, including level of analysis required and resources that will be brought to bear. Preliminary financial estimates for board approval to further assess the initiative. Assessment of potential partners' interest in the project. Feasibility analysis for board green light.

Quantitative Verification and Synthesis of Attack-Defence Scenarios Conference

NARCIS (Netherlands)

Aslanyan, Zaruhi; Nielson, Flemming; Parker, David

Attack-defence trees are a powerful technique for formally evaluating attack-defence scenarios. They represent in an intuitive, graphical way the interaction between an attacker and a defender who compete in order to achieve conflicting objectives. We propose a novel framework for the formal

'Cryptogenic Drop Attacks' revisited: evidence of overlap with functional neurological disorder.

Science.gov (United States)

Hoeritzauer, Ingrid; Carson, Alan J; Stone, Jon

2018-02-07

In their 1973 BMJ paper 'Cryptogenic Drop Attacks', Stevens and Matthews described 40, mostly middle-aged, female patients with drop attacks of unknown cause. Although clinically common, there has been little on this topic since. We aimed to determine clinical features, comorbidity and outcome of patients with drop attacks. We carried out a retrospective review of patients with cryptogenic drop attacks seen consecutively by one clinician (JS) between 2006 and 2016. Demographics, phenomenology, duration and frequency of attacks, attack description and comorbid diagnoses were recorded. Patients were followed up with a notes review. 83 patients with cryptogenic drop attacks were predominantly female (89%, n=79), mean age 44  years. The majority (93%, n=77) could not remember the fall itself and almost half (43%, n=36) experienced prodromal dissociative symptoms. Mechanical trips or syncope preceded drop attacks, historically, in 24% (n=20) of cases. Persistent fatigue (73%, n=61), chronic pain (40%, n=33), functional limb weakness (31%,n=26) and dissociative (non-epileptic) attacks 28% (n=23) were common, with the latter usually preceding or emerging from drop attacks. At follow-up (88%, mean 38 months), 28% (n=23) had resolution of their drop attacks. Predisposing (but non-causative) disease comorbidity was found at baseline (n=12) and follow-up (n=5). Cryptogenic drop attacks are associated with high frequency of comorbid functional somatic and functional neurological disorders. Patients commonly have prodromal dissociative symptoms and in some there was a clear relationship with prior or subsequent dissociative (non-epileptic) attacks. Some cryptogenic drop attacks may be best understood as phenomena on the spectrum of dissociative attacks. © Article author(s) (or their employer(s) unless otherwise stated in the text of the article) 2018. All rights reserved. No commercial use is permitted unless otherwise expressly granted.

Measures of student success with textbook transformations: the Affordable Learning Georgia Initiative

Directory of Open Access Journals (Sweden)

Emily Croteau

2017-03-01

Full Text Available In 2014, the state of Georgia’s budget supported a University System of Georgia (USG initiative: Affordable Learning Georgia (ALG. The initiative was implemented via Textbook Transformation Grants, which provided grants to USG faculty, libraries and librarians, and institutions to “transform their use of textbooks and other learning materials into using lower cost options”, in other words to use open educational resources (OER in lieu of a traditional bound textbook. The Round One Textbook Transformation Grants have already shown to be successful in that they saved students approximately $760,000.  What is not known, is the collective impact on student learning. This study examines the learning gains or losses pre- and post-transformation in ALG Round One courses where traditional resources were replaced with OER.  It estimates differences between pre- and post- textbook transformation across the following outcomes: 1 Drop Fail Withdraw (DFW rates, 2 rates of completion, 3 numbers of students receiving a final grade of A or B, C and D, 4 numerical final grades as a percent, 5 final exam grades as a percent, and, 6 course-specific assessment grades measured in percent. Twenty-four data sets were analyzed for DFW rate, eight data sets for completion rate, fourteen data sets for grade distribution, three data sets for final exam grades, three data sets for course specific assessment and one data set for final grades. The null hypothesis that there would be no differences between pre- and post-transformation rates in these learning outcomes was supported.  Thus, this study demonstrates that the USG’s ALG initiative helped students save money without negatively impacting learning outcomes. In addition, it is the first of its kind to measure some of these learning outcomes (e.g. final exam grade, assessment grade, and distribution of letter grades at this scale.

Optimal Patrol to Detect Attacks at Dispersed Heterogeneous Locations

Science.gov (United States)

2013-12-01

solution RALP Random-attacker linear program SALP Strategic-attacker linear program SMDP Semi-Markov decision process SP Shortest path SPR1 Shortest...average cost per attack among all vertices, which we refer to as the strategic-attacker linear program ( SALP ): min x zOPT (3.1a) subject to ∑ (k,l)∈A c...the SALP is indicated by zOPT. The lower bound that is obtained from using the LBLP is indicated by zLB. Solutions obtained from using a heuristic

Detecting Distributed SQL Injection Attacks in a Eucalyptus Cloud Environment

Science.gov (United States)

Kebert, Alan; Barnejee, Bikramjit; Solano, Juan; Solano, Wanda

2013-01-01

The cloud computing environment offers malicious users the ability to spawn multiple instances of cloud nodes that are similar to virtual machines, except that they can have separate external IP addresses. In this paper we demonstrate how this ability can be exploited by an attacker to distribute his/her attack, in particular SQL injection attacks, in such a way that an intrusion detection system (IDS) could fail to identify this attack. To demonstrate this, we set up a small private cloud, established a vulnerable website in one instance, and placed an IDS within the cloud to monitor the network traffic. We found that an attacker could quite easily defeat the IDS by periodically altering its IP address. To detect such an attacker, we propose to use multi-agent plan recognition, where the multiple source IPs are considered as different agents who are mounting a collaborative attack. We show that such a formulation of this problem yields a more sophisticated approach to detecting SQL injection attacks within a cloud computing environment.

Can a Copycat Effect be Observed in Terrorist Suicide Attacks?

Directory of Open Access Journals (Sweden)

Nicholas Farnham

2017-03-01

Full Text Available The purpose of this paper is to explore how a copycat effect – established within the field of suicide studies – may manifest itself in terrorist suicide attacks, and takes an exploratory approach in evaluating the prospect of incorporating open-data resources in future counter-terrorism research. This paper explores a possible ‘copycat effect’ in cases of suicide terrorism, which entails a perpetrator being inspired by a preceding attack to carry out a similar attack not long after the original. In the wake of mounting risks of lone wolf terrorist attacks today and due to the general difficulties faced in preventing such attacks, in this paper we explore a potential area of future prevention in media reporting, security and anti-terrorism policies today. Using the START Global Terrorism Database (GTD, this paper investigates terrorist suicide-attack clusters and analyses the relationship between attacks found within the same cluster. Using a mixed-method approach, our analyses did not uncover clear evidence supporting a copycat effect among the studied attacks. These and other findings have numerous policy and future research implications.

Transient Ischemic Attack

Medline Plus

Full Text Available ... major stroke. It's important to call 9-1-1 immediately for any stroke symptoms. Popular Topics TIA Cardiac Catheter Cholesterol Heart Attack Stent © 2018, American Heart Association, Inc. All rights reserved. Unauthorized use prohibited. The content in this ...

THE REPRISAL ATTACKS BY AL-SHABAAB AGAINST KENYA

Directory of Open Access Journals (Sweden)

E.O.S.ODHIAMBO

2013-10-01

Full Text Available The incursion of Kenya Defence Forces (KDF into Somalia was met by a series of threats from the Al-Shabaab that it would increase the attacks against Kenya if the troops were not withdrawn. The capture of Kismayu by KDF has weakened the nerve of Al-Shabaab but has not eliminated the imminent danger of a substantive terror attack. Since the incursion by KDF, Kenya has succumbed to a sequence of grenade and Improvised Explosive Devices attacks, roadside bombs, landmines and raids by fighters using small arms and light weapons and Rocket Propelled Grenades against Kenyans mostly in North Eastern, Coastal and Nairobi counties, marking the resurgence of terrorism in the country. We argue that Kenya is more vulnerable to Al-Shabaab terrorists attack than before the KDF incursion by citing the frequencies of reprisal attacks from October 2011 to January 2013. Hence, our troops should be withdrawn and deployed within our boundary.

Thwarting Nonintrusive Occupancy Detection Attacks from Smart Meters

Directory of Open Access Journals (Sweden)

Dapeng Man

2017-01-01

Full Text Available Occupancy information is one of the most important privacy issues of a home. Unfortunately, an attacker is able to detect occupancy from smart meter data. The current battery-based load hiding (BLH methods cannot solve this problem. To thwart occupancy detection attacks, we propose a framework of battery-based schemes to prevent occupancy detection (BPOD. BPOD monitors the power consumption of a home and detects the occupancy in real time. According to the detection result, BPOD modifies those statistical metrics of power consumption, which highly correlate with the occupancy by charging or discharging a battery, creating a delusion that the home is always occupied. We evaluate BPOD in a simulation using several real-world smart meter datasets. Our experiment results show that BPOD effectively prevents the threshold-based and classifier-based occupancy detection attacks. Furthermore, BPOD is also able to prevent nonintrusive appliance load monitoring attacks (NILM as a side-effect of thwarting detection attacks.

Detecting peripheral-based attacks on the host memory

CERN Document Server

Stewin, Patrick

2015-01-01

This work addresses stealthy peripheral-based attacks on host computers and presents a new approach to detecting them. Peripherals can be regarded as separate systems that have a dedicated processor and dedicated runtime memory to handle their tasks. The book addresses the problem that peripherals generally communicate with the host via the host’s main memory, storing cryptographic keys, passwords, opened files and other sensitive data in the process – an aspect attackers are quick to exploit.  Here, stealthy malicious software based on isolated micro-controllers is implemented to conduct an attack analysis, the results of which provide the basis for developing a novel runtime detector. The detector reveals stealthy peripheral-based attacks on the host’s main memory by exploiting certain hardware properties, while a permanent and resource-efficient measurement strategy ensures that the detector is also capable of detecting transient attacks, which can otherwise succeed when the applied strategy only me...

An improved technique for the detection of pilot contamination attacks in TDD wireless communication systems

Directory of Open Access Journals (Sweden)

Mihaylova Dimitriya

2017-01-01

Full Text Available One of the problems phasing the physical layer security of a wireless system is its vulnerability to pilot contamination attacks and hence schemes for its detection need to be applied. A method proposed in the literature consists of training with two N-PSK pilots. Although the method is effective in most of the cases, it is not able to discover an attack initiated during the transmission of the second pilot from the pair if both the legitimate and non-legitimate pilots coincide. In this current paper, an improvement to this method is proposed which detects an intruder who misses the first pilot transmission. The suggested improvement eliminates the usage of threshold values in the detection – a main drawback of previously existing solution.

Multi-Layer Approach for the Detection of Selective Forwarding Attacks.

Science.gov (United States)

Alajmi, Naser; Elleithy, Khaled

2015-11-19

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Multi-Layer Approach for the Detection of Selective Forwarding Attacks

Directory of Open Access Journals (Sweden)

Naser Alajmi

2015-11-01

Full Text Available Security breaches are a major threat in wireless sensor networks (WSNs. WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD. The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Adversarial Feature Selection Against Evasion Attacks.

Science.gov (United States)

Zhang, Fei; Chan, Patrick P K; Biggio, Battista; Yeung, Daniel S; Roli, Fabio

2016-03-01

Pattern recognition and machine learning techniques have been increasingly adopted in adversarial settings such as spam, intrusion, and malware detection, although their security against well-crafted attacks that aim to evade detection by manipulating data at test time has not yet been thoroughly assessed. While previous work has been mainly focused on devising adversary-aware classification algorithms to counter evasion attempts, only few authors have considered the impact of using reduced feature sets on classifier security against the same attacks. An interesting, preliminary result is that classifier security to evasion may be even worsened by the application of feature selection. In this paper, we provide a more detailed investigation of this aspect, shedding some light on the security properties of feature selection against evasion attacks. Inspired by previous work on adversary-aware classifiers, we propose a novel adversary-aware feature selection model that can improve classifier security against evasion attacks, by incorporating specific assumptions on the adversary's data manipulation strategy. We focus on an efficient, wrapper-based implementation of our approach, and experimentally validate its soundness on different application examples, including spam and malware detection.

Trojan-horse attacks on quantum-key-distribution systems

International Nuclear Information System (INIS)

Gisin, N.; Fasel, S.; Kraus, B.; Zbinden, H.; Ribordy, G.

2006-01-01

General Trojan-horse attacks on quantum-key-distribution systems, i.e., attacks on Alice or Bob's system via the quantum channel, are analyzed. We illustrate the power of such attacks with today's technology and conclude that all systems must implement active counter measures. In particular, all systems must include an auxiliary detector that monitors any incoming light. We show that such counter measures can be efficient, provided that enough additional privacy amplification is applied to the data. We present a practical way to reduce the maximal information gain that an adversary can gain using Trojan-horse attacks. This does reduce the security analysis of the two-way plug-and-play implementation to those of the standard one-way systems

12 CFR 308.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 4 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... PRACTICE RULES OF PRACTICE AND PROCEDURE Uniform Rules of Practice and Procedure § 308.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any...

12 CFR 19.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 1 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... OF PRACTICE AND PROCEDURE Uniform Rules of Practice and Procedure § 19.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any court concerning all...

Drammer : Deterministic Rowhammer attacks on mobile platforms

NARCIS (Netherlands)

Van Der Veen, Victor; Fratantonio, Yanick; Lindorfer, Martina; Gruss, Daniel; Maurice, Clémentine; Vigna, Giovanni; Bos, Herbert; Razavi, Kaveh; Giuffrida, Cristiano

2016-01-01

Recent work shows that the Rowhammer hardware bug can be used to craft powerful attacks and completely subvert a system. However, existing efforts either describe probabilistic (and thus unreliable) attacks or rely on special (and often unavailable) memory management features to place victim objects

A Comprehensive Taxonomy and Analysis of IEEE 802.15.4 Attacks

Directory of Open Access Journals (Sweden)

Yasmin M. Amin

2016-01-01

Full Text Available The IEEE 802.15.4 standard has been established as the dominant enabling technology for Wireless Sensor Networks (WSNs. With the proliferation of security-sensitive applications involving WSNs, WSN security has become a topic of great significance. In comparison with traditional wired and wireless networks, WSNs possess additional vulnerabilities which present opportunities for attackers to launch novel and more complicated attacks against such networks. For this reason, a thorough investigation of attacks against WSNs is required. This paper provides a single unified survey that dissects all IEEE 802.15.4 PHY and MAC layer attacks known to date. While the majority of existing references investigate the motive and behavior of each attack separately, this survey classifies the attacks according to clear metrics within the paper and addresses the interrelationships and differences between the attacks following their classification. The authors’ opinions and comments regarding the placement of the attacks within the defined classifications are also provided. A comparative analysis between the classified attacks is then performed with respect to a set of defined evaluation criteria. The first half of this paper addresses attacks on the IEEE 802.15.4 PHY layer, whereas the second half of the paper addresses IEEE 802.15.4 MAC layer attacks.

The accountability problem of flooding attacks in service-oriented architectures

DEFF Research Database (Denmark)

Jensen, Meiko; Schwenk, Jörg

2009-01-01

The threat of Denial of Service attacks poses a serious problem to the security of network-based services in general. For flooding attacks against service-oriented applications, this threat is dramatically amplified with potentially much higher impact and very little effort on the attacker's side....... Additionally, due to the high distribution of a SOA application's components, fending such attacks becomes a far more complex task. In this paper, we present the problem of accountability, referring to the issue of resolving the attacker in a highly distributed service-oriented application. Using a general...

Attack Helicopter Operations: Art or Science

Science.gov (United States)

1991-05-13

ATTACK HELICOPTER OPERATIONS: ART OR SCIENCE ? BY LIEUTENANT COLONEL JAN CALLEN United States Army DISTRIBUTION STATEMENT A: Approved for public release...TASK IWORK UNIT ELEMENT NO. NO. NO. ACCESSION NC 11. TITLE (Include Socurity Classification) Attack Helicopter Operations: Art or Science ? 12. PERSONAL...OPERATIONS: ART OR SCIENCE ? AN INDIVIDUAL STUDY PROJECT by Lieutenant Colonel Jan Callen United States Army Colonel Greg Snelgrove Project Adviser U.S

Attacker Model Lab

OpenAIRE

2006-01-01

tut quiz present Tutorial Quiz Presentation Interactive Media Element This interactive tutorial the two sub-classes of computer attackers: amateurs and professionals. It provides valuable insight into the nature of necessary protection measure for information assets. CS3600 Information Assurance: Introduction to Computer Security Course

A Secure Localization Approach against Wormhole Attacks Using Distance Consistency

Directory of Open Access Journals (Sweden)

Lou Wei

2010-01-01

Full Text Available Wormhole attacks can negatively affect the localization in wireless sensor networks. A typical wormhole attack can be launched by two colluding attackers, one of which sniffs packets at one point in the network and tunnels them through a wired or wireless link to another point, and the other relays them within its vicinity. In this paper, we investigate the impact of the wormhole attack on the localization and propose a novel distance-consistency-based secure localization scheme against wormhole attacks, which includes three phases of wormhole attack detection, valid locators identification and self-localization. The theoretical model is further formulated to analyze the proposed secure localization scheme. The simulation results validate the theoretical results and also demonstrate the effectiveness of our proposed scheme.

12 CFR 747.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... INVESTIGATIONS Uniform Rules of Practice and Procedure § 747.17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in any court concerning all or any part of an...

Phase-remapping attack in practical quantum-key-distribution systems

International Nuclear Information System (INIS)

Fung, Chi-Hang Fred; Qi, Bing; Lo, Hoi-Kwong; Tamaki, Kiyoshi

2007-01-01

Quantum key distribution (QKD) can be used to generate secret keys between two distant parties. Even though QKD has been proven unconditionally secure against eavesdroppers with unlimited computation power, practical implementations of QKD may contain loopholes that may lead to the generated secret keys being compromised. In this paper, we propose a phase-remapping attack targeting two practical bidirectional QKD systems (the 'plug-and-play' system and the Sagnac system). We showed that if the users of the systems are unaware of our attack, the final key shared between them can be compromised in some situations. Specifically, we showed that, in the case of the Bennett-Brassard 1984 (BB84) protocol with ideal single-photon sources, when the quantum bit error rate (QBER) is between 14.6% and 20%, our attack renders the final key insecure, whereas the same range of QBER values has been proved secure if the two users are unaware of our attack; also, we demonstrated three situations with realistic devices where positive key rates are obtained without the consideration of Trojan horse attacks but in fact no key can be distilled. We remark that our attack is feasible with only current technology. Therefore, it is very important to be aware of our attack in order to ensure absolute security. In finding our attack, we minimize the QBER over individual measurements described by a general POVM, which has some similarity with the standard quantum state discrimination problem

Integrated approach for investigating the durability of self-consolidating concrete to sulfate attack

Science.gov (United States)

Bassuoni, Mohamed Tamer F.

factor from multiple performance criteria was created for the ammonium sulfate exposure. Environmental charts were developed to determine the level of aggression associated with sodium sulfate attack from temperature, RH and degree of wetting-drying expected in service. This novel modeling approach showed promising success in handling complex durability topics such as the sulfate attack of concrete, which involves non-linearity, ambiguity and interface with operator approximation. The current thesis provides needed fundamental knowledge on the durability of a wide scope of SCC mixtures to various sulfate attack exposure scenarios. It elucidates complex deterioration mechanisms and failure modes of cement-based materials under multi-mechanistic aging processes. It also proposes carefully engineered integrated sulfate attack tests that replicate various sulfate attack exposure regimes, which could be refined and standardized in the future. In addition, the current work introduced original knowledge-based smart models capable of handling uncertainty and providing reliable predictions for the behaviour of concrete under external sulfate attack. The models do not require conducting exhaustive laboratory experiments and/or making assumptions, thus facilitating the selection of optimum concrete mixtures for a specified exposure. Overall, this research should effectively contribute to the development of performance-based standards and specifications for, and improvement of durability-based design and life-cycle analysis of concrete structures subjected to external sulfate attack. Keywords. Sulfate attack, self-consolidating concrete, integrated testing, composite cements, air-entrainment, hybrid fibres, full immersion, cations, pH, wetting-drying, partial immersion, freezing-thawing, cyclic cold-hot conditions, flexural loading, thaumasite, salt crystallization, fuzzy, neuro-fuzzy, systems.

Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis.

Science.gov (United States)

Zhou, Wei; Wen, Junhao; Koh, Yun Sing; Xiong, Qingyu; Gao, Min; Dobbie, Gillian; Alam, Shafiq

2015-01-01

Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis

Science.gov (United States)

Zhou, Wei; Wen, Junhao; Koh, Yun Sing; Xiong, Qingyu; Gao, Min; Dobbie, Gillian; Alam, Shafiq

2015-01-01

Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim’ based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks. PMID:26222882

Collaborative Attack Mitigation and Response: A survey

NARCIS (Netherlands)

Steinberger, Jessica; Sperotto, Anna; Baier, Harald; Pras, Aiko

2015-01-01

Over recent years, network-based attacks have become to one of the top causes of network infrastructure and service outages. To counteract a network-based attack, an approach is to move mitigation from the target network to the networks of Internet Service Providers (ISP). However, it remains

The role of sleep in migraine attacks

Directory of Open Access Journals (Sweden)

Elaine Inamorato

1993-11-01

Full Text Available Migraine attacks may be precipitated by sleep deprivation or excessive sleep and sleep is also associated with relief of migraine attacks. In view of this variable relationship we studied the records of 159 consecutive outpatients of our Headache Unit. In 121 records there was reference to sleep involvement, in 55% by a single form and in 45% by more than one form. When only one form was related, relief was most common (70%. 30% of that group of patients had the migraine attack precipitated by sleep, 24% by deprivation and 6% by sleep excess. When the effects of sleep were multiple, these effects were as expected logically in 65%: «in accordance» group (e.g attack precipitated by sleep deprivation and relieved by sleep onset. In a second group, («conflicting» where the involvement was not logical, there were three different combinations of sleep involvement, possibly due to more than one pathophysiological mechanism.

Mountain Pine Beetle Dynamics and Reproductive Success in Post-Fire Lodgepole and Ponderosa Pine Forests in Northeastern Utah.

Directory of Open Access Journals (Sweden)

Andrew P Lerch

Full Text Available Fire injury can increase tree susceptibility to some bark beetles (Curculionidae, Scolytinae, but whether wildfires can trigger outbreaks of species such as mountain pine beetle (Dendroctonus ponderosae Hopkins is not well understood. We monitored 1173 lodgepole (Pinus contorta var. latifolia Doug. and 599 ponderosa (Pinus ponderosa Doug. ex Law pines for three years post-wildfire in the Uinta Mountains of northeastern Utah in an area with locally endemic mountain pine beetle. We examined how the degree and type of fire injury influenced beetle attacks, brood production, and subsequent tree mortality, and related these to beetle population changes over time. Mountain pine beetle population levels were high the first two post-fire years in lodgepole pine, and then declined. In ponderosa pine, populations declined each year after initial post-fire sampling. Compared to trees with strip or failed attacks, mass attacks occurred on trees with greater fire injury, in both species. Overall, a higher degree of damage to crowns and boles was associated with higher attack rates in ponderosa pines, but additional injury was more likely to decrease attack rates in lodgepole pines. In lodgepole pine, attacks were initially concentrated on fire-injured trees, but during subsequent years beetles attacked substantial numbers of uninjured trees. In ponderosa pine, attacks were primarily on injured trees each year, although these stands were more heavily burned and had few uninjured trees. In total, 46% of all lodgepole and 56% of ponderosa pines underwent some degree of attack. Adult brood emergence within caged bole sections decreased with increasing bole char in lodgepole pine but increased in ponderosa pine, however these relationships did not scale to whole trees. Mountain pine beetle populations in both tree species four years post-fire were substantially lower than the year after fire, and wildfire did not result in population outbreaks.

Mountain Pine Beetle Dynamics and Reproductive Success in Post-Fire Lodgepole and Ponderosa Pine Forests in Northeastern Utah.

Science.gov (United States)

Lerch, Andrew P; Pfammatter, Jesse A; Bentz, Barbara J; Raffa, Kenneth F

2016-01-01

Fire injury can increase tree susceptibility to some bark beetles (Curculionidae, Scolytinae), but whether wildfires can trigger outbreaks of species such as mountain pine beetle (Dendroctonus ponderosae Hopkins) is not well understood. We monitored 1173 lodgepole (Pinus contorta var. latifolia Doug.) and 599 ponderosa (Pinus ponderosa Doug. ex Law) pines for three years post-wildfire in the Uinta Mountains of northeastern Utah in an area with locally endemic mountain pine beetle. We examined how the degree and type of fire injury influenced beetle attacks, brood production, and subsequent tree mortality, and related these to beetle population changes over time. Mountain pine beetle population levels were high the first two post-fire years in lodgepole pine, and then declined. In ponderosa pine, populations declined each year after initial post-fire sampling. Compared to trees with strip or failed attacks, mass attacks occurred on trees with greater fire injury, in both species. Overall, a higher degree of damage to crowns and boles was associated with higher attack rates in ponderosa pines, but additional injury was more likely to decrease attack rates in lodgepole pines. In lodgepole pine, attacks were initially concentrated on fire-injured trees, but during subsequent years beetles attacked substantial numbers of uninjured trees. In ponderosa pine, attacks were primarily on injured trees each year, although these stands were more heavily burned and had few uninjured trees. In total, 46% of all lodgepole and 56% of ponderosa pines underwent some degree of attack. Adult brood emergence within caged bole sections decreased with increasing bole char in lodgepole pine but increased in ponderosa pine, however these relationships did not scale to whole trees. Mountain pine beetle populations in both tree species four years post-fire were substantially lower than the year after fire, and wildfire did not result in population outbreaks.

Explaining the success or failure of quality improvement initiatives in long-term care organizations from a dynamic perspective.

Science.gov (United States)

Etheridge, Francis; Couturier, Yves; Denis, Jean-Louis; Tremblay, Lucie; Tannenbaum, Cara

2014-09-01

The purpose of this study was to better understand why change initiatives succeed or fail in long-term care organizations. Four case studies from Québec, Canada were contrasted retrospectively. A constipation and restraints program succeeded, while an incontinence and falls program failed. Successful programs were distinguished by the use of a change strategy that combined "let-it happen," "help-it happen," and "make-it happen" interventions to create senses of urgency, solidarity, intensity, and accumulation. These four active ingredients of the successful change strategies propelled their respective change processes forward to completion. This paper provides concrete examples of successful and unsuccessful combinations of "let-it happen," "help-it happen," and "make-it happen" change management interventions. Change managers (CM) can draw upon these examples to best tailor and energize change management strategies in their own organizations. © The Author(s) 2013.

Messaging Attacks on Android: Vulnerabilities and Intrusion Detection

Directory of Open Access Journals (Sweden)

Khodor Hamandi

2015-01-01

Full Text Available Currently, Android is the leading mobile operating system in number of users worldwide. On the security side, Android has had significant challenges despite the efforts of the Android designers to provide a secure environment for apps. In this paper, we present numerous attacks targeting the messaging framework of the Android system. Our focus is on SMS, USSD, and the evolution of their associated security in Android and accordingly the development of related attacks. Also, we shed light on the Android elements that are responsible for these attacks. Furthermore, we present the architecture of an intrusion detection system (IDS that promises to thwart SMS messaging attacks. Our IDS shows a detection rate of 87.50% with zero false positives.

Niffler: A Context-Aware and User-Independent Side-Channel Attack System for Password Inference

Directory of Open Access Journals (Sweden)

Benxiao Tang

2018-01-01

Full Text Available Digital password lock has been commonly used on mobile devices as the primary authentication method. Researches have demonstrated that sensors embedded on mobile devices can be employed to infer the password. However, existing works focus on either each single keystroke inference or entire password sequence inference, which are user-dependent and require huge efforts to collect the ground truth training data. In this paper, we design a novel side-channel attack system, called Niffler, which leverages the user-independent features of movements of tapping consecutive buttons to infer unlocking passwords on smartphones. We extract angle features to reflect the changing trends and build a multicategory classifier combining the dynamic time warping algorithm to infer the probability of each movement. We further use the Markov model to model the unlocking process and use the sequences with the highest probabilities as the attack candidates. Moreover, the sensor readings of successful attacks will be further fed back to continually improve the accuracy of the classifier. In our experiments, 100,000 samples collected from 25 participants are used to evaluate the performance of Niffler. The results show that Niffler achieves 70% and 85% accuracy with 10 attempts in user-independent and user-dependent environments with few training samples, respectively.

Defending networks against denial-of-service attacks

Science.gov (United States)

Gelenbe, Erol; Gellman, Michael; Loukas, George

2004-11-01

Denial of service attacks, viruses and worms are common tools for malicious adversarial behavior in networks. Experience shows that over the last few years several of these techniques have probably been used by governments to impair the Internet communications of various entities, and we can expect that these and other information warfare tools will be used increasingly as part of hostile behavior either independently, or in conjunction with other forms of attack in conventional or asymmetric warfare, as well as in other forms of malicious behavior. In this paper we concentrate on Distributed Denial of Service Attacks (DDoS) where one or more attackers generate flooding traffic and direct it from multiple sources towards a set of selected nodes or IP addresses in the Internet. We first briefly survey the literature on the subject, and discuss some examples of DDoS incidents. We then present a technique that can be used for DDoS protection based on creating islands of protection around a critical information infrastructure. This technique, that we call the CPN-DoS-DT (Cognitive Packet Networks DoS Defence Technique), creates a self-monitoring sub-network surrounding each critical infrastructure node. CPN-DoS-DT is triggered by a DDoS detection scheme, and generates control traffic from the objects of the DDoS attack to the islands of protection where DDOS packet flows are destroyed before they reach the critical infrastructure. We use mathematical modelling, simulation and experiments on our test-bed to show the positive and negative outcomes that may result from both the attack, and the CPN-DoS-DT protection mechanism, due to imperfect detection and false alarms.

Robust and Efficient Authentication Scheme for Session Initiation Protocol

Directory of Open Access Journals (Sweden)

Yanrong Lu

2015-01-01

Full Text Available The session initiation protocol (SIP is a powerful application-layer protocol which is used as a signaling one for establishing, modifying, and terminating sessions among participants. Authentication is becoming an increasingly crucial issue when a user asks to access SIP services. Hitherto, many authentication schemes have been proposed to enhance the security of SIP. In 2014, Arshad and Nikooghadam proposed an enhanced authentication and key agreement scheme for SIP and claimed that their scheme could withstand various attacks. However, in this paper, we show that Arshad and Nikooghadam’s authentication scheme is still susceptible to key-compromise impersonation and trace attacks and does not provide proper mutual authentication. To conquer the flaws, we propose a secure and efficient ECC-based authentication scheme for SIP. Through the informal and formal security analyses, we demonstrate that our scheme is resilient to possible known attacks including the attacks found in Arshad et al.’s scheme. In addition, the performance analysis shows that our scheme has similar or better efficiency in comparison with other existing ECC-based authentication schemes for SIP.

Performance Improvement of Power Analysis Attacks on AES with Encryption-Related Signals

Science.gov (United States)

Lee, You-Seok; Lee, Young-Jun; Han, Dong-Guk; Kim, Ho-Won; Kim, Hyoung-Nam

A power analysis attack is a well-known side-channel attack but the efficiency of the attack is frequently degraded by the existence of power components, irrelative to the encryption included in signals used for the attack. To enhance the performance of the power analysis attack, we propose a preprocessing method based on extracting encryption-related parts from the measured power signals. Experimental results show that the attacks with the preprocessed signals detect correct keys with much fewer signals, compared to the conventional power analysis attacks.

Mass casualty response in the 2008 Mumbai terrorist attacks.

Science.gov (United States)

Roy, Nobhojit; Kapil, Vikas; Subbarao, Italo; Ashkenazi, Isaac

2011-12-01

The November 26-29, 2008, terrorist attacks on Mumbai were unique in its international media attention, multiple strategies of attack, and the disproportionate national fear they triggered. Everyone was a target: random members of the general population, iconic targets, and foreigners alike were under attack by the terrorists. A retrospective, descriptive study of the distribution of terror victims to various city hospitals, critical radius, surge capacity, and the nature of specialized medical interventions was gathered through police, legal reports, and interviews with key informants. Among the 172 killed and 304 injured people, about four-fifths were men (average age, 33 years) and 12% were foreign nationals. The case-fatality ratio for this event was 2.75:1, and the mortality rate among those who were critically injured was 12%. A total of 38.5% of patients arriving at the hospitals required major surgical intervention. Emergency surgical operations were mainly orthopedic (external fixation for compound fractures) and general surgical interventions (abdominal explorations for penetrating bullet/shrapnel injuries). The use of heavy-duty automatic weapons, explosives, hostages, and arson in these terrorist attacks alerts us to new challenges to medical counterterrorism response. The need for building central medical control for a coordinated response and for strengthening public hospital capacity are lessons learned for future attacks. These particular terrorist attacks had global consequences, in terms of increased security checks and alerts for and fears of further similar "Mumbai-style" attacks. The resilience of the citizens of Mumbai is a critical measure of the long-term effects of terror attacks.

1994 Attack Team Workshop: Phase II - Full-Scale Offensive Fog Attack Tests

National Research Council Canada - National Science Library

Scheffey, Joseph

1997-01-01

.... This report demonstrates the benefits of using a medium angle fog stream to control the overhead fire threat when conducting a direct attack on a growing/steady state fire where the sea of the fire is obstructed...

Tofacitinib suppresses disease activity and febrile attacks in a patient with coexisting rheumatoid arthritis and familial Mediterranean fever.

Science.gov (United States)

Gök, Kevser; Cengiz, Gizem; Erol, Kemal; Ozgocmen, Salih

2017-01-01

Familial Mediterranean fever (FMF) is the most common hereditary auto-inflammatory (periodic fever) syndrome, and usually successfully treated with colchicine. However, nearly 5-10% of FMF cases are resistant or intolerant to colchicine and treatment options are highly restricted in these cases. Biologics including anakinra, canakinumab, rilonacept, etanercept, infliximab, interferon-alpha, and tocilizumab are shown to have efficacy to control FMF attacks. Tofacitinib, a Janus kinase (JAK) inhibitor, is an orally administered non-biologic disease modifying anti-rheumatic drug for the treatment of rheumatoid arthritis (RA). Herein we report a female patient with coexisting RA and colchicine resistant FMF whose FMF attacks and disease activity were completely controlled after treatment with tofacitinib, a small-molecule JAK3 inhibitor.

Novel mechanism of network protection against the new generation of cyber attacks

Science.gov (United States)

Milovanov, Alexander; Bukshpun, Leonid; Pradhan, Ranjit

2012-06-01

A new intelligent mechanism is presented to protect networks against the new generation of cyber attacks. This mechanism integrates TCP/UDP/IP protocol stack protection and attacker/intruder deception to eliminate existing TCP/UDP/IP protocol stack vulnerabilities. It allows to detect currently undetectable, highly distributed, low-frequency attacks such as distributed denial-of-service (DDoS) attacks, coordinated attacks, botnet, and stealth network reconnaissance. The mechanism also allows insulating attacker/intruder from the network and redirecting the attack to a simulated network acting as a decoy. As a result, network security personnel gain sufficient time to defend the network and collect the attack information. The presented approach can be incorporated into wireless or wired networks that require protection against known and the new generation of cyber attacks.

Software test attacks to break mobile and embedded devices

CERN Document Server

Hagar, Jon Duncan

2013-01-01

Address Errors before Users Find Them Using a mix-and-match approach, Software Test Attacks to Break Mobile and Embedded Devices presents an attack basis for testing mobile and embedded systems. Designed for testers working in the ever-expanding world of ""smart"" devices driven by software, the book focuses on attack-based testing that can be used by individuals and teams. The numerous test attacks show you when a software product does not work (i.e., has bugs) and provide you with information about the software product under test. The book guides you step by step starting with the basics. It

Modeling attacking of high skills volleyball players

Directory of Open Access Journals (Sweden)

Vladimir Gamaliy

2014-12-01

Full Text Available Purpose: to determine the model indicators of technical and tactical actions in the attack highly skilled volleyball players. Material and Methods: the study used statistical data of major international competitions: Olympic Games – 2012 World Championships – 2010, World League – 2010–2014 European Championship – 2010–2014. A total of 130 analyzed games. Methods were used: analysis and generalization of scientific and methodological literature, analysis of competitive activity highly skilled volleyball players, teacher observation, modeling technical and tactical actions in attacking highly skilled volleyball players. Results: it was found that the largest volume application of technical and tactical actions in the attack belongs to the group tactics «supple movement», whose indicator is 21,3%. The smallest amount of application belongs to the group tactics «flight level» model whose indicators is 5,4%, the efficiency of 3,4%, respectively. It is found that the power service in the jump from model parameters used in 51,6% of cases, the planning targets – 21,7% and 4,4% planning to reduce. Attacks performed with the back line, on model parameters used in the amount of 20,8% efficiency –13,7%. Conclusions: we prove that the performance of technical and tactical actions in the attack can be used as model in the control system of training and competitive process highly skilled volleyball players

Sleep Deprivation Attack Detection in Wireless Sensor Network

OpenAIRE

Bhattasali, Tapalina; Chaki, Rituparna; Sanyal, Sugata

2012-01-01

Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maxi...

Calcium Supplements: A Risk Factor for Heart Attack?

Science.gov (United States)

... factor for heart attack? I've read that calcium supplements may increase the risk of heart attack. ... D. Some doctors think it's possible that taking calcium supplements may increase your risk of a heart ...

Involvement of individual subsites and secondary substrate binding sites in multiple attack on amylose by barley alpha-amylase

DEFF Research Database (Denmark)

Kramhøft, Birte; Bak-Jensen, Kristian Sass; Mori, Haruhide

2005-01-01

Barley alpha-amylase 1 (AMY1) hydrolyzed amylose with a degree of multiple attack (DMA) of 1.9; that is, on average, 2.9 glycoside bonds are cleaved per productive enzyme-substrate encounter. Six AMY1 mutants, spanning the substrate binding cleft from subsites -6 to +4, and a fusion protein, AMY1...... translocation of substrate in the binding cleft upon the initial cleavage to produce G6-G10, essentially independent of subsite mutations, and short-distance moves resulting in individually very different rates of release of G1-G4. Accordingly, the degree of multiple attack as well as the profile of products...

Multilevel Modeling of Distributed Denial of Service Attacks in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Katarzyna Mazur

2016-01-01

Full Text Available The growing popularity of wireless sensor networks increases the risk of security attacks. One of the most common and dangerous types of attack that takes place these days in any electronic society is a distributed denial of service attack. Due to the resource constraint nature of mobile sensors, DDoS attacks have become a major threat to its stability. In this paper, we established a model of a structural health monitoring network, being disturbed by one of the most common types of DDoS attacks, the flooding attack. Through a set of simulations, we explore the scope of flood-based DDoS attack problem, assessing the performance and the lifetime of the network under the attack condition. To conduct our research, we utilized the Quality of Protection Modeling Language. With the proposed approach, it was possible to examine numerous network configurations, parameters, attack options, and scenarios. The results of the carefully performed multilevel analysis allowed us to identify a new kind of DDoS attack, the delayed distributed denial of service, by the authors, referred to as DDDoS attack. Multilevel approach to DDoS attack analysis confirmed that, examining endangered environments, it is significant to take into account many characteristics at once, just to not overlook any important aspect.

Quick Reference: Cyber Attacks Awareness and Prevention Method for Home Users

OpenAIRE

Haydar Teymourlouei

2015-01-01

It is important to take security measures to protect your computer information, reduce identify theft, and prevent from malicious cyber-attacks. With cyber-attacks on the continuous rise, people need to understand and learn ways to prevent from these attacks. Cyber-attack is an important factor to be considered if one is to be able to protect oneself from malicious attacks. Without proper security measures, most computer technology would hinder home users more than such t...

Takotsubo cardiomyopathy following recurrent doses of albuterol due to asthma attack: a very rare case report.

Science.gov (United States)

Parsa, Saeed Alipour; Khaheshi, Isa; Memaryan, Mehdi; Naderian, Mohammadreza

2016-11-01

To present an unusual case in order to clarify one of the most important differential diagnoses of ST-elevation myocardial infarction in a postmenopausal woman. A 72-year-old woman with asthma attack and retrosternal chest pain was presented to our emergency unit. She had used albuterol spray ten-times before admission due to accentuated dyspnea. Initial ECG revealed ST-segment elevation in leads V1-V6, I and aVL. Emergent coronary angiography indicated normal coronary arteries, and left ventriculography showed significant akinesia of apical segments. This unusual case emphasizes the fact that emergency physicians and cardiologists should be familiar with Takotsubo cardiomyopathy following overuse of β 2 -agonist due to asthma attack that can mimic ST-elevation myocardial infarction.

Strengthening Crypto-1 Cipher Against Algebraic Attacks

Directory of Open Access Journals (Sweden)

Farah Afianti

2015-08-01

Full Text Available In the last few years, several studies addressed the problem of data security in Mifare Classic. One of its weaknesses is the low random number quality. This causes SAT solver attacks to have lower complexity. In order to strengthen Crypto-1 against SAT solver attacks, a modification of the feedback function with better cryptographic properties is proposed. It applies a primitive polynomial companion matrix. SAT solvers cannot directly attack the feedback shift register that uses the modified Boolean feedback function, the register has to be split into smaller groups. Experimental testing showed that the amount of memory and CPU time needed were highest when attacking the modified Crypto-1 using the modified feedback function and the original filter function. In addition, another modified Crypto-1, using the modified feedback function and a modified filter function, had the lowest percentage of revealed variables. It can be concluded that the security strength and performance of the modified Crypto-1 using the modified feedback function and the modified filter function are better than those of the original Crypto-1.

A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees

NARCIS (Netherlands)

Jhawar, Ravi; Lounis, Karim; Mauw, Sjouke

2016-01-01

Cyber attacks are becoming increasingly complex, practically sophisticated and organized. Losses due to such attacks are important, varying from the loss of money to business reputation spoilage. Therefore, there is a great need for potential victims of cyber attacks to deploy security solutions

Routine delayed voiding cystourethography after initial successful endoscopic treatment with Dextranomer/Hialuronic Acid Copolimer (Dx/HA) of vesicoureteral reflux (VUR). Is it necessary?

Science.gov (United States)

García-Aparicio, L; Blázquez-Gómez, E; Vila Santandreu, A; Camacho Diaz, J A; Vila-Cots, J; Ramos Cebrian, M; de Haro, I; Martin, O; Tarrado, X

2016-12-01

Some guidelines recommend an early voiding cystourethrography (VCUG) after endoscopic treatment of vesicoureteral reflux (VUR), but there's no consensus if it's necessary a long-term follow-up in these patients. The aim of our study is analyze if it's necessary a delayed VCUG after initial successful treatment with Dx/HA. We have reviewed all medical charts of patients that underwent Dx/HA treatment from 2006 to 2010. We have selected patients with initial successful treatment and more than 3 years of radiological and clinical follow-up. We have analyzed late clinical and radiological outcomes. One hundred and sixty children with 228 refluxing ureters underwent Dx/HA endoscopic treatment with a mean follow-up of 52.13 months. Early VCUG was performed in 215 ureters with an initial successful rate of 84.1%. The group of study was 94/215 ureters with more than 3 years of follow-up with a delayed VCUG. VUR was still resolved in 79,8% of the ureters. Clinical success rate was 91.7%. The incidence of febrile urinary tract infection in those patients with cured VUR and those with a relapsed VUR was 8 and 15%, respectively; but there were no significant differences. We have not found any variable related with relapsed VUR except those ureters that initially received 2 injections (P<.05). If our objective in the treatment of VUR is to reduce the incidence of febrile urinary tract infection it is not necessary to perform a delayed VCUG even though the long-term radiological outcomes is worse than clinical outcome. Copyright © 2016 AEU. Publicado por Elsevier España, S.L.U. All rights reserved.

Vulnerability of water supply systems to cyber-physical attacks

Science.gov (United States)

Galelli, Stefano; Taormina, Riccardo; Tippenhauer, Nils; Salomons, Elad; Ostfeld, Avi

2016-04-01

The adoption of smart meters, distributed sensor networks and industrial control systems has largely improved the level of service provided by modern water supply systems. Yet, the progressive computerization exposes these critical infrastructures to cyber-physical attacks, which are generally aimed at stealing critical information (cyber-espionage) or causing service disruption (denial-of-service). Recent statistics show that water and power utilities are undergoing frequent attacks - such as the December power outage in Ukraine - , attracting the interest of operators and security agencies. Taking the security of Water Distribution Networks (WDNs) as domain of study, our work seeks to characterize the vulnerability of WDNs to cyber-physical attacks, so as to conceive adequate defense mechanisms. We extend the functionality of EPANET, which models hydraulic and water quality processes in pressurized pipe networks, to include a cyber layer vulnerable to repeated attacks. Simulation results on a medium-scale network show that several hydraulic actuators (valves and pumps, for example) can be easily attacked, causing both service disruption - i.e., water spillage and loss of pressure - and structural damages - e.g., pipes burst. Our work highlights the need for adequate countermeasures, such as attacks detection and reactive control systems.

Security Measurement for Unknown Threats Based on Attack Preferences

Directory of Open Access Journals (Sweden)

Lihua Yin

2018-01-01

Full Text Available Security measurement matters to every stakeholder in network security. It provides security practitioners the exact security awareness. However, most of the works are not applicable to the unknown threat. What is more, existing efforts on security metric mainly focus on the ease of certain attack from a theoretical point of view, ignoring the “likelihood of exploitation.” To help administrator have a better understanding, we analyze the behavior of attackers who exploit the zero-day vulnerabilities and predict their attack timing. Based on the prediction, we propose a method of security measurement. In detail, we compute the optimal attack timing from the perspective of attacker, using a long-term game to estimate the risk of being found and then choose the optimal timing based on the risk and profit. We design a learning strategy to model the information sharing mechanism among multiattackers and use spatial structure to model the long-term process. After calculating the Nash equilibrium for each subgame, we consider the likelihood of being attacked for each node as the security metric result. The experiment results show the efficiency of our approach.

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users.

Science.gov (United States)

Veksler, Vladislav D; Buchler, Norbou; Hoffman, Blaine E; Cassenti, Daniel N; Sample, Char; Sugrim, Shridat

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting.

The Need for Situational Awareness in a CBRNE Attack

Directory of Open Access Journals (Sweden)

Jordan Nelms

2011-02-01

Full Text Available Six years before the terrorist attacks on the World Trade Center and the Pentagon, and eight years before the United States went to war with Saddam Hussein for his alleged concealment of chemical and biological weapons caches, Japan's Tokyo subway was struck by one of the most vicious terror attacks in modern history.  The 1995 Sarin terrorist attack represents an important case study for post-9/11 emergency managers because it highlights the key issues first responders and public health officials face when confronted with a CBRNE ('C'hemical, 'B'iological, 'R'adiological, 'N'uclear, 'E'xplosive mass-casualty attack.

Cyber attack analysis on cyber-physical systems: Detectability, severity, and attenuation strategy

Science.gov (United States)

Kwon, Cheolhyeon

Security of Cyber-Physical Systems (CPS) against malicious cyber attacks is an important yet challenging problem. Since most cyber attacks happen in erratic ways, it is usually intractable to describe and diagnose them systematically. Motivated by such difficulties, this thesis presents a set of theories and algorithms for a cyber-secure architecture of the CPS within the control theoretic perspective. Here, instead of identifying a specific cyber attack model, we are focused on analyzing the system's response during cyber attacks. Firstly, we investigate the detectability of the cyber attacks from the system's behavior under cyber attacks. Specifically, we conduct a study on the vulnerabilities in the CPS's monitoring system against the stealthy cyber attack that is carefully designed to avoid being detected by its detection scheme. After classifying three kinds of cyber attacks according to the attacker's ability to compromise the system, we derive the necessary and sufficient conditions under which such stealthy cyber attacks can be designed to cause the unbounded estimation error while not being detected. Then, the analytical design method of the optimal stealthy cyber attack that maximizes the estimation error is developed. The proposed stealthy cyber attack analysis is demonstrated with illustrative examples on Air Traffic Control (ATC) system and Unmanned Aerial Vehicle (UAV) navigation system applications. Secondly, in an attempt to study the CPSs' vulnerabilities in more detail, we further discuss a methodology to identify potential cyber threats inherent in the given CPSs and quantify the attack severity accordingly. We then develop an analytical algorithm to test the behavior of the CPS under various cyber attack combinations. Compared to a numerical approach, the analytical algorithm enables the prediction of the most effective cyber attack combinations without computing the severity of all possible attack combinations, thereby greatly reducing the

Consciousness in Non-Epileptic Attack Disorder

OpenAIRE

Reuber, M.; Kurthen, M.

2011-01-01

Non-epileptic attack disorder (NEAD) is one of the most important differential diagnoses of epilepsy. Impairment of\\ud consciousness is the key feature of non-epileptic attacks (NEAs). The first half of this review summarises the clinical research\\ud literature featuring observations relating to consciousness in NEAD. The second half places this evidence in the wider context\\ud of the recent discourse on consciousness in neuroscience and the philosophy of mind. We argue that studies of consci...

Learning from history: The Glasgow Airport terrorist attack.

Science.gov (United States)

Crichton, Gillies

Glasgow Airport was the target of a terrorist attack on 30th June, 2007. Many people within Scotland had come to believe that Scotland was immune from terrorism. This perception was in large part informed by Scotland's experience during the protracted Troubles in Northern Ireland, during which the Provisional Irish Republican Army's mainland bombing campaign focused on targets in England, sparing both Scotland and Wales. While Glasgow Airport did not expect such an attack to take place, meticulous planning, organising and testing of plans had taken place to mitigate the unlikely event of such an attack. The attack stands up as a shining example of robust business continuity management, where the airport reopened for business as usual in less than 24 hours from the time of the attack. Little is known about how the airport handled the situation in conjunction with other responding agencies as people tend to want to focus on high-profile disasters only. Yet countless such incidents are happening worldwide on a daily basis, in which there are excellent learning opportunities, and, taken in the spirit of converting hindsight into foresight, the likelihood of similar incidents could potentially be reduced in the future.

Molecular signatures in Arabidopsis thaliana in response to insect attack and bacterial infection.

Science.gov (United States)

Barah, Pankaj; Winge, Per; Kusnierczyk, Anna; Tran, Diem Hong; Bones, Atle M

2013-01-01

Under the threat of global climatic change and food shortages, it is essential to take the initiative to obtain a comprehensive understanding of common and specific defence mechanisms existing in plant systems for protection against different types of biotic invaders. We have implemented an integrated approach to analyse the overall transcriptomic reprogramming and systems-level defence responses in the model plant species Arabidopsis thaliana (A. thaliana henceforth) during insect Brevicoryne brassicae (B. brassicae henceforth) and bacterial Pseudomonas syringae pv. tomato strain DC3000 (P. syringae henceforth) attacks. The main aim of this study was to identify the attacker-specific and general defence response signatures in A. thaliana when attacked by phloem-feeding aphids or pathogenic bacteria. The obtained annotated networks of differentially expressed transcripts indicated that members of transcription factor families, such as WRKY, MYB, ERF, BHLH and bZIP, could be crucial for stress-specific defence regulation in Arabidopsis during aphid and P. syringae attack. The defence response pathways, signalling pathways and metabolic processes associated with aphid attack and P. syringae infection partially overlapped. Components of several important biosynthesis and signalling pathways, such as salicylic acid (SA), jasmonic acid (JA), ethylene (ET) and glucosinolates, were differentially affected during the two the treatments. Several stress-regulated transcription factors were known to be associated with stress-inducible microRNAs. The differentially regulated gene sets included many signature transcription factors, and our co-expression analysis showed that they were also strongly co-expressed during 69 other biotic stress experiments. Defence responses and functional networks that were unique and specific to aphid or P. syringae stresses were identified. Furthermore, our analysis revealed a probable link between biotic stress and microRNAs in Arabidopsis and

Molecular signatures in Arabidopsis thaliana in response to insect attack and bacterial infection.

Directory of Open Access Journals (Sweden)

Pankaj Barah

Full Text Available BACKGROUND: Under the threat of global climatic change and food shortages, it is essential to take the initiative to obtain a comprehensive understanding of common and specific defence mechanisms existing in plant systems for protection against different types of biotic invaders. We have implemented an integrated approach to analyse the overall transcriptomic reprogramming and systems-level defence responses in the model plant species Arabidopsis thaliana (A. thaliana henceforth during insect Brevicoryne brassicae (B. brassicae henceforth and bacterial Pseudomonas syringae pv. tomato strain DC3000 (P. syringae henceforth attacks. The main aim of this study was to identify the attacker-specific and general defence response signatures in A. thaliana when attacked by phloem-feeding aphids or pathogenic bacteria. RESULTS: The obtained annotated networks of differentially expressed transcripts indicated that members of transcription factor families, such as WRKY, MYB, ERF, BHLH and bZIP, could be crucial for stress-specific defence regulation in Arabidopsis during aphid and P. syringae attack. The defence response pathways, signalling pathways and metabolic processes associated with aphid attack and P. syringae infection partially overlapped. Components of several important biosynthesis and signalling pathways, such as salicylic acid (SA, jasmonic acid (JA, ethylene (ET and glucosinolates, were differentially affected during the two the treatments. Several stress-regulated transcription factors were known to be associated with stress-inducible microRNAs. The differentially regulated gene sets included many signature transcription factors, and our co-expression analysis showed that they were also strongly co-expressed during 69 other biotic stress experiments. CONCLUSIONS: Defence responses and functional networks that were unique and specific to aphid or P. syringae stresses were identified. Furthermore, our analysis revealed a probable link between

Heart Attack Payment - Hospital

Data.gov (United States)

U.S. Department of Health & Human Services — Payment for heart attack patients measure – provider data. This data set includes provider data for payments associated with a 30-day episode of care for heart...

Stability Analysis of an Advanced Persistent Distributed Denial-of-Service Attack Dynamical Model